Op deze website gebruiken we cookies om content en advertenties te personaliseren, om functies voor social media te bieden en om ons websiteverkeer te analyseren. Ook delen we informatie over uw gebruik van onze site met onze partners voor social media, adverteren en analyse. Deze partners kunnen deze gegevens combineren met andere informatie die u aan ze heeft verstrekt of die ze hebben verzameld op basis van uw gebruik van hun services. Meer informatie.

Akkoord

Vraag & Antwoord

Beveiliging & privacy

AvSuitE en meer

None
29 antwoorden
  • hallo zou iemand log van hjackthis kunnen nakijken, ik heb ook log van mbam bijgevoegd.
    laptop heeft te maken gehad met AvSuitE /vsbntlo.exe en meer\
    deze zouden al dr afzijn ,als t goed is
    Alvast bedankt
    _______________
    [b:92a3accb3f]LOG VAN MBAM[/b:92a3accb3f]

    Malwarebytes' Anti-Malware 1.46
    www.malwarebytes.org

    Databaseversie: 4504

    Windows 6.0.6002 Service Pack 2
    Internet Explorer 8.0.6001.18928

    30-8-2010 1:26:08
    mbam-log-2010-08-30 (01-26-08).txt

    Scantype: Snelle scan
    Objecten gescand: 133153
    Verstreken tijd: 7 minuut/minuten, 44 seconde(n)

    Geheugenprocessen geïnfecteerd: 0
    Geheugenmodulen geïnfecteerd: 0
    Registersleutels geïnfecteerd: 1
    Registerwaarden geïnfecteerd: 3
    Registerdata geïnfecteerd: 1
    Mappen geïnfecteerd: 1
    Bestanden geïnfecteerd: 2

    Geheugenprocessen geïnfecteerd:
    (Geen kwaadaardige objecten gedetecteerd)

    Geheugenmodulen geïnfecteerd:
    (Geen kwaadaardige objecten gedetecteerd)

    Registersleutels geïnfecteerd:
    HKEY_CURRENT_USER\Software\AVSolution (Trojan.Agent) -> No action taken.

    Registerwaarden geïnfecteerd:
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\shell (Worm.AutoRun) -> No action taken.
    HKEY_CURRENT_USER\Software\Microsoft\bk (Malware.Trace) -> No action taken.
    HKEY_CURRENT_USER\Software\Microsoft\idln2 (Malware.Trace) -> No action taken.

    Registerdata geïnfecteerd:
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell (Hijack.Shell) -> Bad: (explorer.exe,C:\RECYCLER\S-1-5-21-4858527220-0116039963-129586598-7277\mgrls32.exe) Good: (Explorer.exe) -> No action taken.

    Mappen geïnfecteerd:
    C:\RECYCLER\S-1-5-21-0243936033-3052116371-381863308-1811 (Trojan.Agent) -> No action taken.

    Bestanden geïnfecteerd:
    C:\Windows\system32\Drivers\oasfyqon.sys (Rootkit.Bubnix) -> No action taken.
    C:\RECYCLER\S-1-5-21-0243936033-3052116371-381863308-1811\Desktop.ini (Trojan.Agent) -> No action taken.

    __________________

    [b:92a3accb3f]LOG VAN HIJACKTHIS[/b:92a3accb3f]

    Logfile of Trend Micro HijackThis v2.0.4
    Scan saved at 3:43:40, on 31-8-2010
    Platform: Windows Vista SP2 (WinNT 6.00.1906)
    MSIE: Internet Explorer v8.00 (8.00.6001.18943)
    Boot mode: Normal

    Running processes:
    C:\Windows\system32\Dwm.exe
    C:\Windows\Explorer.EXE
    C:\Windows\system32\taskeng.exe
    C:\Windows\RtHDVCpl.exe
    C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
    C:\Program Files\Launch Manager\LManager.exe
    C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
    C:\Program Files\AVG\AVG9\avgtray.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\Windows\ehome\ehtray.exe
    C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    C:\Program Files\Windows Media Player\wmpnscfg.exe
    C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
    C:\Windows\ehome\ehmsas.exe
    C:\Windows\System32\rundll32.exe
    C:\Acer\Empowering Technology\ENET\ENMTRAY.EXE
    C:\Acer\Empowering Technology\EPOWER\EPOWER_DMC.EXE
    C:\Users\Harald\AppData\Local\Temp\RtkBtMnt.exe
    C:\Acer\Empowering Technology\ACER.EMPOWERING.FRAMEWORK.SUPERVISOR.EXE
    C:\Acer\Empowering Technology\eRecovery\ERAGENT.EXE
    C:\Windows\system32\conime.exe
    C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
    C:\Windows\system32\Macromed\Flash\FlashUtil10h_ActiveX.exe
    C:\Windows\system32\SearchProtocolHost.exe
    C:\Windows\system32\SearchFilterHost.exe
    C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://nl.msn.com/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://nl.intl.acer.yahoo.com
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://nl.intl.acer.yahoo.com
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:80
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
    R3 - URLSearchHook: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll
    O1 - Hosts: ::1 localhost
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll
    O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
    O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
    O2 - BHO: ShowBarObj Class - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Windows\system32\ActiveToolBand.dll
    O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.5126.1836\swg.dll
    O2 - BHO: (no name) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - (no file)
    O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
    O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\system32\eDStoolbar.dll
    O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
    O3 - Toolbar: AVG Security Toolbar - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll
    O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
    O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
    O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
    O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
    O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\LManager.exe
    O4 - HKLM\..\Run: [WarReg_PopUp] C:\Acer\WR_PopUp\WarReg_PopUp.exe
    O4 - HKLM\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe
    O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32
    vsvc.dll,nvsvcStart
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
    O4 - HKLM\..\Run: [VirtualCloneDrive] "C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
    O4 - HKLM\..\Run: [AVG9_TRAY] C:\PROGRA~1\AVG\AVG9\avgtray.exe
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [Google Quick Search Box] "C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe" /autorun
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
    O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
    O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
    O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
    O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
    O4 - HKUS\S-1-5-18\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (User 'SYSTEEM')
    O4 - HKUS\.DEFAULT\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (User 'Default user')
    O4 - Startup: OneNote 2007 Schermopname en Snel starten.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
    O4 - Global Startup: Empowering Technology Launcher.lnk = ?
    O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
    O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
    O8 - Extra context menu item: Google Sidewiki… - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
    O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
    O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
    O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
    O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll
    O20 - AppInit_DLLs: avgrsstx.dll eNetHook.dll
    O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
    O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    O23 - Service: AVG Free E-mail Scanner (avg9emc) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgemc.exe
    O23 - Service: AVG Free WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgwdsvc.exe
    O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
    O23 - Service: eDSService.exe (eDataSecurity Service) - HiTRSUT - C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe
    O23 - Service: eLock Service (eLockService) - Acer Inc. - C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe
    O23 - Service: eNet Service - Acer Inc. - C:\Acer\Empowering Technology\eNet\eNet Service.exe
    O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
    O23 - Service: eSettings Service (eSettingsService) - Unknown owner - C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe
    O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
    O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
    O23 - Service: MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exe
    O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
    O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
    O23 - Service: SpyHunter 4 Service - Enigma Software Group USA, LLC. - C:\PROGRA~1\ENIGMA~1\SPYHUN~1\SH4SER~1.EXE
    O23 - Service: ePower Service (WMIService) - acer - C:\Acer\Empowering Technology\ePower\ePowerSvc.exe
    O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe


    End of file - 10962 bytes
  • Hallo MissyDelani, je hebt zo te zien vergeten de verwijderknop van MBAM te gebruiken!

    En is de SpyHu[b:caa8b2d4c3]nter 4 Service[/b:caa8b2d4c3] shareware?
    Dan deïnstalleren!


    [b:caa8b2d4c3]Laat Combofix jouw Windows scannen (klik)[/b:caa8b2d4c3].
    [b:caa8b2d4c3]Hoe Combofix goed te gebruiken (klik)[/b:caa8b2d4c3]
    [list:caa8b2d4c3][*:caa8b2d4c3][b:caa8b2d4c3] Om Combofix te kunnen gebruiken geldt het volgende:[/b:caa8b2d4c3]
    [*:caa8b2d4c3][b:caa8b2d4c3]Vista- en Windows 7 gebruikers starten Combofix op met Administratorrechten![/b:caa8b2d4c3]
    [*:caa8b2d4c3]
  • hallo bedankt voor de sneller reactie,
    ben niet vergeten om de verwijderknop te gebruiken, verkeerd logje
    dus bij deze de"goede" Spyhunter had ik gebruikent voor de gratis scanner maar als je meer wilt doen daarmee dan is die inderdaad "kopen" dus dan maar verwijderen??


    Malwarebytes' Anti-Malware 1.46
    www.malwarebytes.org

    Databaseversie: 4504

    Windows 6.0.6002 Service Pack 2
    Internet Explorer 8.0.6001.18928

    30-8-2010 1:26:28
    mbam-log-2010-08-30 (01-26-28).txt

    Scantype: Snelle scan
    Objecten gescand: 133153
    Verstreken tijd: 7 minuut/minuten, 44 seconde(n)

    Geheugenprocessen geïnfecteerd: 0
    Geheugenmodulen geïnfecteerd: 0
    Registersleutels geïnfecteerd: 1
    Registerwaarden geïnfecteerd: 3
    Registerdata geïnfecteerd: 1
    Mappen geïnfecteerd: 1
    Bestanden geïnfecteerd: 2

    Geheugenprocessen geïnfecteerd:
    (Geen kwaadaardige objecten gedetecteerd)

    Geheugenmodulen geïnfecteerd:
    (Geen kwaadaardige objecten gedetecteerd)

    Registersleutels geïnfecteerd:
    HKEY_CURRENT_USER\Software\AVSolution (Trojan.Agent) -> Quarantined and deleted successfully.

    Registerwaarden geïnfecteerd:
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\shell (Worm.AutoRun) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\Software\Microsoft\bk (Malware.Trace) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\Software\Microsoft\idln2 (Malware.Trace) -> Quarantined and deleted successfully.

    Registerdata geïnfecteerd:
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell (Hijack.Shell) -> Bad: (explorer.exe,C:\RECYCLER\S-1-5-21-4858527220-0116039963-129586598-7277\mgrls32.exe) Good: (Explorer.exe) -> Quarantined and deleted successfully.

    Mappen geïnfecteerd:
    C:\RECYCLER\S-1-5-21-0243936033-3052116371-381863308-1811 (Trojan.Agent) -> Quarantined and deleted successfully.

    Bestanden geïnfecteerd:
    C:\Windows\system32\Drivers\oasfyqon.sys (Rootkit.Bubnix) -> Quarantined and deleted successfully.
    C:\RECYCLER\S-1-5-21-0243936033-3052116371-381863308-1811\Desktop.ini (Trojan.Agent) -> Quarantined and deleted successfully.
  • Ja gewoon verwijderen en dan ComboFix doen!
  • Spyhunter verwijderd… combofix laten lopen… avg uitgeschakeld maar kreeg wel een melding van combo fix dat ze nog actief was…:S

    logje



    ComboFix 10-08-31.01 - Harald 01-09-2010 0:28.1.2 - x86
    Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.31.1043.18.1790.893 [GMT 2:00]
    Gestart vanuit: c:\users\Harald\Desktop\ComboFix.exe
    AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
    SP: AVG Anti-Virus Free *enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
    SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
    * Nieuw herstelpunt werd aangemaakt
    .

    (((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
    .

    c:\windows\system32\%appdata%

    .
    (((((((((((((((((((( Bestanden Gemaakt van 2010-07-28 to 2010-08-31 ))))))))))))))))))))))))))))))
    .

    2010-08-31 22:36 . 2010-08-31 22:41 ——– d—–w- c:\users\Harald\AppData\Local\temp
    2010-08-31 22:36 . 2010-08-31 22:36 ——– d—–w- c:\users\Default\AppData\Local\temp
    2010-08-31 01:41 . 2010-08-31 01:41 ——– d—–w- c:\program files\Trend Micro
    2010-08-30 02:24 . 2010-08-30 02:24 ——– d—–w- c:\program files\Enigma Software Group
    2010-08-30 02:24 . 2010-08-31 21:55 ——– d—–w- c:\windows\95431C66CF9A4913BFFF6050785AFB65.TMP
    2010-08-30 02:24 . 2010-08-30 02:24 ——– d—–w- c:\program files\Common Files\Wise Installation Wizard
    2010-08-29 22:48 . 2010-08-29 22:48 ——– d—–w- c:\users\Harald\AppData\Roaming\Malwarebytes
    2010-08-29 22:48 . 2010-04-29 13:39 38224 —-a-w- c:\windows\system32\drivers\mbamswissarmy.sys
    2010-08-29 22:48 . 2010-08-29 22:48 ——– d—–w- c:\programdata\Malwarebytes
    2010-08-29 22:48 . 2010-08-29 23:26 ——– d—–w- c:\program files\Malwarebytes' Anti-Malware
    2010-08-29 22:48 . 2010-04-29 13:39 20952 —-a-w- c:\windows\system32\drivers\mbam.sys
    2010-08-29 19:58 . 2010-08-29 19:58 ——– d—–w- c:\users\Harald\AppData\Roaming\AVG9
    2010-08-29 18:09 . 2010-08-30 02:02 ——– d—–w- c:\windows\system32\MpEngineStore
    2010-08-29 18:00 . 2010-06-11 16:16 274944 —-a-w- c:\windows\system32\schannel.dll
    2010-08-29 18:00 . 2010-06-21 13:37 2037760 —-a-w- c:\windows\system32\win32k.sys
    2010-08-29 18:00 . 2010-06-16 16:04 905088 —-a-w- c:\windows\system32\drivers\tcpip.sys
    2010-08-29 18:00 . 2010-06-08 17:35 3600768 —-a-w- c:\windows\system32
    tkrnlpa.exe
    2010-08-29 18:00 . 2010-06-08 17:35 3548040 —-a-w- c:\windows\system32
    toskrnl.exe
    2010-08-29 18:00 . 2010-06-18 17:31 36864 —-a-w- c:\windows\system32\rtutils.dll
    2010-08-29 17:59 . 2010-06-18 15:04 302080 —-a-w- c:\windows\system32\drivers\srv.sys
    2010-08-29 17:59 . 2010-06-18 15:04 144896 —-a-w- c:\windows\system32\drivers\srv2.sys
    2010-08-29 17:59 . 2010-06-11 16:15 1248768 —-a-w- c:\windows\system32\msxml3.dll
    2010-08-29 17:59 . 2010-05-27 20:08 81920 —-a-w- c:\windows\system32\iccvid.dll
    2010-08-29 17:21 . 2010-08-29 17:21 12536 —-a-w- c:\windows\system32\avgrsstx.dll

    .
    ((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2010-08-31 01:41 . 2010-08-31 01:41 388096 —-a-r- c:\users\Harald\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
    2010-08-29 18:03 . 2007-04-18 19:28 ——– d—–w- c:\programdata\Microsoft Help
    2010-08-29 17:21 . 2010-08-29 17:21 242896 —-a-w- c:\programdata\avg9\update\backup\avgtdix.sys
    2010-08-29 17:21 . 2010-08-29 17:21 216200 —-a-w- c:\programdata\avg9\update\backup\avgldx86.sys
    2010-08-29 17:21 . 2009-02-06 18:55 243024 —-a-w- c:\windows\system32\drivers\avgtdix.sys
    2010-08-29 17:20 . 2008-07-05 18:55 216400 —-a-w- c:\windows\system32\drivers\avgldx86.sys
    2010-08-29 17:16 . 2008-03-22 18:52 ——– d—–w- c:\program files\CCleaner
    2010-08-29 16:58 . 2010-08-29 16:58 813336 —-a-w- c:\programdata\avg9\update\backup\avginet.dll
    2010-08-29 16:58 . 2010-08-29 16:58 624920 —-a-w- c:\programdata\avg9\update\backup\avgiproxy.exe
    2010-08-29 16:58 . 2010-08-29 16:58 1690464 —-a-w- c:\programdata\avg9\update\backup\avgupd.dll
    2010-08-29 16:58 . 2010-08-29 16:58 1038688 —-a-w- c:\programdata\avg9\update\backup\avgupd.exe
    2010-08-29 16:23 . 2007-12-09 16:19 13072 —-a-w- c:\users\Harald\AppData\Roaming
    vModes.dat
    2010-08-21 20:30 . 2009-12-24 06:10 ——– d—–w- c:\users\Harald\AppData\Roaming\SolSuite
    2010-08-17 17:55 . 2008-07-05 18:55 ——– d—–w- c:\program files\AVG
    2010-08-17 17:35 . 2009-02-16 01:18 ——– d—–w- c:\users\Harald\AppData\Roaming\Apple Computer
    2010-08-17 17:28 . 2007-04-18 19:11 ——– d—–w- c:\program files\Common Files\Symantec Shared
    2010-07-13 21:14 . 2008-05-31 21:12 ——– d—–w- c:\program files\Google
    2010-06-26 06:05 . 2010-08-29 18:01 916480 —-a-w- c:\windows\system32\wininet.dll
    2010-06-26 06:02 . 2010-08-29 18:01 71680 —-a-w- c:\windows\system32\iesetup.dll
    2010-06-26 06:02 . 2010-08-29 18:01 109056 —-a-w- c:\windows\system32\iesysprep.dll
    2010-06-26 04:25 . 2010-08-29 18:01 133632 —-a-w- c:\windows\system32\ieUnatt.exe
    2010-06-22 20:15 . 2010-06-22 20:15 501936 —-a-w- c:\programdata\Google\Google Toolbar\Update\gtbA594.tmp.exe
    .

    ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
    REGEDIT4

    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
    "{A3BC75A2-1F87-4686-AA43-5347D756017C}"= "c:\program files\AVG\AVG9\Toolbar\IEToolbar.dll" [2009-10-16 1119488]

    [HKEY_CLASSES_ROOT\clsid\{a3bc75a2-1f87-4686-aa43-5347d756017c}]

    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A3BC75A2-1F87-4686-AA43-5347D756017C}]
    2009-10-16 11:12 1119488 —-a-w- c:\program files\AVG\AVG9\Toolbar\IEToolbar.dll

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
    "{CCC7A320-B3CA-4199-B1A6-9F516DD69829}"= "c:\program files\AVG\AVG9\Toolbar\IEToolbar.dll" [2009-10-16 1119488]

    [HKEY_CLASSES_ROOT\clsid\{ccc7a320-b3ca-4199-b1a6-9f516dd69829}]

    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
    "{CCC7A320-B3CA-4199-B1A6-9F516DD69829}"= "c:\program files\AVG\AVG9\Toolbar\IEToolbar.dll" [2009-10-16 1119488]

    [HKEY_CLASSES_ROOT\clsid\{ccc7a320-b3ca-4199-b1a6-9f516dd69829}]

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "MsnMsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-07-26 3883856]
    "ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-19 125952]
    "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-01-13 39408]
    "WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-19 202240]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2008-01-19 1008184]
    "RtHDVCpl"="RtHDVCpl.exe" [2006-11-09 3784704]
    "eDataSecurity Loader"="c:\acer\Empowering Technology\eDataSecurity\eDSloader.exe" [2007-02-06 464168]
    "LManager"="c:\progra~1\LAUNCH~1\LManager.exe" [2006-12-21 659456]
    "WarReg_PopUp"="c:\acer\WR_PopUp\WarReg_PopUp.exe" [2006-11-05 57344]
    "Acer Tour Reminder"="c:\acer\AcerTour\Reminder.exe" [2007-01-17 151552]
    "NvSvc"="c:\windows\system32
    vsvc.dll" [2007-02-06 90191]
    "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-02-06 7770112]
    "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2007-02-06 81920]
    "AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2010-04-13 47392]
    "VirtualCloneDrive"="c:\program files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" [2009-05-26 85160]
    "AVG9_TRAY"="c:\progra~1\AVG\AVG9\avgtray.exe" [2010-08-29 2065760]
    "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-06-20 35760]
    "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-06-09 976832]
    "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-03-17 421888]
    "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2010-04-28 142120]
    "Google Quick Search Box"="c:\program files\Google\Quick Search Box\GoogleQuickSearchBox.exe" [2010-07-13 126976]

    [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
    "msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-07-26 3883856]

    c:\users\Harald\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
    OneNote 2007 Schermopname en Snel starten.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2009-2-26 97680]

    c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
    Empowering Technology Launcher.lnk - c:\acer\Empowering Technology\eAPLauncher.exe [2007-4-18 528384]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
    "EnableUIADesktopToggle"= 0 (0x0)

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
    "AppInit_DLLs"=c:\windows\System32\avgrsstx.dll c:\windows\System32\eNetHook.dll

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
    @="Service"

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
    2010-06-20 02:04 35760 —-a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
    2010-04-28 13:06 142120 —-a-w- c:\program files\iTunes\iTunesHelper.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPEnh]
    2006-10-23 19:00 815104 —-a-w- c:\program files\Synaptics\SynTP\SynTPEnh.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
    "DisableMonitoring"=dword:00000001

    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
    "DisableMonitoring"=dword:00000001

    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
    "DisableMonitoring"=dword:00000001

    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
    "VistaSp2"=hex(b):53,fc,cd,b7,47,28,ca,01

    R1 fhampkio;fhampkio;c:\windows\system32\drivers\fhampkio.sys [x]
    R2 gupdate;Google Updateservice (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-02-01 135664]
    R3 esgiguard;esgiguard;c:\program files\Enigma Software Group\SpyHunter\esgiguard.sys [x]
    S1 AvgLdx86;AVG AVI Loader Driver x86;c:\windows\System32\Drivers\avgldx86.sys [2010-08-29 216400]
    S1 AvgTdiX;AVG8 Network Redirector;c:\windows\System32\Drivers\avgtdix.sys [2010-08-29 243024]
    S2 avg9emc;AVG Free E-mail Scanner;c:\program files\AVG\AVG9\avgemc.exe [2010-08-29 921952]
    S2 avg9wd;AVG Free WatchDog;c:\program files\AVG\AVG9\avgwdsvc.exe [2010-08-29 308136]

    .
    Inhoud van de 'Gedeelde Taken' map

    2010-08-31 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
    - c:\program files\Google\Update\GoogleUpdate.exe [2010-02-01 17:34]

    2010-08-31 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
    - c:\program files\Google\Update\GoogleUpdate.exe [2010-02-01 17:34]
    .
    .
    ——- Bijkomende Scan ——-
    .
    uSearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
    mStart Page = hxxp://nl.intl.acer.yahoo.com
    uInternet Settings,ProxyServer = http=127.0.0.1:80
    IE: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
    IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
    IE: Google Sidewiki… - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
    .
    - - - - ORPHANS VERWIJDERD - - - -

    WebBrowser-{EEE6C35B-6118-11DC-9C72-001320C79847} - (no file)
    HKCU-Run-Acer Tour Reminder - (no file)
    HKLM-Run-Acer Tour - (no file)
    HKLM-Run-eRecoveryService - (no file)
    MSConfigStartUp-Babylon Client - c:\program files\Babylon\Babylon-Pro\Babylon.exe
    MSConfigStartUp-ccApp - c:\program files\Common Files\Symantec Shared\ccApp.exe
    MSConfigStartUp-osCheck - c:\program files\Norton Internet Security\osCheck.exe
    MSConfigStartUp-Symantec PIF AlertEng - c:\program files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe



    **************************************************************************

    catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2010-09-01 00:42
    Windows 6.0.6002 Service Pack 2 NTFS

    scannen van verborgen processen …

    scannen van verborgen autostart items …

    HKCU\Software\Microsoft\Windows\CurrentVersion\Run
    MsnMsgr = "c:\program files\Windows Live\Messenger\msnmsgr.exe" /background??s

    scannen van verborgen bestanden …

    Scan succesvol afgerond
    verborgen bestanden: 0

    **************************************************************************
    .
    ——————— VERGRENDELDE REGISTER SLEUTELS ———————

    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
    @Denied: (A) (Users)
    @Denied: (A) (Everyone)
    @Allowed: (B 1 2 3 4 5) (S-1-5-20)
    "BlindDial"=dword:00000000
    .
    ——————— DLLs Geladen Onder Lopende Processen ———————

    - - - - - - - > 'Explorer.exe'(4420)
    c:\windows\system32\MsnChatHook.dll
    c:\windows\system32\ShowErrMsg.dll
    c:\windows\system32\sysenv.dll
    c:\windows\system32\BatchCrypto.dll
    c:\windows\system32\CryptoAPI.dll
    c:\windows\system32\keyManager.dll
    c:\acer\Empowering Technology\EPOWER\SysHook.dll
    .
    ———————— Andere Aktieve Processen ————————
    .
    c:\acer\Empowering Technology\eDataSecurity\eDSService.exe
    c:\acer\Empowering Technology\eLock\Service\eLockServ.exe
    c:\program files\AVG\AVG9\avgnsx.exe
    c:\acer\Empowering Technology\eNet\eNet Service.exe
    c:\program files\Common Files\LightScribe\LSSrvc.exe
    c:\acer\Mobility Center\MobilityService.exe
    c:\program files\CyberLink\Shared Files\RichVideo.exe
    c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
    c:\windows\system32\DRIVERS\xaudio.exe
    c:\acer\Empowering Technology\eRecovery\eRecoveryService.exe
    c:\acer\Empowering Technology\eSettings\Service\capuserv.exe
    c:\program files\AVG\AVG9\avgchsvx.exe
    c:\program files\AVG\AVG9\avgrsx.exe
    c:\program files\AVG\AVG9\avgcsrvx.exe
    c:\program files\AVG\AVG9\avgcsrvx.exe
    c:\acer\Empowering Technology\ePower\ePowerSvc.exe
    c:\windows\system32\wbem\unsecapp.exe
    c:\windows\system32\conime.exe
    c:\windows\RtHDVCpl.exe
    c:\program files\Launch Manager\LManager.exe
    c:\program files\AVG\AVG9\avgtray.exe
    c:\windows\System32\rundll32.exe
    c:\windows\servicing\TrustedInstaller.exe
    c:\program files\Windows Media Player\wmpnetwk.exe
    c:\windows\ehome\ehmsas.exe
    c:\acer\Empowering Technology\ENET\ENMTRAY.EXE
    c:\acer\Empowering Technology\EPOWER\EPOWER_DMC.EXE
    c:\acer\Empowering Technology\ACER.EMPOWERING.FRAMEWORK.SUPERVISOR.EXE
    c:\acer\Empowering Technology\eRecovery\ERAGENT.EXE
    c:\program files\iPod\bin\iPodService.exe
    .
    **************************************************************************
    .
    Voltooingstijd: 2010-09-01 00:47:26 - machine werd herstart
    ComboFix-quarantined-files.txt 2010-08-31 22:47

    Pre-Run: 4.739.678.208 bytes beschikbaar
    Post-Run: 4.755.099.648 bytes beschikbaar

    - - End Of File - - 14E17A510906BC861B5D49D9345890A9



  • Hallo MissyDelani, je mag het volgende doen:

    open een nieuw kladblokbestand,
    (Start>Alle programma’s>Bureau-accessoires>Kladblok).
    kopieer en plak de volgende (vetgedrukte, blauwe tekst) in het lege kladblokvenstervenster


    [b:cb43746592]
  • kreeg weer die melding dat antivirus actief was terwijl zowel Windows als Avg meldde uitgeschakelt te zijn………

    nieuw logje

    ComboFix 10-08-31.02 - Harald 01-09-2010 16:36:02.2.2 - x86
    Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.31.1043.18.1790.798 [GMT 2:00]
    Gestart vanuit: c:\users\Harald\Desktop\ComboFix.exe
    gebruikte Opdracht switches :: c:\users\Harald\Desktop\CFScript.txt
    AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
    SP: AVG Anti-Virus Free *enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
    SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
    * Nieuw herstelpunt werd aangemaakt
    .

    (((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
    .

    c:\windows\95431C66CF9A4913BFFF6050785AFB65.TMP
    c:\windows\95431C66CF9A4913BFFF6050785AFB65.TMP\WiseCustomCall.dll
    c:\windows\95431C66CF9A4913BFFF6050785AFB65.TMP\WiseCustomCalla.dll
    c:\windows\95431C66CF9A4913BFFF6050785AFB65.TMP\WiseCustomCalla17.dll
    c:\windows\95431C66CF9A4913BFFF6050785AFB65.TMP\WiseCustomCalla18.exe
    c:\windows\95431C66CF9A4913BFFF6050785AFB65.TMP\WiseCustomCalla19.dll
    c:\windows\95431C66CF9A4913BFFF6050785AFB65.TMP\WiseCustomCalla2.dll
    c:\windows\95431C66CF9A4913BFFF6050785AFB65.TMP\WiseCustomCalla20.dll
    c:\windows\95431C66CF9A4913BFFF6050785AFB65.TMP\WiseCustomCalla21.dll
    c:\windows\95431C66CF9A4913BFFF6050785AFB65.TMP\WiseCustomCalla21.exe
    c:\windows\95431C66CF9A4913BFFF6050785AFB65.TMP\WiseData.ini

    .
    (((((((((((((((((((( Bestanden Gemaakt van 2010-08-01 to 2010-09-01 ))))))))))))))))))))))))))))))
    .

    2010-09-01 16:38 . 2010-09-01 16:38 ——– d—–w- c:\users\Harald\AppData\Local\temp
    2010-09-01 16:38 . 2010-09-01 16:38 ——– d—–w- c:\users\Public\AppData\Local\temp
    2010-09-01 16:38 . 2010-09-01 16:38 ——– d—–w- c:\users\Default\AppData\Local\temp
    2010-08-31 01:41 . 2010-08-31 01:41 388096 —-a-r- c:\users\Harald\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
    2010-08-31 01:41 . 2010-08-31 01:41 ——– d—–w- c:\program files\Trend Micro
    2010-08-30 02:24 . 2010-08-30 02:24 ——– d—–w- c:\program files\Enigma Software Group
    2010-08-30 02:24 . 2010-08-30 02:24 ——– d—–w- c:\program files\Common Files\Wise Installation Wizard
    2010-08-29 22:48 . 2010-08-29 22:48 ——– d—–w- c:\users\Harald\AppData\Roaming\Malwarebytes
    2010-08-29 22:48 . 2010-04-29 13:39 38224 —-a-w- c:\windows\system32\drivers\mbamswissarmy.sys
    2010-08-29 22:48 . 2010-08-29 22:48 ——– d—–w- c:\programdata\Malwarebytes
    2010-08-29 22:48 . 2010-08-29 23:26 ——– d—–w- c:\program files\Malwarebytes' Anti-Malware
    2010-08-29 22:48 . 2010-04-29 13:39 20952 —-a-w- c:\windows\system32\drivers\mbam.sys
    2010-08-29 19:58 . 2010-08-29 19:58 ——– d—–w- c:\users\Harald\AppData\Roaming\AVG9
    2010-08-29 18:09 . 2010-08-30 02:02 ——– d—–w- c:\windows\system32\MpEngineStore
    2010-08-29 18:00 . 2010-06-11 16:16 274944 —-a-w- c:\windows\system32\schannel.dll
    2010-08-29 18:00 . 2010-06-21 13:37 2037760 —-a-w- c:\windows\system32\win32k.sys
    2010-08-29 18:00 . 2010-06-16 16:04 905088 —-a-w- c:\windows\system32\drivers\tcpip.sys
    2010-08-29 18:00 . 2010-06-08 17:35 3600768 —-a-w- c:\windows\system32
    tkrnlpa.exe
    2010-08-29 18:00 . 2010-06-08 17:35 3548040 —-a-w- c:\windows\system32
    toskrnl.exe
    2010-08-29 18:00 . 2010-06-18 17:31 36864 —-a-w- c:\windows\system32\rtutils.dll
    2010-08-29 17:59 . 2010-06-18 15:04 302080 —-a-w- c:\windows\system32\drivers\srv.sys
    2010-08-29 17:59 . 2010-06-18 15:04 144896 —-a-w- c:\windows\system32\drivers\srv2.sys
    2010-08-29 17:59 . 2010-06-11 16:15 1248768 —-a-w- c:\windows\system32\msxml3.dll
    2010-08-29 17:59 . 2010-05-27 20:08 81920 —-a-w- c:\windows\system32\iccvid.dll
    2010-08-29 17:21 . 2010-08-29 17:21 242896 —-a-w- c:\programdata\avg9\update\backup\avgtdix.sys
    2010-08-29 17:21 . 2010-08-29 17:21 216200 —-a-w- c:\programdata\avg9\update\backup\avgldx86.sys
    2010-08-29 17:21 . 2010-08-29 17:21 12536 —-a-w- c:\windows\system32\avgrsstx.dll
    2010-08-29 16:58 . 2010-08-29 16:58 813336 —-a-w- c:\programdata\avg9\update\backup\avginet.dll
    2010-08-29 16:58 . 2010-08-29 16:58 624920 —-a-w- c:\programdata\avg9\update\backup\avgiproxy.exe
    2010-08-29 16:58 . 2010-08-29 16:58 1690464 —-a-w- c:\programdata\avg9\update\backup\avgupd.dll
    2010-08-29 16:58 . 2010-08-29 16:58 1038688 —-a-w- c:\programdata\avg9\update\backup\avgupd.exe

    .
    ((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2010-08-29 18:03 . 2007-04-18 19:28 ——– d—–w- c:\programdata\Microsoft Help
    2010-08-29 17:21 . 2009-02-06 18:55 243024 —-a-w- c:\windows\system32\drivers\avgtdix.sys
    2010-08-29 17:20 . 2008-07-05 18:55 216400 —-a-w- c:\windows\system32\drivers\avgldx86.sys
    2010-08-29 17:16 . 2008-03-22 18:52 ——– d—–w- c:\program files\CCleaner
    2010-08-29 16:23 . 2007-12-09 16:19 13072 —-a-w- c:\users\Harald\AppData\Roaming
    vModes.dat
    2010-08-21 20:30 . 2009-12-24 06:10 ——– d—–w- c:\users\Harald\AppData\Roaming\SolSuite
    2010-08-17 17:55 . 2008-07-05 18:55 ——– d—–w- c:\program files\AVG
    2010-08-17 17:35 . 2009-02-16 01:18 ——– d—–w- c:\users\Harald\AppData\Roaming\Apple Computer
    2010-08-17 17:28 . 2007-04-18 19:11 ——– d—–w- c:\program files\Common Files\Symantec Shared
    2010-07-13 21:14 . 2008-05-31 21:12 ——– d—–w- c:\program files\Google
    2010-06-26 06:05 . 2010-08-29 18:01 916480 —-a-w- c:\windows\system32\wininet.dll
    2010-06-26 06:02 . 2010-08-29 18:01 71680 —-a-w- c:\windows\system32\iesetup.dll
    2010-06-26 06:02 . 2010-08-29 18:01 109056 —-a-w- c:\windows\system32\iesysprep.dll
    2010-06-26 04:25 . 2010-08-29 18:01 133632 —-a-w- c:\windows\system32\ieUnatt.exe
    2010-06-22 20:15 . 2010-06-22 20:15 501936 —-a-w- c:\programdata\Google\Google Toolbar\Update\gtbA594.tmp.exe
    .

    ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
    REGEDIT4

    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
    "{A3BC75A2-1F87-4686-AA43-5347D756017C}"= "c:\program files\AVG\AVG9\Toolbar\IEToolbar.dll" [2009-10-16 1119488]

    [HKEY_CLASSES_ROOT\clsid\{a3bc75a2-1f87-4686-aa43-5347d756017c}]

    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A3BC75A2-1F87-4686-AA43-5347D756017C}]
    2009-10-16 11:12 1119488 —-a-w- c:\program files\AVG\AVG9\Toolbar\IEToolbar.dll

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
    "{CCC7A320-B3CA-4199-B1A6-9F516DD69829}"= "c:\program files\AVG\AVG9\Toolbar\IEToolbar.dll" [2009-10-16 1119488]

    [HKEY_CLASSES_ROOT\clsid\{ccc7a320-b3ca-4199-b1a6-9f516dd69829}]

    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
    "{CCC7A320-B3CA-4199-B1A6-9F516DD69829}"= "c:\program files\AVG\AVG9\Toolbar\IEToolbar.dll" [2009-10-16 1119488]

    [HKEY_CLASSES_ROOT\clsid\{ccc7a320-b3ca-4199-b1a6-9f516dd69829}]

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "MsnMsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-07-26 3883856]
    "ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-19 125952]
    "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-01-13 39408]
    "WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-19 202240]
    "Acer Tour Reminder"="" [BU]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2008-01-19 1008184]
    "RtHDVCpl"="RtHDVCpl.exe" [2006-11-09 3784704]
    "eDataSecurity Loader"="c:\acer\Empowering Technology\eDataSecurity\eDSloader.exe" [2007-02-06 464168]
    "LManager"="c:\progra~1\LAUNCH~1\LManager.exe" [2006-12-21 659456]
    "WarReg_PopUp"="c:\acer\WR_PopUp\WarReg_PopUp.exe" [2006-11-05 57344]
    "Acer Tour Reminder"="c:\acer\AcerTour\Reminder.exe" [2007-01-17 151552]
    "NvSvc"="c:\windows\system32
    vsvc.dll" [2007-02-06 90191]
    "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-02-06 7770112]
    "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2007-02-06 81920]
    "AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2010-04-13 47392]
    "VirtualCloneDrive"="c:\program files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" [2009-05-26 85160]
    "AVG9_TRAY"="c:\progra~1\AVG\AVG9\avgtray.exe" [2010-08-29 2065760]
    "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-06-20 35760]
    "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-06-09 976832]
    "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-03-17 421888]
    "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2010-04-28 142120]
    "Google Quick Search Box"="c:\program files\Google\Quick Search Box\GoogleQuickSearchBox.exe" [2010-07-13 126976]

    [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
    "msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-07-26 3883856]

    c:\users\Harald\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
    OneNote 2007 Schermopname en Snel starten.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2009-2-26 97680]

    c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
    Empowering Technology Launcher.lnk - c:\acer\Empowering Technology\eAPLauncher.exe [2007-4-18 528384]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
    "EnableUIADesktopToggle"= 0 (0x0)

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
    "AppInit_DLLs"=c:\windows\System32\avgrsstx.dll c:\windows\System32\eNetHook.dll

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
    @="Service"

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
    2010-06-20 02:04 35760 —-a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
    2010-04-28 13:06 142120 —-a-w- c:\program files\iTunes\iTunesHelper.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPEnh]
    2006-10-23 19:00 815104 —-a-w- c:\program files\Synaptics\SynTP\SynTPEnh.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
    "DisableMonitoring"=dword:00000001

    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
    "DisableMonitoring"=dword:00000001

    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
    "DisableMonitoring"=dword:00000001

    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
    "VistaSp2"=hex(b):53,fc,cd,b7,47,28,ca,01

    R1 fhampkio;fhampkio;c:\windows\system32\drivers\fhampkio.sys [x]
    R2 gupdate;Google Updateservice (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-02-01 135664]
    R3 esgiguard;esgiguard;c:\program files\Enigma Software Group\SpyHunter\esgiguard.sys [x]
    S1 AvgLdx86;AVG AVI Loader Driver x86;c:\windows\System32\Drivers\avgldx86.sys [2010-08-29 216400]
    S1 AvgTdiX;AVG8 Network Redirector;c:\windows\System32\Drivers\avgtdix.sys [2010-08-29 243024]
    S2 avg9emc;AVG Free E-mail Scanner;c:\program files\AVG\AVG9\avgemc.exe [2010-08-29 921952]
    S2 avg9wd;AVG Free WatchDog;c:\program files\AVG\AVG9\avgwdsvc.exe [2010-08-29 308136]

    .
    Inhoud van de 'Gedeelde Taken' map

    2010-09-01 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
    - c:\program files\Google\Update\GoogleUpdate.exe [2010-02-01 17:34]

    2010-09-01 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
    - c:\program files\Google\Update\GoogleUpdate.exe [2010-02-01 17:34]
    .
    .
    ——- Bijkomende Scan ——-
    .
    uSearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
    mStart Page = hxxp://nl.intl.acer.yahoo.com
    uInternet Settings,ProxyServer = http=127.0.0.1:80
    IE: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
    IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
    IE: Google Sidewiki… - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
    .

    **************************************************************************

    catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2010-09-01 18:38
    Windows 6.0.6002 Service Pack 2 NTFS

    scannen van verborgen processen …

    scannen van verborgen autostart items …

    HKCU\Software\Microsoft\Windows\CurrentVersion\Run
    MsnMsgr = "c:\program files\Windows Live\Messenger\msnmsgr.exe" /background??s

    scannen van verborgen bestanden …

    Scan succesvol afgerond
    verborgen bestanden: 0

    **************************************************************************
    .
    ——————— VERGRENDELDE REGISTER SLEUTELS ———————

    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
    @Denied: (A) (Users)
    @Denied: (A) (Everyone)
    @Allowed: (B 1 2 3 4 5) (S-1-5-20)
    "BlindDial"=dword:00000000
    .
    Voltooingstijd: 2010-09-01 18:41:07
    ComboFix-quarantined-files.txt 2010-09-01 16:41
    ComboFix2.txt 2010-08-31 22:47

    Pre-Run: 4.807.487.488 bytes beschikbaar
    Post-Run: 4.795.744.256 bytes beschikbaar

    - - End Of File - - F7F5A6DB8600FBA08DBA51453C1BA8F2



  • Hallo MissyDelani, hoe gaat het inmiddels met jouw Windows, geef een update.
  • hallo, zo merk ik eigenlijk verder niks meer….. wel kom ik bekabeld niet meer op internet, in appbedheer heb ik 2 uitroeptekens staan bij netwerkadapters..
    1e code - Dit apparaat werkt niet goed omdat Windows de voor dit apparaat benodigde stuurprogramma's niet kan laden. (Code 31)

    2e code - Dit apparaat start niet. (Code 10)


    [img:cb0d2d1108]http://a.imageshack.us/img713/387/naamloos1lv.jpg[/img:cb0d2d1108]
  • Je gaat naar het [b:66e931882f]Netwerkcentrum[/b:66e931882f] van Vista.
    In de linkerkolom vindt je de melding [b:66e931882f]Netwerkverbindingen beheren[/b:66e931882f] - klik daar op.

    Klik met rechts op Loacal Area verbinding en kies voor [b:66e931882f]Inschakelen[/b:66e931882f]

    Mogelijk dat hierna de beide apparaten die nu niet werken, het dan weer doen!
  • hier had ik al overal gekeken…. alles staat goed en is ingeschakeld…..
  • En werkt je gedrade internetverbinding nu ook weer?
  • nee nog steeds t zelfde.. die uitroeptekens in appbeheer en geen internet via lan….
  • Ga naar het Netwerkcentrum en dubbelklik daar op het krijs door de verbinding naar internet!

    Volg de aanwijzingen op!
  • hallo, dit had ik allemaal al gedaan en geen succes…. ik heb zelf wat nagekeken en nu werkt t weer…

    moet ik verder nu nog wat met hijackthis of combofix doen??? bedankt,
  • Het lijkt me het beste, dat je inderdaad CombFix opnieuw doet!

    Krijg je de melding dat het tool wil updaten of dat je een nieuwere versie moet downloaden, sta dat toe of doe dat dan.
  • hier het nieuwe logje.

    ComboFix 10-09-07.01 - Harald 07-09-2010 23:00:12.3.2 - x86
    Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.31.1043.18.1790.789 [GMT 2:00]
    Gestart vanuit: c:\users\Harald\Desktop\ComboFix.exe
    AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
    SP: AVG Anti-Virus Free *enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
    SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
    * Nieuw herstelpunt werd aangemaakt
    .

    (((((((((((((((((((( Bestanden Gemaakt van 2010-08-07 to 2010-09-07 ))))))))))))))))))))))))))))))
    .

    2010-09-07 21:09 . 2010-09-07 21:09 ——– d—–w- c:\users\Public\AppData\Local\temp
    2010-09-07 21:09 . 2010-09-07 21:09 ——– d—–w- c:\users\Default\AppData\Local\temp
    2010-09-07 20:47 . 2009-05-18 11:17 26600 —-a-w- c:\windows\system32\drivers\GEARAspiWDM.sys
    2010-09-07 20:47 . 2008-04-17 10:12 107368 —-a-w- c:\windows\system32\GEARAspi.dll
    2010-09-07 20:46 . 2010-09-07 20:46 ——– d—–w- c:\program files\iPod
    2010-09-07 20:46 . 2010-09-07 20:47 ——– d—–w- c:\program files\iTunes
    2010-09-07 20:43 . 2010-09-07 20:43 ——– d—–w- c:\program files\QuickTime
    2010-09-07 20:41 . 2010-09-07 20:41 ——– d—–w- c:\windows\LastGood
    2010-09-07 20:39 . 2010-09-07 20:39 73000 —-a-w- c:\programdata\Apple Computer\Installer Cache\iTunes 10.0.0.68\SetupAdmin.exe
    2010-09-01 19:22 . 2010-09-01 19:22 ——– d—–w- c:\program files\Common Files\Java
    2010-09-01 19:22 . 2010-09-01 19:21 423656 —-a-w- c:\windows\system32\deployJava1.dll
    2010-09-01 19:21 . 2010-09-01 19:21 ——– d—–w- c:\program files\Java
    2010-09-01 16:41 . 2010-09-07 21:09 ——– d—–w- c:\users\Harald\AppData\Local\temp
    2010-08-31 01:41 . 2010-08-31 01:41 388096 —-a-r- c:\users\Harald\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
    2010-08-31 01:41 . 2010-08-31 01:41 ——– d—–w- c:\program files\Trend Micro
    2010-08-30 02:24 . 2010-08-30 02:24 ——– d—–w- c:\program files\Enigma Software Group
    2010-08-30 02:24 . 2010-08-30 02:24 ——– d—–w- c:\program files\Common Files\Wise Installation Wizard
    2010-08-29 22:48 . 2010-08-29 22:48 ——– d—–w- c:\users\Harald\AppData\Roaming\Malwarebytes
    2010-08-29 22:48 . 2010-04-29 13:39 38224 —-a-w- c:\windows\system32\drivers\mbamswissarmy.sys
    2010-08-29 22:48 . 2010-08-29 22:48 ——– d—–w- c:\programdata\Malwarebytes
    2010-08-29 22:48 . 2010-08-29 23:26 ——– d—–w- c:\program files\Malwarebytes' Anti-Malware
    2010-08-29 22:48 . 2010-04-29 13:39 20952 —-a-w- c:\windows\system32\drivers\mbam.sys
    2010-08-29 19:58 . 2010-08-29 19:58 ——– d—–w- c:\users\Harald\AppData\Roaming\AVG9
    2010-08-29 18:09 . 2010-08-30 02:02 ——– d—–w- c:\windows\system32\MpEngineStore
    2010-08-29 18:00 . 2010-06-11 16:16 274944 —-a-w- c:\windows\system32\schannel.dll
    2010-08-29 18:00 . 2010-06-21 13:37 2037760 —-a-w- c:\windows\system32\win32k.sys
    2010-08-29 18:00 . 2010-06-16 16:04 905088 —-a-w- c:\windows\system32\drivers\tcpip.sys
    2010-08-29 18:00 . 2010-06-08 17:35 3600768 —-a-w- c:\windows\system32
    tkrnlpa.exe
    2010-08-29 18:00 . 2010-06-08 17:35 3548040 —-a-w- c:\windows\system32
    toskrnl.exe
    2010-08-29 18:00 . 2010-06-18 17:31 36864 —-a-w- c:\windows\system32\rtutils.dll
    2010-08-29 17:59 . 2010-06-18 15:04 302080 —-a-w- c:\windows\system32\drivers\srv.sys
    2010-08-29 17:59 . 2010-06-18 15:04 144896 —-a-w- c:\windows\system32\drivers\srv2.sys
    2010-08-29 17:59 . 2010-06-11 16:15 1248768 —-a-w- c:\windows\system32\msxml3.dll
    2010-08-29 17:59 . 2010-05-27 20:08 81920 —-a-w- c:\windows\system32\iccvid.dll
    2010-08-29 17:21 . 2010-08-29 17:21 242896 —-a-w- c:\programdata\avg9\update\backup\avgtdix.sys
    2010-08-29 17:21 . 2010-08-29 17:21 216200 —-a-w- c:\programdata\avg9\update\backup\avgldx86.sys
    2010-08-29 17:21 . 2010-08-29 17:21 12536 —-a-w- c:\windows\system32\avgrsstx.dll
    2010-08-29 16:58 . 2010-08-29 16:58 813336 —-a-w- c:\programdata\avg9\update\backup\avginet.dll
    2010-08-29 16:58 . 2010-08-29 16:58 624920 —-a-w- c:\programdata\avg9\update\backup\avgiproxy.exe
    2010-08-29 16:58 . 2010-08-29 16:58 1690464 —-a-w- c:\programdata\avg9\update\backup\avgupd.dll
    2010-08-29 16:58 . 2010-08-29 16:58 1038688 —-a-w- c:\programdata\avg9\update\backup\avgupd.exe

    .
    ((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2010-09-07 20:46 . 2009-02-16 01:11 ——– d—–w- c:\program files\Common Files\Apple
    2010-09-07 20:30 . 2008-08-31 06:55 ——– d—–w- c:\program files\Messenger Plus! Live
    2010-09-07 20:26 . 2007-12-09 16:19 13072 —-a-w- c:\users\Harald\AppData\Roaming
    vModes.dat
    2010-09-02 18:37 . 2008-07-05 21:39 ——– d—–w- c:\program files\Microsoft Silverlight
    2010-08-29 18:03 . 2007-04-18 19:28 ——– d—–w- c:\programdata\Microsoft Help
    2010-08-29 17:21 . 2009-02-06 18:55 243024 —-a-w- c:\windows\system32\drivers\avgtdix.sys
    2010-08-29 17:20 . 2008-07-05 18:55 216400 —-a-w- c:\windows\system32\drivers\avgldx86.sys
    2010-08-29 17:16 . 2008-03-22 18:52 ——– d—–w- c:\program files\CCleaner
    2010-08-21 20:30 . 2009-12-24 06:10 ——– d—–w- c:\users\Harald\AppData\Roaming\SolSuite
    2010-08-17 17:55 . 2008-07-05 18:55 ——– d—–w- c:\program files\AVG
    2010-08-17 17:35 . 2009-02-16 01:18 ——– d—–w- c:\users\Harald\AppData\Roaming\Apple Computer
    2010-08-17 17:28 . 2007-04-18 19:11 ——– d—–w- c:\program files\Common Files\Symantec Shared
    2010-07-13 21:14 . 2008-05-31 21:12 ——– d—–w- c:\program files\Google
    2010-06-26 06:05 . 2010-08-29 18:01 916480 —-a-w- c:\windows\system32\wininet.dll
    2010-06-26 06:02 . 2010-08-29 18:01 71680 —-a-w- c:\windows\system32\iesetup.dll
    2010-06-26 06:02 . 2010-08-29 18:01 109056 —-a-w- c:\windows\system32\iesysprep.dll
    2010-06-26 04:25 . 2010-08-29 18:01 133632 —-a-w- c:\windows\system32\ieUnatt.exe
    2010-06-22 20:15 . 2010-06-22 20:15 501936 —-a-w- c:\programdata\Google\Google Toolbar\Update\gtbA594.tmp.exe
    .

    ((((((((((((((((((((((((((((( SnapShot@2010-09-01_16.38.29 )))))))))))))))))))))))))))))))))))))))))
    .
    + 2010-09-07 20:47 . 2009-05-18 11:17 26600 c:\windows\System32\DRVSTORE\GEARAspiWD_3B7AACF0636A2C042EB7AD2AFF76D37B27BDD28C\x86\GEARAspiWDM.sys
    - 2009-09-22 17:03 . 2009-05-18 12:17 26600 c:\windows\System32\DRVSTORE\GEARAspiWD_3B7AACF0636A2C042EB7AD2AFF76D37B27BDD28C\x86\GEARAspiWDM.sys
    + 2010-04-19 18:47 . 2010-04-19 18:47 41984 c:\windows\System32\DriverStore\FileRepository\usbaapl.inf_bd0865d8\usbaapl.sys
    + 2010-06-03 23:30 . 2010-09-01 20:49 49152 c:\windows\Installer\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}\ConfigIcon.dll
    - 2010-06-03 23:30 . 2010-06-03 23:30 49152 c:\windows\Installer\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}\ConfigIcon.dll
    + 2010-09-07 20:25 . 2010-09-07 20:25 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
    - 2010-09-01 14:14 . 2010-09-01 14:14 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
    - 2010-09-01 14:14 . 2010-09-01 14:14 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
    + 2010-09-07 20:25 . 2010-09-07 20:25 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
    + 2010-09-01 19:22 . 2010-09-01 19:21 153376 c:\windows\System32\javaws.exe
    + 2010-09-01 19:22 . 2010-09-01 19:21 145184 c:\windows\System32\javaw.exe
    + 2010-09-01 19:22 . 2010-09-01 19:21 145184 c:\windows\System32\java.exe
    - 2009-09-22 17:03 . 2008-04-17 11:12 107368 c:\windows\System32\DRVSTORE\GEARAspiWD_3B7AACF0636A2C042EB7AD2AFF76D37B27BDD28C\x86\GEARAspi.dll
    + 2010-09-07 20:47 . 2008-04-17 10:12 107368 c:\windows\System32\DRVSTORE\GEARAspiWD_3B7AACF0636A2C042EB7AD2AFF76D37B27BDD28C\x86\GEARAspi.dll
    + 2010-09-07 20:41 . 2010-09-07 20:41 807936 c:\windows\Installer\ecb3d.msi
    + 2010-09-01 19:22 . 2010-09-01 19:22 180224 c:\windows\Installer\11955fb.msi
    + 2010-09-01 19:21 . 2010-09-01 19:21 677376 c:\windows\Installer\11955f5.msi
    + 2010-09-07 20:47 . 2010-09-07 20:47 380928 c:\windows\Installer\{350FB27C-CF62-4EF3-AF9D-70FF313FE221}\iTunesIco.exe
    + 2010-04-19 18:47 . 2010-04-19 18:47 3062048 c:\windows\System32\DriverStore\FileRepository\usbaapl.inf_bd0865d8\usbaaplrc.dll
    + 2010-09-07 20:47 . 2010-09-07 20:47 6478336 c:\windows\Installer\ed703.msi
    + 2010-09-07 20:43 . 2010-09-07 20:43 9472000 c:\windows\Installer\ecf06.msi
    + 2010-09-07 20:41 . 2010-09-07 20:41 3084800 c:\windows\Installer\ecbd4.msi
    + 2010-09-01 20:48 . 2010-09-01 20:48 20303872 c:\windows\Installer\397b80.msp
    .
    ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
    REGEDIT4

    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
    "{A3BC75A2-1F87-4686-AA43-5347D756017C}"= "c:\program files\AVG\AVG9\Toolbar\IEToolbar.dll" [2009-10-16 1119488]

    [HKEY_CLASSES_ROOT\clsid\{a3bc75a2-1f87-4686-aa43-5347d756017c}]

    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A3BC75A2-1F87-4686-AA43-5347D756017C}]
    2009-10-16 11:12 1119488 —-a-w- c:\program files\AVG\AVG9\Toolbar\IEToolbar.dll

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
    "{CCC7A320-B3CA-4199-B1A6-9F516DD69829}"= "c:\program files\AVG\AVG9\Toolbar\IEToolbar.dll" [2009-10-16 1119488]

    [HKEY_CLASSES_ROOT\clsid\{ccc7a320-b3ca-4199-b1a6-9f516dd69829}]

    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
    "{CCC7A320-B3CA-4199-B1A6-9F516DD69829}"= "c:\program files\AVG\AVG9\Toolbar\IEToolbar.dll" [2009-10-16 1119488]

    [HKEY_CLASSES_ROOT\clsid\{ccc7a320-b3ca-4199-b1a6-9f516dd69829}]

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "MsnMsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-07-26 3883856]
    "ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-19 125952]
    "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-01-13 39408]
    "WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-19 202240]
    "Acer Tour Reminder"="" [BU]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2008-01-19 1008184]
    "RtHDVCpl"="RtHDVCpl.exe" [2006-11-09 3784704]
    "eDataSecurity Loader"="c:\acer\Empowering Technology\eDataSecurity\eDSloader.exe" [2007-02-06 464168]
    "LManager"="c:\progra~1\LAUNCH~1\LManager.exe" [2006-12-21 659456]
    "WarReg_PopUp"="c:\acer\WR_PopUp\WarReg_PopUp.exe" [2006-11-05 57344]
    "Acer Tour Reminder"="c:\acer\AcerTour\Reminder.exe" [2007-01-17 151552]
    "NvSvc"="c:\windows\system32
    vsvc.dll" [2007-02-06 90191]
    "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-02-06 7770112]
    "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2007-02-06 81920]
    "AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2010-04-13 47392]
    "VirtualCloneDrive"="c:\program files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" [2009-05-26 85160]
    "AVG9_TRAY"="c:\progra~1\AVG\AVG9\avgtray.exe" [2010-08-29 2065760]
    "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-06-20 35760]
    "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-06-09 976832]
    "Google Quick Search Box"="c:\program files\Google\Quick Search Box\GoogleQuickSearchBox.exe" [2010-07-13 126976]
    "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552]
    "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-08-10 421888]
    "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2010-09-01 421160]

    [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
    "msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-07-26 3883856]

    c:\users\Harald\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
    OneNote 2007 Schermopname en Snel starten.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2009-2-26 97680]

    c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
    Empowering Technology Launcher.lnk - c:\acer\Empowering Technology\eAPLauncher.exe [2007-4-18 528384]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
    "EnableUIADesktopToggle"= 0 (0x0)

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
    "AppInit_DLLs"=c:\windows\System32\avgrsstx.dll c:\windows\System32\eNetHook.dll

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
    @="Service"

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
    2010-06-20 02:04 35760 —-a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
    2010-09-01 06:32 421160 —-a-w- c:\program files\iTunes\iTunesHelper.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPEnh]
    2006-10-23 19:00 815104 —-a-w- c:\program files\Synaptics\SynTP\SynTPEnh.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
    "DisableMonitoring"=dword:00000001

    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
    "DisableMonitoring"=dword:00000001

    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
    "DisableMonitoring"=dword:00000001

    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
    "VistaSp2"=hex(b):53,fc,cd,b7,47,28,ca,01

    R1 fhampkio;fhampkio;c:\windows\system32\drivers\fhampkio.sys [x]
    R2 gupdate;Google Updateservice (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-02-01 135664]
    R3 esgiguard;esgiguard;c:\program files\Enigma Software Group\SpyHunter\esgiguard.sys [x]
    S1 AvgLdx86;AVG AVI Loader Driver x86;c:\windows\System32\Drivers\avgldx86.sys [2010-08-29 216400]
    S1 AvgTdiX;AVG8 Network Redirector;c:\windows\System32\Drivers\avgtdix.sys [2010-08-29 243024]
    S2 avg9emc;AVG Free E-mail Scanner;c:\program files\AVG\AVG9\avgemc.exe [2010-08-29 921952]
    S2 avg9wd;AVG Free WatchDog;c:\program files\AVG\AVG9\avgwdsvc.exe [2010-08-29 308136]

    .
    Inhoud van de 'Gedeelde Taken' map

    2010-09-07 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
    - c:\program files\Google\Update\GoogleUpdate.exe [2010-02-01 17:34]

    2010-09-07 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
    - c:\program files\Google\Update\GoogleUpdate.exe [2010-02-01 17:34]
    .
    .
    ——- Bijkomende Scan ——-
    .
    uSearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
    mStart Page = hxxp://nl.intl.acer.yahoo.com
    uInternet Settings,ProxyServer = http=127.0.0.1:80
    IE: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
    IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
    IE: Google Sidewiki… - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
    .

    **************************************************************************

    catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2010-09-07 23:09
    Windows 6.0.6002 Service Pack 2 NTFS

    scannen van verborgen processen …

    scannen van verborgen autostart items …

    HKCU\Software\Microsoft\Windows\CurrentVersion\Run
    MsnMsgr = "c:\program files\Windows Live\Messenger\msnmsgr.exe" /background??s

    scannen van verborgen bestanden …

    Scan succesvol afgerond
    verborgen bestanden: 0

    **************************************************************************
    .
    ——————— VERGRENDELDE REGISTER SLEUTELS ———————

    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
    @Denied: (A) (Users)
    @Denied: (A) (Everyone)
    @Allowed: (B 1 2 3 4 5) (S-1-5-20)
    "BlindDial"=dword:00000000
    .
    ——————— DLLs Geladen Onder Lopende Processen ———————

    - - - - - - - > 'Explorer.exe'(4120)
    c:\windows\system32\MsnChatHook.dll
    c:\windows\system32\ShowErrMsg.dll
    c:\windows\system32\sysenv.dll
    c:\windows\system32\BatchCrypto.dll
    c:\windows\system32\CryptoAPI.dll
    c:\windows\system32\keyManager.dll
    .
    Voltooingstijd: 2010-09-07 23:12:20
    ComboFix-quarantined-files.txt 2010-09-07 21:12
    ComboFix2.txt 2010-09-01 16:41
    ComboFix3.txt 2010-08-31 22:47

    Pre-Run: 4.559.503.360 bytes beschikbaar
    Post-Run: 4.601.876.480 bytes beschikbaar

    - - End Of File - - 14199C218878113446A50AED02A2D700



  • Hallo MissyDelani, hoe gaat het inmiddels mat jouw Windows?


    [b:252182b30b]Herstart MBAM.[/b:252182b30b]
    [list:252182b30b][*:252182b30b] Klik eerst op de tab 'Update'.
    [*:252182b30b] Klik vervolgens op de knop 'Controleer op updates'.
    [*:252182b30b] Indien een nieuwe versie van MBAM wordt aangeboden - ga hiermee akkoord.
    [*:252182b30b] Nadat MBAM vernieuwd is eerst weer de updatecyclus opstarten.
    [*:252182b30b] Daarna kies je voor 'Snelle Scan'[/list:u:252182b30b]
    [list:252182b30b][*:252182b30b] Indien de scan voltooid is, klik dan op de knop 'OK'.
    [*:252182b30b] Klik daarna op de knop 'Bekijk Resultaten' om de resultaten te zien.
    [*:252182b30b] Zorg ervoor, dat alles aangevinkt is.
    [*:252182b30b] Vervolgens klik je op: 'Verwijder geselecteerde'.
    [*:252182b30b] Na het verwijderen zal een log openen en zal er gevraagd worden om de computer opnieuw op te starten.[/list:u:252182b30b]

    [list:252182b30b][*:252182b30b] Het log wordt automatisch bewaard door 'MBAM en dat kan je terugvinden door op de tab 'Logs' te klikken in 'MBAM'.[/list:u:252182b30b]

    [list:252182b30b][*:252182b30b] Indien 'MBAM' moeilijkheden heeft met het verwijderen van bepaalde bestanden zal het enkele meldingen geven – dan telkens op 'OK' klikken!
    [*:252182b30b] Daarna zal 'MBAM' vragen om de Computer opnieuw op te starten - dus sta toe dat de computer opnieuw opgestart wordt.[/list:u:252182b30b]


    [b:252182b30b]Hierna post je de inhoud van de volgende logs:[/b:252182b30b]
    [list:252182b30b][*:252182b30b] een nieuw Hijackthis-log
    [*:252182b30b] MBAM scanlog[/list:u:252182b30b]
    Tevens een Uninstall-lijst posten:
    [list:252182b30b][*:252182b30b] start HijackThis,
    [*:252182b30b] klik op de knop Open the Misc Tools section,
    [*:252182b30b] klik op de knop Open Uninstall Manager,
    [*:252182b30b] Klik op de knop Save.[/list:u:252182b30b]
  • hoi, ik verder niks meer gemerkt…

    hier alvast t logje van mbam.. die andere 2 komen er aan :)

    Malwarebytes' Anti-Malware 1.46
    www.malwarebytes.org

    Databaseversie: 4594

    Windows 6.0.6002 Service Pack 2
    Internet Explorer 8.0.6001.18943

    11-9-2010 19:15:49
    mbam-log-2010-09-11 (19-15-49).txt

    Scantype: Snelle scan
    Objecten gescand: 135735
    Verstreken tijd: 8 minuut/minuten, 8 seconde(n)

    Geheugenprocessen geïnfecteerd: 0
    Geheugenmodulen geïnfecteerd: 0
    Registersleutels geïnfecteerd: 0
    Registerwaarden geïnfecteerd: 0
    Registerdata geïnfecteerd: 0
    Mappen geïnfecteerd: 0
    Bestanden geïnfecteerd: 0

    Geheugenprocessen geïnfecteerd:
    (Geen kwaadaardige objecten gedetecteerd)

    Geheugenmodulen geïnfecteerd:
    (Geen kwaadaardige objecten gedetecteerd)

    Registersleutels geïnfecteerd:
    (Geen kwaadaardige objecten gedetecteerd)

    Registerwaarden geïnfecteerd:
    (Geen kwaadaardige objecten gedetecteerd)

    Registerdata geïnfecteerd:
    (Geen kwaadaardige objecten gedetecteerd)

    Mappen geïnfecteerd:
    (Geen kwaadaardige objecten gedetecteerd)

    Bestanden geïnfecteerd:
    (Geen kwaadaardige objecten gedetecteerd)
  • logjes van Hijackthis

    Logfile of Trend Micro HijackThis v2.0.4
    Scan saved at 19:20:09, on 11-9-2010
    Platform: Windows Vista SP2 (WinNT 6.00.1906)
    MSIE: Internet Explorer v8.00 (8.00.6001.18943)
    Boot mode: Normal

    Running processes:
    C:\Windows\system32\taskeng.exe
    C:\Windows\system32\Dwm.exe
    C:\Windows\Explorer.EXE
    C:\Windows\RtHDVCpl.exe
    C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
    C:\Program Files\Launch Manager\LManager.exe
    C:\Windows\System32\rundll32.exe
    C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
    C:\Program Files\AVG\AVG9\avgtray.exe
    C:\Program Files\Common Files\Java\Java Update\jusched.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\Program Files\Windows Live\Messenger\msnmsgr.exe
    C:\Windows\ehome\ehtray.exe
    C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    C:\Program Files\Windows Media Player\wmpnscfg.exe
    C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
    C:\Acer\Empowering Technology\ENET\ENMTRAY.EXE
    C:\Windows\ehome\ehmsas.exe
    C:\Acer\Empowering Technology\EPOWER\EPOWER_DMC.EXE
    C:\Users\Harald\AppData\Local\Temp\RtkBtMnt.exe
    C:\Acer\Empowering Technology\ACER.EMPOWERING.FRAMEWORK.SUPERVISOR.EXE
    C:\Acer\Empowering Technology\eRecovery\ERAGENT.EXE
    C:\Windows\system32\Macromed\Flash\FlashUtil10h_ActiveX.exe
    C:\Windows\system32\SearchProtocolHost.exe
    C:\Windows\system32\SearchFilterHost.exe
    C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://nl.msn.com/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://nl.intl.acer.yahoo.com
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:80
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
    R3 - URLSearchHook: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll
    O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
    O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
    O2 - BHO: ShowBarObj Class - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Windows\system32\ActiveToolBand.dll
    O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.5126.1836\swg.dll
    O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
    O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\system32\eDStoolbar.dll
    O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
    O3 - Toolbar: AVG Security Toolbar - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll
    O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
    O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
    O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
    O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
    O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\LManager.exe
    O4 - HKLM\..\Run: [WarReg_PopUp] C:\Acer\WR_PopUp\WarReg_PopUp.exe
    O4 - HKLM\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe
    O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32
    vsvc.dll,nvsvcStart
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
    O4 - HKLM\..\Run: [VirtualCloneDrive] "C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
    O4 - HKLM\..\Run: [AVG9_TRAY] C:\PROGRA~1\AVG\AVG9\avgtray.exe
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    O4 - HKLM\..\Run: [Google Quick Search Box] "C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe" /autorun
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
    O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
    O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
    O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
    O4 - HKUS\S-1-5-18\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (User 'SYSTEEM')
    O4 - HKUS\.DEFAULT\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (User 'Default user')
    O4 - Startup: OneNote 2007 Schermopname en Snel starten.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
    O4 - Global Startup: Empowering Technology Launcher.lnk = ?
    O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
    O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
    O8 - Extra context menu item: Google Sidewiki… - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
    O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
    O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
    O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
    O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll
    O20 - AppInit_DLLs: C:\Windows\System32\avgrsstx.dll C:\Windows\System32\eNetHook.dll
    O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
    O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    O23 - Service: AVG Free E-mail Scanner (avg9emc) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgemc.exe
    O23 - Service: AVG Free WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgwdsvc.exe
    O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
    O23 - Service: eDSService.exe (eDataSecurity Service) - HiTRSUT - C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe
    O23 - Service: eLock Service (eLockService) - Acer Inc. - C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe
    O23 - Service: eNet Service - Acer Inc. - C:\Acer\Empowering Technology\eNet\eNet Service.exe
    O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
    O23 - Service: eSettings Service (eSettingsService) - Unknown owner - C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe
    O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
    O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
    O23 - Service: MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exe
    O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
    O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
    O23 - Service: ePower Service (WMIService) - acer - C:\Acer\Empowering Technology\ePower\ePowerSvc.exe
    O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe


    End of file - 10554 bytes

    _____________________________________________



    Acer Arcade Deluxe
    Acer eDataSecurity Management
    Acer eLock Management
    Acer Empowering Technology
    Acer eNet Management
    Acer ePower Management
    Acer ePresentation Management
    Acer eSettings Management
    Acer GridVista
    Acer Mobility Center Plug-In
    Acer ScreenSaver
    Acer Tour
    Activation Assistant for the 2007 Microsoft Office suites
    Adobe Flash Player 10 ActiveX
    Adobe Flash Player 10 Plugin
    Adobe Reader 9.3.4 - Nederlands
    Adobe Shockwave Player 11.5
    Apple Application Support
    Apple Mobile Device Support
    Apple Software Update
    AVG Free 9.0
    Bonjour
    CCleaner
    DivX Codec
    DivX Converter
    DivX Player
    DivX Plus DirectShow Filters
    DivX Web Player
    Extensie voor Windows Live Toolbar (Windows Live Toolbar)
    Google Toolbar for Internet Explorer
    Google Toolbar for Internet Explorer
    Google Update Helper
    HDAUDIO Soft Data Fax Modem with SmartCP
    HiJackThis
    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
    Huur- en zorgtoeslag 2010
    iPhone-configuratieprogramma
    iTunes
    Java(TM) 6 Update 21
    Junk Mail filter update
    Launch Manager
    Malwarebytes' Anti-Malware
    Markeringviewer (Windows Live Toolbar)
    Messenger Plus! Live
    Microsoft .NET Framework 3.5 SP1
    Microsoft .NET Framework 3.5 SP1
    Microsoft Choice Guard
    Microsoft Office 2007 Service Pack 2 (SP2)
    Microsoft Office 2007 Service Pack 2 (SP2)
    Microsoft Office 2007 Service Pack 2 (SP2)
    Microsoft Office 2007 Service Pack 2 (SP2)
    Microsoft Office 2007 Service Pack 2 (SP2)
    Microsoft Office 2007 Service Pack 2 (SP2)
    Microsoft Office Excel MUI (Dutch) 2007
    Microsoft Office Home and Student 2007
    Microsoft Office Home and Student 2007
    Microsoft Office Live Add-in 1.3
    Microsoft Office OneNote MUI (Dutch) 2007
    Microsoft Office PowerPoint MUI (Dutch) 2007
    Microsoft Office Proof (Dutch) 2007
    Microsoft Office Proof (English) 2007
    Microsoft Office Proof (French) 2007
    Microsoft Office Proof (German) 2007
    Microsoft Office Proofing (Dutch) 2007
    Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
    Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
    Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
    Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
    Microsoft Office Shared MUI (Dutch) 2007
    Microsoft Office Word MUI (Dutch) 2007
    Microsoft Search Enhancement Pack
    Microsoft Silverlight
    Microsoft SQL Server 2005 Compact Edition [ENU]
    Microsoft Sync Framework Runtime Native v1.0 (x86)
    Microsoft Sync Framework Services Native v1.0 (x86)
    Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
    Microsoft Visual C++ 2005 Redistributable
    Microsoft Works
    MobileMe Control Panel
    MSVC80_x86_v2
    MSVCRT
    MSXML 4.0 SP2 (KB936181)
    MSXML 4.0 SP2 (KB941833)
    MSXML 4.0 SP2 (KB954430)
    MSXML 4.0 SP2 (KB973688)
    Nokia Connectivity Cable Driver
    NTI Backup NOW! 4.7
    NTI CD & DVD-Maker
    NVIDIA Drivers
    OGA Notifier 2.0.0048.0
    OpenOffice.org Installer 1.0
    PC Connectivity Solution
    PowerProducer
    QuickTime
    Realtek High Definition Audio Driver
    Security Update for 2007 Microsoft Office System (KB2277947)
    Security Update for 2007 Microsoft Office System (KB969559)
    Security Update for 2007 Microsoft Office System (KB976321)
    Security Update for 2007 Microsoft Office System (KB982312)
    Security Update for 2007 Microsoft Office System (KB982331)
    Security Update for CAPICOM (KB931906)
    Security Update for CAPICOM (KB931906)
    Security Update for Microsoft Office Excel 2007 (KB982308)
    Security Update for Microsoft Office InfoPath 2007 (KB979441)
    Security Update for Microsoft Office PowerPoint 2007 (KB982158)
    Security Update for Microsoft Office system 2007 (972581)
    Security Update for Microsoft Office system 2007 (KB974234)
    Security Update for Microsoft Office Visio Viewer 2007 (KB973709)
    Security Update for Microsoft Office Word 2007 (KB2251419)
    Smart Menu's (Windows Live Toolbar)
    Spelling Dictionaries Support For Adobe Reader 9
    Synaptics Pointing Device Driver
    System Requirements Lab
    Texas Instruments PCIxx21/x515/xx12 drivers.
    Update for 2007 Microsoft Office System (KB967642)
    Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
    Update for Microsoft Office OneNote 2007 (KB980729)
    VC80CRTRedist - 8.0.50727.762
    VirtualCloneDrive
    Vista Codec Package
    Windows Live - Hulpprogramma voor uploaden
    Windows Live aanmeldhulp
    Windows Live Call
    Windows Live Communications Platform
    Windows Live Essentials
    Windows Live Essentials
    Windows Live Family Safety
    Windows Live Favorites voor Windows Live Toolbar
    Windows Live Mail
    Windows Live Messenger
    Windows Live Movie Maker
    Windows Live Photo Gallery
    Windows Live Sync
    Windows Live Toolbar
    Windows Live Writer
    Windows-stuurprogrammapakket - Nokia pccsmcfd (08/22/2008 7.0.0.0)
    WinRAR archiver

Beantwoord deze vraag

Dit is een gearchiveerde pagina. Antwoorden is niet meer mogelijk.