Vraag & Antwoord

Beveiliging & privacy

Win32 cryptor virus opgelopen

17 antwoorden
  • Hallo Ik heb sinds kort last van het Win32 Cryptor virus en het wordt steeds ergen , heb Spybot laten gaan en Antimaleware , nu heb ik hijackthis laten lopen dit is de Log die ik krijg kan iemand mij helpen ??? Logfile of Trend Micro HijackThis v2.0.3 (BETA) Scan saved at 11:38:20, on 18/12/2009 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe C:\WINDOWS\system32\VTTimer.exe C:\WINDOWS\RTHDCPL.EXE C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE C:\Program Files\HP\HP Software Update\HPWuSchd2.exe C:\Program Files\Portrait Displays\HP My Display\DTHtml.exe C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\PROGRA~1\AVG\AVG8\avgtray.exe C:\Program Files\Common Files\Portrait Displays\Shared\DTSRVC.exe C:\Program Files\Athan\Athan.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Common Files\Real\Update_OB\realsched.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\Program Files\Common Files\Portrait Displays\Shared\HookManager.exe C:\WINDOWS\system32\370B61\488DE0.EXE C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\Program Files\Eset\nod32krn.exe C:\WINDOWS\system32\nvsvc32.exe C:\PROGRA~1\AVG\AVG8\avgam.exe C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe C:\PROGRA~1\AVG\AVG8\avgrsx.exe C:\PROGRA~1\COMMON~1\Nokia\MPAPI\MPAPI3s.exe C:\PROGRA~1\AVG\AVG8\avgnsx.exe C:\WINDOWS\system32\PnkBstrA.exe C:\WINDOWS\system32\PnkBstrB.exe C:\WINDOWS\system32\PSIService.exe C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe C:\WINDOWS\System32\PAStiSvc.exe C:\WINDOWS\system32\svchost.exe C:\PROGRA~1\COMMON~1\PCSuite\DATALA~1\DATALA~1.EXE C:\Program Files\Windows Live\Contacts\wlcomm.exe C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\WINDOWS\system32\msiexec.exe C:\Program Files\TrendMicro\HiJackThis\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.nl/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.nl/0SENLNL/SAOS01?FORM=TOOLBR R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen R3 - URLSearchHook: (no name) - *{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file) R3 - URLSearchHook: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O2 - BHO: Ask Toolbar BHO - {FE063DB1-4EC0-403e-8DD8-394C54984B2C} - C:\Program Files\AskTBar\bar\1.bin\ASKTBAR.DLL (file missing) O3 - Toolbar: Ask Toolbar - {FE063DB9-4EC0-403e-8DD8-394C54984B2C} - C:\Program Files\AskTBar\bar\1.bin\ASKTBAR.DLL (file missing) O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O3 - Toolbar: AVG Security Toolbar - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll" O4 - HKLM\..\Run: [amd_dc_opt] C:\Program Files\AMD\Dual-Core Optimizer\amd_dc_opt.exe O4 - HKLM\..\Run: [VTTimer] VTTimer.exe O4 - HKLM\..\Run: [S3Trayp] S3Trayp.exe O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE -startup O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [Graphic Update] C:\DOCUME~1\miklo\LOCALS~1\Temp\msnplus.exe O4 - HKLM\..\Run: [DT HPW] C:\Program Files\Portrait Displays\HP My Display\DTHtml.exe -startup_folder O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [WinSys2] C:\WINDOWS\system32\winsys2.exe O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe O4 - HKLM\..\Run: [Athan] C:\Program Files\Athan\Athan.exe O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [488DE0] C:\WINDOWS\system32\370B61\488DE0.EXE O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [FreeCall] "C:\Program Files\FreeCall.com\FreeCall\FreeCall.exe" -nosplash -minimized O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun O4 - HKCU\..\Run: [EA Core] "C:\Program Files\Electronic Arts\EADM\Core.exe" -silent O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Lokale service') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Netwerkservice') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Startup: 488DE0.lnk = C:\WINDOWS\system32\370B61\488DE0.EXE O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Open with WordPerfect - C:\Program Files\WordPerfect Office X3\Programs\WPLauncher.hta O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: (no name) - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - (no file) O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe (file missing) O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe (file missing) O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O15 - Trusted Zone: http://www.msi.com.tw O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} - http://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab O16 - DPF: {15B782AF-55D8-11D1-B477-006097098764} (Macromedia Authorware Web Player Control) - http://e-learning.lyreco.com/plugin/authorware/awswax65.cab O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab O16 - DPF: {41EF3CD2-D8CC-4438-84B1-280BB4E77C8E} (F5 Networks Dynamic Application Tunnel Control) - https://vpnportal.detelefoongids.nl/vdesk/terminal/f5tunsrv.cab#version=6020,2008,0212,2007 O16 - DPF: {45B69029-F3AB-4204-92DE-D5140C3E8E74} (F5 Networks Auto Update) - C:\DOCUME~1\miklo\LOCALS~1\Temp\IXP000.TMP\InstallerControl.cab O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/resources/MSNPUpld.cab O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - http://download.divx.com/player/DivXBrowserPlugin.cab O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} (Image Uploader Control) - http://cache.hyves-static.net/statics/Aurigma/ImageUploader4.cab O16 - DPF: {7E73BE8F-FD87-44EC-8E22-023D5FF960FF} (F5 Virtual Sandbox Class) - https://vpnportal.detelefoongids.nl/vdesk/terminal/vdeskctrl.cab#version=6020,2008,0212,2006 O16 - DPF: {8167C273-DF59-4416-B647-C8BB2C7EE83E} (WebSDev Control) - http://liveupdate.msi.com.tw/autobios/LOnline/install.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab O16 - DPF: {CC85ACDF-B277-486F-8C70-2C9B2ED2A4E7} (F5 Networks SuperHost Class) - https://vpnportal.detelefoongids.nl/vdesk/terminal/urxshost.cab#version=6020,2008,0212,2006 O16 - DPF: {E0FF21FA-B857-45C5-8621-F120A0C17FF2} (F5 Networks Host Control) - https://vpnportal.detelefoongids.nl/vdesk/terminal/urxhost.cab#version=6020,2008,0212,2005 O16 - DPF: {E8F628B5-259A-4734-97EE-BA914D7BE941} (Driver Agent ActiveX Control) - http://driveragent.com/files/driveragent.cab O16 - DPF: {F09BFD07-20B5-46D8-A6D5-BE4EF22F1F4D} (DGTx.uc1) - http://66.98.196.24/DGTx.CAB O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll O20 - Winlogon Notify: avgrsstarter - avgrsstx.dll (file missing) O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe O23 - Service: Portrait Displays Display Tune Service (DTSRVC) - Unknown owner - C:\Program Files\Common Files\Portrait Displays\Shared\DTSRVC.exe O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - C:\Program Files\MAGIX\Common\Database\bin\fbserver.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing) O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Planner voor Automatische LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe O23 - Service: ProtexisLicensing - Unknown owner - C:\WINDOWS\system32\PSIService.exe O23 - Service: ServiceLayer - Nokia. - C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe O23 - Service: STI Simulator - Unknown owner - C:\WINDOWS\System32\PAStiSvc.exe -- End of file - 16032 bytes
  • Hallo miklo3000, de veiligheid van jouw Windows is volledig gecompromiteerd, want: 3 aktieve antivirusprogranma's in jouw Windows. Te weten: - AVG - Eset/Nod32 - Norton Hoe heb je dit alles zo voorelkaar gekregen? En met welke antivirus wil jij doorgaan? Download, installeer en blijf [b:c12fcb4db1]a-squared Free 4.5 [/b:c12fcb4db1]gebruiken. Direkt na de installatie wil ook [b:c12fcb4db1]a-squared Free 4.5[/b:c12fcb4db1] updaten. Dat verhinder je. Start [b:c12fcb4db1]a-squared Free 4.5[/b:c12fcb4db1] en klik op [b:c12fcb4db1]Configureer updates[/b:c12fcb4db1] en [b:c12fcb4db1]haal dan het vinkje weg bij Extra talen installeren[/b:c12fcb4db1]! Hierna kan je [b:c12fcb4db1]a-squared Free 4.5[/b:c12fcb4db1] de nieuwste definities binnenhalen. [b:c12fcb4db1]Nadat de update gedaan is kies je voor [B]Grondige Scan[/b:c12fcb4db1].[/B] [url=http://www.emsisoft.nl/asquaredfree/index.htm][i:c12fcb4db1][b:c12fcb4db1]Download a-squared Free 4.5[/b:c12fcb4db1][/i:c12fcb4db1][/url] [b:c12fcb4db1]VISTAGEBRUIKERS: klik de betreffende snelkoppeling met rechts aan en kies voor Eigenschappen. In het Eigenschappenvenster klik je dan op de knop Geavanceerd en zet je een vinkje bij Als administrator uitvoeren.[/b:c12fcb4db1] Hierna een nieuw Hijack This Log aanmaken en het resultaat daarvan samen met het scanresultaat van [b:c12fcb4db1]a-squared Free 4.5 [/b:c12fcb4db1] posten; tevens een Uninstall-lijst posten (Start HijackThis, klik op de knop [b:c12fcb4db1]Open the Misc Tools section[/b:c12fcb4db1], dan op de knop [b:c12fcb4db1]Open Uninstall Manager[/b:c12fcb4db1] en als laatse op de knop [b:c12fcb4db1]Save[/b:c12fcb4db1]).
  • Bedankt voor je snelle reactie , Ik weet niet hoe ik dit heb gedaan :? Ik wil graag verder met avg . Ik ga doen wat je zei en plaats zo een nieuwe log.
  • Tjemig, dan even het volgende, Norton deïnstalleer middels het Norton verwijdertool: http://service1.symantec.com/support/inter/tsgeninfointl.nsf/nl_docid/20050411155130924?OpenDocument&seg=hm&lg=nl&ct=nl Eset/Nod32 is lastig te verwijderen. Ga naar C\Program Files en open daar de map Eset/Nod32 en zoek daarin naar [b:d5bfe4483f]Uninstall.exe[/b:d5bfe4483f]. Klik of dubbelklik daarop! En AVG: dat moet opnieuw geïnstalleerd worden! Waarom overigens de keus voor een gratis antivirusprogramma dat rootkits wel kan ontdekken - maar niet kan verwijderen!
  • De scan van a-square is nog bezig ga die antivirus zo verwijderen kan dit geen kwaad ivm met de virussen . Welk antivirus raad jij me aan ?? Ik dacht dat die avg goed was maar niet dus. Ps: ik heb niet zo heel veel verstand van pc , ik leer alweer een hoop :wink:
  • Indien je de nummer één onder de gratis antivirussen wil hebben, dan ga je voor Avira Antivir, gecombinerd met de gratis firewal van ZoneAlarm. Dat is de basis voor een goed beveiligde Windows! De spywarescanner van Avira is zo goed, dat gebruikers van Vista en Windows 7 daardoor Windows Defender kunnen deaktiveren! Het enigste dat Avira niet heeft is een emailscanner; die heeft de betaalde versie wel! Sta je erop, dat er ook een emailscanner aanwezig is, dan is Avast voor Home een hele goede tweede keus in de gratis antivirusprogramma's! Maar ook deze combineren met de ZoneAlarm firewll! Want de XP-firewall blokkeert goed, maar alles wat jouw Windows uit wil, kan er ook uit! Dus trojans kunnen daardoor ongehinderd nieuwe malware downloaden! Zoals dat nu in jouw Windows gebeurt met dat Win32 cryptor virus!
  • Beste ik kan Eset/nod32 uninstall niet vinden ... Norton is verwijderd . Log Hijack: Logfile of Trend Micro HijackThis v2.0.3 (BETA) Scan saved at 15:17:15, on 18/12/2009 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\VTTimer.exe C:\WINDOWS\RTHDCPL.EXE C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE C:\Program Files\HP\HP Software Update\HPWuSchd2.exe C:\Program Files\Portrait Displays\HP My Display\DTHtml.exe C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\PROGRA~1\AVG\AVG8\avgtray.exe C:\Program Files\Athan\Athan.exe C:\Program Files\Common Files\Real\Update_OB\realsched.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Common Files\Portrait Displays\Shared\HookManager.exe C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe C:\Program Files\a-squared Anti-Malware\a2service.exe C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe C:\Program Files\Common Files\Portrait Displays\Shared\DTSRVC.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Eset\nod32krn.exe C:\WINDOWS\system32\nvsvc32.exe C:\PROGRA~1\AVG\AVG8\avgam.exe C:\PROGRA~1\AVG\AVG8\avgrsx.exe C:\PROGRA~1\AVG\AVG8\avgnsx.exe C:\WINDOWS\system32\PnkBstrA.exe C:\WINDOWS\system32\PnkBstrB.exe C:\WINDOWS\system32\PSIService.exe C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe C:\WINDOWS\System32\PAStiSvc.exe C:\Program Files\Internet Explorer\iexplore.exe C:\WINDOWS\system32\svchost.exe C:\PROGRA~1\COMMON~1\PCSuite\DATALA~1\DATALA~1.EXE C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Windows Live\Contacts\wlcomm.exe C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe C:\Program Files\TrendMicro\HiJackThis\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.nl/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.nl/0SENLNL/SAOS01?FORM=TOOLBR R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen R3 - URLSearchHook: (no name) - *{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file) R3 - URLSearchHook: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O3 - Toolbar: AVG Security Toolbar - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll O4 - HKLM\..\Run: [amd_dc_opt] C:\Program Files\AMD\Dual-Core Optimizer\amd_dc_opt.exe O4 - HKLM\..\Run: [VTTimer] VTTimer.exe O4 - HKLM\..\Run: [S3Trayp] S3Trayp.exe O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE -startup O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [Graphic Update] C:\DOCUME~1\miklo\LOCALS~1\Temp\msnplus.exe O4 - HKLM\..\Run: [DT HPW] C:\Program Files\Portrait Displays\HP My Display\DTHtml.exe -startup_folder O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [WinSys2] C:\WINDOWS\system32\winsys2.exe O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe O4 - HKLM\..\Run: [Athan] C:\Program Files\Athan\Athan.exe O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [a-squared] "C:\Program Files\a-squared Anti-Malware\a2guard.exe" O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [FreeCall] "C:\Program Files\FreeCall.com\FreeCall\FreeCall.exe" -nosplash -minimized O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun O4 - HKCU\..\Run: [EA Core] "C:\Program Files\Electronic Arts\EADM\Core.exe" -silent O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Lokale service') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Netwerkservice') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Startup: 488DE0.lnk = C:\WINDOWS\system32\370B61\488DE0.EXE O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Open with WordPerfect - C:\Program Files\WordPerfect Office X3\Programs\WPLauncher.hta O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: (no name) - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - (no file) O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe (file missing) O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe (file missing) O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O15 - Trusted Zone: http://www.msi.com.tw O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} - http://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab O16 - DPF: {15B782AF-55D8-11D1-B477-006097098764} (Macromedia Authorware Web Player Control) - http://e-learning.lyreco.com/plugin/authorware/awswax65.cab O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab O16 - DPF: {41EF3CD2-D8CC-4438-84B1-280BB4E77C8E} (F5 Networks Dynamic Application Tunnel Control) - https://vpnportal.detelefoongids.nl/vdesk/terminal/f5tunsrv.cab#version=6020,2008,0212,2007 O16 - DPF: {45B69029-F3AB-4204-92DE-D5140C3E8E74} (F5 Networks Auto Update) - C:\DOCUME~1\miklo\LOCALS~1\Temp\IXP000.TMP\InstallerControl.cab O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/resources/MSNPUpld.cab O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - http://download.divx.com/player/DivXBrowserPlugin.cab O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} (Image Uploader Control) - http://cache.hyves-static.net/statics/Aurigma/ImageUploader4.cab O16 - DPF: {7E73BE8F-FD87-44EC-8E22-023D5FF960FF} (F5 Virtual Sandbox Class) - https://vpnportal.detelefoongids.nl/vdesk/terminal/vdeskctrl.cab#version=6020,2008,0212,2006 O16 - DPF: {8167C273-DF59-4416-B647-C8BB2C7EE83E} (WebSDev Control) - http://liveupdate.msi.com.tw/autobios/LOnline/install.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab O16 - DPF: {CC85ACDF-B277-486F-8C70-2C9B2ED2A4E7} (F5 Networks SuperHost Class) - https://vpnportal.detelefoongids.nl/vdesk/terminal/urxshost.cab#version=6020,2008,0212,2006 O16 - DPF: {E0FF21FA-B857-45C5-8621-F120A0C17FF2} (F5 Networks Host Control) - https://vpnportal.detelefoongids.nl/vdesk/terminal/urxhost.cab#version=6020,2008,0212,2005 O16 - DPF: {E8F628B5-259A-4734-97EE-BA914D7BE941} (Driver Agent ActiveX Control) - http://driveragent.com/files/driveragent.cab O16 - DPF: {F09BFD07-20B5-46D8-A6D5-BE4EF22F1F4D} (DGTx.uc1) - http://66.98.196.24/DGTx.CAB O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll O20 - Winlogon Notify: avgrsstarter - avgrsstx.dll (file missing) O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: a-squared Anti-Malware Service (a2AntiMalware) - Emsi Software GmbH - C:\Program Files\a-squared Anti-Malware\a2service.exe O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe O23 - Service: Portrait Displays Display Tune Service (DTSRVC) - Unknown owner - C:\Program Files\Common Files\Portrait Displays\Shared\DTSRVC.exe O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - C:\Program Files\MAGIX\Common\Database\bin\fbserver.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Planner voor Automatische LiveUpdate - Unknown owner - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe (file missing) O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe O23 - Service: ProtexisLicensing - Unknown owner - C:\WINDOWS\system32\PSIService.exe O23 - Service: ServiceLayer - Nokia. - C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe O23 - Service: STI Simulator - Unknown owner - C:\WINDOWS\System32\PAStiSvc.exe -- End of file - 14894 bytes Log A-sqaured: a-squared Anti-Malware - Versie 4.5 Laatste Update: 18/12/2009 13:01:51 Scan instellingen: Scan type: N/A Objecten: Geheugen, Sporen, Cookies, C:\ Scan archieven: Aan Heuristieken: Uit ADS Scan: Aan Scan starten: 18/12/2009 13:02:06 [964] C:\WINDOWS\system32\370B61\488DE0.EXE Ontdekt: Trojan-Dropper.Win32.Flystud!IK C:\DOCUME~1\miklo\LOCALS~1\Temp\E_N4\krnln.fnr Ontdekt: Trojan-PWS.Lineage!IK C:\DOCUME~1\miklo\LOCALS~1\Temp\E_N4\HtmlView.fne Ontdekt: HackTool.Win32.Patcher!IK C:\DOCUME~1\miklo\LOCALS~1\Temp\E_N4\shell.fne Ontdekt: Worm.SuspectCRC!IK C:\DOCUME~1\miklo\LOCALS~1\Temp\E_N4\dp1.fne Ontdekt: Trojan.Win32.Pakes!IK C:\DOCUME~1\miklo\LOCALS~1\Temp\E_N4\eAPI.fne Ontdekt: Worm.Generic!IK C:\DOCUME~1\miklo\LOCALS~1\Temp\E_N4\internet.fne Ontdekt: HackTool.Win32.Patcher!IK C:\DOCUME~1\miklo\LOCALS~1\Temp\E_N4\spec.fne Ontdekt: Win32.SuspectCrc!IK C:\DOCUME~1\miklo\LOCALS~1\Temp\E_N4\cnvpe.fne Ontdekt: Trojan.Peed!IK c:\program files\partygaming Ontdekt: Trace.Directory.PartyPoker!A2 c:\program files\partygaming\partycasino Ontdekt: Trace.Directory.PartyPoker!A2 c:\program files\partygaming\partycasino\language Ontdekt: Trace.Directory.PartyPoker!A2 c:\program files\partygaming\partycasino\language\en_us Ontdekt: Trace.Directory.PartyPoker!A2 c:\program files\partygaming\partycasino\language\en_us\images Ontdekt: Trace.Directory.PartyPoker!A2 c:\program files\partygaming\partycasino\language\en_us\images\games Ontdekt: Trace.Directory.PartyPoker!A2 c:\program files\partygaming\partycasino\language\en_us\images\games\cardgames Ontdekt: Trace.Directory.PartyPoker!A2 c:\program files\partygaming\partycasino\language\en_us\images\games\cardgames\blackjack Ontdekt: Trace.Directory.PartyPoker!A2 c:\program files\partygaming\partycasino\language\en_us\images\games\cardgames\blackjack\blackjack Ontdekt: Trace.Directory.PartyPoker!A2 c:\program files\partygaming\partycasino\language\en_us\images\games\cardgames\multiplayerbj Ontdekt: Trace.Directory.PartyPoker!A2 c:\program files\partygaming\partycasino\language\en_us\images\games\cardgames\multiplayerbj\multiplayerblackjack Ontdekt: Trace.Directory.PartyPoker!A2 c:\program files\partygaming\partypoker Ontdekt: Trace.Directory.PartyPoker!A2 c:\program files\partygaming\partypoker\images Ontdekt: Trace.Directory.PartyPoker!A2 c:\program files\partygaming\partypoker\language Ontdekt: Trace.Directory.PartyPoker!A2 c:\program files\partygaming\partypoker\language\en_us Ontdekt: Trace.Directory.PartyPoker!A2 c:\program files\partygaming\partypoker\language\en_us\articles Ontdekt: Trace.Directory.PartyPoker!A2 c:\program files\partygaming\partypoker\language\en_us\images Ontdekt: Trace.Directory.PartyPoker!A2 Value: HKEY_CLASSES_ROOT\CLSID\{3EA4FA88-E0BE-419A-A732-9B79B87A6ED0} --> AppID Ontdekt: Trace.Registry.dl.tvunetworks.com!A2 Value: HKEY_CLASSES_ROOT\CLSID\{3EA4FA88-E0BE-419A-A732-9B79B87A6ED0}\InprocServer32 --> ThreadingModel Ontdekt: Trace.Registry.dl.tvunetworks.com!A2 Value: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3EA4FA88-E0BE-419A-A732-9B79B87A6ED0} --> AppID Ontdekt: Trace.Registry.dl.tvunetworks.com!A2 Value: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3EA4FA88-E0BE-419A-A732-9B79B87A6ED0}\InprocServer32 --> ThreadingModel Ontdekt: Trace.Registry.dl.tvunetworks.com!A2 Key: HKEY_LOCAL_MACHINE\software\Classes\AskTBar.PopSwatterBarButton Ontdekt: Trace.Registry.AskTBar!A2 Key: HKEY_LOCAL_MACHINE\software\Classes\AskTBar.PopSwatterBarButton.1 Ontdekt: Trace.Registry.AskTBar!A2 Key: HKEY_LOCAL_MACHINE\software\Classes\AskTBar.PopSwatterSettingsControl Ontdekt: Trace.Registry.AskTBar!A2 Key: HKEY_LOCAL_MACHINE\software\Classes\AskTBar.PopSwatterSettingsControl.1 Ontdekt: Trace.Registry.AskTBar!A2 Key: HKEY_LOCAL_MACHINE\software\Classes\CLSID\{09BD51AE-7E02-4916-9B12-647A92C02B7F} Ontdekt: Trace.Registry.AskTBar!A2 Key: HKEY_LOCAL_MACHINE\software\Classes\CLSID\{72FE8681-0BFA-471b-9B2A-B37ED68DD09E} Ontdekt: Trace.Registry.AskTBar!A2 Key: HKEY_LOCAL_MACHINE\software\Classes\CLSID\{83453071-3F9C-4ab0-BE30-EDA368D7976D} Ontdekt: Trace.Registry.AskTBar!A2 Key: HKEY_LOCAL_MACHINE\software\Classes\CLSID\{BD04DAE2-8C1B-4cc5-9E06-22DE05C2EDA0} Ontdekt: Trace.Registry.AskTBar!A2 Key: HKEY_LOCAL_MACHINE\software\Classes\IMsiDe1egate.Application.1 Ontdekt: Trace.Registry.AskTBar!A2 Key: HKEY_LOCAL_MACHINE\software\Classes\Interface\{83453070-3F9C-4AB0-BE30-EDA368D7976D} Ontdekt: Trace.Registry.AskTBar!A2 Key: HKEY_LOCAL_MACHINE\software\Classes\Interface\{FE063DBA-4EC0-403E-8DD8-394C54984B2C} Ontdekt: Trace.Registry.AskTBar!A2 Key: HKEY_LOCAL_MACHINE\software\Classes\TypeLib\{BD04DAE0-8C1B-4CC5-9E06-22DE05C2EDA0} Ontdekt: Trace.Registry.AskTBar!A2 Key: HKEY_LOCAL_MACHINE\software\Classes\TypeLib\{FE063DB0-4EC0-403E-8DD8-394C54984B2C} Ontdekt: Trace.Registry.AskTBar!A2 Key: HKEY_LOCAL_MACHINE\software\microsoft\Windows\CurrentVersion\Ext\PreApproved\{83453071-3F9C-4ab0-BE30-EDA368D7976D} Ontdekt: Trace.Registry.AskTBar!A2 Key: HKEY_LOCAL_MACHINE\software\microsoft\Windows\CurrentVersion\Ext\PreApproved\{FE063DBB-4EC0-403e-8DD8-394C54984B2C} Ontdekt: Trace.Registry.AskTBar!A2 Key: HKEY_USERS\S-1-5-21-527237240-2025429265-682003330-1003\software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FE063DB1-4EC0-403E-8DD8-394C54984B2C} Ontdekt: Trace.Registry.AskTBar!A2 Key: HKEY_USERS\S-1-5-21-527237240-2025429265-682003330-1003\software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FE063DB9-4EC0-403E-8DD8-394C54984B2C} Ontdekt: Trace.Registry.AskTBar!A2 c:\program files\partygaming\partycasino\gra.ini Ontdekt: Trace.File.PartyPoker!A2 c:\program files\partygaming\partycasino\partycasino.dll Ontdekt: Trace.File.PartyPoker!A2 c:\program files\partygaming\partycasino\sys.ini Ontdekt: Trace.File.PartyPoker!A2 c:\program files\partygaming\partypoker\language\en_us\articles\2.html Ontdekt: Trace.File.PartyPoker!A2 c:\program files\partygaming\partypoker\language\en_us\articles\4.html Ontdekt: Trace.File.PartyPoker!A2 c:\program files\partygaming\partypoker\language\en_us\articles\54708.html Ontdekt: Trace.File.PartyPoker!A2 c:\program files\partygaming\partypoker\usertab.txt Ontdekt: Trace.File.PartyPoker!A2 c:\windows\system32\configurescr.exe Ontdekt: Trace.File.Happy Happy Halloween Screen Saver!A2 c:\windows\system32\removescr.exe Ontdekt: Trace.File.Happy Happy Halloween Screen Saver!A2 Value: HKEY_USERS\S-1-5-21-527237240-2025429265-682003330-1003\Software\PartyGaming\PartyPoker --> 1 Ontdekt: Trace.Registry.PartyPoker!A2 Value: HKEY_USERS\S-1-5-21-527237240-2025429265-682003330-1003\Software\PartyGaming\PartyPoker --> 10 Ontdekt: Trace.Registry.PartyPoker!A2 Value: HKEY_USERS\S-1-5-21-527237240-2025429265-682003330-1003\Software\PartyGaming\PartyPoker --> 2 Ontdekt: Trace.Registry.PartyPoker!A2 Value: HKEY_USERS\S-1-5-21-527237240-2025429265-682003330-1003\Software\PartyGaming\PartyPoker --> 4 Ontdekt: Trace.Registry.PartyPoker!A2 Value: HKEY_USERS\S-1-5-21-527237240-2025429265-682003330-1003\Software\PartyGaming\PartyPoker --> 5 Ontdekt: Trace.Registry.PartyPoker!A2 Value: HKEY_USERS\S-1-5-21-527237240-2025429265-682003330-1003\Software\PartyGaming\PartyPoker --> 6 Ontdekt: Trace.Registry.PartyPoker!A2 Value: HKEY_USERS\S-1-5-21-527237240-2025429265-682003330-1003\Software\PartyGaming\PartyPoker --> 7 Ontdekt: Trace.Registry.PartyPoker!A2 Value: HKEY_USERS\S-1-5-21-527237240-2025429265-682003330-1003\Software\PartyGaming\PartyPoker --> 9 Ontdekt: Trace.Registry.PartyPoker!A2 Value: HKEY_USERS\S-1-5-21-527237240-2025429265-682003330-1003\Software\PartyGaming\PartyPoker --> AdsLastKnownState Ontdekt: Trace.Registry.PartyPoker!A2 Value: HKEY_USERS\S-1-5-21-527237240-2025429265-682003330-1003\Software\PartyGaming\PartyPoker --> AppPath Ontdekt: Trace.Registry.PartyPoker!A2 Value: HKEY_USERS\S-1-5-21-527237240-2025429265-682003330-1003\Software\PartyGaming\PartyPoker --> BlackjackSounds Ontdekt: Trace.Registry.PartyPoker!A2 Value: HKEY_USERS\S-1-5-21-527237240-2025429265-682003330-1003\Software\PartyGaming\PartyPoker --> BlackjackVoice Ontdekt: Trace.Registry.PartyPoker!A2 Value: HKEY_USERS\S-1-5-21-527237240-2025429265-682003330-1003\Software\PartyGaming\PartyPoker --> DisableCharacters Ontdekt: Trace.Registry.PartyPoker!A2 Value: HKEY_USERS\S-1-5-21-527237240-2025429265-682003330-1003\Software\PartyGaming\PartyPoker --> DisableMouseHelp Ontdekt: Trace.Registry.PartyPoker!A2 Value: HKEY_USERS\S-1-5-21-527237240-2025429265-682003330-1003\Software\PartyGaming\PartyPoker --> EnableCallOuts Ontdekt: Trace.Registry.PartyPoker!A2 Value: HKEY_USERS\S-1-5-21-527237240-2025429265-682003330-1003\Software\PartyGaming\PartyPoker --> EnableCardAnimations Ontdekt: Trace.Registry.PartyPoker!A2 Value: HKEY_USERS\S-1-5-21-527237240-2025429265-682003330-1003\Software\PartyGaming\PartyPoker --> EnableCongratulations Ontdekt: Trace.Registry.PartyPoker!A2 Value: HKEY_USERS\S-1-5-21-527237240-2025429265-682003330-1003\Software\PartyGaming\PartyPoker --> EnableSounds Ontdekt: Trace.Registry.PartyPoker!A2 Value: HKEY_USERS\S-1-5-21-527237240-2025429265-682003330-1003\Software\PartyGaming\PartyPoker --> FourColourDeck Ontdekt: Trace.Registry.PartyPoker!A2 Value: HKEY_USERS\S-1-5-21-527237240-2025429265-682003330-1003\Software\PartyGaming\PartyPoker --> HHEnableLog Ontdekt: Trace.Registry.PartyPoker!A2 Value: HKEY_USERS\S-1-5-21-527237240-2025429265-682003330-1003\Software\PartyGaming\PartyPoker --> HHLogDays Ontdekt: Trace.Registry.PartyPoker!A2 Value: HKEY_USERS\S-1-5-21-527237240-2025429265-682003330-1003\Software\PartyGaming\PartyPoker --> HHLogSize Ontdekt: Trace.Registry.PartyPoker!A2 Value: HKEY_USERS\S-1-5-21-527237240-2025429265-682003330-1003\Software\PartyGaming\PartyPoker --> id Ontdekt: Trace.Registry.PartyPoker!A2 Value: HKEY_USERS\S-1-5-21-527237240-2025429265-682003330-1003\Software\PartyGaming\PartyPoker --> InitialPort Ontdekt: Trace.Registry.PartyPoker!A2 Value: HKEY_USERS\S-1-5-21-527237240-2025429265-682003330-1003\Software\PartyGaming\PartyPoker --> InstallState Ontdekt: Trace.Registry.PartyPoker!A2 Value: HKEY_USERS\S-1-5-21-527237240-2025429265-682003330-1003\Software\PartyGaming\PartyPoker --> MuckLosingHand Ontdekt: Trace.Registry.PartyPoker!A2 Value: HKEY_USERS\S-1-5-21-527237240-2025429265-682003330-1003\Software\PartyGaming\PartyPoker --> SearchHiding Ontdekt: Trace.Registry.PartyPoker!A2 Value: HKEY_USERS\S-1-5-21-527237240-2025429265-682003330-1003\Software\PartyGaming\PartyPoker --> SL Ontdekt: Trace.Registry.PartyPoker!A2 Value: HKEY_USERS\S-1-5-21-527237240-2025429265-682003330-1003\Software\PartyGaming\PartyPoker --> TableType Ontdekt: Trace.Registry.PartyPoker!A2 Value: HKEY_USERS\S-1-5-21-527237240-2025429265-682003330-1003\Software\PartyGaming\PartyPoker --> useCount Ontdekt: Trace.Registry.PartyPoker!A2 Value: HKEY_USERS\S-1-5-21-527237240-2025429265-682003330-1003\Software\PartyGaming --> AutoLoginToOtherGames Ontdekt: Trace.Registry.PartyPoker!A2 Value: HKEY_USERS\S-1-5-21-527237240-2025429265-682003330-1003\Software\PartyGaming --> CFDialogShown Ontdekt: Trace.Registry.PartyPoker!A2 Value: HKEY_USERS\S-1-5-21-527237240-2025429265-682003330-1003\Software\PartyGaming --> FreshInstall Ontdekt: Trace.Registry.PartyPoker!A2 Value: HKEY_USERS\S-1-5-21-527237240-2025429265-682003330-1003\Software\PartyGaming --> OldCFformat Ontdekt: Trace.Registry.PartyPoker!A2 Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} --> ButtonText Ontdekt: Trace.Registry.PartyPoker!A2 Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} --> CLSID Ontdekt: Trace.Registry.PartyPoker!A2 Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} --> Default Visible Ontdekt: Trace.Registry.PartyPoker!A2 Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} --> Exec Ontdekt: Trace.Registry.PartyPoker!A2 Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} --> HotIcon Ontdekt: Trace.Registry.PartyPoker!A2 Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} --> Icon Ontdekt: Trace.Registry.PartyPoker!A2 Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} --> MenuStatusBar Ontdekt: Trace.Registry.PartyPoker!A2 Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} --> MenuText Ontdekt: Trace.Registry.PartyPoker!A2 Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} --> Path Ontdekt: Trace.Registry.PartyPoker!A2 C:\Documents and Settings\miklo\Cookies\miklo@metriweb[1].txt Ontdekt: Trace.TrackingCookie.metriweb!A2 C:\Documents and Settings\miklo\Cookies\miklo@stat.onestat[2].txt Ontdekt: Trace.TrackingCookie.stat.onestat!A2 C:\Documents and Settings\miklo\Local Settings\Temp\E_N4\cnvpe.fne Ontdekt: Trojan.Peed!IK C:\Documents and Settings\miklo\Local Settings\Temp\E_N4\dp1.fne Ontdekt: Trojan.Win32.Pakes!IK C:\Documents and Settings\miklo\Local Settings\Temp\E_N4\eAPI.fne Ontdekt: Worm.Generic!IK C:\Documents and Settings\miklo\Local Settings\Temp\E_N4\HtmlView.fne Ontdekt: HackTool.Win32.Patcher!IK C:\Documents and Settings\miklo\Local Settings\Temp\E_N4\internet.fne Ontdekt: HackTool.Win32.Patcher!IK C:\Documents and Settings\miklo\Local Settings\Temp\E_N4\krnln.fnr Ontdekt: Trojan-PWS.Lineage!IK C:\Documents and Settings\miklo\Local Settings\Temp\E_N4\shell.fne Ontdekt: Worm.SuspectCRC!IK C:\Documents and Settings\miklo\Local Settings\Temp\E_N4\spec.fne Ontdekt: Win32.SuspectCrc!IK C:\System Volume Information\_restore{A0586B10-2657-4F09-A9B5-9D089CCC23ED}\RP627\A0111859.exe Ontdekt: Riskware.Crack.Sim3!IK C:\System Volume Information\_restore{A0586B10-2657-4F09-A9B5-9D089CCC23ED}\RP627\A0111862.exe Ontdekt: Riskware.Crack.Sim3!IK C:\System Volume Information\_restore{A0586B10-2657-4F09-A9B5-9D089CCC23ED}\RP641\A0114965.DLL Ontdekt: Riskware.AdTool.Win32.MyWebSearch.az!A2 C:\System Volume Information\_restore{A0586B10-2657-4F09-A9B5-9D089CCC23ED}\RP641\A0114966.DLL Ontdekt: Adware.Win32.AskTBar!A2 C:\WINDOWS\system32\370B61\488DE0.EXE Ontdekt: Trojan-Dropper.Win32.Flystud!IK C:\WINDOWS\system32\6510BA\cnvpe.fne Ontdekt: Trojan.Peed!IK C:\WINDOWS\system32\6510BA\dp1.fne Ontdekt: Trojan.Win32.Pakes!IK C:\WINDOWS\system32\6510BA\eAPI.fne Ontdekt: Worm.Generic!IK C:\WINDOWS\system32\6510BA\HtmlView.fne Ontdekt: HackTool.Win32.Patcher!IK C:\WINDOWS\system32\6510BA\internet.fne Ontdekt: HackTool.Win32.Patcher!IK C:\WINDOWS\system32\6510BA\krnln.fnr Ontdekt: Trojan-PWS.Lineage!IK C:\WINDOWS\system32\6510BA\RegEx.fnr Ontdekt: Trojan.Win32.AutoRun!IK C:\WINDOWS\system32\6510BA\shell.fne Ontdekt: Worm.SuspectCRC!IK C:\WINDOWS\system32\6510BA\spec.fne Ontdekt: Win32.SuspectCrc!IK Gescand Bestanden: 211187 Avg staat er nog op moet ik die nu verwijderen??
  • Unistall list Hijack: 2007 Microsoft Office Suite Service Pack 1 (SP1) 2007 Microsoft Office Suite Service Pack 1 (SP1) 2007 Microsoft Office Suite Service Pack 1 (SP1) 2007 Microsoft Office Suite Service Pack 1 (SP1) 2007 Microsoft Office Suite Service Pack 1 (SP1) 2007 Microsoft Office Suite Service Pack 1 (SP1) 2007 Microsoft Office Suite Service Pack 1 (SP1) 2007 Microsoft Office Suite Service Pack 1 (SP1) 2007 Microsoft Office Suite Service Pack 1 (SP1) 2007 Microsoft Office Suite Service Pack 1 (SP1) 2007 Microsoft Office Suite Service Pack 1 (SP1) 2007 Microsoft Office Suite Service Pack 1 (SP1) 2007 Microsoft Office Suite Service Pack 1 (SP1) 2007 Microsoft Office Suite Service Pack 1 (SP1) 2007 Microsoft Office Suite Service Pack 1 (SP1) 2007 Microsoft Office Suite Service Pack 1 (SP1) 2007 Microsoft Office Suite Service Pack 1 (SP1) Adobe Flash Player 10 ActiveX Adobe Flash Player 10 Plugin Adobe Reader 9 - Nederlands Apple Mobile Device Support Apple Software Update a-squared Anti-Malware 4.5 Athan Basic 3.6 AVG 8.5
  • Nod32 is verwijderd volgens mij gewoon via software en dan uninstall.
  • Wel, heb je al besloten welke antivirus je nu gaat gebruiken, want AVG is ook verminkt, wat ook niet moeilijk is met dat antivirusprogramma! Verder blijkt, dat je al eerder een crack/dan wel keygen hebt gebruikt. Ik joop dat het je inmiddels duidelijk is, dat juist deze tools ervoor zorgen, dat je Windows geïnfecteerd raakt, welke antivirus je ook gebruikt! Start HijackThis opnieuw en kies voor [b:93cd3059ed]Scan only[/b:93cd3059ed], nadat je een vinkje hebt gezet voor de met de onderstaand corresponderende regels, klik je vervolgens op de knop [b:93cd3059ed]Fix checked[/b:93cd3059ed]: O9 - Extra button: (no name) - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - (no file) O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe (file missing) O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe (file missing) O16 - DPF: {45B69029-F3AB-4204-92DE-D5140C3E8E74} (F5 Networks Auto Update) - C:\DOCUME~1\miklo\LOCALS~1\Temp\IXP000.TMP\InstallerControl.cab O20 - Winlogon Notify: avgrsstarter - avgrsstx.dll (file missing) klik tevens op de knop [b:93cd3059ed]Open the Misc Tools section[/b:93cd3059ed], dan op de knop [b:93cd3059ed]Delete a file upon reboot[/b:93cd3059ed]; navigeer dan C:\Program Files\Eset en klik in die map op [b:93cd3059ed]nod32krn.exe[/b:93cd3059ed] Herstart dus je computer! Vervolgens ga je naar Start/Uitvoeren en typ je [b:93cd3059ed]services.msc[/b:93cd3059ed] In het venster Services ga je op zoek naar de Eset-vermeldingen! Telkens erop dubbelklikken en bij Opstarttype kiezen voor Uitgeschakeld. Dit telkens bevestigen met Toepassen en OK. Herstart weer je PC en verwijder daarna in Program Files de map Eset! Gebruik het AVG verwijdertool: http://www.avg.com/nl-nl/download-tools Post na al het bovenstaande gedaan te hebben een nieuw HJT-log!
  • Ik heb avg verwijderd en rest ook heb nu Avira en Zonealarm geinstaleerd. Log hjt; ogfile of Trend Micro HijackThis v2.0.3 (BETA) Scan saved at 16:39:34, on 18/12/2009 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\ZoneLabs\vsmon.exe C:\WINDOWS\Explorer.EXE C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Avira\AntiVir Desktop\sched.exe C:\Program Files\CheckPoint\ZAForceField\ForceField.exe C:\Program Files\a-squared Anti-Malware\a2service.exe C:\Program Files\Avira\AntiVir Desktop\avguard.exe C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program Files\Common Files\Portrait Displays\Shared\DTSRVC.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\PnkBstrA.exe C:\WINDOWS\system32\PnkBstrB.exe C:\WINDOWS\system32\PSIService.exe C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe C:\WINDOWS\System32\PAStiSvc.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\wuauclt.exe C:\WINDOWS\system32\VTTimer.exe C:\WINDOWS\RTHDCPL.EXE C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE C:\Program Files\HP\HP Software Update\HPWuSchd2.exe C:\Program Files\Portrait Displays\HP My Display\DTHtml.exe C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe C:\Program Files\Common Files\Portrait Displays\Shared\HookManager.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe C:\Program Files\Athan\Athan.exe C:\Program Files\Common Files\Real\Update_OB\realsched.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\Program Files\Avira\AntiVir Desktop\avgnt.exe C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe C:\Program Files\DAEMON Tools Lite\daemon.exe C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\PROGRA~1\COMMON~1\PCSuite\DATALA~1\DATALA~1.EXE C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe C:\Program Files\Windows Live\Contacts\wlcomm.exe C:\Program Files\TrendMicro\HiJackThis\HiJackThis.exe C:\WINDOWS\system32\HPZipm12.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.nl/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.nl/0SENLNL/SAOS01?FORM=TOOLBR R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: ZoneAlarm Toolbar Registrar - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll O3 - Toolbar: ZoneAlarm Toolbar - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll O4 - HKLM\..\Run: [amd_dc_opt] C:\Program Files\AMD\Dual-Core Optimizer\amd_dc_opt.exe O4 - HKLM\..\Run: [VTTimer] VTTimer.exe O4 - HKLM\..\Run: [S3Trayp] S3Trayp.exe O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE -startup O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [Graphic Update] C:\DOCUME~1\miklo\LOCALS~1\Temp\msnplus.exe O4 - HKLM\..\Run: [DT HPW] C:\Program Files\Portrait Displays\HP My Display\DTHtml.exe -startup_folder O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [WinSys2] C:\WINDOWS\system32\winsys2.exe O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [Athan] C:\Program Files\Athan\Athan.exe O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [a-squared] "C:\Program Files\a-squared Anti-Malware\a2guard.exe" O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" O4 - HKLM\..\Run: [ISW] "C:\Program Files\CheckPoint\ZAForceField\ForceField.exe" /icon="hidden" O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [FreeCall] "C:\Program Files\FreeCall.com\FreeCall\FreeCall.exe" -nosplash -minimized O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun O4 - HKCU\..\Run: [EA Core] "C:\Program Files\Electronic Arts\EADM\Core.exe" -silent O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Lokale service') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Netwerkservice') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Startup: 488DE0.lnk = C:\WINDOWS\system32\370B61\488DE0.EXE O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Open with WordPerfect - C:\Program Files\WordPerfect Office X3\Programs\WPLauncher.hta O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O15 - Trusted Zone: http://www.msi.com.tw O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} - http://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab O16 - DPF: {15B782AF-55D8-11D1-B477-006097098764} (Macromedia Authorware Web Player Control) - http://e-learning.lyreco.com/plugin/authorware/awswax65.cab O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab O16 - DPF: {41EF3CD2-D8CC-4438-84B1-280BB4E77C8E} (F5 Networks Dynamic Application Tunnel Control) - https://vpnportal.detelefoongids.nl/vdesk/terminal/f5tunsrv.cab#version=6020,2008,0212,2007 O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/resources/MSNPUpld.cab O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - http://download.divx.com/player/DivXBrowserPlugin.cab O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} (Image Uploader Control) - http://cache.hyves-static.net/statics/Aurigma/ImageUploader4.cab O16 - DPF: {7E73BE8F-FD87-44EC-8E22-023D5FF960FF} (F5 Virtual Sandbox Class) - https://vpnportal.detelefoongids.nl/vdesk/terminal/vdeskctrl.cab#version=6020,2008,0212,2006 O16 - DPF: {8167C273-DF59-4416-B647-C8BB2C7EE83E} (WebSDev Control) - http://liveupdate.msi.com.tw/autobios/LOnline/install.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab O16 - DPF: {CC85ACDF-B277-486F-8C70-2C9B2ED2A4E7} (F5 Networks SuperHost Class) - https://vpnportal.detelefoongids.nl/vdesk/terminal/urxshost.cab#version=6020,2008,0212,2006 O16 - DPF: {E0FF21FA-B857-45C5-8621-F120A0C17FF2} (F5 Networks Host Control) - https://vpnportal.detelefoongids.nl/vdesk/terminal/urxhost.cab#version=6020,2008,0212,2005 O16 - DPF: {E8F628B5-259A-4734-97EE-BA914D7BE941} (Driver Agent ActiveX Control) - http://driveragent.com/files/driveragent.cab O16 - DPF: {F09BFD07-20B5-46D8-A6D5-BE4EF22F1F4D} (DGTx.uc1) - http://66.98.196.24/DGTx.CAB O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: a-squared Anti-Malware Service (a2AntiMalware) - Emsi Software GmbH - C:\Program Files\a-squared Anti-Malware\a2service.exe O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Portrait Displays Display Tune Service (DTSRVC) - Unknown owner - C:\Program Files\Common Files\Portrait Displays\Shared\DTSRVC.exe O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - C:\Program Files\MAGIX\Common\Database\bin\fbserver.exe O23 - Service: ZoneAlarm Toolbar IswSvc (IswSvc) - Check Point Software Technologies - C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Planner voor Automatische LiveUpdate - Unknown owner - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe (file missing) O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe O23 - Service: ProtexisLicensing - Unknown owner - C:\WINDOWS\system32\PSIService.exe O23 - Service: ServiceLayer - Nokia. - C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe O23 - Service: STI Simulator - Unknown owner - C:\WINDOWS\System32\PAStiSvc.exe O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\WINDOWS\system32\ZoneLabs\vsmon.exe -- End of file - 14633 bytes
  • Hallo miklo3000, het begint er nu waarlijk goed uit te zien! Ik neem aan, dat je PC inmiddels ook sneller is geworden? Start HijackThis opnieuw en kies voor [b:c8a23caa99]Scan only[/b:c8a23caa99], nadat je een vinkje hebt gezet voor de met de onderstaand corresponderende regel, klik je vervolgens op de knop [b:c8a23caa99]Fix checked[/b:c8a23caa99]: O4 - HKLM\..\Run: [Graphic Update] C:\DOCUME~1\miklo\LOCALS~1\Temp\msnplus.exe Start Avira op en laat Aviira je hele systeem scannen en post dan het log daarvan!
  • Heb het bestandje in Hjy verwijderd nadat avira liep . Avira AntiVir Personal Report file date: vrijdag 18 december 2009 17:11 Scanning for 1456781 virus strains and unwanted programs. Licensee : Avira AntiVir Personal - FREE Antivirus Serial number : 0000149996-ADJIE-0000001 Platform : Windows XP Windows version : (Service Pack 3) [5.1.2600] Boot mode : Normally booted Username : SYSTEM Computer name : KABOUTER-0E4FC1 Version information: BUILD.DAT : 9.0.0.418 21723 Bytes 02/12/2009 16:28:00 AVSCAN.EXE : 9.0.3.10 466689 Bytes 13/10/2009 10:26:33 AVSCAN.DLL : 9.0.3.0 40705 Bytes 27/02/2009 09:58:24 LUKE.DLL : 9.0.3.2 209665 Bytes 20/02/2009 10:35:49 LUKERES.DLL : 9.0.2.0 12033 Bytes 27/02/2009 09:58:52 VBASE000.VDF : 7.10.0.0 19875328 Bytes 06/11/2009 06:35:52 VBASE001.VDF : 7.10.1.0 1372672 Bytes 19/11/2009 14:59:29 VBASE002.VDF : 7.10.1.1 2048 Bytes 19/11/2009 14:59:29 VBASE003.VDF : 7.10.1.2 2048 Bytes 19/11/2009 14:59:29 VBASE004.VDF : 7.10.1.3 2048 Bytes 19/11/2009 14:59:29 VBASE005.VDF : 7.10.1.4 2048 Bytes 19/11/2009 14:59:29 VBASE006.VDF : 7.10.1.5 2048 Bytes 19/11/2009 14:59:29 VBASE007.VDF : 7.10.1.6 2048 Bytes 19/11/2009 14:59:29 VBASE008.VDF : 7.10.1.7 2048 Bytes 19/11/2009 14:59:29 VBASE009.VDF : 7.10.1.8 2048 Bytes 19/11/2009 14:59:29 VBASE010.VDF : 7.10.1.9 2048 Bytes 19/11/2009 14:59:29 VBASE011.VDF : 7.10.1.10 2048 Bytes 19/11/2009 14:59:29 VBASE012.VDF : 7.10.1.11 2048 Bytes 19/11/2009 14:59:29 VBASE013.VDF : 7.10.1.79 209920 Bytes 25/11/2009 14:59:29 VBASE014.VDF : 7.10.1.128 197632 Bytes 30/11/2009 14:59:30 VBASE015.VDF : 7.10.1.178 195584 Bytes 07/12/2009 14:59:30 VBASE016.VDF : 7.10.1.224 183296 Bytes 14/12/2009 14:59:30 VBASE017.VDF : 7.10.1.247 182272 Bytes 15/12/2009 14:59:30 VBASE018.VDF : 7.10.1.248 2048 Bytes 15/12/2009 14:59:30 VBASE019.VDF : 7.10.1.249 2048 Bytes 15/12/2009 14:59:30 VBASE020.VDF : 7.10.1.250 2048 Bytes 15/12/2009 14:59:30 VBASE021.VDF : 7.10.1.251 2048 Bytes 15/12/2009 14:59:30 VBASE022.VDF : 7.10.1.252 2048 Bytes 15/12/2009 14:59:30 VBASE023.VDF : 7.10.1.253 2048 Bytes 15/12/2009 14:59:30 VBASE024.VDF : 7.10.1.254 2048 Bytes 15/12/2009 14:59:30 VBASE025.VDF : 7.10.1.255 2048 Bytes 15/12/2009 14:59:30 VBASE026.VDF : 7.10.2.0 2048 Bytes 15/12/2009 14:59:31 VBASE027.VDF : 7.10.2.1 2048 Bytes 15/12/2009 14:59:31 VBASE028.VDF : 7.10.2.2 2048 Bytes 15/12/2009 14:59:31 VBASE029.VDF : 7.10.2.3 2048 Bytes 15/12/2009 14:59:31 VBASE030.VDF : 7.10.2.4 2048 Bytes 15/12/2009 14:59:31 VBASE031.VDF : 7.10.2.20 155136 Bytes 18/12/2009 14:59:31 Engineversion : 8.2.1.114 AEVDF.DLL : 8.1.1.2 106867 Bytes 08/11/2009 06:38:52 AESCRIPT.DLL : 8.1.3.3 586106 Bytes 18/12/2009 14:59:33 AESCN.DLL : 8.1.3.0 127348 Bytes 18/12/2009 14:59:33 AESBX.DLL : 8.1.1.1 246132 Bytes 08/11/2009 06:38:44 AERDL.DLL : 8.1.3.4 479605 Bytes 18/12/2009 14:59:32 AEPACK.DLL : 8.2.0.3 422261 Bytes 08/11/2009 06:38:40 AEOFFICE.DLL : 8.1.0.38 196987 Bytes 08/11/2009 06:38:38 AEHEUR.DLL : 8.1.0.186 2183544 Bytes 18/12/2009 14:59:32 AEHELP.DLL : 8.1.9.0 237943 Bytes 18/12/2009 14:59:31 AEGEN.DLL : 8.1.1.81 369014 Bytes 18/12/2009 14:59:31 AEEMU.DLL : 8.1.1.0 393587 Bytes 08/11/2009 06:38:26 AECORE.DLL : 8.1.9.1 180598 Bytes 18/12/2009 14:59:31 AEBB.DLL : 8.1.0.3 53618 Bytes 08/11/2009 06:38:20 AVWINLL.DLL : 9.0.0.3 18177 Bytes 12/12/2008 07:47:59 AVPREF.DLL : 9.0.3.0 44289 Bytes 26/08/2009 14:14:02 AVREP.DLL : 8.0.0.3 155905 Bytes 20/01/2009 13:34:28 AVREG.DLL : 9.0.0.0 36609 Bytes 05/12/2008 09:32:09 AVARKT.DLL : 9.0.0.3 292609 Bytes 24/03/2009 14:05:41 AVEVTLOG.DLL : 9.0.0.7 167169 Bytes 30/01/2009 09:37:08 SQLITE3.DLL : 3.6.1.0 326401 Bytes 28/01/2009 14:03:49 SMTPLIB.DLL : 9.2.0.25 28417 Bytes 02/02/2009 07:21:33 NETNT.DLL : 9.0.0.0 11521 Bytes 05/12/2008 09:32:10 RCIMAGE.DLL : 9.0.0.25 2438913 Bytes 15/05/2009 14:39:58 RCTEXT.DLL : 9.0.73.0 86785 Bytes 13/10/2009 11:25:47 Configuration settings for the scan: Jobname.............................: Complete system scan Configuration file..................: c:\program files\avira\antivir desktop\sysscan.avp Logging.............................: low Primary action......................: interactive Secondary action....................: ignore Scan master boot sector.............: on Scan boot sector....................: on Boot sectors........................: C:, Process scan........................: on Scan registry.......................: on Search for rootkits.................: on Integrity checking of system files..: off Scan all files......................: All files Scan archives.......................: on Recursion depth.....................: 20 Smart extensions....................: on Macro heuristic.....................: on File heuristic......................: medium Deviating risk categories...........: +JOKE,+PCK,+PFS, Start of the scan: vrijdag 18 december 2009 17:11 Starting search for hidden objects. '94402' objects were checked, '0' hidden objects were found. The scan of running processes will be started Scan process 'avscan.exe' - '1' Module(s) have been scanned Scan process 'avcenter.exe' - '1' Module(s) have been scanned Scan process 'wlcomm.exe' - '1' Module(s) have been scanned Scan process 'hpqste08.exe' - '1' Module(s) have been scanned Scan process 'DATALA~1.EXE' - '1' Module(s) have been scanned Scan process 'hpqtra08.exe' - '1' Module(s) have been scanned Scan process 'TeaTimer.exe' - '1' Module(s) have been scanned Scan process 'daemon.exe' - '1' Module(s) have been scanned Scan process 'msnmsgr.exe' - '1' Module(s) have been scanned Scan process 'ctfmon.exe' - '1' Module(s) have been scanned Scan process 'zlclient.exe' - '0' Module(s) have been scanned Scan process 'avgnt.exe' - '1' Module(s) have been scanned Scan process 'jusched.exe' - '1' Module(s) have been scanned Scan process 'realsched.exe' - '1' Module(s) have been scanned Scan process 'Athan.exe' - '1' Module(s) have been scanned Scan process 'ServiceLayer.exe' - '1' Module(s) have been scanned Scan process 'HookManager.exe' - '1' Module(s) have been scanned Scan process 'rundll32.exe' - '1' Module(s) have been scanned Scan process 'GrooveMonitor.exe' - '1' Module(s) have been scanned Scan process 'dthtml.exe' - '1' Module(s) have been scanned Scan process 'hpwuSchd2.exe' - '1' Module(s) have been scanned Scan process 'LAUNCH~1.EXE' - '1' Module(s) have been scanned Scan process 'RTHDCPL.exe' - '1' Module(s) have been scanned Scan process 'VTTimer.exe' - '1' Module(s) have been scanned Scan process 'alg.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'PAStiSvc.exe' - '1' Module(s) have been scanned Scan process 'SeaPort.exe' - '1' Module(s) have been scanned Scan process 'PSIService.exe' - '1' Module(s) have been scanned Scan process 'PnkBstrB.exe' - '1' Module(s) have been scanned Scan process 'PnkBstrA.exe' - '1' Module(s) have been scanned Scan process 'nvsvc32.exe' - '1' Module(s) have been scanned Scan process 'jqs.exe' - '1' Module(s) have been scanned Scan process 'DTSRVC.exe' - '1' Module(s) have been scanned Scan process 'AppleMobileDeviceService.exe' - '1' Module(s) have been scanned Scan process 'avguard.exe' - '1' Module(s) have been scanned Scan process 'a2service.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'ForceField.exe' - '1' Module(s) have been scanned Scan process 'sched.exe' - '1' Module(s) have been scanned Scan process 'spoolsv.exe' - '1' Module(s) have been scanned Scan process 'ISWSVC.exe' - '1' Module(s) have been scanned Scan process 'explorer.exe' - '1' Module(s) have been scanned Scan process 'vsmon.exe' - '0' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'lsass.exe' - '1' Module(s) have been scanned Scan process 'services.exe' - '1' Module(s) have been scanned Scan process 'winlogon.exe' - '1' Module(s) have been scanned Scan process 'csrss.exe' - '1' Module(s) have been scanned Scan process 'smss.exe' - '1' Module(s) have been scanned 52 processes with 52 modules were scanned Starting master boot sector scan: Master boot sector HD0 [INFO] No virus was found! Start scanning boot sectors: Boot sector 'C:\' [INFO] No virus was found! Starting to scan executable files (registry). The registry was scanned ( '70' files ). Starting the file scan: Begin scan in 'C:\' C:\pagefile.sys [WARNING] The file could not be opened! [NOTE] This file is a Windows system file. [NOTE] This file cannot be opened for scanning. C:\Documents and Settings\miklo\Mijn documenten\zaSetup_91_007_002_en.exe [0] Archive type: ZIP SFX (self extracting) --> SWITCHUNINST_44ZONE LABS.EXE [1] Archive type: RSRC --> WINDOWS6.0-KB929547-V2-X64.MSU [1] Archive type: CAB (Microsoft) --> Windows6.0-KB929547-v2-x64.cab [WARNING] No further files can be extracted from this archive. The archive will be closed C:\System Volume Information\_restore{A0586B10-2657-4F09-A9B5-9D089CCC23ED}\RP642\A0115050.EXE [DETECTION] Is the TR/Dropper.Gen Trojan C:\WINDOWS\system32\drivers\sptd.sys [WARNING] The file could not be opened! Beginning disinfection: C:\System Volume Information\_restore{A0586B10-2657-4F09-A9B5-9D089CCC23ED}\RP642\A0115050.EXE [DETECTION] Is the TR/Dropper.Gen Trojan [NOTE] The file was moved to '4b5cb573.qua'! End of the scan: vrijdag 18 december 2009 18:00 Used time: 48:22 Minute(s) The scan has been done completely. 7826 Scanned directories 300674 Files were scanned 1 Viruses and/or unwanted programs were found 0 Files were classified as suspicious 0 files were deleted 0 Viruses and unwanted programs were repaired 1 Files were moved to quarantine 0 Files were renamed 2 Files cannot be scanned 300671 Files not concerned 1835 Archives were scanned 3 Warnings 2 Notes 94402 Objects were scanned with rootkit scan 0 Hidden objects were found Ik zal hem nog een keer laten scannen plaats die log ook . echt hartstikke bedankt voor uw hulp . :D
  • Hallo miklo, eerst wat anders, mijn vermoeden is wat dat betreft bevestigt. Je moet namelijk nu eerst de systeemherstelpunten opschonen! Klik daarvoor met rechts op [b:1ba3f3899a]Deze computer [/b:1ba3f3899a]en kies [b:1ba3f3899a]Eigenschappen[/b:1ba3f3899a]. Klik op de tab [b:1ba3f3899a]Systeemherstel[/b:1ba3f3899a] en schakel [b:1ba3f3899a]Systeemherstel[/b:1ba3f3899a] uit. [COLOR="Navy"]Herstart je computer, daardoor worden alle herstelpunten, waaronder ook de vervuilde, gewist.[/COLOR] Na herstart via dezelfde weg Systeemherstel weer inschakelen. Zo nodig kan je dan via [b:1ba3f3899a]Start[/b:1ba3f3899a]>[b:1ba3f3899a]Alle Programma's[/b:1ba3f3899a]>[b:1ba3f3899a]Bureau-accessoires[/b:1ba3f3899a]>[b:1ba3f3899a]Systeemwerkset[/b:1ba3f3899a]>[b:1ba3f3899a][COLOR="navy"]Systeemherstel[/COLOR][/b:1ba3f3899a] een nieuw herstelpunt maken!
  • Avira AntiVir Personal Report file date: vrijdag 18 december 2009 18:48 Scanning for 1456781 virus strains and unwanted programs. Licensee : Avira AntiVir Personal - FREE Antivirus Serial number : 0000149996-ADJIE-0000001 Platform : Windows XP Windows version : (Service Pack 3) [5.1.2600] Boot mode : Normally booted Username : SYSTEM Computer name : KABOUTER-0E4FC1 Version information: BUILD.DAT : 9.0.0.418 21723 Bytes 02/12/2009 16:28:00 AVSCAN.EXE : 9.0.3.10 466689 Bytes 13/10/2009 10:26:33 AVSCAN.DLL : 9.0.3.0 40705 Bytes 27/02/2009 09:58:24 LUKE.DLL : 9.0.3.2 209665 Bytes 20/02/2009 10:35:49 LUKERES.DLL : 9.0.2.0 12033 Bytes 27/02/2009 09:58:52 VBASE000.VDF : 7.10.0.0 19875328 Bytes 06/11/2009 06:35:52 VBASE001.VDF : 7.10.1.0 1372672 Bytes 19/11/2009 14:59:29 VBASE002.VDF : 7.10.1.1 2048 Bytes 19/11/2009 14:59:29 VBASE003.VDF : 7.10.1.2 2048 Bytes 19/11/2009 14:59:29 VBASE004.VDF : 7.10.1.3 2048 Bytes 19/11/2009 14:59:29 VBASE005.VDF : 7.10.1.4 2048 Bytes 19/11/2009 14:59:29 VBASE006.VDF : 7.10.1.5 2048 Bytes 19/11/2009 14:59:29 VBASE007.VDF : 7.10.1.6 2048 Bytes 19/11/2009 14:59:29 VBASE008.VDF : 7.10.1.7 2048 Bytes 19/11/2009 14:59:29 VBASE009.VDF : 7.10.1.8 2048 Bytes 19/11/2009 14:59:29 VBASE010.VDF : 7.10.1.9 2048 Bytes 19/11/2009 14:59:29 VBASE011.VDF : 7.10.1.10 2048 Bytes 19/11/2009 14:59:29 VBASE012.VDF : 7.10.1.11 2048 Bytes 19/11/2009 14:59:29 VBASE013.VDF : 7.10.1.79 209920 Bytes 25/11/2009 14:59:29 VBASE014.VDF : 7.10.1.128 197632 Bytes 30/11/2009 14:59:30 VBASE015.VDF : 7.10.1.178 195584 Bytes 07/12/2009 14:59:30 VBASE016.VDF : 7.10.1.224 183296 Bytes 14/12/2009 14:59:30 VBASE017.VDF : 7.10.1.247 182272 Bytes 15/12/2009 14:59:30 VBASE018.VDF : 7.10.1.248 2048 Bytes 15/12/2009 14:59:30 VBASE019.VDF : 7.10.1.249 2048 Bytes 15/12/2009 14:59:30 VBASE020.VDF : 7.10.1.250 2048 Bytes 15/12/2009 14:59:30 VBASE021.VDF : 7.10.1.251 2048 Bytes 15/12/2009 14:59:30 VBASE022.VDF : 7.10.1.252 2048 Bytes 15/12/2009 14:59:30 VBASE023.VDF : 7.10.1.253 2048 Bytes 15/12/2009 14:59:30 VBASE024.VDF : 7.10.1.254 2048 Bytes 15/12/2009 14:59:30 VBASE025.VDF : 7.10.1.255 2048 Bytes 15/12/2009 14:59:30 VBASE026.VDF : 7.10.2.0 2048 Bytes 15/12/2009 14:59:31 VBASE027.VDF : 7.10.2.1 2048 Bytes 15/12/2009 14:59:31 VBASE028.VDF : 7.10.2.2 2048 Bytes 15/12/2009 14:59:31 VBASE029.VDF : 7.10.2.3 2048 Bytes 15/12/2009 14:59:31 VBASE030.VDF : 7.10.2.4 2048 Bytes 15/12/2009 14:59:31 VBASE031.VDF : 7.10.2.20 155136 Bytes 18/12/2009 14:59:31 Engineversion : 8.2.1.114 AEVDF.DLL : 8.1.1.2 106867 Bytes 08/11/2009 06:38:52 AESCRIPT.DLL : 8.1.3.3 586106 Bytes 18/12/2009 14:59:33 AESCN.DLL : 8.1.3.0 127348 Bytes 18/12/2009 14:59:33 AESBX.DLL : 8.1.1.1 246132 Bytes 08/11/2009 06:38:44 AERDL.DLL : 8.1.3.4 479605 Bytes 18/12/2009 14:59:32 AEPACK.DLL : 8.2.0.3 422261 Bytes 08/11/2009 06:38:40 AEOFFICE.DLL : 8.1.0.38 196987 Bytes 08/11/2009 06:38:38 AEHEUR.DLL : 8.1.0.186 2183544 Bytes 18/12/2009 14:59:32 AEHELP.DLL : 8.1.9.0 237943 Bytes 18/12/2009 14:59:31 AEGEN.DLL : 8.1.1.81 369014 Bytes 18/12/2009 14:59:31 AEEMU.DLL : 8.1.1.0 393587 Bytes 08/11/2009 06:38:26 AECORE.DLL : 8.1.9.1 180598 Bytes 18/12/2009 14:59:31 AEBB.DLL : 8.1.0.3 53618 Bytes 08/11/2009 06:38:20 AVWINLL.DLL : 9.0.0.3 18177 Bytes 12/12/2008 07:47:59 AVPREF.DLL : 9.0.3.0 44289 Bytes 26/08/2009 14:14:02 AVREP.DLL : 8.0.0.3 155905 Bytes 20/01/2009 13:34:28 AVREG.DLL : 9.0.0.0 36609 Bytes 05/12/2008 09:32:09 AVARKT.DLL : 9.0.0.3 292609 Bytes 24/03/2009 14:05:41 AVEVTLOG.DLL : 9.0.0.7 167169 Bytes 30/01/2009 09:37:08 SQLITE3.DLL : 3.6.1.0 326401 Bytes 28/01/2009 14:03:49 SMTPLIB.DLL : 9.2.0.25 28417 Bytes 02/02/2009 07:21:33 NETNT.DLL : 9.0.0.0 11521 Bytes 05/12/2008 09:32:10 RCIMAGE.DLL : 9.0.0.25 2438913 Bytes 15/05/2009 14:39:58 RCTEXT.DLL : 9.0.73.0 86785 Bytes 13/10/2009 11:25:47 Configuration settings for the scan: Jobname.............................: Complete system scan Configuration file..................: c:\program files\avira\antivir desktop\sysscan.avp Logging.............................: low Primary action......................: interactive Secondary action....................: ignore Scan master boot sector.............: on Scan boot sector....................: on Boot sectors........................: C:, Process scan........................: on Scan registry.......................: on Search for rootkits.................: on Integrity checking of system files..: off Scan all files......................: All files Scan archives.......................: on Recursion depth.....................: 20 Smart extensions....................: on Macro heuristic.....................: on File heuristic......................: medium Deviating risk categories...........: +JOKE,+PCK,+PFS, Start of the scan: vrijdag 18 december 2009 18:48 Starting search for hidden objects. '94499' objects were checked, '0' hidden objects were found. The scan of running processes will be started Scan process 'iexplore.exe' - '1' Module(s) have been scanned Scan process 'iexplore.exe' - '1' Module(s) have been scanned Scan process 'wlcomm.exe' - '1' Module(s) have been scanned Scan process 'avscan.exe' - '1' Module(s) have been scanned Scan process 'hpqste08.exe' - '1' Module(s) have been scanned Scan process 'DATALA~1.EXE' - '1' Module(s) have been scanned Scan process 'avcenter.exe' - '1' Module(s) have been scanned Scan process 'hpqtra08.exe' - '1' Module(s) have been scanned Scan process 'TeaTimer.exe' - '1' Module(s) have been scanned Scan process 'daemon.exe' - '1' Module(s) have been scanned Scan process 'msnmsgr.exe' - '1' Module(s) have been scanned Scan process 'ctfmon.exe' - '1' Module(s) have been scanned Scan process 'zlclient.exe' - '0' Module(s) have been scanned Scan process 'avgnt.exe' - '1' Module(s) have been scanned Scan process 'jusched.exe' - '1' Module(s) have been scanned Scan process 'realsched.exe' - '1' Module(s) have been scanned Scan process 'Athan.exe' - '1' Module(s) have been scanned Scan process 'ServiceLayer.exe' - '1' Module(s) have been scanned Scan process 'HookManager.exe' - '1' Module(s) have been scanned Scan process 'rundll32.exe' - '1' Module(s) have been scanned Scan process 'GrooveMonitor.exe' - '1' Module(s) have been scanned Scan process 'dthtml.exe' - '1' Module(s) have been scanned Scan process 'hpwuSchd2.exe' - '1' Module(s) have been scanned Scan process 'LAUNCH~1.EXE' - '1' Module(s) have been scanned Scan process 'RTHDCPL.exe' - '1' Module(s) have been scanned Scan process 'VTTimer.exe' - '1' Module(s) have been scanned Scan process 'alg.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'PAStiSvc.exe' - '1' Module(s) have been scanned Scan process 'SeaPort.exe' - '1' Module(s) have been scanned Scan process 'PSIService.exe' - '1' Module(s) have been scanned Scan process 'PnkBstrB.exe' - '1' Module(s) have been scanned Scan process 'PnkBstrA.exe' - '1' Module(s) have been scanned Scan process 'nvsvc32.exe' - '1' Module(s) have been scanned Scan process 'jqs.exe' - '1' Module(s) have been scanned Scan process 'DTSRVC.exe' - '1' Module(s) have been scanned Scan process 'AppleMobileDeviceService.exe' - '1' Module(s) have been scanned Scan process 'avguard.exe' - '1' Module(s) have been scanned Scan process 'a2service.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'ForceField.exe' - '1' Module(s) have been scanned Scan process 'sched.exe' - '1' Module(s) have been scanned Scan process 'spoolsv.exe' - '1' Module(s) have been scanned Scan process 'ISWSVC.exe' - '1' Module(s) have been scanned Scan process 'explorer.exe' - '1' Module(s) have been scanned Scan process 'vsmon.exe' - '0' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'lsass.exe' - '1' Module(s) have been scanned Scan process 'services.exe' - '1' Module(s) have been scanned Scan process 'winlogon.exe' - '1' Module(s) have been scanned Scan process 'csrss.exe' - '1' Module(s) have been scanned Scan process 'smss.exe' - '1' Module(s) have been scanned 54 processes with 54 modules were scanned Starting master boot sector scan: Master boot sector HD0 [INFO] No virus was found! Start scanning boot sectors: Boot sector 'C:\' [INFO] No virus was found! Starting to scan executable files (registry). The registry was scanned ( '70' files ). Starting the file scan: Begin scan in 'C:\' C:\pagefile.sys [WARNING] The file could not be opened! [NOTE] This file is a Windows system file. [NOTE] This file cannot be opened for scanning. C:\Documents and Settings\miklo\Mijn documenten\zaSetup_91_007_002_en.exe [0] Archive type: ZIP SFX (self extracting) --> SWITCHUNINST_44ZONE LABS.EXE [1] Archive type: RSRC --> WINDOWS6.0-KB929547-V2-X64.MSU [1] Archive type: CAB (Microsoft) --> Windows6.0-KB929547-v2-x64.cab [WARNING] No further files can be extracted from this archive. The archive will be closed C:\WINDOWS\system32\drivers\sptd.sys [WARNING] The file could not be opened! End of the scan: vrijdag 18 december 2009 19:44 Used time: 55:12 Minute(s) The scan has been done completely. 7463 Scanned directories 289648 Files were scanned 0 Viruses and/or unwanted programs were found 0 Files were classified as suspicious 0 files were deleted 0 Viruses and unwanted programs were repaired 0 Files were moved to quarantine 0 Files were renamed 2 Files cannot be scanned 289646 Files not concerned 1816 Archives were scanned 3 Warnings 1 Notes 94499 Objects were scanned with rootkit scan 0 Hidden objects were found Dit is het log van de laatste scan , heb de systeem herstel punten gewist.
  • Wel, ik denk dat jouw Windows weer helemaal onder jouw controle staat! Zijn er nog problemen?
  • nope alles lijkt weer in orde en de pc vliegt weer als van ouds !! :D Nogmaals heel erg bedankt zonder uw hulp was het zeker einde pc geweest .

Beantwoord deze vraag

Weet jij het antwoord op deze vraag? Registreer of meld je aan met je account

Dit is een gearchiveerde pagina. Antwoorden is niet meer mogelijk.