Op deze website gebruiken we cookies om content en advertenties te personaliseren, om functies voor social media te bieden en om ons websiteverkeer te analyseren. Ook delen we informatie over uw gebruik van onze site met onze partners voor social media, adverteren en analyse. Deze partners kunnen deze gegevens combineren met andere informatie die u aan ze heeft verstrekt of die ze hebben verzameld op basis van uw gebruik van hun services. Meer informatie.

Akkoord

Vraag & Antwoord

Beveiliging & privacy

virus??

Abraham54
7 antwoorden
  • Hallo,
    Sinds een paar dagen geeft AVG steeds deze melding:

    [b:01377d9688]Threat detected![/b:01377d9688]
    [b:01377d9688]File name:[/b:01377d9688] C:\System Volume Information\_restore{4ECF70A4-1223-470F-B908-A18E51007AC0}\RP449\A0496773.exe
    [b:01377d9688]Threat name:[/b:01377d9688] Virus identified Win32/Virut.Z
    [b:01377d9688]Process name:[/b:01377d9688] D:\WINDOWS\system32\svchost.exe
    [b:01377d9688]Process ID:[/b:01377d9688] 1396

    —————————————————————————————-

    Hijackthis log:

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 13:09:28, on 24-11-2009
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16574)
    Boot mode: Normal

    Running processes:
    D:\WINDOWS\System32\smss.exe
    D:\WINDOWS\system32\winlogon.exe
    D:\WINDOWS\system32\services.exe
    D:\WINDOWS\system32\lsass.exe
    D:\WINDOWS\system32\Ati2evxx.exe
    D:\WINDOWS\system32\svchost.exe
    D:\WINDOWS\System32\svchost.exe
    D:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
    D:\WINDOWS\system32\Ati2evxx.exe
    D:\WINDOWS\system32\spoolsv.exe
    d:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe
    D:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    D:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
    C:\Acer\Empowering Technology\admServ.exe
    D:\PROGRA~1\AVG\AVG8\avgrsx.exe
    D:\Program Files\Bonjour\mDNSResponder.exe
    D:\Program Files\Intel\Wireless\Bin\EvtEng.exe
    D:\Program Files\Java\jre6\bin\jqs.exe
    D:\WINDOWS\system32\PnkBstrA.exe
    D:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
    D:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
    D:\WINDOWS\System32\snmp.exe
    D:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
    D:\WINDOWS\system32\svchost.exe
    D:\PROGRA~1\AVG\AVG8\avgemc.exe
    D:\Program Files\AVG\AVG8\avgcsrvx.exe
    D:\WINDOWS\Explorer.EXE
    C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
    C:\Acer\Empowering Technology\admtray.exe
    D:\PROGRA~1\LAUNCH~1\QtZgAcer.EXE
    C:\Acer\Empowering Technology\ePower\ePower_DMC.exe
    D:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    D:\WINDOWS\RTHDCPL.EXE
    D:\WINDOWS\SkyTel.EXE
    D:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
    D:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
    D:\PROGRA~1\AVG\AVG8\avgtray.exe
    D:\Program Files\Java\jre6\bin\jusched.exe
    D:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
    D:\Program Files\Common Files\Logitech\LComMgr\Communications_Helper.exe
    D:\Program Files\Common Files\Logitech\LComMgr\LVComSX.exe
    D:\Program Files\Acer\OrbiCam10\OrbiCam.exe
    D:\WINDOWS\system32\ctfmon.exe
    D:\Program Files\Pando Networks\Media Booster\PMB.exe
    D:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe
    D:\Program Files\Messenger\msmsgs.exe
    D:\WINDOWS\system32\wbem\unsecapp.exe
    D:\DOCUME~1\Ken\LOCALS~1\Temp\RtkBtMnt.exe
    D:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
    D:\PROGRA~1\AVG\AVG8\avgnsx.exe
    D:\Program Files\Java\jre6\bin\jucheck.exe
    D:\Program Files\AVG\AVG8\avgcsrvx.exe
    D:\Program Files\Mozilla Firefox\firefox.exe
    D:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = ${URL_SEARCHPAGE}
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = ${URL_SEARCHPAGE}
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
    R3 - URLSearchHook: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - D:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll
    O2 - BHO: btorbit.com - {000123B4-9B42-4900-B3F7-F4B073EFC214} - D:\Program Files\Orbitdownloader\orbitcth.dll
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - D:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - D:\Program Files\AskBarDis\bar\bin\askBar.dll
    O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - D:\Program Files\AVG\AVG8\avgssie.dll
    O2 - BHO: PHPNukeDU Toolbar - {46735dee-f862-49d1-876d-6382794dc625} - D:\Program Files\PHPNukeDU\tbPHPN.dll
    O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - D:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\Program Files\Java\jre6\bin\ssv.dll
    O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - D:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - D:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll
    O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - D:\Program Files\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - D:\Program Files\Windows Live\Toolbar\wltcore.dll
    O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - D:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    O3 - Toolbar: AVG Security Toolbar - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - D:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll
    O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - D:\Program Files\Windows Live\Toolbar\wltcore.dll
    O3 - Toolbar: Foxit Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - D:\Program Files\AskBarDis\bar\bin\askBar.dll
    O3 - Toolbar: PHPNukeDU Toolbar - {46735dee-f862-49d1-876d-6382794dc625} - D:\Program Files\PHPNukeDU\tbPHPN.dll
    O3 - Toolbar: Grab Pro - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - D:\Program Files\Orbitdownloader\GrabPro.dll
    O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
    O4 - HKLM\..\Run: [ADMTray.exe] "C:\Acer\Empowering Technology\admtray.exe"
    O4 - HKLM\..\Run: [LManager] D:\PROGRA~1\LAUNCH~1\QtZgAcer.EXE
    O4 - HKLM\..\Run: [ePower_DMC] C:\Acer\Empowering Technology\ePower\ePower_DMC.exe
    O4 - HKLM\..\Run: [Acer ePower Management] C:\Acer\Empowering Technology\ePower\Acer ePower Management.exe boot
    O4 - HKLM\..\Run: [SynTPLpr] D:\Program Files\Synaptics\SynTP\SynTPLpr.exe
    O4 - HKLM\..\Run: [SynTPEnh] D:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    O4 - HKLM\..\Run: [StartCCC] "D:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
    O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
    O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
    O4 - HKLM\..\Run: [IntelZeroConfig] "D:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe"
    O4 - HKLM\..\Run: [IntelWireless] "D:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
    O4 - HKLM\..\Run: [AVG8_TRAY] D:\PROGRA~1\AVG\AVG8\avgtray.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "D:\Program Files\Java\jre6\bin\jusched.exe"
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "D:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [DXM6Patch_981116] D:\WINDOWS\p_981116.exe /Q:A
    O4 - HKLM\..\Run: [QuickTime Task] "D:\Program Files\QuickTime\QTTask.exe" -atboottime
    O4 - HKLM\..\Run: [LogitechCommunicationsManager] "D:\Program Files\Common Files\Logitech\LComMgr\Communications_Helper.exe"
    O4 - HKLM\..\Run: [LVCOMSX] "D:\Program Files\Common Files\Logitech\LComMgr\LVComSX.exe"
    O4 - HKLM\..\Run: [AcerOrbicamRibbon] "D:\Program Files\Acer\OrbiCam10\OrbiCam.exe" /hide
    O4 - HKCU\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [Pando Media Booster] D:\Program Files\Pando Networks\Media Booster\PMB.exe
    O4 - HKCU\..\Run: [MSMSGS] "D:\Program Files\Messenger\msmsgs.exe" /background
    O4 - HKCU\..\Run: [msnmsgr] "D:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O8 - Extra context menu item: &Download by Orbit - res://D:\Program Files\Orbitdownloader\orbitmxt.dll/201
    O8 - Extra context menu item: &Grab video by Orbit - res://D:\Program Files\Orbitdownloader\orbitmxt.dll/204
    O8 - Extra context menu item: Do&wnload selected by Orbit - res://D:\Program Files\Orbitdownloader\orbitmxt.dll/203
    O8 - Extra context menu item: Down&load all by Orbit - res://D:\Program Files\Orbitdownloader\orbitmxt.dll/202
    O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - D:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - D:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra button: ShopperReports - Compare travel rates - {C5428486-50A0-4a02-9D20-520B59A9F9B3} - D:\WINDOWS\system32\shdocvw.dll
    O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
    O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
    O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - D:\Program Files\AVG\AVG8\avgpp.dll
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - D:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
    O20 - Winlogon Notify: avgrsstarter - D:\WINDOWS\SYSTEM32\avgrsstx.dll
    O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - D:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - D:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: ATI Smart - Unknown owner - D:\WINDOWS\system32\ati2sgag.exe
    O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - D:\PROGRA~1\AVG\AVG8\avgemc.exe
    O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - D:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
    O23 - Service: AdminWorks Agent X6 (AWService) - Avocent Inc. - C:\Acer\Empowering Technology\admServ.exe
    O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - D:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - D:\Program Files\Intel\Wireless\Bin\EvtEng.exe
    O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - D:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
    O23 - Service: iPod-service (iPod Service) - Apple Inc. - D:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - D:\Program Files\Java\jre6\bin\jqs.exe
    O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech - d:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe
    O23 - Service: LVSrvLauncher - Logitech Inc. - D:\Program Files\Common Files\Logitech\SrvLnch\SrvLnch.exe
    O23 - Service: PnkBstrA - Unknown owner - D:\WINDOWS\system32\PnkBstrA.exe
    O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - D:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
    O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - D:\Program Files\WinPcap\rpcapd.exe
    O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - D:\Program Files\Intel\Wireless\Bin\S24EvMon.exe


    End of file - 11581 bytes
  • Indien Virut in een herstelpunt zit opgeomen, dan zal dat rotvirus ook jouw computer zitten.

    Heb je mogelijk een normalerwijze te betalen programma gedownload en geaktiveerd dmv van crack of keygen?

    Download, installeer en blijf [b:7d8c615f33]MBAM[/b:7d8c615f33] gebruiken.
    Al meteen na de installatie wil [b:7d8c615f33]MBAM[/b:7d8c615f33] zijn database opwaarderen – toestaan dus.
    Ook bij herhaald gebruik: eerst de tab [b:7d8c615f33]Update[/b:7d8c615f33] aandoen!

    [b:7d8c615f33]Download MBAM[/b:7d8c615f33] (KLIK)

    Start [b:7d8c615f33]MBAM[/b:7d8c615f33] en kies voor [b:7d8c615f33]Snelle Scan[/b:7d8c615f33]


    [b:7d8c615f33]N.B.: Vistagebruik(st)ers starten MBAM middels rechtsklikken en dan kiezen voor Als Administrator uitvoeren.[/b:7d8c615f33]



    Het scannen kan een tijdje duren, dus wees geduldig.
    Wanneer de scan voltooid is, klik dan op de knop [b:7d8c615f33]OK[/b:7d8c615f33] , daarna op de knop [b:7d8c615f33]Bekijk Resultaten[/b:7d8c615f33] om de resultaten te zien.
    Zorg ervoor dat daar alles aangevinkt is, daarna klikken op: [b:7d8c615f33]Verwijder geselecteerde[/b:7d8c615f33] .
    Na het verwijderen zal een log openen en zal er gevraagd worden om de computer opnieuw op te starten.

    Het log wordt automatisch bewaard door [b:7d8c615f33]MBAM[/b:7d8c615f33] en dat kan je terugvinden door op de tab [b:7d8c615f33]Logs[/b:7d8c615f33] te klikken in [b:7d8c615f33]MBAM[/b:7d8c615f33] .

    Indien [b:7d8c615f33]MBAM[/b:7d8c615f33] moeilijkheden heeft met het verwijderen van bepaalde bestanden zal het enkele meldingen geven – dan telkens op [b:7d8c615f33]OK[/b:7d8c615f33] klikken!
    Daarna zal [b:7d8c615f33]MBAM[/b:7d8c615f33] vragen om de Computer opnieuw op te starten - dus sta toe dat de computer opnieuw opgestart wordt.



    Hierna een nieuw Hijack This Log aanmaken en het resultaat daarvan samen met het scanresultaat van MBAM posten;
    tevens een Uninstall-lijst posten (Start HijackThis, klik op de knop [b:7d8c615f33]Open the Misc Tools section[/b:7d8c615f33], dan op de knop [b:7d8c615f33]Open Uninstall Manager[/b:7d8c615f33] en als laatse op de knop [b:7d8c615f33]Save[/b:7d8c615f33]).
  • Malwarebytes' Anti-Malware 1.41
    Database versie: 3224
    Windows 5.1.2600 Service Pack 2

    24-11-2009 21:35:57
    mbam-log-2009-11-24 (21-35-57).txt

    Scan type: Snelle Scan
    Objecten gescand: 121535
    Verstreken tijd: 8 minute(s), 52 second(s)

    Geheugenprocessen geïnfecteerd: 0
    Geheugenmodulen geïnfecteerd: 0
    Registersleutels geïnfecteerd: 3
    Registerwaarden geïnfecteerd: 2
    Registerdata bestanden geïnfecteerd: 0
    Mappen geïnfecteerd: 3
    Bestanden geïnfecteerd: 5

    Geheugenprocessen geïnfecteerd:
    (Geen kwaadaardige items gevonden)

    Geheugenmodulen geïnfecteerd:
    (Geen kwaadaardige items gevonden)

    Registersleutels geïnfecteerd:
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{c5428486-50a0-4a02-9d20-520b59a9f9b3} (Adware.ShopperReports) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{c5428486-50a0-4a02-9d20-520b59a9f9b3} (Adware.ShopperReports) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\VB and VBA Program Settings\tm (Trojan.Downloader) -> Quarantined and deleted successfully.

    Registerwaarden geïnfecteerd:
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\taskman (Trojan.Agent) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Firefox\Extensions\Zango@Zango.com (Adware.Zango) -> Quarantined and deleted successfully.

    Registerdata bestanden geïnfecteerd:
    (Geen kwaadaardige items gevonden)

    Mappen geïnfecteerd:
    D:\Documents and Settings\Ken Peeters\Application Data\ErrorSmart (Rogue.ErrorSmart) -> Quarantined and deleted successfully.
    D:\Documents and Settings\Ken Peeters\Application Data\ErrorSmart\Log (Rogue.ErrorSmart) -> Quarantined and deleted successfully.
    D:\Documents and Settings\Ken Peeters\Application Data\ErrorSmart\Registry Backups (Rogue.ErrorSmart) -> Quarantined and deleted successfully.

    Bestanden geïnfecteerd:
    D:\RECYCLER\S-1-5-21-4306776925-5205042936-100240814-6966\rundll32.exe (Worm.Autorun.B) -> Quarantined and deleted successfully.
    D:\Documents and Settings\Ken Peeters\Application Data\ErrorSmart\Log\2008 Feb 04 - 10_19_33 PM_687.log (Rogue.ErrorSmart) -> Quarantined and deleted successfully.
    D:\Documents and Settings\Ken Peeters\Application Data\ErrorSmart\Log\2008 Feb 04 - 10_19_37 PM_437.log (Rogue.ErrorSmart) -> Quarantined and deleted successfully.
    D:\Documents and Settings\Ken Peeters\Application Data\ErrorSmart\Registry Backups\2008-02-04_22-26-52.reg (Rogue.ErrorSmart) -> Quarantined and deleted successfully.
    D:\WINDOWS\Tasks\ErrorSmart Scheduled Scan.job (Rogue.ErrorSmart) -> Quarantined and deleted successfully.

    —————————————————————————————-

    Hijackthis:

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 21:52:25, on 24-11-2009
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16574)
    Boot mode: Normal

    Running processes:
    D:\WINDOWS\System32\smss.exe
    D:\WINDOWS\system32\winlogon.exe
    D:\WINDOWS\system32\services.exe
    D:\WINDOWS\system32\lsass.exe
    D:\WINDOWS\system32\Ati2evxx.exe
    D:\WINDOWS\system32\svchost.exe
    D:\WINDOWS\System32\svchost.exe
    D:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
    D:\WINDOWS\system32\Ati2evxx.exe
    D:\WINDOWS\system32\spoolsv.exe
    d:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe
    D:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    D:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
    C:\Acer\Empowering Technology\admServ.exe
    D:\PROGRA~1\AVG\AVG8\avgrsx.exe
    D:\PROGRA~1\AVG\AVG8\avgnsx.exe
    D:\Program Files\Bonjour\mDNSResponder.exe
    D:\Program Files\Intel\Wireless\Bin\EvtEng.exe
    D:\Program Files\Java\jre6\bin\jqs.exe
    D:\WINDOWS\system32\PnkBstrA.exe
    D:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
    D:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
    D:\WINDOWS\System32\snmp.exe
    D:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
    D:\WINDOWS\system32\svchost.exe
    D:\PROGRA~1\AVG\AVG8\avgemc.exe
    D:\WINDOWS\Explorer.EXE
    D:\Program Files\AVG\AVG8\avgcsrvx.exe
    C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
    C:\Acer\Empowering Technology\admtray.exe
    D:\PROGRA~1\LAUNCH~1\QtZgAcer.EXE
    C:\Acer\Empowering Technology\ePower\ePower_DMC.exe
    D:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    D:\WINDOWS\RTHDCPL.EXE
    D:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
    D:\WINDOWS\SkyTel.EXE
    D:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
    D:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
    D:\PROGRA~1\AVG\AVG8\avgtray.exe
    D:\WINDOWS\system32\wbem\unsecapp.exe
    D:\Program Files\Java\jre6\bin\jusched.exe
    D:\Program Files\Common Files\Logitech\LComMgr\Communications_Helper.exe
    D:\Program Files\Common Files\Logitech\LComMgr\LVComSX.exe
    D:\Program Files\Acer\OrbiCam10\OrbiCam.exe
    D:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe
    D:\WINDOWS\system32\ctfmon.exe
    D:\Program Files\Pando Networks\Media Booster\PMB.exe
    D:\Program Files\Messenger\msmsgs.exe
    D:\DOCUME~1\Ken\LOCALS~1\Temp\RtkBtMnt.exe
    D:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
    D:\Program Files\Mozilla Firefox\firefox.exe
    D:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
    D:\WINDOWS\system32\NOTEPAD.EXE
    D:\WINDOWS\system32
    otepad.exe
    D:\Program Files\Java\jre6\bin\jucheck.exe
    D:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = ${URL_SEARCHPAGE}
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = ${URL_SEARCHPAGE}
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
    R3 - URLSearchHook: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - D:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll
    O2 - BHO: btorbit.com - {000123B4-9B42-4900-B3F7-F4B073EFC214} - D:\Program Files\Orbitdownloader\orbitcth.dll
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - D:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - D:\Program Files\AskBarDis\bar\bin\askBar.dll
    O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - D:\Program Files\AVG\AVG8\avgssie.dll
    O2 - BHO: PHPNukeDU Toolbar - {46735dee-f862-49d1-876d-6382794dc625} - D:\Program Files\PHPNukeDU\tbPHPN.dll
    O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - D:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\Program Files\Java\jre6\bin\ssv.dll
    O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - D:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - D:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll
    O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - D:\Program Files\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - D:\Program Files\Windows Live\Toolbar\wltcore.dll
    O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - D:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    O3 - Toolbar: AVG Security Toolbar - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - D:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll
    O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - D:\Program Files\Windows Live\Toolbar\wltcore.dll
    O3 - Toolbar: Foxit Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - D:\Program Files\AskBarDis\bar\bin\askBar.dll
    O3 - Toolbar: PHPNukeDU Toolbar - {46735dee-f862-49d1-876d-6382794dc625} - D:\Program Files\PHPNukeDU\tbPHPN.dll
    O3 - Toolbar: Grab Pro - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - D:\Program Files\Orbitdownloader\GrabPro.dll
    O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
    O4 - HKLM\..\Run: [ADMTray.exe] "C:\Acer\Empowering Technology\admtray.exe"
    O4 - HKLM\..\Run: [LManager] D:\PROGRA~1\LAUNCH~1\QtZgAcer.EXE
    O4 - HKLM\..\Run: [ePower_DMC] C:\Acer\Empowering Technology\ePower\ePower_DMC.exe
    O4 - HKLM\..\Run: [Acer ePower Management] C:\Acer\Empowering Technology\ePower\Acer ePower Management.exe boot
    O4 - HKLM\..\Run: [SynTPLpr] D:\Program Files\Synaptics\SynTP\SynTPLpr.exe
    O4 - HKLM\..\Run: [SynTPEnh] D:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    O4 - HKLM\..\Run: [StartCCC] "D:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
    O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
    O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
    O4 - HKLM\..\Run: [IntelZeroConfig] "D:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe"
    O4 - HKLM\..\Run: [IntelWireless] "D:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
    O4 - HKLM\..\Run: [AVG8_TRAY] D:\PROGRA~1\AVG\AVG8\avgtray.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "D:\Program Files\Java\jre6\bin\jusched.exe"
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "D:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [DXM6Patch_981116] D:\WINDOWS\p_981116.exe /Q:A
    O4 - HKLM\..\Run: [QuickTime Task] "D:\Program Files\QuickTime\QTTask.exe" -atboottime
    O4 - HKLM\..\Run: [LogitechCommunicationsManager] "D:\Program Files\Common Files\Logitech\LComMgr\Communications_Helper.exe"
    O4 - HKLM\..\Run: [LVCOMSX] "D:\Program Files\Common Files\Logitech\LComMgr\LVComSX.exe"
    O4 - HKLM\..\Run: [AcerOrbicamRibbon] "D:\Program Files\Acer\OrbiCam10\OrbiCam.exe" /hide
    O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "D:\Program Files\Malwarebytes' Anti-Malware\mbam.exe"
    uncleanupscript
    O4 - HKCU\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [Pando Media Booster] D:\Program Files\Pando Networks\Media Booster\PMB.exe
    O4 - HKCU\..\Run: [MSMSGS] "D:\Program Files\Messenger\msmsgs.exe" /background
    O4 - HKCU\..\Run: [msnmsgr] "D:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O8 - Extra context menu item: &Download by Orbit - res://D:\Program Files\Orbitdownloader\orbitmxt.dll/201
    O8 - Extra context menu item: &Grab video by Orbit - res://D:\Program Files\Orbitdownloader\orbitmxt.dll/204
    O8 - Extra context menu item: Do&wnload selected by Orbit - res://D:\Program Files\Orbitdownloader\orbitmxt.dll/203
    O8 - Extra context menu item: Down&load all by Orbit - res://D:\Program Files\Orbitdownloader\orbitmxt.dll/202
    O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - D:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - D:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
    O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
    O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - D:\Program Files\AVG\AVG8\avgpp.dll
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - D:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
    O20 - Winlogon Notify: avgrsstarter - D:\WINDOWS\SYSTEM32\avgrsstx.dll
    O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - D:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - D:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: ATI Smart - Unknown owner - D:\WINDOWS\system32\ati2sgag.exe
    O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - D:\PROGRA~1\AVG\AVG8\avgemc.exe
    O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - D:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
    O23 - Service: AdminWorks Agent X6 (AWService) - Avocent Inc. - C:\Acer\Empowering Technology\admServ.exe
    O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - D:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - D:\Program Files\Intel\Wireless\Bin\EvtEng.exe
    O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - D:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
    O23 - Service: iPod-service (iPod Service) - Apple Inc. - D:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - D:\Program Files\Java\jre6\bin\jqs.exe
    O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech - d:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe
    O23 - Service: LVSrvLauncher - Logitech Inc. - D:\Program Files\Common Files\Logitech\SrvLnch\SrvLnch.exe
    O23 - Service: PnkBstrA - Unknown owner - D:\WINDOWS\system32\PnkBstrA.exe
    O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - D:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
    O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - D:\Program Files\WinPcap\rpcapd.exe
    O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - D:\Program Files\Intel\Wireless\Bin\S24EvMon.exe


    End of file - 11657 bytes

    —————————————————————————————-

    Acer Camera-stuurprogramma
    Acer eDataSecurity Management 1.00.23
    Acer eLock Management
    Acer Empowering Technology framework
    Acer eNet Management
    Acer ePerformance Management
    Acer ePower Management
    Acer ePresentation Management
    Acer eSettings Management
    Acer GridVista
    Acer OrbiCam
    Acer OrbiCam Application
    Acrobat.com
    Acrobat.com
    Adobe AIR
    Adobe AIR
    Adobe Flash Player 10 ActiveX
    Adobe Flash Player 10 Plugin
    Adobe Reader 9.1.3
    Adobe Shockwave Player 11
    AhnLab Online Security
    Apple Application Support
    Apple Mobile Device Support
    Apple Software Update
    ATI - Software Uninstall Utility
    ATI Catalyst Control Center
    ATI Display Driver
    AVerMedia M103 Driver Uninstaller
    AVerMedia M115 Driver Uninstaller
    AVG 8.5
    Beveiligingsupdate for Windows XP (KB941569)
    Beveiligingsupdate voor Windows Internet Explorer 7 (KB938127)
    Beveiligingsupdate voor Windows Internet Explorer 7 (KB942615)
    Beveiligingsupdate voor Windows Media Player (KB911564)
    Beveiligingsupdate voor Windows Media Player 11 (KB936782)
    Beveiligingsupdate voor Windows Media Player 6.4 (KB925398)
    Beveiligingsupdate voor Windows Media Player 9 (KB936782)
    Beveiligingsupdate voor Windows XP (KB890046)
    Beveiligingsupdate voor Windows XP (KB893756)
    Beveiligingsupdate voor Windows XP (KB896358)
    Beveiligingsupdate voor Windows XP (KB896423)
    Beveiligingsupdate voor Windows XP (KB896428)
    Beveiligingsupdate voor Windows XP (KB899587)
    Beveiligingsupdate voor Windows XP (KB899591)
    Beveiligingsupdate voor Windows XP (KB900725)
    Beveiligingsupdate voor Windows XP (KB901017)
    Beveiligingsupdate voor Windows XP (KB901214)
    Beveiligingsupdate voor Windows XP (KB902400)
    Beveiligingsupdate voor Windows XP (KB905414)
    Beveiligingsupdate voor Windows XP (KB905749)
    Beveiligingsupdate voor Windows XP (KB908519)
    Beveiligingsupdate voor Windows XP (KB911562)
    Beveiligingsupdate voor Windows XP (KB911927)
    Beveiligingsupdate voor Windows XP (KB913580)
    Beveiligingsupdate voor Windows XP (KB914388)
    Beveiligingsupdate voor Windows XP (KB914389)
    Beveiligingsupdate voor Windows XP (KB918118)
    Beveiligingsupdate voor Windows XP (KB918439)
    Beveiligingsupdate voor Windows XP (KB919007)
    Beveiligingsupdate voor Windows XP (KB920213)
    Beveiligingsupdate voor Windows XP (KB920670)
    Beveiligingsupdate voor Windows XP (KB920683)
    Beveiligingsupdate voor Windows XP (KB920685)
    Beveiligingsupdate voor Windows XP (KB921503)
    Beveiligingsupdate voor Windows XP (KB922819)
    Beveiligingsupdate voor Windows XP (KB923191)
    Beveiligingsupdate voor Windows XP (KB923414)
    Beveiligingsupdate voor Windows XP (KB923980)
    Beveiligingsupdate voor Windows XP (KB924270)
    Beveiligingsupdate voor Windows XP (KB924667)
    Beveiligingsupdate voor Windows XP (KB925902)
    Beveiligingsupdate voor Windows XP (KB926247)
    Beveiligingsupdate voor Windows XP (KB926255)
    Beveiligingsupdate voor Windows XP (KB926436)
    Beveiligingsupdate voor Windows XP (KB927779)
    Beveiligingsupdate voor Windows XP (KB927802)
    Beveiligingsupdate voor Windows XP (KB928255)
    Beveiligingsupdate voor Windows XP (KB928843)
    Beveiligingsupdate voor Windows XP (KB929123)
    Beveiligingsupdate voor Windows XP (KB930178)
    Beveiligingsupdate voor Windows XP (KB931261)
    Beveiligingsupdate voor Windows XP (KB931784)
    Beveiligingsupdate voor Windows XP (KB932168)
    Beveiligingsupdate voor Windows XP (KB933729)
    Beveiligingsupdate voor Windows XP (KB935839)
    Beveiligingsupdate voor Windows XP (KB935840)
    Beveiligingsupdate voor Windows XP (KB936021)
    Beveiligingsupdate voor Windows XP (KB937894)
    Beveiligingsupdate voor Windows XP (KB938829)
    Beveiligingsupdate voor Windows XP (KB941202)
    Beveiligingsupdate voor Windows XP (KB941568)
    Beveiligingsupdate voor Windows XP (KB941644)
    Beveiligingsupdate voor Windows XP (KB943460)
    Beveiligingsupdate voor Windows XP (KB943485)
    Beveiligingsupdate voor Windows XP (KB944653)
    Bonjour
    Call of Duty(R) 4 - Modern Warfare(TM)
    Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch
    Cucusoft Zune Video Converter 7.08
    Emicsoft FLV Converter
    Foxit Toolbar
    Free FLV to AVI Video Converter v. 1.0
    GameSpy Arcade
    High Definition Audio Driver Package - KB888111
    HijackThis 2.0.2
    Hotfix for Windows Media Format 11 SDK (KB929399)
    Hotfix for Windows XP (KB915865)
    Hotfix for Windows XP (KB926239)
    Hotfix voor Windows Media Player 11 (KB939683)
    Hotfix voor Windows XP (KB935448)
    Intel(R) PROSet/Wireless Software
    iTunes
    J2SE Runtime Environment 5.0 Update 9
    Java DB 10.4.1.3
    Java Platform, Enterprise Edition 5 SDK
    Java(TM) 6 Update 13
    Java(TM) 6 Update 2
    Java(TM) 6 Update 3
    Java(TM) 6 Update 5
    Java(TM) 6 Update 7
    Java(TM) SE Development Kit 6 Update 13
    Junk Mail filter update
    Launch Manager
    LimeWire 5.1.2
    Logitech Video Enumerator
    Magic ISO Maker v5.4 (build 0256)
    Malwarebytes' Anti-Malware
    mCore
    mDriver
    mDrWiFi
    Messenger Plus! Live
    mHelp
    Microsoft .NET Framework 1.1
    Microsoft .NET Framework 1.1
    Microsoft .NET Framework 1.1 Hotfix (KB928366)
    Microsoft .NET Framework 2.0 Service Pack 2
    Microsoft .NET Framework 3.0 Service Pack 2
    Microsoft .NET Framework 3.5
    Microsoft .NET Framework 3.5
    Microsoft Choice Guard
    Microsoft Compression Client Pack 1.0 for Windows XP
    Microsoft Games for Windows - LIVE Redistributable
    Microsoft Internationalized Domain Names Mitigation APIs
    Microsoft National Language Support Downlevel APIs
    Microsoft Office Accounting 2008
    Microsoft Office Accounting 2008
    Microsoft Office Accounting 2008 Equifax Addin
    Microsoft Office Accounting 2008 Fixed Asset Manager
    Microsoft Office Accounting 2008 PayPal Addin
    Microsoft Office Accounting ADP Payroll Addin
    Microsoft Office Excel Viewer 2003
    Microsoft Office Live Add-in 1.3
    Microsoft Office PowerPoint Viewer 2003
    Microsoft Office Professional Edition 2003
    Microsoft Office Small Business Connectivity Components
    Microsoft Office Word Viewer 2003
    Microsoft Search Enhancement Pack
    Microsoft Silverlight
    Microsoft SQL Server 2005
    Microsoft SQL Server 2005 Compact Edition [ENU]
    Microsoft SQL Server 2005 Express Edition (MSSMLBIZ)
    Microsoft SQL Server 2005 Tools Express Edition
    Microsoft SQL Server Native Client
    Microsoft SQL Server Setup Support Files (English)
    Microsoft SQL Server VSS Writer
    Microsoft Sync Framework Runtime Native v1.0 (x86)
    Microsoft Sync Framework Services Native v1.0 (x86)
    Microsoft User-Mode Driver Framework Feature Pack 1.0
    Microsoft Visual C++ 2005 Redistributable
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
    Microsoft Windows Journal Viewer
    mIWA
    mLogView
    mMHouse
    Mozilla Firefox (3.0.15)
    mPfMgr
    mPfWiz
    mProSafe
    mSCfg
    MSVCRT
    MSXML 4.0 SP2 (KB936181)
    MSXML 4.0 SP2 Parser and SDK
    MSXML 6.0 Parser (KB933579)
    MSXML4 Parser
    MVision
    mWlsSafe
    mZConfig
    ObjectDock
    Orbit Downloader
    Pando Media Booster
    PHPNukeDU Toolbar
    PKR
    QuickPar 0.9
    QuickTime
    Realtek High Definition Audio Driver
    Replay Media Catcher 3.11
    RollerCoaster Tycoon 2
    RollerCoaster Tycoon 2
    RollerCoaster Tycoon 2: Time Twister
    SAMSUNG CDMA Modem Driver Set
    Samsung Mobile phone USB driver Software
    SAMSUNG Mobile USB Modem 1.0 Software
    SAMSUNG Mobile USB Modem Software
    Samsung PC Studio
    Security Update for CAPICOM (KB931906)
    Security Update for CAPICOM (KB931906)
    Segoe UI
    Skype web features
    Skype™ 4.1
    SMSC IrCC V5.1.3600.7
    SplitCam
    Super DVD to iPod Converter 5.8
    Super Video Converter 5.8
    Synaptics Pointing Device Driver
    TAC Engine v2.2-2
    Teach2000 8.31
    Texas Instruments PCIxx21/x515 drivers.
    TweakNow RegCleaner Standard
    Update voor Windows XP (KB894391)
    Update voor Windows XP (KB898461)
    Update voor Windows XP (KB900485)
    Update voor Windows XP (KB908531)
    Update voor Windows XP (KB910437)
    Update voor Windows XP (KB911280)
    Update voor Windows XP (KB916595)
    Update voor Windows XP (KB920872)
    Update voor Windows XP (KB922582)
    Update voor Windows XP (KB925720)
    Update voor Windows XP (KB927891)
    Update voor Windows XP (KB930916)
    Update voor Windows XP (KB936357)
    Update voor Windows XP (KB938828)
    Update voor Windows XP (KB942763)
    Vegas Pro 9.0
    VideoGet
    Videora iPod Converter 5.03
    VLC media player 1.0.0
    Weet wat je eet
    Windows Imaging Component
    Windows Installer 3.1 (KB893803)
    Windows Internet Explorer 7
    Windows Live - Hulpprogramma voor uploaden
    Windows Live aanmeldhulp
    Windows Live Call
    Windows Live Communications Platform
    Windows Live Essentials
    Windows Live Essentials
    Windows Live Family Safety
    Windows Live Mail
    Windows Live Messenger
    Windows Live Photo Gallery
    Windows Live Sync
    Windows Live Toolbar
    Windows Live Writer
    Windows Media Format 11 runtime
    Windows Media Format 11 runtime
    Windows Media Player 11
    Windows Media Player 11
    Windows XP Hotfix - KB873339
    Windows XP Hotfix - KB885835
    Windows XP Hotfix - KB885836
    Windows XP Hotfix - KB886185
    Windows XP Hotfix - KB887472
    Windows XP Hotfix - KB888302
    Windows XP Hotfix - KB890859
    Windows XP Hotfix - KB891781
    WinRAR
    WinZip 11.1
    Xbox 360 Controller for Windows
    YouTube Downloader App 2.03
    Zylom Games Player Plugin
  • Hallo kenn32, MBAM heeft dus al het nodige verwijdert!

    Heb je in jouw Windows ook programma's geïnstalleert en geaktiveert d.m.v. cracks of keygens?

    Deze vraag heeft betrekking op jouw Windows: waarom heb je nog geen upgrade gedaan naar ServicePack 3?

    Is jouw AVG de gratis variant?

    ————————————————————————————–

    Deïnstalleer de volgende toolbars:
    PHPNukeDU Toolbar
    AskBar


    Je hebt diverse Java Runtimes in jouw Windows zitten, waarvan sommige al zeer oud en dat alles vormt een groot veiligheidslek!


    [b:9f0bfd88e4]Java runtime dient net zoals de Adobe Flashplayer altijd actueel te zijn!
    Hou het altijd op één geïnstalleerde Java-runtime![/b:9f0bfd88e4]

    Download naar je bureaublad : [i:9f0bfd88e4][b:9f0bfd88e4]Java SE Runtime Environment (JRE) 6 update 17[/b:9f0bfd88e4][/i:9f0bfd88e4]

    Nu ga je eerst naar [b:9f0bfd88e4]Configuratiescherm /Software[/b:9f0bfd88e4] en dan verwijder je [b:9f0bfd88e4]
    Java SE Runtime Environment (JRE) 6 Update 02
    Java SE Runtime Environment (JRE) 6 Update 03
    Java SE Runtime Environment (JRE) 6 Update 05
    Java SE Runtime Environment (JRE) 6 Update 07
    Java SE Runtime Environment (JRE) 6 Update 13
    [/b:9f0bfd88e4].

    Hierna de computer opnieuw starten!

    Daarna kan je de nieuwe versie van Java installeren!


    Post een nieuw HJT-log.
  • Hoi,

    Ja mijn AVG is de gratis variant.

    Ik heb een paar programma's geïnstalleerd d.m.v. cracks, nl:
    Rollercoaster Tycoon 2
    Sony Vegas Pro 9.0
    VideoGet

    Ik ben nogal een leek op het gebied van Windows, dus ik weet niet hoe en waarom ik zou moeten upgraden naar Service Pack 3… :?

    —————————————————————————————–

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 13:45:05, on 25-11-2009
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16574)
    Boot mode: Normal

    Running processes:
    D:\WINDOWS\System32\smss.exe
    D:\WINDOWS\system32\winlogon.exe
    D:\WINDOWS\system32\services.exe
    D:\WINDOWS\system32\lsass.exe
    D:\WINDOWS\system32\Ati2evxx.exe
    D:\WINDOWS\system32\svchost.exe
    D:\WINDOWS\System32\svchost.exe
    D:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
    D:\WINDOWS\system32\Ati2evxx.exe
    D:\WINDOWS\system32\spoolsv.exe
    d:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe
    D:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    D:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
    C:\Acer\Empowering Technology\admServ.exe
    D:\PROGRA~1\AVG\AVG8\avgrsx.exe
    D:\PROGRA~1\AVG\AVG8\avgnsx.exe
    D:\Program Files\Bonjour\mDNSResponder.exe
    D:\Program Files\Intel\Wireless\Bin\EvtEng.exe
    D:\WINDOWS\system32\PnkBstrA.exe
    D:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
    D:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
    D:\WINDOWS\System32\snmp.exe
    D:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
    D:\WINDOWS\system32\svchost.exe
    D:\PROGRA~1\AVG\AVG8\avgemc.exe
    D:\Program Files\AVG\AVG8\avgcsrvx.exe
    D:\WINDOWS\Explorer.EXE
    C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
    C:\Acer\Empowering Technology\admtray.exe
    D:\PROGRA~1\LAUNCH~1\QtZgAcer.EXE
    C:\Acer\Empowering Technology\ePower\ePower_DMC.exe
    D:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    D:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
    D:\WINDOWS\RTHDCPL.EXE
    D:\WINDOWS\SkyTel.EXE
    D:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
    D:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
    D:\PROGRA~1\AVG\AVG8\avgtray.exe
    D:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe
    D:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe
    D:\Program Files\Common Files\Logitech\LComMgr\Communications_Helper.exe
    D:\WINDOWS\system32\wbem\unsecapp.exe
    D:\Program Files\Common Files\Logitech\LComMgr\LVComSX.exe
    D:\Program Files\Acer\OrbiCam10\OrbiCam.exe
    D:\WINDOWS\system32\ctfmon.exe
    D:\Program Files\Messenger\msmsgs.exe
    D:\DOCUME~1\Ken\LOCALS~1\Temp\RtkBtMnt.exe
    D:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
    D:\WINDOWS\system32\msiexec.exe
    D:\Program Files\Java\jre6\bin\jusched.exe
    D:\Program Files\Java\jre6\bin\jqs.exe
    D:\Program Files\Trend Micro\HijackThis\HijackThis.exe
    D:\Program Files\Mozilla Firefox\firefox.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = ${URL_SEARCHPAGE}
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = ${URL_SEARCHPAGE}
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
    R3 - URLSearchHook: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - D:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - D:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - D:\Program Files\AVG\AVG8\avgssie.dll
    O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - D:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
    O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - D:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - D:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll
    O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - D:\Program Files\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - D:\Program Files\Windows Live\Toolbar\wltcore.dll
    O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - D:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    O3 - Toolbar: AVG Security Toolbar - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - D:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll
    O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - D:\Program Files\Windows Live\Toolbar\wltcore.dll
    O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
    O4 - HKLM\..\Run: [ADMTray.exe] "C:\Acer\Empowering Technology\admtray.exe"
    O4 - HKLM\..\Run: [LManager] D:\PROGRA~1\LAUNCH~1\QtZgAcer.EXE
    O4 - HKLM\..\Run: [ePower_DMC] C:\Acer\Empowering Technology\ePower\ePower_DMC.exe
    O4 - HKLM\..\Run: [Acer ePower Management] C:\Acer\Empowering Technology\ePower\Acer ePower Management.exe boot
    O4 - HKLM\..\Run: [SynTPLpr] D:\Program Files\Synaptics\SynTP\SynTPLpr.exe
    O4 - HKLM\..\Run: [SynTPEnh] D:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    O4 - HKLM\..\Run: [StartCCC] "D:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
    O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
    O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
    O4 - HKLM\..\Run: [IntelZeroConfig] "D:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe"
    O4 - HKLM\..\Run: [IntelWireless] "D:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
    O4 - HKLM\..\Run: [AVG8_TRAY] D:\PROGRA~1\AVG\AVG8\avgtray.exe
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "D:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [DXM6Patch_981116] D:\WINDOWS\p_981116.exe /Q:A
    O4 - HKLM\..\Run: [QuickTime Task] "D:\Program Files\QuickTime\QTTask.exe" -atboottime
    O4 - HKLM\..\Run: [LogitechCommunicationsManager] "D:\Program Files\Common Files\Logitech\LComMgr\Communications_Helper.exe"
    O4 - HKLM\..\Run: [LVCOMSX] "D:\Program Files\Common Files\Logitech\LComMgr\LVComSX.exe"
    O4 - HKLM\..\Run: [AcerOrbicamRibbon] "D:\Program Files\Acer\OrbiCam10\OrbiCam.exe" /hide
    O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "D:\Program Files\Malwarebytes' Anti-Malware\mbam.exe"
    uncleanupscript
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "D:\Program Files\Java\jre6\bin\jusched.exe"
    O4 - HKCU\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [MSMSGS] "D:\Program Files\Messenger\msmsgs.exe" /background
    O4 - HKCU\..\Run: [msnmsgr] "D:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - D:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - D:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
    O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
    O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - D:\Program Files\AVG\AVG8\avgpp.dll
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - D:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
    O20 - Winlogon Notify: avgrsstarter - D:\WINDOWS\SYSTEM32\avgrsstx.dll
    O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - D:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - D:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: ATI Smart - Unknown owner - D:\WINDOWS\system32\ati2sgag.exe
    O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - D:\PROGRA~1\AVG\AVG8\avgemc.exe
    O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - D:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
    O23 - Service: AdminWorks Agent X6 (AWService) - Avocent Inc. - C:\Acer\Empowering Technology\admServ.exe
    O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - D:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - D:\Program Files\Intel\Wireless\Bin\EvtEng.exe
    O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - D:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
    O23 - Service: iPod-service (iPod Service) - Apple Inc. - D:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - D:\Program Files\Java\jre6\bin\jqs.exe
    O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech - d:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe
    O23 - Service: LVSrvLauncher - Logitech Inc. - D:\Program Files\Common Files\Logitech\SrvLnch\SrvLnch.exe
    O23 - Service: PnkBstrA - Unknown owner - D:\WINDOWS\system32\PnkBstrA.exe
    O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - D:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
    O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - D:\Program Files\WinPcap\rpcapd.exe
    O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - D:\Program Files\Intel\Wireless\Bin\S24EvMon.exe


    End of file - 10199 bytes
  • Hallo kenn32, [b:c0ef4b03fc]maar waarom mis ik nu het log van MBAM?[/b:c0ef4b03fc]
    Post dat in je volgende bericht!

    Dat nu in een herstelpunt virut zit, is het gevolg van die cracks, die je gebruikt hebt.
    Internetcriminelen breiden elke dag hun aktiviteiten verder uit - dus je bent gewaarschuwd. Want gebruik je in de toekomst een nieuwe crack, dan is de kans bijna 100%, dat de nieuwste variant van virut in je Windows terecht komt.
    En dan is er maar één remedie: Windows schoon installeren!

    Je gaat er dus nu voor zorgen, dat de besmette herstelpunten uit je computer verdwijnen:
    Klik met rechts op [b:c0ef4b03fc]Deze computer [/b:c0ef4b03fc]en kies [b:c0ef4b03fc]Eigenschappen[/b:c0ef4b03fc].
    Klik op de tab [b:c0ef4b03fc]Systeemherstel[/b:c0ef4b03fc] en schakel [b:c0ef4b03fc]Systeemherstel[/b:c0ef4b03fc] uit.
    Herstart je computer, daardoor worden alle herstelpunten, waaronder ook de vervuilde, gewist.
    Na herstart via dezelfde weg Systeemherstel weer inschakelen.
    Zo nodig kan je dan via [b:c0ef4b03fc]Start[/b:c0ef4b03fc]>[b:c0ef4b03fc]Alle Programma's[/b:c0ef4b03fc]>[b:c0ef4b03fc]Bureau-accessoires[/b:c0ef4b03fc]>[b:c0ef4b03fc]Systeemwerkset[/b:c0ef4b03fc]>[b:c0ef4b03fc]Systeemherstel[/b:c0ef4b03fc] een nieuw herstelpunt maken!


    Waarom ServicePack 3: vanaf dat ServicePack 3 in jouw Windows is geïnstalleerd, wordt jouw Windows weer volledig door Microsoft ondersteund met veiligheidsupdates!

    http://www.microsoft.com/downloads/details.aspx?FamilyID=5b33b5a8-5e76-401f-be08-1e1555d4f3d4&DisplayLang=nl

    Tenslotte jouw AVG-versie: er is een nieuwe AVG-versie 9.0 uit, deze nieuwe versie draait een stuk lichter in jouw Windows!

    http://free.avg.com/nl-nl/downloaden?prd=afg
  • [b:b54d4e9991]Ok! Bedankt :D[/b:b54d4e9991]

    ————————————————————————————

    Malwarebytes' Anti-Malware 1.41
    Database versie: 3224
    Windows 5.1.2600 Service Pack 3

    25-11-2009 18:39:20
    mbam-log-2009-11-25 (18-39-20).txt

    Scan type: Snelle Scan
    Objecten gescand: 121623
    Verstreken tijd: 12 minute(s), 45 second(s)

    Geheugenprocessen geïnfecteerd: 0
    Geheugenmodulen geïnfecteerd: 0
    Registersleutels geïnfecteerd: 0
    Registerwaarden geïnfecteerd: 0
    Registerdata bestanden geïnfecteerd: 0
    Mappen geïnfecteerd: 0
    Bestanden geïnfecteerd: 0

    Geheugenprocessen geïnfecteerd:
    (Geen kwaadaardige items gevonden)

    Geheugenmodulen geïnfecteerd:
    (Geen kwaadaardige items gevonden)

    Registersleutels geïnfecteerd:
    (Geen kwaadaardige items gevonden)

    Registerwaarden geïnfecteerd:
    (Geen kwaadaardige items gevonden)

    Registerdata bestanden geïnfecteerd:
    (Geen kwaadaardige items gevonden)

    Mappen geïnfecteerd:
    (Geen kwaadaardige items gevonden)

    Bestanden geïnfecteerd:
    (Geen kwaadaardige items gevonden)

    ————————————————————————————-

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 18:40:29, on 25-11-2009
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16574)
    Boot mode: Normal

    Running processes:
    D:\WINDOWS\System32\smss.exe
    D:\WINDOWS\system32\winlogon.exe
    D:\WINDOWS\system32\services.exe
    D:\WINDOWS\system32\lsass.exe
    D:\WINDOWS\system32\Ati2evxx.exe
    D:\WINDOWS\system32\svchost.exe
    D:\WINDOWS\System32\svchost.exe
    D:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
    D:\WINDOWS\system32\spoolsv.exe
    d:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe
    D:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    C:\Acer\Empowering Technology\admServ.exe
    D:\Program Files\Bonjour\mDNSResponder.exe
    D:\Program Files\Intel\Wireless\Bin\EvtEng.exe
    D:\Program Files\Java\jre6\bin\jqs.exe
    D:\Program Files\AVG\AVG9\avgrsx.exe
    D:\Program Files\AVG\AVG9\avgcsrvx.exe
    D:\WINDOWS\system32\Ati2evxx.exe
    D:\Program Files\AVG\AVG9\avgrsx.exe
    D:\Program Files\AVG\AVG9\avgcsrvx.exe
    D:\WINDOWS\system32\PnkBstrA.exe
    D:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
    D:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
    D:\WINDOWS\System32\snmp.exe
    D:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
    D:\WINDOWS\system32\svchost.exe
    D:\WINDOWS\Explorer.EXE
    C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
    C:\Acer\Empowering Technology\admtray.exe
    D:\PROGRA~1\LAUNCH~1\QtZgAcer.EXE
    D:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    D:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
    D:\WINDOWS\RTHDCPL.EXE
    D:\WINDOWS\SkyTel.EXE
    D:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
    D:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
    D:\Program Files\Common Files\Logitech\LComMgr\Communications_Helper.exe
    D:\Program Files\Common Files\Logitech\LComMgr\LVComSX.exe
    D:\Program Files\Java\jre6\bin\jusched.exe
    D:\WINDOWS\system32\ctfmon.exe
    D:\Program Files\Messenger\msmsgs.exe
    D:\DOCUME~1\Ken\LOCALS~1\Temp\RtkBtMnt.exe
    D:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
    D:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe
    D:\Program Files\AVG\AVG9\avgchsvx.exe
    D:\Program Files\AVG\AVG9\avgwdsvc.exe
    D:\Program Files\AVG\AVG9\avgnsx.exe
    D:\Program Files\AVG\AVG9\avgemc.exe
    D:\Program Files\AVG\AVG9\avgcsrvx.exe
    D:\Program Files\AVG\AVG9\avgtray.exe
    D:\Program Files\Mozilla Firefox\firefox.exe
    D:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = ${URL_SEARCHPAGE}
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = ${URL_SEARCHPAGE}
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - D:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - D:\Program Files\AVG\AVG9\avgssie.dll
    O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - D:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
    O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - D:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - D:\Program Files\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - D:\Program Files\Windows Live\Toolbar\wltcore.dll
    O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - D:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    O3 - Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
    O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - D:\Program Files\Windows Live\Toolbar\wltcore.dll
    O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
    O4 - HKLM\..\Run: [ADMTray.exe] "C:\Acer\Empowering Technology\admtray.exe"
    O4 - HKLM\..\Run: [LManager] D:\PROGRA~1\LAUNCH~1\QtZgAcer.EXE
    O4 - HKLM\..\Run: [ePower_DMC] C:\Acer\Empowering Technology\ePower\ePower_DMC.exe
    O4 - HKLM\..\Run: [Acer ePower Management] C:\Acer\Empowering Technology\ePower\Acer ePower Management.exe boot
    O4 - HKLM\..\Run: [SynTPLpr] D:\Program Files\Synaptics\SynTP\SynTPLpr.exe
    O4 - HKLM\..\Run: [SynTPEnh] D:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    O4 - HKLM\..\Run: [StartCCC] "D:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
    O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
    O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
    O4 - HKLM\..\Run: [IntelZeroConfig] "D:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe"
    O4 - HKLM\..\Run: [IntelWireless] "D:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "D:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [DXM6Patch_981116] D:\WINDOWS\p_981116.exe /Q:A
    O4 - HKLM\..\Run: [QuickTime Task] "D:\Program Files\QuickTime\QTTask.exe" -atboottime
    O4 - HKLM\..\Run: [LogitechCommunicationsManager] "D:\Program Files\Common Files\Logitech\LComMgr\Communications_Helper.exe"
    O4 - HKLM\..\Run: [LVCOMSX] "D:\Program Files\Common Files\Logitech\LComMgr\LVComSX.exe"
    O4 - HKLM\..\Run: [AcerOrbicamRibbon] "D:\Program Files\Acer\OrbiCam10\OrbiCam.exe" /hide
    O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "D:\Program Files\Malwarebytes' Anti-Malware\mbam.exe"
    uncleanupscript
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "D:\Program Files\Java\jre6\bin\jusched.exe"
    O4 - HKLM\..\Run: [AVG9_TRAY] D:\PROGRA~1\AVG\AVG9\avgtray.exe
    O4 - HKCU\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [MSMSGS] "D:\Program Files\Messenger\msmsgs.exe" /background
    O4 - HKCU\..\Run: [msnmsgr] "D:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - D:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - D:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - D:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - D:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
    O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
    O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - D:\Program Files\AVG\AVG9\avgpp.dll
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - D:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
    O20 - Winlogon Notify: avgrsstarter - D:\WINDOWS\SYSTEM32\avgrsstx.dll
    O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - D:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - D:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: ATI Smart - Unknown owner - D:\WINDOWS\system32\ati2sgag.exe
    O23 - Service: AVG Free E-mail Scanner (avg9emc) - AVG Technologies CZ, s.r.o. - D:\Program Files\AVG\AVG9\avgemc.exe
    O23 - Service: AVG Free WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - D:\Program Files\AVG\AVG9\avgwdsvc.exe
    O23 - Service: AdminWorks Agent X6 (AWService) - Avocent Inc. - C:\Acer\Empowering Technology\admServ.exe
    O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - D:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - D:\Program Files\Intel\Wireless\Bin\EvtEng.exe
    O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - D:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
    O23 - Service: iPod-service (iPod Service) - Apple Inc. - D:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - D:\Program Files\Java\jre6\bin\jqs.exe
    O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech - d:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe
    O23 - Service: LVSrvLauncher - Logitech Inc. - D:\Program Files\Common Files\Logitech\SrvLnch\SrvLnch.exe
    O23 - Service: PnkBstrA - Unknown owner - D:\WINDOWS\system32\PnkBstrA.exe
    O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - D:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
    O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - D:\Program Files\WinPcap\rpcapd.exe
    O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - D:\Program Files\Intel\Wireless\Bin\S24EvMon.exe


    End of file - 10346 bytes

Beantwoord deze vraag

Dit is een gearchiveerde pagina. Antwoorden is niet meer mogelijk.