Op deze website gebruiken we cookies om content en advertenties te personaliseren, om functies voor social media te bieden en om ons websiteverkeer te analyseren. Ook delen we informatie over uw gebruik van onze site met onze partners voor social media, adverteren en analyse. Deze partners kunnen deze gegevens combineren met andere informatie die u aan ze heeft verstrekt of die ze hebben verzameld op basis van uw gebruik van hun services. Meer informatie.

Akkoord

Vraag & Antwoord

Beveiliging & privacy

Win32 cryptor virus opgelopen

Abraham54
17 antwoorden
  • Hallo Ik heb sinds kort last van het Win32 Cryptor virus en het wordt steeds ergen , heb Spybot laten gaan en Antimaleware , nu heb ik hijackthis laten lopen dit is de Log die ik krijg kan iemand mij helpen ???


    Logfile of Trend Micro HijackThis v2.0.3 (BETA)
    Scan saved at 11:38:20, on 18/12/2009
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v8.00 (8.00.6001.18702)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
    C:\WINDOWS\system32\VTTimer.exe
    C:\WINDOWS\RTHDCPL.EXE
    C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE
    C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
    C:\Program Files\Portrait Displays\HP My Display\DTHtml.exe
    C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
    C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
    C:\WINDOWS\system32\RUNDLL32.EXE
    C:\PROGRA~1\AVG\AVG8\avgtray.exe
    C:\Program Files\Common Files\Portrait Displays\Shared\DTSRVC.exe
    C:\Program Files\Athan\Athan.exe
    C:\Program Files\Java\jre6\bin\jqs.exe
    C:\Program Files\Common Files\Real\Update_OB\realsched.exe
    C:\Program Files\Java\jre6\bin\jusched.exe
    C:\Program Files\Common Files\Portrait Displays\Shared\HookManager.exe
    C:\WINDOWS\system32\370B61\488DE0.EXE
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
    C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
    C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    C:\Program Files\Eset
    od32krn.exe
    C:\WINDOWS\system32
    vsvc32.exe
    C:\PROGRA~1\AVG\AVG8\avgam.exe
    C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
    C:\PROGRA~1\AVG\AVG8\avgrsx.exe
    C:\PROGRA~1\COMMON~1\Nokia\MPAPI\MPAPI3s.exe
    C:\PROGRA~1\AVG\AVG8\avgnsx.exe
    C:\WINDOWS\system32\PnkBstrA.exe
    C:\WINDOWS\system32\PnkBstrB.exe
    C:\WINDOWS\system32\PSIService.exe
    C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
    C:\WINDOWS\System32\PAStiSvc.exe
    C:\WINDOWS\system32\svchost.exe
    C:\PROGRA~1\COMMON~1\PCSuite\DATALA~1\DATALA~1.EXE
    C:\Program Files\Windows Live\Contacts\wlcomm.exe
    C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\WINDOWS\system32\msiexec.exe
    C:\Program Files\TrendMicro\HiJackThis\HiJackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.nl/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.nl/0SENLNL/SAOS01?FORM=TOOLBR
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
    R3 - URLSearchHook: (no name) - *{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
    R3 - URLSearchHook: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
    O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
    O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
    O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
    O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
    O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
    O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll
    O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
    O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    O2 - BHO: Ask Toolbar BHO - {FE063DB1-4EC0-403e-8DD8-394C54984B2C} - C:\Program Files\AskTBar\bar\1.bin\ASKTBAR.DLL (file missing)
    O3 - Toolbar: Ask Toolbar - {FE063DB9-4EC0-403e-8DD8-394C54984B2C} - C:\Program Files\AskTBar\bar\1.bin\ASKTBAR.DLL (file missing)
    O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
    O3 - Toolbar: AVG Security Toolbar - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll
    O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
    O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
    O4 - HKLM\..\Run: [amd_dc_opt] C:\Program Files\AMD\Dual-Core Optimizer\amd_dc_opt.exe
    O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
    O4 - HKLM\..\Run: [S3Trayp] S3Trayp.exe
    O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
    O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
    O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
    O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE -startup
    O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
    O4 - HKLM\..\Run: [Graphic Update] C:\DOCUME~1\miklo\LOCALS~1\Temp\msnplus.exe
    O4 - HKLM\..\Run: [DT HPW] C:\Program Files\Portrait Displays\HP My Display\DTHtml.exe -startup_folder
    O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [WinSys2] C:\WINDOWS\system32\winsys2.exe
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
    O4 - HKLM\..\Run: [Athan] C:\Program Files\Athan\Athan.exe
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
    O4 - HKLM\..\Run: [488DE0] C:\WINDOWS\system32\370B61\488DE0.EXE
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe"
    O4 - HKCU\..\Run: [FreeCall] "C:\Program Files\FreeCall.com\FreeCall\FreeCall.exe" -nosplash -minimized
    O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
    O4 - HKCU\..\Run: [EA Core] "C:\Program Files\Electronic Arts\EADM\Core.exe" -silent
    O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Lokale service')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Netwerkservice')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O4 - Startup: 488DE0.lnk = C:\WINDOWS\system32\370B61\488DE0.EXE
    O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
    O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
    O8 - Extra context menu item: Open with WordPerfect - C:\Program Files\WordPerfect Office X3\Programs\WPLauncher.hta
    O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
    O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
    O9 - Extra button: (no name) - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - (no file)
    O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
    O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe (file missing)
    O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe (file missing)
    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
    O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O15 - Trusted Zone: http://www.msi.com.tw
    O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} - http://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab
    O16 - DPF: {15B782AF-55D8-11D1-B477-006097098764} (Macromedia Authorware Web Player Control) - http://e-learning.lyreco.com/plugin/authorware/awswax65.cab
    O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
    O16 - DPF: {41EF3CD2-D8CC-4438-84B1-280BB4E77C8E} (F5 Networks Dynamic Application Tunnel Control) - https://vpnportal.detelefoongids.nl/vdesk/terminal/f5tunsrv.cab#version=6020,2008,0212,2007
    O16 - DPF: {45B69029-F3AB-4204-92DE-D5140C3E8E74} (F5 Networks Auto Update) - C:\DOCUME~1\miklo\LOCALS~1\Temp\IXP000.TMP\InstallerControl.cab
    O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2
    esources/MSNPUpld.cab
    O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - http://download.divx.com/player/DivXBrowserPlugin.cab
    O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} (Image Uploader Control) - http://cache.hyves-static.net/statics/Aurigma/ImageUploader4.cab
    O16 - DPF: {7E73BE8F-FD87-44EC-8E22-023D5FF960FF} (F5 Virtual Sandbox Class) - https://vpnportal.detelefoongids.nl/vdesk/terminal/vdeskctrl.cab#version=6020,2008,0212,2006
    O16 - DPF: {8167C273-DF59-4416-B647-C8BB2C7EE83E} (WebSDev Control) - http://liveupdate.msi.com.tw/autobios/LOnline/install.cab
    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
    O16 - DPF: {CC85ACDF-B277-486F-8C70-2C9B2ED2A4E7} (F5 Networks SuperHost Class) - https://vpnportal.detelefoongids.nl/vdesk/terminal/urxshost.cab#version=6020,2008,0212,2006
    O16 - DPF: {E0FF21FA-B857-45C5-8621-F120A0C17FF2} (F5 Networks Host Control) - https://vpnportal.detelefoongids.nl/vdesk/terminal/urxhost.cab#version=6020,2008,0212,2005
    O16 - DPF: {E8F628B5-259A-4734-97EE-BA914D7BE941} (Driver Agent ActiveX Control) - http://driveragent.com/files/driveragent.cab
    O16 - DPF: {F09BFD07-20B5-46D8-A6D5-BE4EF22F1F4D} (DGTx.uc1) - http://66.98.196.24/DGTx.CAB
    O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
    O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
    O20 - Winlogon Notify: avgrsstarter - avgrsstx.dll (file missing)
    O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
    O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
    O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
    O23 - Service: Portrait Displays Display Tune Service (DTSRVC) - Unknown owner - C:\Program Files\Common Files\Portrait Displays\Shared\DTSRVC.exe
    O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - C:\Program Files\MAGIX\Common\Database\bin\fbserver.exe
    O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
    O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
    O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
    O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
    O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset
    od32krn.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32
    vsvc32.exe
    O23 - Service: Planner voor Automatische LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
    O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
    O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
    O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe
    O23 - Service: ProtexisLicensing - Unknown owner - C:\WINDOWS\system32\PSIService.exe
    O23 - Service: ServiceLayer - Nokia. - C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe
    O23 - Service: STI Simulator - Unknown owner - C:\WINDOWS\System32\PAStiSvc.exe


    End of file - 16032 bytes
  • Hallo miklo3000, de veiligheid van jouw Windows is volledig gecompromiteerd, want: 3 aktieve antivirusprogranma's in jouw Windows.

    Te weten:
    - AVG
    - Eset/Nod32
    - Norton

    Hoe heb je dit alles zo voorelkaar gekregen?

    En met welke antivirus wil jij doorgaan?


    Download, installeer en blijf [b:c12fcb4db1]a-squared Free 4.5 [/b:c12fcb4db1]gebruiken.

    Direkt na de installatie wil ook [b:c12fcb4db1]a-squared Free 4.5[/b:c12fcb4db1] updaten.

    Dat verhinder je. Start [b:c12fcb4db1]a-squared Free 4.5[/b:c12fcb4db1] en klik op [b:c12fcb4db1]Configureer updates[/b:c12fcb4db1] en [b:c12fcb4db1]haal dan het vinkje weg bij Extra talen installeren[/b:c12fcb4db1]!

    Hierna kan je [b:c12fcb4db1]a-squared Free 4.5[/b:c12fcb4db1] de nieuwste definities binnenhalen.
    [b:c12fcb4db1]Nadat de update gedaan is kies je voor Grondige Scan[/b:c12fcb4db1].


    [i:c12fcb4db1][b:c12fcb4db1]Download a-squared Free 4.5[/b:c12fcb4db1][/i:c12fcb4db1]


    [b:c12fcb4db1]VISTAGEBRUIKERS: klik de betreffende snelkoppeling met rechts aan en kies voor Eigenschappen.
    In het Eigenschappenvenster klik je dan op de knop Geavanceerd en zet je een vinkje bij Als administrator uitvoeren.[/b:c12fcb4db1]


    Hierna een nieuw Hijack This Log aanmaken en het resultaat daarvan samen met het scanresultaat van [b:c12fcb4db1]a-squared Free 4.5 [/b:c12fcb4db1] posten;
    tevens een Uninstall-lijst posten (Start HijackThis, klik op de knop [b:c12fcb4db1]Open the Misc Tools section[/b:c12fcb4db1], dan op de knop [b:c12fcb4db1]Open Uninstall Manager[/b:c12fcb4db1] en als laatse op de knop [b:c12fcb4db1]Save[/b:c12fcb4db1]).
  • Bedankt voor je snelle reactie ,

    Ik weet niet hoe ik dit heb gedaan :?

    Ik wil graag verder met avg .

    Ik ga doen wat je zei en plaats zo een nieuwe log.
  • Tjemig, dan even het volgende,

    Norton deïnstalleer middels het Norton verwijdertool: http://service1.symantec.com/support/inter/tsgeninfointl.nsf/nl_docid/20050411155130924?OpenDocument&seg=hm&lg=nl&ct=nl

    Eset/Nod32 is lastig te verwijderen.
    Ga naar C\Program Files en open daar de map Eset/Nod32 en zoek daarin naar [b:d5bfe4483f]Uninstall.exe[/b:d5bfe4483f].
    Klik of dubbelklik daarop!

    En AVG: dat moet opnieuw geïnstalleerd worden!
    Waarom overigens de keus voor een gratis antivirusprogramma dat rootkits wel kan ontdekken - maar niet kan verwijderen!
  • De scan van a-square is nog bezig ga die antivirus zo verwijderen kan dit geen kwaad ivm met de virussen .

    Welk antivirus raad jij me aan ??

    Ik dacht dat die avg goed was maar niet dus.

    Ps: ik heb niet zo heel veel verstand van pc , ik leer alweer een hoop :wink:
  • Indien je de nummer één onder de gratis antivirussen wil hebben, dan ga je voor Avira Antivir, gecombinerd met de gratis firewal van ZoneAlarm.

    Dat is de basis voor een goed beveiligde Windows!

    De spywarescanner van Avira is zo goed, dat gebruikers van Vista en Windows 7 daardoor Windows Defender kunnen deaktiveren!

    Het enigste dat Avira niet heeft is een emailscanner; die heeft de betaalde versie wel!

    Sta je erop, dat er ook een emailscanner aanwezig is, dan is Avast voor Home een hele goede tweede keus in de gratis antivirusprogramma's!
    Maar ook deze combineren met de ZoneAlarm firewll!

    Want de XP-firewall blokkeert goed, maar alles wat jouw Windows uit wil, kan er ook uit! Dus trojans kunnen daardoor ongehinderd nieuwe malware downloaden! Zoals dat nu in jouw Windows gebeurt met dat Win32 cryptor virus!
  • Beste ik kan Eset/nod32 uninstall niet vinden …

    Norton is verwijderd .

    Log Hijack:

    Logfile of Trend Micro HijackThis v2.0.3 (BETA)
    Scan saved at 15:17:15, on 18/12/2009
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v8.00 (8.00.6001.18702)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\VTTimer.exe
    C:\WINDOWS\RTHDCPL.EXE
    C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE
    C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
    C:\Program Files\Portrait Displays\HP My Display\DTHtml.exe
    C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
    C:\WINDOWS\system32\RUNDLL32.EXE
    C:\PROGRA~1\AVG\AVG8\avgtray.exe
    C:\Program Files\Athan\Athan.exe
    C:\Program Files\Common Files\Real\Update_OB\realsched.exe
    C:\Program Files\Java\jre6\bin\jusched.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Common Files\Portrait Displays\Shared\HookManager.exe
    C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
    C:\Program Files\a-squared Anti-Malware\a2service.exe
    C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
    C:\Program Files\Common Files\Portrait Displays\Shared\DTSRVC.exe
    C:\Program Files\Java\jre6\bin\jqs.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Eset
    od32krn.exe
    C:\WINDOWS\system32
    vsvc32.exe
    C:\PROGRA~1\AVG\AVG8\avgam.exe
    C:\PROGRA~1\AVG\AVG8\avgrsx.exe
    C:\PROGRA~1\AVG\AVG8\avgnsx.exe
    C:\WINDOWS\system32\PnkBstrA.exe
    C:\WINDOWS\system32\PnkBstrB.exe
    C:\WINDOWS\system32\PSIService.exe
    C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
    C:\WINDOWS\System32\PAStiSvc.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\WINDOWS\system32\svchost.exe
    C:\PROGRA~1\COMMON~1\PCSuite\DATALA~1\DATALA~1.EXE
    C:\WINDOWS\system32\wuauclt.exe
    C:\Program Files\Windows Live\Contacts\wlcomm.exe
    C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
    C:\Program Files\TrendMicro\HiJackThis\HiJackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.nl/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.nl/0SENLNL/SAOS01?FORM=TOOLBR
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
    R3 - URLSearchHook: (no name) - *{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
    R3 - URLSearchHook: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
    O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
    O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
    O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
    O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
    O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll
    O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
    O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
    O3 - Toolbar: AVG Security Toolbar - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll
    O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
    O4 - HKLM\..\Run: [amd_dc_opt] C:\Program Files\AMD\Dual-Core Optimizer\amd_dc_opt.exe
    O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
    O4 - HKLM\..\Run: [S3Trayp] S3Trayp.exe
    O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
    O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
    O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
    O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE -startup
    O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
    O4 - HKLM\..\Run: [Graphic Update] C:\DOCUME~1\miklo\LOCALS~1\Temp\msnplus.exe
    O4 - HKLM\..\Run: [DT HPW] C:\Program Files\Portrait Displays\HP My Display\DTHtml.exe -startup_folder
    O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [WinSys2] C:\WINDOWS\system32\winsys2.exe
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
    O4 - HKLM\..\Run: [Athan] C:\Program Files\Athan\Athan.exe
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
    O4 - HKLM\..\Run: [a-squared] "C:\Program Files\a-squared Anti-Malware\a2guard.exe"
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe"
    O4 - HKCU\..\Run: [FreeCall] "C:\Program Files\FreeCall.com\FreeCall\FreeCall.exe" -nosplash -minimized
    O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
    O4 - HKCU\..\Run: [EA Core] "C:\Program Files\Electronic Arts\EADM\Core.exe" -silent
    O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Lokale service')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Netwerkservice')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O4 - Startup: 488DE0.lnk = C:\WINDOWS\system32\370B61\488DE0.EXE
    O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
    O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
    O8 - Extra context menu item: Open with WordPerfect - C:\Program Files\WordPerfect Office X3\Programs\WPLauncher.hta
    O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
    O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
    O9 - Extra button: (no name) - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - (no file)
    O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
    O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe (file missing)
    O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe (file missing)
    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
    O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O15 - Trusted Zone: http://www.msi.com.tw
    O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} - http://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab
    O16 - DPF: {15B782AF-55D8-11D1-B477-006097098764} (Macromedia Authorware Web Player Control) - http://e-learning.lyreco.com/plugin/authorware/awswax65.cab
    O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
    O16 - DPF: {41EF3CD2-D8CC-4438-84B1-280BB4E77C8E} (F5 Networks Dynamic Application Tunnel Control) - https://vpnportal.detelefoongids.nl/vdesk/terminal/f5tunsrv.cab#version=6020,2008,0212,2007
    O16 - DPF: {45B69029-F3AB-4204-92DE-D5140C3E8E74} (F5 Networks Auto Update) - C:\DOCUME~1\miklo\LOCALS~1\Temp\IXP000.TMP\InstallerControl.cab
    O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2
    esources/MSNPUpld.cab
    O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - http://download.divx.com/player/DivXBrowserPlugin.cab
    O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} (Image Uploader Control) - http://cache.hyves-static.net/statics/Aurigma/ImageUploader4.cab
    O16 - DPF: {7E73BE8F-FD87-44EC-8E22-023D5FF960FF} (F5 Virtual Sandbox Class) - https://vpnportal.detelefoongids.nl/vdesk/terminal/vdeskctrl.cab#version=6020,2008,0212,2006
    O16 - DPF: {8167C273-DF59-4416-B647-C8BB2C7EE83E} (WebSDev Control) - http://liveupdate.msi.com.tw/autobios/LOnline/install.cab
    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
    O16 - DPF: {CC85ACDF-B277-486F-8C70-2C9B2ED2A4E7} (F5 Networks SuperHost Class) - https://vpnportal.detelefoongids.nl/vdesk/terminal/urxshost.cab#version=6020,2008,0212,2006
    O16 - DPF: {E0FF21FA-B857-45C5-8621-F120A0C17FF2} (F5 Networks Host Control) - https://vpnportal.detelefoongids.nl/vdesk/terminal/urxhost.cab#version=6020,2008,0212,2005
    O16 - DPF: {E8F628B5-259A-4734-97EE-BA914D7BE941} (Driver Agent ActiveX Control) - http://driveragent.com/files/driveragent.cab
    O16 - DPF: {F09BFD07-20B5-46D8-A6D5-BE4EF22F1F4D} (DGTx.uc1) - http://66.98.196.24/DGTx.CAB
    O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
    O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
    O20 - Winlogon Notify: avgrsstarter - avgrsstx.dll (file missing)
    O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
    O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
    O23 - Service: a-squared Anti-Malware Service (a2AntiMalware) - Emsi Software GmbH - C:\Program Files\a-squared Anti-Malware\a2service.exe
    O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
    O23 - Service: Portrait Displays Display Tune Service (DTSRVC) - Unknown owner - C:\Program Files\Common Files\Portrait Displays\Shared\DTSRVC.exe
    O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - C:\Program Files\MAGIX\Common\Database\bin\fbserver.exe
    O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
    O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset
    od32krn.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32
    vsvc32.exe
    O23 - Service: Planner voor Automatische LiveUpdate - Unknown owner - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe (file missing)
    O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
    O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
    O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe
    O23 - Service: ProtexisLicensing - Unknown owner - C:\WINDOWS\system32\PSIService.exe
    O23 - Service: ServiceLayer - Nokia. - C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe
    O23 - Service: STI Simulator - Unknown owner - C:\WINDOWS\System32\PAStiSvc.exe


    End of file - 14894 bytes


    Log A-sqaured:

    a-squared Anti-Malware - Versie 4.5
    Laatste Update: 18/12/2009 13:01:51

    Scan instellingen:

    Scan type: N/A
    Objecten: Geheugen, Sporen, Cookies, C:\
    Scan archieven: Aan
    Heuristieken: Uit
    ADS Scan: Aan

    Scan starten: 18/12/2009 13:02:06

    [964] C:\WINDOWS\system32\370B61\488DE0.EXE Ontdekt: Trojan-Dropper.Win32.Flystud!IK
    C:\DOCUME~1\miklo\LOCALS~1\Temp\E_N4\krnln.fnr Ontdekt: Trojan-PWS.Lineage!IK
    C:\DOCUME~1\miklo\LOCALS~1\Temp\E_N4\HtmlView.fne Ontdekt: HackTool.Win32.Patcher!IK
    C:\DOCUME~1\miklo\LOCALS~1\Temp\E_N4\shell.fne Ontdekt: Worm.SuspectCRC!IK
    C:\DOCUME~1\miklo\LOCALS~1\Temp\E_N4\dp1.fne Ontdekt: Trojan.Win32.Pakes!IK
    C:\DOCUME~1\miklo\LOCALS~1\Temp\E_N4\eAPI.fne Ontdekt: Worm.Generic!IK
    C:\DOCUME~1\miklo\LOCALS~1\Temp\E_N4\internet.fne Ontdekt: HackTool.Win32.Patcher!IK
    C:\DOCUME~1\miklo\LOCALS~1\Temp\E_N4\spec.fne Ontdekt: Win32.SuspectCrc!IK
    C:\DOCUME~1\miklo\LOCALS~1\Temp\E_N4\cnvpe.fne Ontdekt: Trojan.Peed!IK
    c:\program files\partygaming Ontdekt: Trace.Directory.PartyPoker!A2
    c:\program files\partygaming\partycasino Ontdekt: Trace.Directory.PartyPoker!A2
    c:\program files\partygaming\partycasino\language Ontdekt: Trace.Directory.PartyPoker!A2
    c:\program files\partygaming\partycasino\language\en_us Ontdekt: Trace.Directory.PartyPoker!A2
    c:\program files\partygaming\partycasino\language\en_us\images Ontdekt: Trace.Directory.PartyPoker!A2
    c:\program files\partygaming\partycasino\language\en_us\images\games Ontdekt: Trace.Directory.PartyPoker!A2
    c:\program files\partygaming\partycasino\language\en_us\images\games\cardgames Ontdekt: Trace.Directory.PartyPoker!A2
    c:\program files\partygaming\partycasino\language\en_us\images\games\cardgames\blackjack Ontdekt: Trace.Directory.PartyPoker!A2
    c:\program files\partygaming\partycasino\language\en_us\images\games\cardgames\blackjack\blackjack Ontdekt: Trace.Directory.PartyPoker!A2
    c:\program files\partygaming\partycasino\language\en_us\images\games\cardgames\multiplayerbj Ontdekt: Trace.Directory.PartyPoker!A2
    c:\program files\partygaming\partycasino\language\en_us\images\games\cardgames\multiplayerbj\multiplayerblackjack Ontdekt: Trace.Directory.PartyPoker!A2
    c:\program files\partygaming\partypoker Ontdekt: Trace.Directory.PartyPoker!A2
    c:\program files\partygaming\partypoker\images Ontdekt: Trace.Directory.PartyPoker!A2
    c:\program files\partygaming\partypoker\language Ontdekt: Trace.Directory.PartyPoker!A2
    c:\program files\partygaming\partypoker\language\en_us Ontdekt: Trace.Directory.PartyPoker!A2
    c:\program files\partygaming\partypoker\language\en_us\articles Ontdekt: Trace.Directory.PartyPoker!A2
    c:\program files\partygaming\partypoker\language\en_us\images Ontdekt: Trace.Directory.PartyPoker!A2
    Value: HKEY_CLASSES_ROOT\CLSID\{3EA4FA88-E0BE-419A-A732-9B79B87A6ED0} –> AppID Ontdekt: Trace.Registry.dl.tvunetworks.com!A2
    Value: HKEY_CLASSES_ROOT\CLSID\{3EA4FA88-E0BE-419A-A732-9B79B87A6ED0}\InprocServer32 –> ThreadingModel Ontdekt: Trace.Registry.dl.tvunetworks.com!A2
    Value: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3EA4FA88-E0BE-419A-A732-9B79B87A6ED0} –> AppID Ontdekt: Trace.Registry.dl.tvunetworks.com!A2
    Value: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3EA4FA88-E0BE-419A-A732-9B79B87A6ED0}\InprocServer32 –> ThreadingModel Ontdekt: Trace.Registry.dl.tvunetworks.com!A2
    Key: HKEY_LOCAL_MACHINE\software\Classes\AskTBar.PopSwatterBarButton Ontdekt: Trace.Registry.AskTBar!A2
    Key: HKEY_LOCAL_MACHINE\software\Classes\AskTBar.PopSwatterBarButton.1 Ontdekt: Trace.Registry.AskTBar!A2
    Key: HKEY_LOCAL_MACHINE\software\Classes\AskTBar.PopSwatterSettingsControl Ontdekt: Trace.Registry.AskTBar!A2
    Key: HKEY_LOCAL_MACHINE\software\Classes\AskTBar.PopSwatterSettingsControl.1 Ontdekt: Trace.Registry.AskTBar!A2
    Key: HKEY_LOCAL_MACHINE\software\Classes\CLSID\{09BD51AE-7E02-4916-9B12-647A92C02B7F} Ontdekt: Trace.Registry.AskTBar!A2
    Key: HKEY_LOCAL_MACHINE\software\Classes\CLSID\{72FE8681-0BFA-471b-9B2A-B37ED68DD09E} Ontdekt: Trace.Registry.AskTBar!A2
    Key: HKEY_LOCAL_MACHINE\software\Classes\CLSID\{83453071-3F9C-4ab0-BE30-EDA368D7976D} Ontdekt: Trace.Registry.AskTBar!A2
    Key: HKEY_LOCAL_MACHINE\software\Classes\CLSID\{BD04DAE2-8C1B-4cc5-9E06-22DE05C2EDA0} Ontdekt: Trace.Registry.AskTBar!A2
    Key: HKEY_LOCAL_MACHINE\software\Classes\IMsiDe1egate.Application.1 Ontdekt: Trace.Registry.AskTBar!A2
    Key: HKEY_LOCAL_MACHINE\software\Classes\Interface\{83453070-3F9C-4AB0-BE30-EDA368D7976D} Ontdekt: Trace.Registry.AskTBar!A2
    Key: HKEY_LOCAL_MACHINE\software\Classes\Interface\{FE063DBA-4EC0-403E-8DD8-394C54984B2C} Ontdekt: Trace.Registry.AskTBar!A2
    Key: HKEY_LOCAL_MACHINE\software\Classes\TypeLib\{BD04DAE0-8C1B-4CC5-9E06-22DE05C2EDA0} Ontdekt: Trace.Registry.AskTBar!A2
    Key: HKEY_LOCAL_MACHINE\software\Classes\TypeLib\{FE063DB0-4EC0-403E-8DD8-394C54984B2C} Ontdekt: Trace.Registry.AskTBar!A2
    Key: HKEY_LOCAL_MACHINE\software\microsoft\Windows\CurrentVersion\Ext\PreApproved\{83453071-3F9C-4ab0-BE30-EDA368D7976D} Ontdekt: Trace.Registry.AskTBar!A2
    Key: HKEY_LOCAL_MACHINE\software\microsoft\Windows\CurrentVersion\Ext\PreApproved\{FE063DBB-4EC0-403e-8DD8-394C54984B2C} Ontdekt: Trace.Registry.AskTBar!A2
    Key: HKEY_USERS\S-1-5-21-527237240-2025429265-682003330-1003\software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FE063DB1-4EC0-403E-8DD8-394C54984B2C} Ontdekt: Trace.Registry.AskTBar!A2
    Key: HKEY_USERS\S-1-5-21-527237240-2025429265-682003330-1003\software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FE063DB9-4EC0-403E-8DD8-394C54984B2C} Ontdekt: Trace.Registry.AskTBar!A2
    c:\program files\partygaming\partycasino\gra.ini Ontdekt: Trace.File.PartyPoker!A2
    c:\program files\partygaming\partycasino\partycasino.dll Ontdekt: Trace.File.PartyPoker!A2
    c:\program files\partygaming\partycasino\sys.ini Ontdekt: Trace.File.PartyPoker!A2
    c:\program files\partygaming\partypoker\language\en_us\articles\2.html Ontdekt: Trace.File.PartyPoker!A2
    c:\program files\partygaming\partypoker\language\en_us\articles\4.html Ontdekt: Trace.File.PartyPoker!A2
    c:\program files\partygaming\partypoker\language\en_us\articles\54708.html Ontdekt: Trace.File.PartyPoker!A2
    c:\program files\partygaming\partypoker\usertab.txt Ontdekt: Trace.File.PartyPoker!A2
    c:\windows\system32\configurescr.exe Ontdekt: Trace.File.Happy Happy Halloween Screen Saver!A2
    c:\windows\system32\removescr.exe Ontdekt: Trace.File.Happy Happy Halloween Screen Saver!A2
    Value: HKEY_USERS\S-1-5-21-527237240-2025429265-682003330-1003\Software\PartyGaming\PartyPoker –> 1 Ontdekt: Trace.Registry.PartyPoker!A2
    Value: HKEY_USERS\S-1-5-21-527237240-2025429265-682003330-1003\Software\PartyGaming\PartyPoker –> 10 Ontdekt: Trace.Registry.PartyPoker!A2
    Value: HKEY_USERS\S-1-5-21-527237240-2025429265-682003330-1003\Software\PartyGaming\PartyPoker –> 2 Ontdekt: Trace.Registry.PartyPoker!A2
    Value: HKEY_USERS\S-1-5-21-527237240-2025429265-682003330-1003\Software\PartyGaming\PartyPoker –> 4 Ontdekt: Trace.Registry.PartyPoker!A2
    Value: HKEY_USERS\S-1-5-21-527237240-2025429265-682003330-1003\Software\PartyGaming\PartyPoker –> 5 Ontdekt: Trace.Registry.PartyPoker!A2
    Value: HKEY_USERS\S-1-5-21-527237240-2025429265-682003330-1003\Software\PartyGaming\PartyPoker –> 6 Ontdekt: Trace.Registry.PartyPoker!A2
    Value: HKEY_USERS\S-1-5-21-527237240-2025429265-682003330-1003\Software\PartyGaming\PartyPoker –> 7 Ontdekt: Trace.Registry.PartyPoker!A2
    Value: HKEY_USERS\S-1-5-21-527237240-2025429265-682003330-1003\Software\PartyGaming\PartyPoker –> 9 Ontdekt: Trace.Registry.PartyPoker!A2
    Value: HKEY_USERS\S-1-5-21-527237240-2025429265-682003330-1003\Software\PartyGaming\PartyPoker –> AdsLastKnownState Ontdekt: Trace.Registry.PartyPoker!A2
    Value: HKEY_USERS\S-1-5-21-527237240-2025429265-682003330-1003\Software\PartyGaming\PartyPoker –> AppPath Ontdekt: Trace.Registry.PartyPoker!A2
    Value: HKEY_USERS\S-1-5-21-527237240-2025429265-682003330-1003\Software\PartyGaming\PartyPoker –> BlackjackSounds Ontdekt: Trace.Registry.PartyPoker!A2
    Value: HKEY_USERS\S-1-5-21-527237240-2025429265-682003330-1003\Software\PartyGaming\PartyPoker –> BlackjackVoice Ontdekt: Trace.Registry.PartyPoker!A2
    Value: HKEY_USERS\S-1-5-21-527237240-2025429265-682003330-1003\Software\PartyGaming\PartyPoker –> DisableCharacters Ontdekt: Trace.Registry.PartyPoker!A2
    Value: HKEY_USERS\S-1-5-21-527237240-2025429265-682003330-1003\Software\PartyGaming\PartyPoker –> DisableMouseHelp Ontdekt: Trace.Registry.PartyPoker!A2
    Value: HKEY_USERS\S-1-5-21-527237240-2025429265-682003330-1003\Software\PartyGaming\PartyPoker –> EnableCallOuts Ontdekt: Trace.Registry.PartyPoker!A2
    Value: HKEY_USERS\S-1-5-21-527237240-2025429265-682003330-1003\Software\PartyGaming\PartyPoker –> EnableCardAnimations Ontdekt: Trace.Registry.PartyPoker!A2
    Value: HKEY_USERS\S-1-5-21-527237240-2025429265-682003330-1003\Software\PartyGaming\PartyPoker –> EnableCongratulations Ontdekt: Trace.Registry.PartyPoker!A2
    Value: HKEY_USERS\S-1-5-21-527237240-2025429265-682003330-1003\Software\PartyGaming\PartyPoker –> EnableSounds Ontdekt: Trace.Registry.PartyPoker!A2
    Value: HKEY_USERS\S-1-5-21-527237240-2025429265-682003330-1003\Software\PartyGaming\PartyPoker –> FourColourDeck Ontdekt: Trace.Registry.PartyPoker!A2
    Value: HKEY_USERS\S-1-5-21-527237240-2025429265-682003330-1003\Software\PartyGaming\PartyPoker –> HHEnableLog Ontdekt: Trace.Registry.PartyPoker!A2
    Value: HKEY_USERS\S-1-5-21-527237240-2025429265-682003330-1003\Software\PartyGaming\PartyPoker –> HHLogDays Ontdekt: Trace.Registry.PartyPoker!A2
    Value: HKEY_USERS\S-1-5-21-527237240-2025429265-682003330-1003\Software\PartyGaming\PartyPoker –> HHLogSize Ontdekt: Trace.Registry.PartyPoker!A2
    Value: HKEY_USERS\S-1-5-21-527237240-2025429265-682003330-1003\Software\PartyGaming\PartyPoker –> id Ontdekt: Trace.Registry.PartyPoker!A2
    Value: HKEY_USERS\S-1-5-21-527237240-2025429265-682003330-1003\Software\PartyGaming\PartyPoker –> InitialPort Ontdekt: Trace.Registry.PartyPoker!A2
    Value: HKEY_USERS\S-1-5-21-527237240-2025429265-682003330-1003\Software\PartyGaming\PartyPoker –> InstallState Ontdekt: Trace.Registry.PartyPoker!A2
    Value: HKEY_USERS\S-1-5-21-527237240-2025429265-682003330-1003\Software\PartyGaming\PartyPoker –> MuckLosingHand Ontdekt: Trace.Registry.PartyPoker!A2
    Value: HKEY_USERS\S-1-5-21-527237240-2025429265-682003330-1003\Software\PartyGaming\PartyPoker –> SearchHiding Ontdekt: Trace.Registry.PartyPoker!A2
    Value: HKEY_USERS\S-1-5-21-527237240-2025429265-682003330-1003\Software\PartyGaming\PartyPoker –> SL Ontdekt: Trace.Registry.PartyPoker!A2
    Value: HKEY_USERS\S-1-5-21-527237240-2025429265-682003330-1003\Software\PartyGaming\PartyPoker –> TableType Ontdekt: Trace.Registry.PartyPoker!A2
    Value: HKEY_USERS\S-1-5-21-527237240-2025429265-682003330-1003\Software\PartyGaming\PartyPoker –> useCount Ontdekt: Trace.Registry.PartyPoker!A2
    Value: HKEY_USERS\S-1-5-21-527237240-2025429265-682003330-1003\Software\PartyGaming –> AutoLoginToOtherGames Ontdekt: Trace.Registry.PartyPoker!A2
    Value: HKEY_USERS\S-1-5-21-527237240-2025429265-682003330-1003\Software\PartyGaming –> CFDialogShown Ontdekt: Trace.Registry.PartyPoker!A2
    Value: HKEY_USERS\S-1-5-21-527237240-2025429265-682003330-1003\Software\PartyGaming –> FreshInstall Ontdekt: Trace.Registry.PartyPoker!A2
    Value: HKEY_USERS\S-1-5-21-527237240-2025429265-682003330-1003\Software\PartyGaming –> OldCFformat Ontdekt: Trace.Registry.PartyPoker!A2
    Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} –> ButtonText Ontdekt: Trace.Registry.PartyPoker!A2
    Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} –> CLSID Ontdekt: Trace.Registry.PartyPoker!A2
    Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} –> Default Visible Ontdekt: Trace.Registry.PartyPoker!A2
    Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} –> Exec Ontdekt: Trace.Registry.PartyPoker!A2
    Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} –> HotIcon Ontdekt: Trace.Registry.PartyPoker!A2
    Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} –> Icon Ontdekt: Trace.Registry.PartyPoker!A2
    Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} –> MenuStatusBar Ontdekt: Trace.Registry.PartyPoker!A2
    Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} –> MenuText Ontdekt: Trace.Registry.PartyPoker!A2
    Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} –> Path Ontdekt: Trace.Registry.PartyPoker!A2
    C:\Documents and Settings\miklo\Cookies\miklo@metriweb[1].txt Ontdekt: Trace.TrackingCookie.metriweb!A2
    C:\Documents and Settings\miklo\Cookies\miklo@stat.onestat[2].txt Ontdekt: Trace.TrackingCookie.stat.onestat!A2
    C:\Documents and Settings\miklo\Local Settings\Temp\E_N4\cnvpe.fne Ontdekt: Trojan.Peed!IK
    C:\Documents and Settings\miklo\Local Settings\Temp\E_N4\dp1.fne Ontdekt: Trojan.Win32.Pakes!IK
    C:\Documents and Settings\miklo\Local Settings\Temp\E_N4\eAPI.fne Ontdekt: Worm.Generic!IK
    C:\Documents and Settings\miklo\Local Settings\Temp\E_N4\HtmlView.fne Ontdekt: HackTool.Win32.Patcher!IK
    C:\Documents and Settings\miklo\Local Settings\Temp\E_N4\internet.fne Ontdekt: HackTool.Win32.Patcher!IK
    C:\Documents and Settings\miklo\Local Settings\Temp\E_N4\krnln.fnr Ontdekt: Trojan-PWS.Lineage!IK
    C:\Documents and Settings\miklo\Local Settings\Temp\E_N4\shell.fne Ontdekt: Worm.SuspectCRC!IK
    C:\Documents and Settings\miklo\Local Settings\Temp\E_N4\spec.fne Ontdekt: Win32.SuspectCrc!IK
    C:\System Volume Information\_restore{A0586B10-2657-4F09-A9B5-9D089CCC23ED}\RP627\A0111859.exe Ontdekt: Riskware.Crack.Sim3!IK
    C:\System Volume Information\_restore{A0586B10-2657-4F09-A9B5-9D089CCC23ED}\RP627\A0111862.exe Ontdekt: Riskware.Crack.Sim3!IK
    C:\System Volume Information\_restore{A0586B10-2657-4F09-A9B5-9D089CCC23ED}\RP641\A0114965.DLL Ontdekt: Riskware.AdTool.Win32.MyWebSearch.az!A2
    C:\System Volume Information\_restore{A0586B10-2657-4F09-A9B5-9D089CCC23ED}\RP641\A0114966.DLL Ontdekt: Adware.Win32.AskTBar!A2
    C:\WINDOWS\system32\370B61\488DE0.EXE Ontdekt: Trojan-Dropper.Win32.Flystud!IK
    C:\WINDOWS\system32\6510BA\cnvpe.fne Ontdekt: Trojan.Peed!IK
    C:\WINDOWS\system32\6510BA\dp1.fne Ontdekt: Trojan.Win32.Pakes!IK
    C:\WINDOWS\system32\6510BA\eAPI.fne Ontdekt: Worm.Generic!IK
    C:\WINDOWS\system32\6510BA\HtmlView.fne Ontdekt: HackTool.Win32.Patcher!IK
    C:\WINDOWS\system32\6510BA\internet.fne Ontdekt: HackTool.Win32.Patcher!IK
    C:\WINDOWS\system32\6510BA\krnln.fnr Ontdekt: Trojan-PWS.Lineage!IK
    C:\WINDOWS\system32\6510BA\RegEx.fnr Ontdekt: Trojan.Win32.AutoRun!IK
    C:\WINDOWS\system32\6510BA\shell.fne Ontdekt: Worm.SuspectCRC!IK
    C:\WINDOWS\system32\6510BA\spec.fne Ontdekt: Win32.SuspectCrc!IK

    Gescand

    Bestanden: 211187

    Avg staat er nog op moet ik die nu verwijderen??
  • Unistall list Hijack:

    2007 Microsoft Office Suite Service Pack 1 (SP1)
    2007 Microsoft Office Suite Service Pack 1 (SP1)
    2007 Microsoft Office Suite Service Pack 1 (SP1)
    2007 Microsoft Office Suite Service Pack 1 (SP1)
    2007 Microsoft Office Suite Service Pack 1 (SP1)
    2007 Microsoft Office Suite Service Pack 1 (SP1)
    2007 Microsoft Office Suite Service Pack 1 (SP1)
    2007 Microsoft Office Suite Service Pack 1 (SP1)
    2007 Microsoft Office Suite Service Pack 1 (SP1)
    2007 Microsoft Office Suite Service Pack 1 (SP1)
    2007 Microsoft Office Suite Service Pack 1 (SP1)
    2007 Microsoft Office Suite Service Pack 1 (SP1)
    2007 Microsoft Office Suite Service Pack 1 (SP1)
    2007 Microsoft Office Suite Service Pack 1 (SP1)
    2007 Microsoft Office Suite Service Pack 1 (SP1)
    2007 Microsoft Office Suite Service Pack 1 (SP1)
    2007 Microsoft Office Suite Service Pack 1 (SP1)
    Adobe Flash Player 10 ActiveX
    Adobe Flash Player 10 Plugin
    Adobe Reader 9 - Nederlands
    Apple Mobile Device Support
    Apple Software Update
    a-squared Anti-Malware 4.5
    Athan Basic 3.6
    AVG 8.5
  • Nod32 is verwijderd volgens mij gewoon via software en dan uninstall.
  • Wel, heb je al besloten welke antivirus je nu gaat gebruiken, want AVG is ook verminkt, wat ook niet moeilijk is met dat antivirusprogramma!

    Verder blijkt, dat je al eerder een crack/dan wel keygen hebt gebruikt.
    Ik joop dat het je inmiddels duidelijk is, dat juist deze tools ervoor zorgen, dat je Windows geïnfecteerd raakt, welke antivirus je ook gebruikt!


    Start HijackThis opnieuw en kies voor [b:93cd3059ed]Scan only[/b:93cd3059ed], nadat je een vinkje hebt gezet voor de met de onderstaand corresponderende regels, klik je vervolgens op de knop [b:93cd3059ed]Fix checked[/b:93cd3059ed]:

    O9 - Extra button: (no name) - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - (no file)
    O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe (file missing)
    O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe (file missing)
    O16 - DPF: {45B69029-F3AB-4204-92DE-D5140C3E8E74} (F5 Networks Auto Update) - C:\DOCUME~1\miklo\LOCALS~1\Temp\IXP000.TMP\InstallerControl.cab
    O20 - Winlogon Notify: avgrsstarter - avgrsstx.dll (file missing)


    klik tevens op de knop [b:93cd3059ed]Open the Misc Tools section[/b:93cd3059ed], dan op de knop [b:93cd3059ed]Delete a file upon reboot[/b:93cd3059ed];

    navigeer dan C:\Program Files\Eset en klik in die map op [b:93cd3059ed]nod32krn.exe[/b:93cd3059ed]

    Herstart dus je computer!

    Vervolgens ga je naar Start/Uitvoeren en typ je [b:93cd3059ed]services.msc[/b:93cd3059ed]
    In het venster Services ga je op zoek naar de Eset-vermeldingen!

    Telkens erop dubbelklikken en bij Opstarttype kiezen voor Uitgeschakeld.
    Dit telkens bevestigen met Toepassen en OK.

    Herstart weer je PC en verwijder daarna in Program Files de map Eset!


    Gebruik het AVG verwijdertool: http://www.avg.com/nl-nl/download-tools


    Post na al het bovenstaande gedaan te hebben een nieuw HJT-log!
  • Ik heb avg verwijderd en rest ook heb nu Avira en Zonealarm geinstaleerd.

    Log hjt;

    ogfile of Trend Micro HijackThis v2.0.3 (BETA)
    Scan saved at 16:39:34, on 18/12/2009
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v8.00 (8.00.6001.18702)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\ZoneLabs\vsmon.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Avira\AntiVir Desktop\sched.exe
    C:\Program Files\CheckPoint\ZAForceField\ForceField.exe
    C:\Program Files\a-squared Anti-Malware\a2service.exe
    C:\Program Files\Avira\AntiVir Desktop\avguard.exe
    C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    C:\Program Files\Common Files\Portrait Displays\Shared\DTSRVC.exe
    C:\Program Files\Java\jre6\bin\jqs.exe
    C:\WINDOWS\system32
    vsvc32.exe
    C:\WINDOWS\system32\PnkBstrA.exe
    C:\WINDOWS\system32\PnkBstrB.exe
    C:\WINDOWS\system32\PSIService.exe
    C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
    C:\WINDOWS\System32\PAStiSvc.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\WINDOWS\system32\VTTimer.exe
    C:\WINDOWS\RTHDCPL.EXE
    C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE
    C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
    C:\Program Files\Portrait Displays\HP My Display\DTHtml.exe
    C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
    C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe
    C:\Program Files\Common Files\Portrait Displays\Shared\HookManager.exe
    C:\WINDOWS\system32\RUNDLL32.EXE
    C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe
    C:\Program Files\Athan\Athan.exe
    C:\Program Files\Common Files\Real\Update_OB\realsched.exe
    C:\Program Files\Java\jre6\bin\jusched.exe
    C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
    C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
    C:\Program Files\DAEMON Tools Lite\daemon.exe
    C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    C:\PROGRA~1\COMMON~1\PCSuite\DATALA~1\DATALA~1.EXE
    C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
    C:\Program Files\Windows Live\Contacts\wlcomm.exe
    C:\Program Files\TrendMicro\HiJackThis\HiJackThis.exe
    C:\WINDOWS\system32\HPZipm12.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.nl/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.nl/0SENLNL/SAOS01?FORM=TOOLBR
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
    O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
    O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
    O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
    O2 - BHO: ZoneAlarm Toolbar Registrar - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll
    O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
    O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
    O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
    O3 - Toolbar: ZoneAlarm Toolbar - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll
    O4 - HKLM\..\Run: [amd_dc_opt] C:\Program Files\AMD\Dual-Core Optimizer\amd_dc_opt.exe
    O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
    O4 - HKLM\..\Run: [S3Trayp] S3Trayp.exe
    O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
    O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
    O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
    O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE -startup
    O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
    O4 - HKLM\..\Run: [Graphic Update] C:\DOCUME~1\miklo\LOCALS~1\Temp\msnplus.exe
    O4 - HKLM\..\Run: [DT HPW] C:\Program Files\Portrait Displays\HP My Display\DTHtml.exe -startup_folder
    O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [WinSys2] C:\WINDOWS\system32\winsys2.exe
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [Athan] C:\Program Files\Athan\Athan.exe
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
    O4 - HKLM\..\Run: [a-squared] "C:\Program Files\a-squared Anti-Malware\a2guard.exe"
    O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
    O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
    O4 - HKLM\..\Run: [ISW] "C:\Program Files\CheckPoint\ZAForceField\ForceField.exe" /icon="hidden"
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe"
    O4 - HKCU\..\Run: [FreeCall] "C:\Program Files\FreeCall.com\FreeCall\FreeCall.exe" -nosplash -minimized
    O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
    O4 - HKCU\..\Run: [EA Core] "C:\Program Files\Electronic Arts\EADM\Core.exe" -silent
    O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Lokale service')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Netwerkservice')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O4 - Startup: 488DE0.lnk = C:\WINDOWS\system32\370B61\488DE0.EXE
    O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
    O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
    O8 - Extra context menu item: Open with WordPerfect - C:\Program Files\WordPerfect Office X3\Programs\WPLauncher.hta
    O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
    O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
    O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
    O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O15 - Trusted Zone: http://www.msi.com.tw
    O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} - http://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab
    O16 - DPF: {15B782AF-55D8-11D1-B477-006097098764} (Macromedia Authorware Web Player Control) - http://e-learning.lyreco.com/plugin/authorware/awswax65.cab
    O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
    O16 - DPF: {41EF3CD2-D8CC-4438-84B1-280BB4E77C8E} (F5 Networks Dynamic Application Tunnel Control) - https://vpnportal.detelefoongids.nl/vdesk/terminal/f5tunsrv.cab#version=6020,2008,0212,2007
    O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2
    esources/MSNPUpld.cab
    O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - http://download.divx.com/player/DivXBrowserPlugin.cab
    O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} (Image Uploader Control) - http://cache.hyves-static.net/statics/Aurigma/ImageUploader4.cab
    O16 - DPF: {7E73BE8F-FD87-44EC-8E22-023D5FF960FF} (F5 Virtual Sandbox Class) - https://vpnportal.detelefoongids.nl/vdesk/terminal/vdeskctrl.cab#version=6020,2008,0212,2006
    O16 - DPF: {8167C273-DF59-4416-B647-C8BB2C7EE83E} (WebSDev Control) - http://liveupdate.msi.com.tw/autobios/LOnline/install.cab
    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
    O16 - DPF: {CC85ACDF-B277-486F-8C70-2C9B2ED2A4E7} (F5 Networks SuperHost Class) - https://vpnportal.detelefoongids.nl/vdesk/terminal/urxshost.cab#version=6020,2008,0212,2006
    O16 - DPF: {E0FF21FA-B857-45C5-8621-F120A0C17FF2} (F5 Networks Host Control) - https://vpnportal.detelefoongids.nl/vdesk/terminal/urxhost.cab#version=6020,2008,0212,2005
    O16 - DPF: {E8F628B5-259A-4734-97EE-BA914D7BE941} (Driver Agent ActiveX Control) - http://driveragent.com/files/driveragent.cab
    O16 - DPF: {F09BFD07-20B5-46D8-A6D5-BE4EF22F1F4D} (DGTx.uc1) - http://66.98.196.24/DGTx.CAB
    O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
    O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
    O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
    O23 - Service: a-squared Anti-Malware Service (a2AntiMalware) - Emsi Software GmbH - C:\Program Files\a-squared Anti-Malware\a2service.exe
    O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
    O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
    O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: Portrait Displays Display Tune Service (DTSRVC) - Unknown owner - C:\Program Files\Common Files\Portrait Displays\Shared\DTSRVC.exe
    O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - C:\Program Files\MAGIX\Common\Database\bin\fbserver.exe
    O23 - Service: ZoneAlarm Toolbar IswSvc (IswSvc) - Check Point Software Technologies - C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe
    O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32
    vsvc32.exe
    O23 - Service: Planner voor Automatische LiveUpdate - Unknown owner - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe (file missing)
    O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
    O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
    O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe
    O23 - Service: ProtexisLicensing - Unknown owner - C:\WINDOWS\system32\PSIService.exe
    O23 - Service: ServiceLayer - Nokia. - C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe
    O23 - Service: STI Simulator - Unknown owner - C:\WINDOWS\System32\PAStiSvc.exe
    O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\WINDOWS\system32\ZoneLabs\vsmon.exe


    End of file - 14633 bytes
  • Hallo miklo3000, het begint er nu waarlijk goed uit te zien!
    Ik neem aan, dat je PC inmiddels ook sneller is geworden?


    Start HijackThis opnieuw en kies voor [b:c8a23caa99]Scan only[/b:c8a23caa99], nadat je een vinkje hebt gezet voor de met de onderstaand corresponderende regel, klik je vervolgens op de knop [b:c8a23caa99]Fix checked[/b:c8a23caa99]:

    O4 - HKLM\..\Run: [Graphic Update] C:\DOCUME~1\miklo\LOCALS~1\Temp\msnplus.exe


    Start Avira op en laat Aviira je hele systeem scannen en post dan het log daarvan!
  • Heb het bestandje in Hjy verwijderd nadat avira liep .

    Avira AntiVir Personal
    Report file date: vrijdag 18 december 2009 17:11

    Scanning for 1456781 virus strains and unwanted programs.

    Licensee : Avira AntiVir Personal - FREE Antivirus
    Serial number : 0000149996-ADJIE-0000001
    Platform : Windows XP
    Windows version : (Service Pack 3) [5.1.2600]
    Boot mode : Normally booted
    Username : SYSTEM
    Computer name : KABOUTER-0E4FC1

    Version information:
    BUILD.DAT : 9.0.0.418 21723 Bytes 02/12/2009 16:28:00
    AVSCAN.EXE : 9.0.3.10 466689 Bytes 13/10/2009 10:26:33
    AVSCAN.DLL : 9.0.3.0 40705 Bytes 27/02/2009 09:58:24
    LUKE.DLL : 9.0.3.2 209665 Bytes 20/02/2009 10:35:49
    LUKERES.DLL : 9.0.2.0 12033 Bytes 27/02/2009 09:58:52
    VBASE000.VDF : 7.10.0.0 19875328 Bytes 06/11/2009 06:35:52
    VBASE001.VDF : 7.10.1.0 1372672 Bytes 19/11/2009 14:59:29
    VBASE002.VDF : 7.10.1.1 2048 Bytes 19/11/2009 14:59:29
    VBASE003.VDF : 7.10.1.2 2048 Bytes 19/11/2009 14:59:29
    VBASE004.VDF : 7.10.1.3 2048 Bytes 19/11/2009 14:59:29
    VBASE005.VDF : 7.10.1.4 2048 Bytes 19/11/2009 14:59:29
    VBASE006.VDF : 7.10.1.5 2048 Bytes 19/11/2009 14:59:29
    VBASE007.VDF : 7.10.1.6 2048 Bytes 19/11/2009 14:59:29
    VBASE008.VDF : 7.10.1.7 2048 Bytes 19/11/2009 14:59:29
    VBASE009.VDF : 7.10.1.8 2048 Bytes 19/11/2009 14:59:29
    VBASE010.VDF : 7.10.1.9 2048 Bytes 19/11/2009 14:59:29
    VBASE011.VDF : 7.10.1.10 2048 Bytes 19/11/2009 14:59:29
    VBASE012.VDF : 7.10.1.11 2048 Bytes 19/11/2009 14:59:29
    VBASE013.VDF : 7.10.1.79 209920 Bytes 25/11/2009 14:59:29
    VBASE014.VDF : 7.10.1.128 197632 Bytes 30/11/2009 14:59:30
    VBASE015.VDF : 7.10.1.178 195584 Bytes 07/12/2009 14:59:30
    VBASE016.VDF : 7.10.1.224 183296 Bytes 14/12/2009 14:59:30
    VBASE017.VDF : 7.10.1.247 182272 Bytes 15/12/2009 14:59:30
    VBASE018.VDF : 7.10.1.248 2048 Bytes 15/12/2009 14:59:30
    VBASE019.VDF : 7.10.1.249 2048 Bytes 15/12/2009 14:59:30
    VBASE020.VDF : 7.10.1.250 2048 Bytes 15/12/2009 14:59:30
    VBASE021.VDF : 7.10.1.251 2048 Bytes 15/12/2009 14:59:30
    VBASE022.VDF : 7.10.1.252 2048 Bytes 15/12/2009 14:59:30
    VBASE023.VDF : 7.10.1.253 2048 Bytes 15/12/2009 14:59:30
    VBASE024.VDF : 7.10.1.254 2048 Bytes 15/12/2009 14:59:30
    VBASE025.VDF : 7.10.1.255 2048 Bytes 15/12/2009 14:59:30
    VBASE026.VDF : 7.10.2.0 2048 Bytes 15/12/2009 14:59:31
    VBASE027.VDF : 7.10.2.1 2048 Bytes 15/12/2009 14:59:31
    VBASE028.VDF : 7.10.2.2 2048 Bytes 15/12/2009 14:59:31
    VBASE029.VDF : 7.10.2.3 2048 Bytes 15/12/2009 14:59:31
    VBASE030.VDF : 7.10.2.4 2048 Bytes 15/12/2009 14:59:31
    VBASE031.VDF : 7.10.2.20 155136 Bytes 18/12/2009 14:59:31
    Engineversion : 8.2.1.114
    AEVDF.DLL : 8.1.1.2 106867 Bytes 08/11/2009 06:38:52
    AESCRIPT.DLL : 8.1.3.3 586106 Bytes 18/12/2009 14:59:33
    AESCN.DLL : 8.1.3.0 127348 Bytes 18/12/2009 14:59:33
    AESBX.DLL : 8.1.1.1 246132 Bytes 08/11/2009 06:38:44
    AERDL.DLL : 8.1.3.4 479605 Bytes 18/12/2009 14:59:32
    AEPACK.DLL : 8.2.0.3 422261 Bytes 08/11/2009 06:38:40
    AEOFFICE.DLL : 8.1.0.38 196987 Bytes 08/11/2009 06:38:38
    AEHEUR.DLL : 8.1.0.186 2183544 Bytes 18/12/2009 14:59:32
    AEHELP.DLL : 8.1.9.0 237943 Bytes 18/12/2009 14:59:31
    AEGEN.DLL : 8.1.1.81 369014 Bytes 18/12/2009 14:59:31
    AEEMU.DLL : 8.1.1.0 393587 Bytes 08/11/2009 06:38:26
    AECORE.DLL : 8.1.9.1 180598 Bytes 18/12/2009 14:59:31
    AEBB.DLL : 8.1.0.3 53618 Bytes 08/11/2009 06:38:20
    AVWINLL.DLL : 9.0.0.3 18177 Bytes 12/12/2008 07:47:59
    AVPREF.DLL : 9.0.3.0 44289 Bytes 26/08/2009 14:14:02
    AVREP.DLL : 8.0.0.3 155905 Bytes 20/01/2009 13:34:28
    AVREG.DLL : 9.0.0.0 36609 Bytes 05/12/2008 09:32:09
    AVARKT.DLL : 9.0.0.3 292609 Bytes 24/03/2009 14:05:41
    AVEVTLOG.DLL : 9.0.0.7 167169 Bytes 30/01/2009 09:37:08
    SQLITE3.DLL : 3.6.1.0 326401 Bytes 28/01/2009 14:03:49
    SMTPLIB.DLL : 9.2.0.25 28417 Bytes 02/02/2009 07:21:33
    NETNT.DLL : 9.0.0.0 11521 Bytes 05/12/2008 09:32:10
    RCIMAGE.DLL : 9.0.0.25 2438913 Bytes 15/05/2009 14:39:58
    RCTEXT.DLL : 9.0.73.0 86785 Bytes 13/10/2009 11:25:47

    Configuration settings for the scan:
    Jobname………………………..: Complete system scan
    Configuration file………………: c:\program files\avira\antivir desktop\sysscan.avp
    Logging………………………..: low
    Primary action………………….: interactive
    Secondary action………………..: ignore
    Scan master boot sector………….: on
    Scan boot sector………………..: on
    Boot sectors……………………: C:,
    Process scan……………………: on
    Scan registry…………………..: on
    Search for rootkits……………..: on
    Integrity checking of system files..: off
    Scan all files………………….: All files
    Scan archives…………………..: on
    Recursion depth…………………: 20
    Smart extensions………………..: on
    Macro heuristic…………………: on
    File heuristic………………….: medium
    Deviating risk categories………..: +JOKE,+PCK,+PFS,

    Start of the scan: vrijdag 18 december 2009 17:11

    Starting search for hidden objects.
    '94402' objects were checked, '0' hidden objects were found.

    The scan of running processes will be started
    Scan process 'avscan.exe' - '1' Module(s) have been scanned
    Scan process 'avcenter.exe' - '1' Module(s) have been scanned
    Scan process 'wlcomm.exe' - '1' Module(s) have been scanned
    Scan process 'hpqste08.exe' - '1' Module(s) have been scanned
    Scan process 'DATALA~1.EXE' - '1' Module(s) have been scanned
    Scan process 'hpqtra08.exe' - '1' Module(s) have been scanned
    Scan process 'TeaTimer.exe' - '1' Module(s) have been scanned
    Scan process 'daemon.exe' - '1' Module(s) have been scanned
    Scan process 'msnmsgr.exe' - '1' Module(s) have been scanned
    Scan process 'ctfmon.exe' - '1' Module(s) have been scanned
    Scan process 'zlclient.exe' - '0' Module(s) have been scanned
    Scan process 'avgnt.exe' - '1' Module(s) have been scanned
    Scan process 'jusched.exe' - '1' Module(s) have been scanned
    Scan process 'realsched.exe' - '1' Module(s) have been scanned
    Scan process 'Athan.exe' - '1' Module(s) have been scanned
    Scan process 'ServiceLayer.exe' - '1' Module(s) have been scanned
    Scan process 'HookManager.exe' - '1' Module(s) have been scanned
    Scan process 'rundll32.exe' - '1' Module(s) have been scanned
    Scan process 'GrooveMonitor.exe' - '1' Module(s) have been scanned
    Scan process 'dthtml.exe' - '1' Module(s) have been scanned
    Scan process 'hpwuSchd2.exe' - '1' Module(s) have been scanned
    Scan process 'LAUNCH~1.EXE' - '1' Module(s) have been scanned
    Scan process 'RTHDCPL.exe' - '1' Module(s) have been scanned
    Scan process 'VTTimer.exe' - '1' Module(s) have been scanned
    Scan process 'alg.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'PAStiSvc.exe' - '1' Module(s) have been scanned
    Scan process 'SeaPort.exe' - '1' Module(s) have been scanned
    Scan process 'PSIService.exe' - '1' Module(s) have been scanned
    Scan process 'PnkBstrB.exe' - '1' Module(s) have been scanned
    Scan process 'PnkBstrA.exe' - '1' Module(s) have been scanned
    Scan process 'nvsvc32.exe' - '1' Module(s) have been scanned
    Scan process 'jqs.exe' - '1' Module(s) have been scanned
    Scan process 'DTSRVC.exe' - '1' Module(s) have been scanned
    Scan process 'AppleMobileDeviceService.exe' - '1' Module(s) have been scanned
    Scan process 'avguard.exe' - '1' Module(s) have been scanned
    Scan process 'a2service.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'ForceField.exe' - '1' Module(s) have been scanned
    Scan process 'sched.exe' - '1' Module(s) have been scanned
    Scan process 'spoolsv.exe' - '1' Module(s) have been scanned
    Scan process 'ISWSVC.exe' - '1' Module(s) have been scanned
    Scan process 'explorer.exe' - '1' Module(s) have been scanned
    Scan process 'vsmon.exe' - '0' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'lsass.exe' - '1' Module(s) have been scanned
    Scan process 'services.exe' - '1' Module(s) have been scanned
    Scan process 'winlogon.exe' - '1' Module(s) have been scanned
    Scan process 'csrss.exe' - '1' Module(s) have been scanned
    Scan process 'smss.exe' - '1' Module(s) have been scanned
    52 processes with 52 modules were scanned

    Starting master boot sector scan:
    Master boot sector HD0
    [INFO] No virus was found!

    Start scanning boot sectors:
    Boot sector 'C:'
    [INFO] No virus was found!

    Starting to scan executable files (registry).
    The registry was scanned ( '70' files ).


    Starting the file scan:

    Begin scan in 'C:'
    C:\pagefile.sys
    [WARNING] The file could not be opened!
    [NOTE] This file is a Windows system file.
    [NOTE] This file cannot be opened for scanning.
    C:\Documents and Settings\miklo\Mijn documenten\zaSetup_91_007_002_en.exe
    [0] Archive type: ZIP SFX (self extracting)
    –> SWITCHUNINST_44ZONE LABS.EXE
    [1] Archive type: RSRC
    –> WINDOWS6.0-KB929547-V2-X64.MSU
    [1] Archive type: CAB (Microsoft)
    –> Windows6.0-KB929547-v2-x64.cab
    [WARNING] No further files can be extracted from this archive. The archive will be closed
    C:\System Volume Information\_restore{A0586B10-2657-4F09-A9B5-9D089CCC23ED}\RP642\A0115050.EXE
    [DETECTION] Is the TR/Dropper.Gen Trojan
    C:\WINDOWS\system32\drivers\sptd.sys
    [WARNING] The file could not be opened!

    Beginning disinfection:
    C:\System Volume Information\_restore{A0586B10-2657-4F09-A9B5-9D089CCC23ED}\RP642\A0115050.EXE
    [DETECTION] Is the TR/Dropper.Gen Trojan
    [NOTE] The file was moved to '4b5cb573.qua'!


    End of the scan: vrijdag 18 december 2009 18:00
    Used time: 48:22 Minute(s)

    The scan has been done completely.

    7826 Scanned directories
    300674 Files were scanned
    1 Viruses and/or unwanted programs were found
    0 Files were classified as suspicious
    0 files were deleted
    0 Viruses and unwanted programs were repaired
    1 Files were moved to quarantine
    0 Files were renamed
    2 Files cannot be scanned
    300671 Files not concerned
    1835 Archives were scanned
    3 Warnings
    2 Notes
    94402 Objects were scanned with rootkit scan
    0 Hidden objects were found

    Ik zal hem nog een keer laten scannen plaats die log ook .

    echt hartstikke bedankt voor uw hulp . :D
  • Hallo miklo, eerst wat anders, mijn vermoeden is wat dat betreft bevestigt.
    Je moet namelijk nu eerst de systeemherstelpunten opschonen!

    Klik daarvoor met rechts op [b:1ba3f3899a]Deze computer [/b:1ba3f3899a]en kies [b:1ba3f3899a]Eigenschappen[/b:1ba3f3899a].
    Klik op de tab [b:1ba3f3899a]Systeemherstel[/b:1ba3f3899a] en schakel [b:1ba3f3899a]Systeemherstel[/b:1ba3f3899a] uit.
    Herstart je computer, daardoor worden alle herstelpunten, waaronder ook de vervuilde, gewist. Na herstart via dezelfde weg Systeemherstel weer inschakelen.
    Zo nodig kan je dan via [b:1ba3f3899a]Start[/b:1ba3f3899a]>[b:1ba3f3899a]Alle Programma's[/b:1ba3f3899a]>[b:1ba3f3899a]Bureau-accessoires[/b:1ba3f3899a]>[b:1ba3f3899a]Systeemwerkset[/b:1ba3f3899a]>[b:1ba3f3899a]Systeemherstel[/b:1ba3f3899a] een nieuw herstelpunt maken!
  • Avira AntiVir Personal
    Report file date: vrijdag 18 december 2009 18:48

    Scanning for 1456781 virus strains and unwanted programs.

    Licensee : Avira AntiVir Personal - FREE Antivirus
    Serial number : 0000149996-ADJIE-0000001
    Platform : Windows XP
    Windows version : (Service Pack 3) [5.1.2600]
    Boot mode : Normally booted
    Username : SYSTEM
    Computer name : KABOUTER-0E4FC1

    Version information:
    BUILD.DAT : 9.0.0.418 21723 Bytes 02/12/2009 16:28:00
    AVSCAN.EXE : 9.0.3.10 466689 Bytes 13/10/2009 10:26:33
    AVSCAN.DLL : 9.0.3.0 40705 Bytes 27/02/2009 09:58:24
    LUKE.DLL : 9.0.3.2 209665 Bytes 20/02/2009 10:35:49
    LUKERES.DLL : 9.0.2.0 12033 Bytes 27/02/2009 09:58:52
    VBASE000.VDF : 7.10.0.0 19875328 Bytes 06/11/2009 06:35:52
    VBASE001.VDF : 7.10.1.0 1372672 Bytes 19/11/2009 14:59:29
    VBASE002.VDF : 7.10.1.1 2048 Bytes 19/11/2009 14:59:29
    VBASE003.VDF : 7.10.1.2 2048 Bytes 19/11/2009 14:59:29
    VBASE004.VDF : 7.10.1.3 2048 Bytes 19/11/2009 14:59:29
    VBASE005.VDF : 7.10.1.4 2048 Bytes 19/11/2009 14:59:29
    VBASE006.VDF : 7.10.1.5 2048 Bytes 19/11/2009 14:59:29
    VBASE007.VDF : 7.10.1.6 2048 Bytes 19/11/2009 14:59:29
    VBASE008.VDF : 7.10.1.7 2048 Bytes 19/11/2009 14:59:29
    VBASE009.VDF : 7.10.1.8 2048 Bytes 19/11/2009 14:59:29
    VBASE010.VDF : 7.10.1.9 2048 Bytes 19/11/2009 14:59:29
    VBASE011.VDF : 7.10.1.10 2048 Bytes 19/11/2009 14:59:29
    VBASE012.VDF : 7.10.1.11 2048 Bytes 19/11/2009 14:59:29
    VBASE013.VDF : 7.10.1.79 209920 Bytes 25/11/2009 14:59:29
    VBASE014.VDF : 7.10.1.128 197632 Bytes 30/11/2009 14:59:30
    VBASE015.VDF : 7.10.1.178 195584 Bytes 07/12/2009 14:59:30
    VBASE016.VDF : 7.10.1.224 183296 Bytes 14/12/2009 14:59:30
    VBASE017.VDF : 7.10.1.247 182272 Bytes 15/12/2009 14:59:30
    VBASE018.VDF : 7.10.1.248 2048 Bytes 15/12/2009 14:59:30
    VBASE019.VDF : 7.10.1.249 2048 Bytes 15/12/2009 14:59:30
    VBASE020.VDF : 7.10.1.250 2048 Bytes 15/12/2009 14:59:30
    VBASE021.VDF : 7.10.1.251 2048 Bytes 15/12/2009 14:59:30
    VBASE022.VDF : 7.10.1.252 2048 Bytes 15/12/2009 14:59:30
    VBASE023.VDF : 7.10.1.253 2048 Bytes 15/12/2009 14:59:30
    VBASE024.VDF : 7.10.1.254 2048 Bytes 15/12/2009 14:59:30
    VBASE025.VDF : 7.10.1.255 2048 Bytes 15/12/2009 14:59:30
    VBASE026.VDF : 7.10.2.0 2048 Bytes 15/12/2009 14:59:31
    VBASE027.VDF : 7.10.2.1 2048 Bytes 15/12/2009 14:59:31
    VBASE028.VDF : 7.10.2.2 2048 Bytes 15/12/2009 14:59:31
    VBASE029.VDF : 7.10.2.3 2048 Bytes 15/12/2009 14:59:31
    VBASE030.VDF : 7.10.2.4 2048 Bytes 15/12/2009 14:59:31
    VBASE031.VDF : 7.10.2.20 155136 Bytes 18/12/2009 14:59:31
    Engineversion : 8.2.1.114
    AEVDF.DLL : 8.1.1.2 106867 Bytes 08/11/2009 06:38:52
    AESCRIPT.DLL : 8.1.3.3 586106 Bytes 18/12/2009 14:59:33
    AESCN.DLL : 8.1.3.0 127348 Bytes 18/12/2009 14:59:33
    AESBX.DLL : 8.1.1.1 246132 Bytes 08/11/2009 06:38:44
    AERDL.DLL : 8.1.3.4 479605 Bytes 18/12/2009 14:59:32
    AEPACK.DLL : 8.2.0.3 422261 Bytes 08/11/2009 06:38:40
    AEOFFICE.DLL : 8.1.0.38 196987 Bytes 08/11/2009 06:38:38
    AEHEUR.DLL : 8.1.0.186 2183544 Bytes 18/12/2009 14:59:32
    AEHELP.DLL : 8.1.9.0 237943 Bytes 18/12/2009 14:59:31
    AEGEN.DLL : 8.1.1.81 369014 Bytes 18/12/2009 14:59:31
    AEEMU.DLL : 8.1.1.0 393587 Bytes 08/11/2009 06:38:26
    AECORE.DLL : 8.1.9.1 180598 Bytes 18/12/2009 14:59:31
    AEBB.DLL : 8.1.0.3 53618 Bytes 08/11/2009 06:38:20
    AVWINLL.DLL : 9.0.0.3 18177 Bytes 12/12/2008 07:47:59
    AVPREF.DLL : 9.0.3.0 44289 Bytes 26/08/2009 14:14:02
    AVREP.DLL : 8.0.0.3 155905 Bytes 20/01/2009 13:34:28
    AVREG.DLL : 9.0.0.0 36609 Bytes 05/12/2008 09:32:09
    AVARKT.DLL : 9.0.0.3 292609 Bytes 24/03/2009 14:05:41
    AVEVTLOG.DLL : 9.0.0.7 167169 Bytes 30/01/2009 09:37:08
    SQLITE3.DLL : 3.6.1.0 326401 Bytes 28/01/2009 14:03:49
    SMTPLIB.DLL : 9.2.0.25 28417 Bytes 02/02/2009 07:21:33
    NETNT.DLL : 9.0.0.0 11521 Bytes 05/12/2008 09:32:10
    RCIMAGE.DLL : 9.0.0.25 2438913 Bytes 15/05/2009 14:39:58
    RCTEXT.DLL : 9.0.73.0 86785 Bytes 13/10/2009 11:25:47

    Configuration settings for the scan:
    Jobname………………………..: Complete system scan
    Configuration file………………: c:\program files\avira\antivir desktop\sysscan.avp
    Logging………………………..: low
    Primary action………………….: interactive
    Secondary action………………..: ignore
    Scan master boot sector………….: on
    Scan boot sector………………..: on
    Boot sectors……………………: C:,
    Process scan……………………: on
    Scan registry…………………..: on
    Search for rootkits……………..: on
    Integrity checking of system files..: off
    Scan all files………………….: All files
    Scan archives…………………..: on
    Recursion depth…………………: 20
    Smart extensions………………..: on
    Macro heuristic…………………: on
    File heuristic………………….: medium
    Deviating risk categories………..: +JOKE,+PCK,+PFS,

    Start of the scan: vrijdag 18 december 2009 18:48

    Starting search for hidden objects.
    '94499' objects were checked, '0' hidden objects were found.

    The scan of running processes will be started
    Scan process 'iexplore.exe' - '1' Module(s) have been scanned
    Scan process 'iexplore.exe' - '1' Module(s) have been scanned
    Scan process 'wlcomm.exe' - '1' Module(s) have been scanned
    Scan process 'avscan.exe' - '1' Module(s) have been scanned
    Scan process 'hpqste08.exe' - '1' Module(s) have been scanned
    Scan process 'DATALA~1.EXE' - '1' Module(s) have been scanned
    Scan process 'avcenter.exe' - '1' Module(s) have been scanned
    Scan process 'hpqtra08.exe' - '1' Module(s) have been scanned
    Scan process 'TeaTimer.exe' - '1' Module(s) have been scanned
    Scan process 'daemon.exe' - '1' Module(s) have been scanned
    Scan process 'msnmsgr.exe' - '1' Module(s) have been scanned
    Scan process 'ctfmon.exe' - '1' Module(s) have been scanned
    Scan process 'zlclient.exe' - '0' Module(s) have been scanned
    Scan process 'avgnt.exe' - '1' Module(s) have been scanned
    Scan process 'jusched.exe' - '1' Module(s) have been scanned
    Scan process 'realsched.exe' - '1' Module(s) have been scanned
    Scan process 'Athan.exe' - '1' Module(s) have been scanned
    Scan process 'ServiceLayer.exe' - '1' Module(s) have been scanned
    Scan process 'HookManager.exe' - '1' Module(s) have been scanned
    Scan process 'rundll32.exe' - '1' Module(s) have been scanned
    Scan process 'GrooveMonitor.exe' - '1' Module(s) have been scanned
    Scan process 'dthtml.exe' - '1' Module(s) have been scanned
    Scan process 'hpwuSchd2.exe' - '1' Module(s) have been scanned
    Scan process 'LAUNCH~1.EXE' - '1' Module(s) have been scanned
    Scan process 'RTHDCPL.exe' - '1' Module(s) have been scanned
    Scan process 'VTTimer.exe' - '1' Module(s) have been scanned
    Scan process 'alg.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'PAStiSvc.exe' - '1' Module(s) have been scanned
    Scan process 'SeaPort.exe' - '1' Module(s) have been scanned
    Scan process 'PSIService.exe' - '1' Module(s) have been scanned
    Scan process 'PnkBstrB.exe' - '1' Module(s) have been scanned
    Scan process 'PnkBstrA.exe' - '1' Module(s) have been scanned
    Scan process 'nvsvc32.exe' - '1' Module(s) have been scanned
    Scan process 'jqs.exe' - '1' Module(s) have been scanned
    Scan process 'DTSRVC.exe' - '1' Module(s) have been scanned
    Scan process 'AppleMobileDeviceService.exe' - '1' Module(s) have been scanned
    Scan process 'avguard.exe' - '1' Module(s) have been scanned
    Scan process 'a2service.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'ForceField.exe' - '1' Module(s) have been scanned
    Scan process 'sched.exe' - '1' Module(s) have been scanned
    Scan process 'spoolsv.exe' - '1' Module(s) have been scanned
    Scan process 'ISWSVC.exe' - '1' Module(s) have been scanned
    Scan process 'explorer.exe' - '1' Module(s) have been scanned
    Scan process 'vsmon.exe' - '0' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'lsass.exe' - '1' Module(s) have been scanned
    Scan process 'services.exe' - '1' Module(s) have been scanned
    Scan process 'winlogon.exe' - '1' Module(s) have been scanned
    Scan process 'csrss.exe' - '1' Module(s) have been scanned
    Scan process 'smss.exe' - '1' Module(s) have been scanned
    54 processes with 54 modules were scanned

    Starting master boot sector scan:
    Master boot sector HD0
    [INFO] No virus was found!

    Start scanning boot sectors:
    Boot sector 'C:'
    [INFO] No virus was found!

    Starting to scan executable files (registry).
    The registry was scanned ( '70' files ).


    Starting the file scan:

    Begin scan in 'C:'
    C:\pagefile.sys
    [WARNING] The file could not be opened!
    [NOTE] This file is a Windows system file.
    [NOTE] This file cannot be opened for scanning.
    C:\Documents and Settings\miklo\Mijn documenten\zaSetup_91_007_002_en.exe
    [0] Archive type: ZIP SFX (self extracting)
    –> SWITCHUNINST_44ZONE LABS.EXE
    [1] Archive type: RSRC
    –> WINDOWS6.0-KB929547-V2-X64.MSU
    [1] Archive type: CAB (Microsoft)
    –> Windows6.0-KB929547-v2-x64.cab
    [WARNING] No further files can be extracted from this archive. The archive will be closed
    C:\WINDOWS\system32\drivers\sptd.sys
    [WARNING] The file could not be opened!


    End of the scan: vrijdag 18 december 2009 19:44
    Used time: 55:12 Minute(s)

    The scan has been done completely.

    7463 Scanned directories
    289648 Files were scanned
    0 Viruses and/or unwanted programs were found
    0 Files were classified as suspicious
    0 files were deleted
    0 Viruses and unwanted programs were repaired
    0 Files were moved to quarantine
    0 Files were renamed
    2 Files cannot be scanned
    289646 Files not concerned
    1816 Archives were scanned
    3 Warnings
    1 Notes
    94499 Objects were scanned with rootkit scan
    0 Hidden objects were found

    Dit is het log van de laatste scan , heb de systeem herstel punten gewist.
  • Wel, ik denk dat jouw Windows weer helemaal onder jouw controle staat!

    Zijn er nog problemen?
  • nope alles lijkt weer in orde en de pc vliegt weer als van ouds !! :D

    Nogmaals heel erg bedankt zonder uw hulp was het zeker einde pc geweest .

Beantwoord deze vraag

Dit is een gearchiveerde pagina. Antwoorden is niet meer mogelijk.