Op deze website gebruiken we cookies om content en advertenties te personaliseren, om functies voor social media te bieden en om ons websiteverkeer te analyseren. Ook delen we informatie over uw gebruik van onze site met onze partners voor social media, adverteren en analyse. Deze partners kunnen deze gegevens combineren met andere informatie die u aan ze heeft verstrekt of die ze hebben verzameld op basis van uw gebruik van hun services. Meer informatie.

Akkoord

Vraag & Antwoord

Beveiliging & privacy

Veel last van W32 virussen

benbullo
10 antwoorden
  • Hallo,

    Ik heb de afgelopen week veel last van W32 (trojan) virussen. Mijn virusscanner (avast) geeft dan een waarschuwing, ik zeg deze vervolgens in quarantaine, maar ik blijf er maar last van houden. Ik heb cc cleaner gedaan, spybot, en vervolgends wilde ik ook ad aware erover heen doen. Maar mijn laptop geeft halverwege het proces een foutmelding aan, en hierbij gaat het tellen van de tijd wel door, maar stopt ad aware met het scannen ervan. Hoe zou ik dit moeten oplossen??


    Alle hulp is welkom !

    [Edit]

    Hier het hjiack log file!

    [hjt]
    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 14:20:34, on 17-6-2009
    Platform: Windows Vista SP1 (WinNT 6.00.1905)
    MSIE: Internet Explorer v8.00 (8.00.6001.18241)
    Boot mode: Normal

    [b:a6ba15fd7f]Running processes:[/b:a6ba15fd7f]
    c:\program files\asus security center\asus security protect manager\bin\[/color:a6ba15fd7f]asghost.exe[/color:a6ba15fd7f]
    c:\windows\system32\[/color:a6ba15fd7f]dwm.exe[/color:a6ba15fd7f]
    c:\windows\system32\[/color:a6ba15fd7f]taskeng.exe[/color:a6ba15fd7f]
    c:\windows\[/color:a6ba15fd7f]explorer.exe[/color:a6ba15fd7f]
    c:\program files\asus\smartlogon\[/color:a6ba15fd7f]sensorsrv.exe[/color:a6ba15fd7f]
    c:\program files\asus\asus multiframe\[/color:a6ba15fd7f]multiframe.exe[/color:a6ba15fd7f]
    c:\program files\asus\asus live update\[/color:a6ba15fd7f]alu.exe[/color:a6ba15fd7f]
    c:\program files\windows defender\[/color:a6ba15fd7f]msascui.exe[/color:a6ba15fd7f]
    c:\program files\alwil software\avast4\[/color:a6ba15fd7f]ashdisp.exe[/color:a6ba15fd7f]
    c:\windows\system32\[/color:a6ba15fd7f]rundll32.exe[/color:a6ba15fd7f]
    c:\program files\motorola\smserial\[/color:a6ba15fd7f]sm56hlpr.exe[/color:a6ba15fd7f]
    c:\program files\synaptics\syntp\[/color:a6ba15fd7f]syntpenh.exe[/color:a6ba15fd7f]
    c:\program files\asus\atk media\[/color:a6ba15fd7f]dmedia.exe[/color:a6ba15fd7f]
    c:\windows\[/color:a6ba15fd7f]asscrpro.exe[/color:a6ba15fd7f]
    c:\program files\microsoft office\office12\[/color:a6ba15fd7f]groovemonitor.exe[/color:a6ba15fd7f]
    c:\program files\java\jre6\bin\[/color:a6ba15fd7f]jusched.exe[/color:a6ba15fd7f]
    c:\program files\windows live\messenger\[/color:a6ba15fd7f]msnmsgr.exe[/color:a6ba15fd7f]
    c:\windows\ehome\[/color:a6ba15fd7f]ehtray.exe[/color:a6ba15fd7f]
    c:\program files\cubedesktop\[/color:a6ba15fd7f]cubedesktop.exe[/color:a6ba15fd7f]
    c:\program files\windows media player\[/color:a6ba15fd7f]wmpnscfg.exe[/color:a6ba15fd7f]
    c:\windows\ehome\[/color:a6ba15fd7f]ehmsas.exe[/color:a6ba15fd7f]
    c:\windows\system32\[/color:a6ba15fd7f]rundll32.exe[/color:a6ba15fd7f]
    c:\windows\system32\wbem\[/color:a6ba15fd7f]unsecapp.exe[/color:a6ba15fd7f]
    c:\program files\windows live\contacts\[/color:a6ba15fd7f]wlcomm.exe[/color:a6ba15fd7f]
    c:\program files\mozilla firefox\[/color:a6ba15fd7f]firefox.exe[/color:a6ba15fd7f]
    c:\program files\bittorrent\[/color:a6ba15fd7f]bittorrent.exe[/color:a6ba15fd7f]
    c:\program files\malware\[/color:a6ba15fd7f]ad-aware2007.exe[/color:a6ba15fd7f]
    c:\program files\malware\hijack\[/color:a6ba15fd7f]hijackthis.exe[/color:a6ba15fd7f]

    r1 -[/color:a6ba15fd7f] hkcu\software\microsoft\internet explorer\main[/color:a6ba15fd7f],search page = [u:a6ba15fd7f][noparse]http://go.microsoft.com/fwlink/?linkid=54896[/noparse][/u:a6ba15fd7f]
    r0 -[/color:a6ba15fd7f] hkcu\software\microsoft\internet explorer\main[/color:a6ba15fd7f],start page = [u:a6ba15fd7f][noparse]http://go.microsoft.com/fwlink/?linkid=69157[/noparse][/u:a6ba15fd7f]
    r1 -[/color:a6ba15fd7f] hklm\software\microsoft\internet explorer\main[/color:a6ba15fd7f],default_page_url = [u:a6ba15fd7f][noparse]http://go.microsoft.com/fwlink/?linkid=69157[/noparse][/u:a6ba15fd7f]
    r1 -[/color:a6ba15fd7f] hklm\software\microsoft\internet explorer\main[/color:a6ba15fd7f],default_search_url = [u:a6ba15fd7f][noparse]http://go.microsoft.com/fwlink/?linkid=54896[/noparse][/u:a6ba15fd7f]
    r1 -[/color:a6ba15fd7f] hklm\software\microsoft\internet explorer\main[/color:a6ba15fd7f],search page = [u:a6ba15fd7f][noparse]http://go.microsoft.com/fwlink/?linkid=54896[/noparse][/u:a6ba15fd7f]
    r0 -[/color:a6ba15fd7f] hklm\software\microsoft\internet explorer\main[/color:a6ba15fd7f],start page = [u:a6ba15fd7f][noparse]http://go.microsoft.com/fwlink/?linkid=69157[/noparse][/u:a6ba15fd7f]
    r0 -[/color:a6ba15fd7f] hklm\software\microsoft\internet explorer\search[/color:a6ba15fd7f],searchassistant =
    r0 -[/color:a6ba15fd7f] hklm\software\microsoft\internet explorer\search[/color:a6ba15fd7f],customizesearch =
    r0 -[/color:a6ba15fd7f] hkcu\software\microsoft\internet explorer\toolbar[/color:a6ba15fd7f],linksfoldername =
    o1 -[/color:a6ba15fd7f] hosts[/color:a6ba15fd7f]: ::1 localhost
    o2 -[/color:a6ba15fd7f] bho[/color:a6ba15fd7f]: adobe pdf reader link helper - {06849e9f-c8d7-4d59-b87d-784b7d6be0b3}[/color:a6ba15fd7f] - c:\program files\common files\adobe\acrobat\activex\[/color:a6ba15fd7f]acroiehelper.dll[/color:a6ba15fd7f]
    o2 -[/color:a6ba15fd7f] bho[/color:a6ba15fd7f]: askbar bho - {201f27d4-3704-41d6-89c1-aa35e39143ed}[/color:a6ba15fd7f] - c:\program files\askbardis\bar\bin\[/color:a6ba15fd7f]askbar.dll[/color:a6ba15fd7f]
    o2 -[/color:a6ba15fd7f] bho[/color:a6ba15fd7f]: (no name) - {5c255c8a-e604-49b4-9d64-90988571cecb}[/color:a6ba15fd7f] - (no file)
    o2 -[/color:a6ba15fd7f] bho[/color:a6ba15fd7f]: groove gfs browser helper - {72853161-30c5-4d22-b7f9-0bbc1d38a37e}[/color:a6ba15fd7f] - c:\program files\microsoft office\office12\[/color:a6ba15fd7f]grooveshellextensions.dll[/color:a6ba15fd7f]
    o2 -[/color:a6ba15fd7f] bho[/color:a6ba15fd7f]: windows live aanmelden - help - {9030d464-4c02-4abf-8ecc-5164760863c6}[/color:a6ba15fd7f] - c:\program files\common files\microsoft shared\windows live\[/color:a6ba15fd7f]windowslivelogin.dll[/color:a6ba15fd7f]
    o2 -[/color:a6ba15fd7f] bho[/color:a6ba15fd7f]: gphotoshow toolbar helper - {d6d45128-e25e-4036-90d1-f43872902148}[/color:a6ba15fd7f] - c:\program files\gphotoshow toolbar\v3.2.0.0\[/color:a6ba15fd7f]gphotoshow_toolbar.dll[/color:a6ba15fd7f]
    o2 -[/color:a6ba15fd7f] bho[/color:a6ba15fd7f]: java™ plug-in 2 ssv helper - {dbc80044-a445-435b-bc74-9c25c1c588a9}[/color:a6ba15fd7f] - c:\program files\java\jre6\bin\[/color:a6ba15fd7f]jp2ssv.dll[/color:a6ba15fd7f]
    o2 -[/color:a6ba15fd7f] bho[/color:a6ba15fd7f]: asus security protect manager - {df21f1db-80c6-11d3-9483-b03d0ec10000}[/color:a6ba15fd7f] - c:\program files\asus security center\asus security protect manager\bin\[/color:a6ba15fd7f]itieaddin.dll[/color:a6ba15fd7f]
    o3 -[/color:a6ba15fd7f] toolbar[/color:a6ba15fd7f]: gphotoshow toolbar - {d3fbba39-b2cd-4a1a-81b5-e940850bdf59}[/color:a6ba15fd7f] - c:\program files\gphotoshow toolbar\v3.2.0.0\[/color:a6ba15fd7f]gphotoshow_toolbar.dll[/color:a6ba15fd7f]
    o3 -[/color:a6ba15fd7f] toolbar[/color:a6ba15fd7f]: ask toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98}[/color:a6ba15fd7f] - c:\program files\askbardis\bar\bin\[/color:a6ba15fd7f]askbar.dll[/color:a6ba15fd7f]
    o4 -[/color:a6ba15fd7f] hklm\..\run[/color:a6ba15fd7f]: [b:a6ba15fd7f][windows defender][/b:a6ba15fd7f] %programfiles%\windows defender\[/color:a6ba15fd7f]msascui.exe[/color:a6ba15fd7f] -hide
    o4 -[/color:a6ba15fd7f] hklm\..\run[/color:a6ba15fd7f]: [b:a6ba15fd7f][avast!][/b:a6ba15fd7f] c:\progra~1\alwils~1\avast4\[/color:a6ba15fd7f]ashdisp.exe[/color:a6ba15fd7f]
    o4 -[/color:a6ba15fd7f] hklm\..\run[/color:a6ba15fd7f]: [b:a6ba15fd7f][nvsvc][/b:a6ba15fd7f] rundll32.exe c:\windows\system32\[/color:a6ba15fd7f]nvsvc.dll[/color:a6ba15fd7f],nvsvcstart
    o4 -[/color:a6ba15fd7f] hklm\..\run[/color:a6ba15fd7f]: [b:a6ba15fd7f][nvcpldaemon][/b:a6ba15fd7f] rundll32.exe c:\windows\system32\[/color:a6ba15fd7f]nvcpl.dll[/color:a6ba15fd7f],nvstartup
    o4 -[/color:a6ba15fd7f] hklm\..\run[/color:a6ba15fd7f]: [b:a6ba15fd7f][nvmediacenter][/b:a6ba15fd7f] rundll32.exe c:\windows\system32\[/color:a6ba15fd7f]nvmctray.dll[/color:a6ba15fd7f],nvtaskbarinit
    o4 -[/color:a6ba15fd7f] hklm\..\run[/color:a6ba15fd7f]: [b:a6ba15fd7f][smserial][/b:a6ba15fd7f] c:\program files\motorola\smserial\[/color:a6ba15fd7f]sm56hlpr.exe[/color:a6ba15fd7f]
    o4 -[/color:a6ba15fd7f] hklm\..\run[/color:a6ba15fd7f]: [b:a6ba15fd7f][syntpenh][/b:a6ba15fd7f] c:\program files\synaptics\syntp\[/color:a6ba15fd7f]syntpenh.exe[/color:a6ba15fd7f]
    o4 -[/color:a6ba15fd7f] hklm\..\run[/color:a6ba15fd7f]: [b:a6ba15fd7f][cognizancets][/b:a6ba15fd7f] rundll32.exe c:\progra~1\asusse~1\asusse~1\bin\[/color:a6ba15fd7f]astsvcc.dll[/color:a6ba15fd7f],registermodule
    o4 -[/color:a6ba15fd7f] hklm\..\run[/color:a6ba15fd7f]: [b:a6ba15fd7f][atkmedia][/b:a6ba15fd7f] c:\program files\asus\atk media\[/color:a6ba15fd7f]dmedia.exe[/color:a6ba15fd7f]
    o4 -[/color:a6ba15fd7f] hklm\..\run[/color:a6ba15fd7f]: [b:a6ba15fd7f][asus screen saver protector][/b:a6ba15fd7f] c:\windows\[/color:a6ba15fd7f]asscrpro.exe[/color:a6ba15fd7f]
    o4 -[/color:a6ba15fd7f] hklm\..\run[/color:a6ba15fd7f]: [b:a6ba15fd7f][adobe reader speed launcher][/b:a6ba15fd7f] c:\program files\adobe\reader 8.0\reader\[/color:a6ba15fd7f]reader_sl.exe[/color:a6ba15fd7f]
    o4 -[/color:a6ba15fd7f] hklm\..\run[/color:a6ba15fd7f]: [b:a6ba15fd7f][groovemonitor][/b:a6ba15fd7f] c:\program files\microsoft office\office12\[/color:a6ba15fd7f]groovemonitor.exe[/color:a6ba15fd7f]
    o4 -[/color:a6ba15fd7f] hklm\..\run[/color:a6ba15fd7f]: [b:a6ba15fd7f][sunjavaupdatesched][/b:a6ba15fd7f] c:\program files\java\jre6\bin\[/color:a6ba15fd7f]jusched.exe[/color:a6ba15fd7f]
    o4 -[/color:a6ba15fd7f] hklm\..\run[/color:a6ba15fd7f]: [b:a6ba15fd7f][kernel and hardware abstraction layer][/b:a6ba15fd7f] khalmnpr.exe
    o4 -[/color:a6ba15fd7f] hklm\..\run[/color:a6ba15fd7f]: [b:a6ba15fd7f][rgclewj0er4b][/b:a6ba15fd7f] c:\windows\system32\[/color:a6ba15fd7f]qgcjewj0er4b.exe[/color:a6ba15fd7f]
    o4 -[/color:a6ba15fd7f] hkcu\..\run[/color:a6ba15fd7f]: [b:a6ba15fd7f][msnmsgr][/b:a6ba15fd7f] c:\program files\windows live\messenger\[/color:a6ba15fd7f]msnmsgr.exe[/color:a6ba15fd7f] /background
    o4 -[/color:a6ba15fd7f] hkcu\..\run[/color:a6ba15fd7f]: [b:a6ba15fd7f][ehtray.exe][/b:a6ba15fd7f] c:\windows\ehome\[/color:a6ba15fd7f]ehtray.exe[/color:a6ba15fd7f]
    o4 -[/color:a6ba15fd7f] hkcu\..\run[/color:a6ba15fd7f]: [b:a6ba15fd7f][yodm3d][/b:a6ba15fd7f] c:\users\boltjes\appdata\local\temp\rar$ex00.879\yodm3d\[/color:a6ba15fd7f]yodm3d.exe[/color:a6ba15fd7f]
    o4 -[/color:a6ba15fd7f] hkcu\..\run[/color:a6ba15fd7f]: [b:a6ba15fd7f][cubedesktop][/b:a6ba15fd7f] c:\program files\cubedesktop\[/color:a6ba15fd7f]cubedesktop.exe[/color:a6ba15fd7f]
    o4 -[/color:a6ba15fd7f] hkcu\..\run[/color:a6ba15fd7f]: [b:a6ba15fd7f][wmpnscfg][/b:a6ba15fd7f] c:\program files\windows media player\[/color:a6ba15fd7f]wmpnscfg.exe[/color:a6ba15fd7f]
    o4 -[/color:a6ba15fd7f] hkus\s-1-5-19\..\run[/color:a6ba15fd7f]: [b:a6ba15fd7f][sidebar][/b:a6ba15fd7f] %programfiles%\windows sidebar\[/color:a6ba15fd7f]sidebar.exe[/color:a6ba15fd7f] /detectmem (user 'local service')
    o4 -[/color:a6ba15fd7f] hkus\s-1-5-19\..\run[/color:a6ba15fd7f]: [b:a6ba15fd7f][windowswelcomecenter][/b:a6ba15fd7f] rundll32.exe oobefldr.dll,showwelcomecenter (user 'local service')
    o4 -[/color:a6ba15fd7f] hkus\s-1-5-20\..\run[/color:a6ba15fd7f]: [b:a6ba15fd7f][sidebar][/b:a6ba15fd7f] %programfiles%\windows sidebar\[/color:a6ba15fd7f]sidebar.exe[/color:a6ba15fd7f] /detectmem (user 'network service')
    o8 -[/color:a6ba15fd7f] extra context menu item[/color:a6ba15fd7f]: e&xport to microsoft excel - res://c:\progra~1\micros~2\office12\[/color:a6ba15fd7f]excel.exe[/color:a6ba15fd7f]/3000
    o9 -[/color:a6ba15fd7f] extra button[/color:a6ba15fd7f]: asus security protect manager e-wallet - {1009c944-97d5-44a9-9e32-dff54f498968}[/color:a6ba15fd7f] - c:\program files\asus security center\asus security protect manager\bin\[/color:a6ba15fd7f]aswallet.dll[/color:a6ba15fd7f]
    o9 -[/color:a6ba15fd7f] extra 'tools' menuitem[/color:a6ba15fd7f]: asus security protect manager e-&wallet - {1009c944-97d5-44a9-9e32-dff54f498968}[/color:a6ba15fd7f] - c:\program files\asus security center\asus security protect manager\bin\[/color:a6ba15fd7f]aswallet.dll[/color:a6ba15fd7f]
    o9 -[/color:a6ba15fd7f] extra button[/color:a6ba15fd7f]: send to onenote - {2670000a-7350-4f3c-8081-5663ee0c6c49}[/color:a6ba15fd7f] - c:\progra~1\micros~2\office12\[/color:a6ba15fd7f]onbttnie.dll[/color:a6ba15fd7f]
    o9 -[/color:a6ba15fd7f] extra 'tools' menuitem[/color:a6ba15fd7f]: s&end to onenote - {2670000a-7350-4f3c-8081-5663ee0c6c49}[/color:a6ba15fd7f] - c:\progra~1\micros~2\office12\[/color:a6ba15fd7f]onbttnie.dll[/color:a6ba15fd7f]
    o9 -[/color:a6ba15fd7f] extra button[/color:a6ba15fd7f]: research - {92780b25-18cc-41c8-b9be-3c9c571a8263}[/color:a6ba15fd7f] - c:\progra~1\micros~2\office12\[/color:a6ba15fd7f]refiebar.dll[/color:a6ba15fd7f]
    o13 -[/color:a6ba15fd7f] gopher prefix[/color:a6ba15fd7f]:
    o16 -[/color:a6ba15fd7f] dpf[/color:a6ba15fd7f]: cabbuilder - [u:a6ba15fd7f][noparse]http://kiw.imgag.com/imgag/kiw/toolbar/download/installercontrol.cab[/noparse][/u:a6ba15fd7f]
    o18 -[/color:a6ba15fd7f] protocol[/color:a6ba15fd7f]: groovelocalgws - {88fed34c-f0ca-4636-a375-3cb6248b04cd}[/color:a6ba15fd7f] - c:\program files\microsoft office\office12\[/color:a6ba15fd7f]groovesystemservices.dll[/color:a6ba15fd7f]
    o20 -[/color:a6ba15fd7f] appinit_dlls[/color:a6ba15fd7f]: apshook.dll
    o23 -[/color:a6ba15fd7f] service[/color:a6ba15fd7f]: ad-aware 2007 service (aawservice) - unknown owner - c:\program files\malware\[/color:a6ba15fd7f]aawservice.exe[/color:a6ba15fd7f] (file missing)[/color:a6ba15fd7f]
    o23 -[/color:a6ba15fd7f] service[/color:a6ba15fd7f]: asldr service (asldrservice) - unknown owner - c:\program files\atk hotkey\[/color:a6ba15fd7f]asldrsrv.exe[/color:a6ba15fd7f]
    o23 -[/color:a6ba15fd7f] service[/color:a6ba15fd7f]: avast! iavs4 control service (aswupdsv) - alwil software - c:\program files\alwil software\avast4\[/color:a6ba15fd7f]aswupdsv.exe[/color:a6ba15fd7f]
    o23 -[/color:a6ba15fd7f] service[/color:a6ba15fd7f]: atkgfnex service (atkgfnexsrv) - unknown owner - c:\program files\atkgfnex\[/color:a6ba15fd7f]gfnexsrv.exe[/color:a6ba15fd7f]
    o23 -[/color:a6ba15fd7f] service[/color:a6ba15fd7f]: autodesk licensing service - autodesk - c:\program files\common files\autodesk shared\service\[/color:a6ba15fd7f]adskscsrv.exe[/color:a6ba15fd7f]
    o23 -[/color:a6ba15fd7f] service[/color:a6ba15fd7f]: avast! antivirus - alwil software - c:\program files\alwil software\avast4\[/color:a6ba15fd7f]ashserv.exe[/color:a6ba15fd7f]
    o23 -[/color:a6ba15fd7f] service[/color:a6ba15fd7f]: avast! mail scanner - alwil software - c:\program files\alwil software\avast4\[/color:a6ba15fd7f]ashmaisv.exe[/color:a6ba15fd7f]
    o23 -[/color:a6ba15fd7f] service[/color:a6ba15fd7f]: avast! web scanner - alwil software - c:\program files\alwil software\avast4\[/color:a6ba15fd7f]ashwebsv.exe[/color:a6ba15fd7f]
    o23 -[/color:a6ba15fd7f] service[/color:a6ba15fd7f]: logitech bluetooth service (lbtserv) - logitech, inc. - c:\program files\common files\logishrd\bluetooth\[/color:a6ba15fd7f]lbtserv.exe[/color:a6ba15fd7f]
    o23 -[/color:a6ba15fd7f] service[/color:a6ba15fd7f]: pnkbstra - unknown owner - c:\windows\system32\[/color:a6ba15fd7f]pnkbstra.exe[/color:a6ba15fd7f]
    o23 -[/color:a6ba15fd7f] service[/color:a6ba15fd7f]: sbsd security center service (sbsdwscservice) - safer networking ltd. - c:\program files\malware\spybot - search & destroy\[/color:a6ba15fd7f]sdwinsec.exe[/color:a6ba15fd7f]
    o23 -[/color:a6ba15fd7f] service[/color:a6ba15fd7f]: spmgr - unknown owner - c:\program files\asus
    b probe\spm\[/color:a6ba15fd7f]spmgr.exe[/color:a6ba15fd7f]

    end of file - 8299 bytes

    [/hjt]
  • o23 - service: pnkbstra - unknown owner - c:\windows\system32\pnkbstra.exe
    Weet niet wat voor games je doet, maar PunkBuster heeft bij mij 2 trojans binnen gelaten.

    Start eens op vanuit veilige modus, klik start -> uitvoeren -> msconfig ->
    tab Opstarten. geef alle info die daar staat.
  • [quote:64c3e8e2d3="Eefie"]o23 - service: pnkbstra - unknown owner - c:\windows\system32\pnkbstra.exe
    Weet niet wat voor games je doet, maar PunkBuster heeft bij mij 2 trojans binnen gelaten.

    Start eens op vanuit veilige modus, klik start -> uitvoeren -> msconfig ->
    tab Opstarten. geef alle info die daar staat.[/quote:64c3e8e2d3]

    Ben bang dat die het niet is, want mijn virusscanner geeft een andere naam aan. Maar ik zal het gaan doen.

    En over het gamen, ik game weer eens, 1 weekje, na een periode van 3 maand niet gegamed. Maar zou je via punkbuster een trojan kunnen binnen krijgen? :S

    Ik heb mijn laptop opgestart in de veilige mode, maar wat is het nut hiervan, als ik vragen mag? Want de msconfig verander hier niet door?

    Heeft iemand een oplossing? Met mijn hjt log ?
  • Maak eens een normaal ( zonder kleurtjes ) Hijackthis logje aub.

    Dan zal ik even kijken.
  • [quote:00e1a29d3b="juisterr"]Maak eens een normaal ( zonder kleurtjes ) Hijackthis logje aub.

    Dan zal ik even kijken.[/quote:00e1a29d3b]

    Alstu:

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 20:06:45, on 18-6-2009
    Platform: Windows Vista SP1 (WinNT 6.00.1905)
    MSIE: Internet Explorer v8.00 (8.00.6001.18241)
    Boot mode: Normal

    Running processes:
    C:\Windows\system32\Dwm.exe
    C:\Windows\system32\taskeng.exe
    C:\Program Files\ASUS\SmartLogon\sensorsrv.exe
    C:\Windows\Explorer.EXE
    C:\Program Files\ASUS\Asus MultiFrame\MultiFrame.exe
    C:\Program Files\ASUS\ASUS Live Update\ALU.exe
    C:\Program Files\Windows Defender\MSASCui.exe
    C:\Program Files\Alwil Software\Avast4\ashDisp.exe
    C:\Windows\System32\rundll32.exe
    C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\Program Files\ASUS Security Center\ASUS Security Protect Manager\Bin\AsGHost.exe
    C:\Program Files\ASUS\ATK Media\DMedia.exe
    C:\Windows\ASScrPro.exe
    C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
    C:\Program Files\Java\jre6\bin\jusched.exe
    C:\Windows\ehome\ehtray.exe
    C:\Program Files\Windows Media Player\wmpnscfg.exe
    C:\Windows\System32\rundll32.exe
    C:\Windows\ehome\ehmsas.exe
    C:\Windows\system32\wbem\unsecapp.exe
    C:\Program Files\Windows Live\Messenger\msnmsgr.exe
    C:\Program Files\Windows Live\Contacts\wlcomm.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Program Files\J River\Media Jukebox 12\Media Jukebox 12.exe
    C:\Windows\system32\conime.exe
    C:\Users\Boltjes\AppData\Local\Temp\c.exe
    C:\Program Files\Windows Media Player\wmplayer.exe
    C:\Windows\SYSTEM32\WISPTIS.EXE
    C:\Users\Boltjes\AppData\Local\Temp\b.exe
    C:\Windows\system32\SearchFilterHost.exe
    C:\Program Files\Malware\Hijack\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    O1 - Hosts: ::1 localhost
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
    O2 - BHO: XML module - {500BCA15-57A7-4eaf-8143-8C619470B13D} - C:\Windows\system32\msxml71.dll
    O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
    O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
    O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: gPhotoShow Toolbar Helper - {D6D45128-E25E-4036-90D1-F43872902148} - C:\Program Files\gPhotoShow Toolbar\v3.2.0.0\gPhotoShow_Toolbar.dll
    O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: ASUS Security Protect Manager - {DF21F1DB-80C6-11D3-9483-B03D0EC10000} - C:\Program Files\ASUS Security Center\ASUS Security Protect Manager\Bin\ItIEAddIn.dll
    O3 - Toolbar: gPhotoShow Toolbar - {D3FBBA39-B2CD-4A1A-81B5-E940850BDF59} - C:\Program Files\gPhotoShow Toolbar\v3.2.0.0\gPhotoShow_Toolbar.dll
    O3 - Toolbar: Ask Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
    O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
    O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32
    vsvc.dll,nvsvcStart
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [SMSERIAL] C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
    O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    O4 - HKLM\..\Run: [CognizanceTS] rundll32.exe C:\PROGRA~1\ASUSSE~1\ASUSSE~1\Bin\ASTSVCC.dll,RegisterModule
    O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files\ASUS\ATK Media\DMEDIA.EXE
    O4 - HKLM\..\Run: [ASUS Screen Saver Protector] C:\Windows\ASScrPro.exe
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
    O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
    O4 - HKLM\..\Run: [rgclewj0er4b] C:\Windows\System32\qgcjewj0er4b.exe
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
    O4 - HKCU\..\Run: [Yodm3D] C:\Users\Boltjes\AppData\Local\Temp\Rar$EX00.879\Yodm3D\Yodm3D.exe
    O4 - HKCU\..\Run: [CubeDesktop] C:\Program Files\CubeDesktop\cubedesktop.exe
    O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
    O4 - HKCU\..\Run: [Cognac] C:\Users\Boltjes\AppData\Local\Temp\b.exe
    O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
    O9 - Extra button: ASUS Security Protect Manager e-Wallet - {1009C944-97D5-44A9-9E32-DFF54F498968} - C:\Program Files\ASUS Security Center\ASUS Security Protect Manager\Bin\ASWallet.dll
    O9 - Extra 'Tools' menuitem: ASUS Security Protect Manager e-&Wallet - {1009C944-97D5-44A9-9E32-DFF54F498968} - C:\Program Files\ASUS Security Center\ASUS Security Protect Manager\Bin\ASWallet.dll
    O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
    O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
    O13 - Gopher Prefix:
    O16 - DPF: CabBuilder - http://kiw.imgag.com/imgag/kiw/toolbar/download/InstallerControl.cab
    O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
    O20 - AppInit_DLLs: APSHook.dll
    O23 - Service: Ad-Aware 2007 Service (aawservice) - Unknown owner - C:\Program Files\Malware\aawservice.exe (file missing)
    O23 - Service: ASLDR Service (ASLDRService) - Unknown owner - C:\Program Files\ATK Hotkey\ASLDRSrv.exe
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - Unknown owner - C:\Program Files\ATKGFNEX\GFNEXSrv.exe
    O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
    O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe
    O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
    O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Malware\Spybot - Search & Destroy\SDWinSec.exe
    O23 - Service: spmgr - Unknown owner - C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe


    End of file - 8642 bytes
  • Voer de volgende acties eerst uit:
    [b:9cd7fb9008]Schakel tijdelijk Windows Defender uit[/b:9cd7fb9008]
    Want deze kan voor stoorzender spelen bij het fixen met HJT (de fix terug ongedaan maken)
    * Open Windows Defender > Klik [b:9cd7fb9008]Tools[/b:9cd7fb9008]
    * Klik [b:9cd7fb9008]"General Settings"[/b:9cd7fb9008] of [b:9cd7fb9008]Options[/b:9cd7fb9008]
    * Scroll naar [b:9cd7fb9008]"Real Time Protection Options"[/b:9cd7fb9008]
    * Haal het vinkje weg bij [b:9cd7fb9008]"Turn on Real Time Protection (recommended)"[/b:9cd7fb9008] > Klik [b:9cd7fb9008]"Save"[/b:9cd7fb9008]
    * Sluit Windows Defender
    (als de problemen over zijn, logje weer schoon verklaard is, kan je 'm weer aanzetten)

    Klik met de rechtermuis op het programma Hijackthis en kies voor "Uitvoeren als Administrator"
    Kies voor 'Do a system scan only'
    Selecteer alleen de items die hieronder zijn genoemd:
    [b:9cd7fb9008]
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    O2 - BHO: XML module - {500BCA15-57A7-4eaf-8143-8C619470B13D} - C:\Windows\system32\msxml71.dll
    O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
    O2 - BHO: gPhotoShow Toolbar Helper - {D6D45128-E25E-4036-90D1-F43872902148} - C:\Program Files\gPhotoShow Toolbar\v3.2.0.0\gPhotoShow_Toolbar.dll
    O3 - Toolbar: gPhotoShow Toolbar - {D3FBBA39-B2CD-4A1A-81B5-E940850BDF59} - C:\Program Files\gPhotoShow Toolbar\v3.2.0.0\gPhotoShow_Toolbar.dll
    O4 - HKLM\..\Run: [rgclewj0er4b] C:\Windows\System32\qgcjewj0er4b.exe
    O4 - HKCU\..\Run: [CubeDesktop] C:\Program Files\CubeDesktop\cubedesktop.exe
    O4 - HKCU\..\Run: [Cognac] C:\Users\Boltjes\AppData\Local\Temp\b.exe
    [/b:9cd7fb9008]
    Sluit alle vensters behalve Hijackthis
    Klik op 'Fix checked' om de items te verwijderen.



    Download [b:9cd7fb9008]MalwareBytes' Anti-Malware[/color:9cd7fb9008][/b:9cd7fb9008] en sla het op je bureaublad op.
    Dubbelklik op [b:9cd7fb9008]mbam-setup.exe[/b:9cd7fb9008] om het programma te installeren.

    Zorg dat er na de installatie een vinkje is geplaatst bij:[list:9cd7fb9008]
    [*:9cd7fb9008]Update MalwareBytes' Anti-Malware
    [*:9cd7fb9008]Start MalwareBytes' Anti-Malware
    [/list:u:9cd7fb9008]Klik daarna op "[b:9cd7fb9008]Voltooien[/b:9cd7fb9008]".
    Indien een update gevonden wordt, zal die gedownload en geïnstalleerd worden.[list:9cd7fb9008]
    [*:9cd7fb9008]Zodra het programma gestart is, ga dan naar het tabblad "[b:9cd7fb9008]Instellingen[/b:9cd7fb9008]".
    [*:9cd7fb9008]Vink hier aan: "[b:9cd7fb9008]Sluit Internet Explorer tijdens verwijdering van malware[/b:9cd7fb9008]".
    [*:9cd7fb9008]Ga daarna naar het tabblad "[b:9cd7fb9008]Scanner[/b:9cd7fb9008]", kies hier voor "[b:9cd7fb9008]Snelle Scan[/b:9cd7fb9008]".
    [*:9cd7fb9008]Druk vervolgens op "[b:9cd7fb9008]Scannen[/b:9cd7fb9008]" om de scan te starten.
    [*:9cd7fb9008]Het scannen kan een tijdje duren, dus wees geduldig.

    [*:9cd7fb9008]Wanneer de scan voltooid is, klik op [b:9cd7fb9008]OK[/b:9cd7fb9008], daarna "[b:9cd7fb9008]Bekijk Resultaten[/b:9cd7fb9008]" om de resultaten te zien.
    [*:9cd7fb9008]Zorg ervoor dat daar alles aangevinkt is, daarna klik op: "[b:9cd7fb9008]Verwijder geselecteerde[/b:9cd7fb9008]".
    [*:9cd7fb9008]Na het verwijderen zal een log openen en zal er gevraagd worden om de computer opnieuw op te starten.
    [/list:u:9cd7fb9008]Het log wordt automatisch bewaard door MalwareBytes' Anti-Malware en kan je terugvinden door op de "[b:9cd7fb9008]Logs[/b:9cd7fb9008]" tab te klikken in het programma.

    Plaats dit logje samen met een nieuw logje van HijackThis.
  • Hier de logs

    Deze is van MBAM
    Malwarebytes' Anti-Malware 1.38
    Database versie: 2305
    Windows 6.0.6001 Service Pack 1

    18-6-2009 21:10:52
    mbam-log-2009-06-18 (21-10-52).txt

    Scan type: Snelle Scan
    Objecten gescand: 79042
    Verstreken tijd: 5 minute(s), 12 second(s)

    Geheugenprocessen geïnfecteerd: 0
    Geheugenmodulen geïnfecteerd: 0
    Registersleutels geïnfecteerd: 6
    Registerwaarden geïnfecteerd: 0
    Registerdata bestanden geïnfecteerd: 0
    Mappen geïnfecteerd: 0
    Bestanden geïnfecteerd: 3

    Geheugenprocessen geïnfecteerd:
    (Geen kwaadaardige items gevonden)

    Geheugenmodulen geïnfecteerd:
    (Geen kwaadaardige items gevonden)

    Registersleutels geïnfecteerd:
    HKEY_CLASSES_ROOT\xml.xml (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\xml.xml.1 (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{500bca15-57a7-4eaf-8143-8c619470b13d} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Cognac (Rogue.Multiple) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\XML (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\ColdWare (Malware.Trace) -> Quarantined and deleted successfully.

    Registerwaarden geïnfecteerd:
    (Geen kwaadaardige items gevonden)

    Registerdata bestanden geïnfecteerd:
    (Geen kwaadaardige items gevonden)

    Mappen geïnfecteerd:
    (Geen kwaadaardige items gevonden)

    Bestanden geïnfecteerd:
    C:\Windows\msa.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    c:\Windows\Tasks\{5B57CF47-0BFA-43c6-ACF9-3B3653DCADBA}.job (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Windows\Tasks\{783AF354-B514-42d6-970E-3E8BF0A5279C}.job (Trojan.Downloader) -> Quarantined and deleted successfully.





    Deze is van HJT

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 21:15:16, on 18-6-2009
    Platform: Windows Vista SP1 (WinNT 6.00.1905)
    MSIE: Internet Explorer v8.00 (8.00.6001.18241)
    Boot mode: Normal

    Running processes:
    C:\Windows\system32\taskeng.exe
    C:\Program Files\ASUS Security Center\ASUS Security Protect Manager\Bin\AsGHost.exe
    C:\Windows\system32\Dwm.exe
    C:\Windows\Explorer.EXE
    C:\Program Files\ASUS\Asus MultiFrame\MultiFrame.exe
    C:\Program Files\ASUS\SmartLogon\sensorsrv.exe
    C:\Program Files\ASUS\ASUS Live Update\ALU.exe
    C:\Program Files\Windows Defender\MSASCui.exe
    C:\Program Files\Alwil Software\Avast4\ashDisp.exe
    C:\Windows\System32\rundll32.exe
    C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\Program Files\ASUS\ATK Media\DMedia.exe
    C:\Windows\ASScrPro.exe
    C:\Windows\System32\rundll32.exe
    C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
    C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
    C:\Program Files\Java\jre6\bin\jusched.exe
    C:\Program Files\Windows Live\Messenger\msnmsgr.exe
    C:\Windows\ehome\ehtray.exe
    C:\Program Files\Windows Media Player\wmpnscfg.exe
    C:\Windows\ehome\ehmsas.exe
    C:\Windows\system32\wbem\unsecapp.exe
    C:\Program Files\Windows Live\Contacts\wlcomm.exe
    C:\Program Files\Malware\Malwarebytes' Anti-Malware\mbam.exe
    C:\Windows\system32\SearchFilterHost.exe
    C:\Program Files\Malware\Hijack\HijackThis.exe
    C:\Windows\system32\NOTEPAD.EXE
    C:\Program Files\Mozilla Firefox\firefox.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    O1 - Hosts: ::1 localhost
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
    O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
    O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: ASUS Security Protect Manager - {DF21F1DB-80C6-11D3-9483-B03D0EC10000} - C:\Program Files\ASUS Security Center\ASUS Security Protect Manager\Bin\ItIEAddIn.dll
    O3 - Toolbar: Ask Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
    O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
    O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32
    vsvc.dll,nvsvcStart
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [SMSERIAL] C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
    O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    O4 - HKLM\..\Run: [CognizanceTS] rundll32.exe C:\PROGRA~1\ASUSSE~1\ASUSSE~1\Bin\ASTSVCC.dll,RegisterModule
    O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files\ASUS\ATK Media\DMEDIA.EXE
    O4 - HKLM\..\Run: [ASUS Screen Saver Protector] C:\Windows\ASScrPro.exe
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
    O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
    O4 - HKCU\..\Run: [Yodm3D] C:\Users\Boltjes\AppData\Local\Temp\Rar$EX00.879\Yodm3D\Yodm3D.exe
    O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
    O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
    O9 - Extra button: ASUS Security Protect Manager e-Wallet - {1009C944-97D5-44A9-9E32-DFF54F498968} - C:\Program Files\ASUS Security Center\ASUS Security Protect Manager\Bin\ASWallet.dll
    O9 - Extra 'Tools' menuitem: ASUS Security Protect Manager e-&Wallet - {1009C944-97D5-44A9-9E32-DFF54F498968} - C:\Program Files\ASUS Security Center\ASUS Security Protect Manager\Bin\ASWallet.dll
    O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
    O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
    O13 - Gopher Prefix:
    O16 - DPF: CabBuilder - http://kiw.imgag.com/imgag/kiw/toolbar/download/InstallerControl.cab
    O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
    O20 - AppInit_DLLs: APSHook.dll
    O23 - Service: Ad-Aware 2007 Service (aawservice) - Unknown owner - C:\Program Files\Malware\aawservice.exe (file missing)
    O23 - Service: ASLDR Service (ASLDRService) - Unknown owner - C:\Program Files\ATK Hotkey\ASLDRSrv.exe
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - Unknown owner - C:\Program Files\ATKGFNEX\GFNEXSrv.exe
    O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
    O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe
    O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
    O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Malware\Spybot - Search & Destroy\SDWinSec.exe
    O23 - Service: spmgr - Unknown owner - C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe


    End of file - 7768 bytes
  • nog ergens last van ?
  • Ik heb hem nu al meerdere malen opnieuw opgestart, en tot dusver geen melding gehad van mijn virusscanner dat er een virus aanwezig is.

    Vielen dank!

    Maar heb ik nog 1 vraag, en die gaat over mbam. Ik heb nu een snelle scan gedaan, maar is een volledige scan ook handig? Ik heb dit verleden week gedaan, maar omdat dit erg lang duurde, heb ik hem halverwege stop gezet. Mijn vraag is dan, Is het handig om een volledige scan te doen?
  • Neem er even de tijd voor en doe hem in veilige modus.

Beantwoord deze vraag

Dit is een gearchiveerde pagina. Antwoorden is niet meer mogelijk.