Op deze website gebruiken we cookies om content en advertenties te personaliseren, om functies voor social media te bieden en om ons websiteverkeer te analyseren. Ook delen we informatie over uw gebruik van onze site met onze partners voor social media, adverteren en analyse. Deze partners kunnen deze gegevens combineren met andere informatie die u aan ze heeft verstrekt of die ze hebben verzameld op basis van uw gebruik van hun services. Meer informatie.

Akkoord

Vraag & Antwoord

Beveiliging & privacy

melding corrupt

None
9 antwoorden
  • hallo ,nu is de beurt aan de pc van mijn vader,deze geeft steeds een melding imvu corrupt need fixt oid het programma is al verwijdert ,wie kan ons helpen hier een hijackthis log.



    Logfile of Trend Micro HijackThis v2.0.4
    Scan saved at 9:52:13 AM, on 2/10/2011
    Platform: Windows 7 (WinNT 6.00.3504)
    MSIE: Internet Explorer v8.00 (8.00.7600.16722)
    Boot mode: Normal

    Running processes:
    C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    C:\Program Files (x86)\Packard Bell\Software Suite SE\SoftSuiteSE.exe
    C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
    C:\Program Files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe
    C:\Program Files (x86)\Packard Bell Photo Frame\ButtonMonitor.exe
    C:\Program Files\Alwil Software\Avast5\AvastUI.exe
    C:\Program Files (x86)\epson\Creativity Suite\Event Manager\EEventManager.exe
    C:\Program Files (x86)\Adobe\Reader 10.0\Reader\reader_sl.exe
    C:\Program Files (x86)\Packard Bell\Software Suite SE\SEDevDetect.exe
    C:\Users\250926\Desktop\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.packardbell.com
    dr.aspx?b=ACPW&l=0409&m=ixtreme_m3720&r=173612090406p03f5x175y48l19231
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.nl/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.packardbell.com
    dr.aspx?b=ACPW&l=0409&m=ixtreme_m3720&r=173612090406p03f5x175y48l19231
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://homepage.packardbell.com
    dr.aspx?b=ACPW&l=0409&m=ixtreme_m3720&r=173612090406p03f5x175y48l19231
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    F2 - REG:system.ini: UserInit=userinit.exe
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
    O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll
    O2 - BHO: Bing Bar BHO - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2322.0
    pwinext.dll
    O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: Bandoo IE Plugin - {EB5CEE80-030A-4ED8-8E20-454E9C68380F} - C:\Program Files (x86)\Bandoo\Plugins\IE\ieplugin.dll
    O3 - Toolbar: @C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2322.0
    pwinext.dll,-100 - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2322.0
    pwinext.dll
    O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
    O4 - HKLM\..\Run: [Packard Bell Photo Frame] C:\Program Files (x86)\Packard Bell Photo Frame\ButtonMonitor.exe -A
    O4 - HKLM\..\Run: [avast5] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui
    O4 - HKLM\..\Run: [EEventManager] C:\Program Files (x86)\EPSON\Creativity Suite\Event Manager\EEventManager.exe
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    O4 - HKCU\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
    O4 - HKCU\..\Run: [Software Suite SE] "C:\Program Files (x86)\Packard Bell\Software Suite SE\SoftSuiteSE.exe"
    un
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
    O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
    O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
    O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
    O4 - Startup: IMVU.lnk = 250926\AppData\Roaming\IMVUClient\IMVUQualityAgent.exe
    O4 - Global Startup: McAfee Security Scan Plus.lnk = ?
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
    O8 - Extra context menu item: Google Sidewiki… - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll/cmsidewiki.html
    O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
    O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
    O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
    O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
    O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
    O16 - DPF: {4A85DBE0-BFB2-4119-8401-186A7C6EB653} - http://messenger.zone.msn.com/MessengerGamesContent/GameContent/nl/mjss/MJSS.cab109791.cab
    O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/MessengerGamesContent/GameContent/nl/uno1/GAME_UNO1.cab
    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
    O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
    O16 - DPF: {EDFCB7CB-942C-4822-AF14-F0B687409848} (Image Uploader Control) - http://cache.hyves-static.net/statics/Aurigma/ImageUploader4.cab
    O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
    O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
    O20 - AppInit_DLLs: c:\progra~2\bandoo\bndhook.dll
    O23 - Service: Adobe Active File Monitor V7 (AdobeActiveFileMonitor7.0) - Adobe Systems Incorporated - c:\Program Files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe
    O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
    O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
    O23 - Service: Bandoo Coordinator - Discordia Limited - C:\PROGRA~2\Bandoo\Bandoo.exe
    O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
    O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
    O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
    O23 - Service: GRegService (Greg_Service) - Acer Incorporated - C:\Program Files (x86)\Packard Bell\Registration\GregHSRW.exe
    O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: Inkjet Printer/Scanner Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
    O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe
    O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
    O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
    O23 - Service: @%SystemRoot%\System32
    etlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32
    vvsvc.exe (file missing)
    O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
    O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
    O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Windows\SysWOW64
    vSCPAPISvr.exe
    O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
    O23 - Service: Updater Service - Acer - C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe
    O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
    O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
    O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
    O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
    O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)


    End of file - 12152 bytes
  • Hoi kloassie, er schijnt wel wat mer aan de hand te zijn met de PC van jouw vader!


    [b:f54d1c14bc]Te gebruiken programma's[/b:f54d1c14bc]
    [list:f54d1c14bc][*:f54d1c14bc]Trend Micro [b:f54d1c14bc]Hijack This Versie 2.0.4[/b:f54d1c14bc]
    [*:f54d1c14bc]Microsoft [b:f54d1c14bc]Malicious Software Removal Tool[/b:f54d1c14bc]
    [*:f54d1c14bc] Malwarebytes [b:f54d1c14bc]MBAM[/b:f54d1c14bc]
    [*:f54d1c14bc][b:f54d1c14bc]TFC[/b:f54d1c14bc] (The File Cleaner)[/list:u:f54d1c14bc]

    [b:f54d1c14bc]Downloaden - maar nog niet installeren - download de setups naar je bureaublad[/b:f54d1c14bc]:
    [list:f54d1c14bc][*:f54d1c14bc]Microsoft [b:f54d1c14bc]Malicious Software Removal Tool[/b:f54d1c14bc] - download en meer informatie vindt je [b:f54d1c14bc]hier[/b:f54d1c14bc]
    [*:f54d1c14bc]Download [b:f54d1c14bc]Malwarebytes MBAM[/b:f54d1c14bc] via één van deze locaties: [b:f54d1c14bc]Download.com[/b:f54d1c14bc], [b:f54d1c14bc]Softpedia.com[/b:f54d1c14bc] of [b:f54d1c14bc]Majorgeeks.com[/b:f54d1c14bc]
    [*:f54d1c14bc]Download [b:f54d1c14bc]TFC[/b:f54d1c14bc] [b:f54d1c14bc]hier[/b:f54d1c14bc][/list:u:f54d1c14bc]

    [b:f54d1c14bc]Belangrijk[/b:f54d1c14bc]:
    [list:f54d1c14bc][*:f54d1c14bc]Vista- en Windows 7 gebruik(st)ers installeren en starten alle gebruikte tools middels rechtsklikken en dan kiezen voor Als Administrator uitvoeren.[/list:u:f54d1c14bc]

    [b:f54d1c14bc]Stap •1•[/b:f54d1c14bc][/color:f54d1c14bc]

    [b:f54d1c14bc]Welk programma[/b:f54d1c14bc]: Windows Defender
    [b:f54d1c14bc]Waarvoor/waarom[/b:f54d1c14bc]: Spywarescanner - dient gedeaktiveerd te worden, zodat het tool geen invloed heeft op de fix!
    [b:f54d1c14bc]Moeilijkheidsgraad[/b:f54d1c14bc]: geen.
    [list:f54d1c14bc][*:f54d1c14bc] Open Windows Defender en Klik vervolgens op "Tools".
    [*:f54d1c14bc] Klik "General Settings" of "Options".
    [*:f54d1c14bc] Scroll naar "Real Time Protection Options"
    [*:f54d1c14bc] Haal het vinkje weg bij "Turn on Real Time Protection (recommended)" > Klik "Save"
    [*:f54d1c14bc]Sluit Windows Defender (als de fix klaar is, kan je het tool weer aanzetten)[/list:u:f54d1c14bc]
    [b:f54d1c14bc]Stap •2•[/b:f54d1c14bc][/color:f54d1c14bc]

    [b:f54d1c14bc]Welk programma[/b:f54d1c14bc]: Trend Micro [b:f54d1c14bc]Hijack This Versie 2.0.4[/b:f54d1c14bc]
    [b:f54d1c14bc]Wat doen[/b:f54d1c14bc]: fix

    [b:f54d1c14bc]Belangrijk[/b:f54d1c14bc]:
    [list:f54d1c14bc][*:f54d1c14bc]Sluit alle openstaande programma en webvenstersvensters - behalve dit webvenster, dat je sluit voor het moment, dat je op de knop [b:f54d1c14bc]Fix checked[/b:f54d1c14bc] in Hijack This gaat klikken![/list:u:f54d1c14bc]
    [b:f54d1c14bc]Hijack This opstarten[/b:f54d1c14bc]:
    Windows 2000 en Windows XP: start HijackThis middels dubbelklik op de snelkoppeling en klik in het hoofdmenu danop de knop [b:f54d1c14bc]Do a Scan only.[/b:f54d1c14bc]
    Windows Vista en Windows 7: start HijackThis middels rechtsklik op de snelkoppeling en kies dan voor "Uitvoeren als administrator" en klik in het hoofdmenu dan op de knop [b:f54d1c14bc]Do a Scan only.[/b:f54d1c14bc]

    [b:f54d1c14bc]Werkwijze[/b:f54d1c14bc]:
    [list:f54d1c14bc][*:f54d1c14bc]Zet een vinkje voor die regel(s) welke met de onderstaand vermelde regels corresponderen.
    [*:f54d1c14bc]Sluit nu de webbrowser en vervolgens klik je daarna op de knop [b:f54d1c14bc]Fix checked[/b:f54d1c14bc][/list:u:f54d1c14bc][b:f54d1c14bc]
    O4 - Startup: IMVU.lnk = 250926\AppData\Roaming\IMVUClient\IMVUQualityAgent.exe
    O23 - Service: Bandoo Coordinator - Discordia Limited - C:\PROGRA~2\Bandoo\Bandoo.exe[/b:f54d1c14bc]

    [b:f54d1c14bc]Bovenstaande gedaan[/b:f54d1c14bc]:
    [list:f54d1c14bc][*:f54d1c14bc]Hierna hierna HijackThis afgesloten worden.[/list:u:f54d1c14bc]
    [list:f54d1c14bc][*:f54d1c14bc][b:f54d1c14bc] Start de computer na de fix opnieuw op[/b:f54d1c14bc][/list:u:f54d1c14bc]
    [b:f54d1c14bc]Stap •3•[/b:f54d1c14bc][/color:f54d1c14bc]

    [b:f54d1c14bc]Programma deïnstalleren[/b:f54d1c14bc]:
    Ga naar Configuratiescherm\Programma's en onderdelen en verwijder daar [b:f54d1c14bc]Bandoo[/b:f54d1c14bc]

    [b:f54d1c14bc]Stap •4•[/b:f54d1c14bc][/color:f54d1c14bc]

    [b:f54d1c14bc]Welk programma[/b:f54d1c14bc]: Microsoft [b:f54d1c14bc]Malicious Software Removal Tool[/b:f54d1c14bc]
    [b:f54d1c14bc]Waarvoor/waarom[/b:f54d1c14bc]: scant op specifieke besmettingen in Windows.

    [b:f54d1c14bc]Opmerking[/b:f54d1c14bc]: indien de te behandelen Windows een Windows XP - ServicePack 2 versie betreft, dan wordt deze Windows niet meer ondersteund door Microsoft.
    Gevolg: het [b:f54d1c14bc]Malicious Software Removal Tool[/b:f54d1c14bc] is dan of niet meer aktueel of niet meer aanwezig.
    Dit kan opgelost worden door het tool te downloaden en te installeren, waarna het tool de scan start!

    [b:f54d1c14bc]Het Malicious Software Removal Tool gaan gebruiken[/b:f54d1c14bc]:

    In Windows XP:
    [list:f54d1c14bc][*:f54d1c14bc]Ga naar 'Start/Uitvoeren' en typ in de opdrachtregel [b:f54d1c14bc]mrt[/b:f54d1c14bc]; klik vervolgens op 'OK'.
    [*:f54d1c14bc]Laat de instelling op Snelle scan staan en kies scannen![/list:u:f54d1c14bc]

    In Windows Vista en Windows 7:
    [list:f54d1c14bc][*:f54d1c14bc]Typ in de zoekregel direkt boven de Startknop [b:f54d1c14bc]mrt[/b:f54d1c14bc].
    [*:f54d1c14bc]Bovenaan het startmenu klik je vervolgens met rechts op de snelkoppeling van 'mrt.exe' en kies je voor Uitvoeren als administrator.
    [*:f54d1c14bc]Laat de instelling op Snelle scan staan en kies scannen![/list:u:f54d1c14bc]
    [b:f54d1c14bc]Stap •5•[/b:f54d1c14bc][/color:f54d1c14bc]

    [b:f54d1c14bc]Welk programma[/b:f54d1c14bc]: Malwarebytes MBAM
    [b:f54d1c14bc]Waarvoor/waarom[/b:f54d1c14bc]: specialistische scanner om Windows snel te onderzoeken op- en te ontdoen van spy- & malware.
    [b:f54d1c14bc]Moeilijkheidsgraad[/b:f54d1c14bc]: geen.

    [b:f54d1c14bc]Allereerst[/b:f54d1c14bc]:
    [list:f54d1c14bc][*:f54d1c14bc] Al meteen na de installatie wil 'MBAM' zijn database opwaarderen – toestaan dus.
    [*:f54d1c14bc] Ook bij herhaald gebruik: eerst 'MBAM' updaten via de tab 'Update'![/list:u:f54d1c14bc]
    [b:f54d1c14bc]Malwarebytes MBAM opstarten[/b:f54d1c14bc]:
    Windows 2000 en Windows XP: start MBAM middels dubbelklik op de snelkoppeling.
    Windows Vista en Windows 7: start MBAM middels rechtsklik op de snelkoppeling en dan kiezen voor Als Administrator uitvoeren.

    [b:f54d1c14bc]Scannen[/b:f54d1c14bc]:
    [list:f54d1c14bc][*:f54d1c14bc] Bij het starten van 'MBAM' kies je voor 'Snelle Scan'.
    [*:f54d1c14bc]Het scannen kan een tijdje duren, dus wees geduldig. Indien de scan voltooid is, klik dan op de knop 'OK'.
    [*:f54d1c14bc]Klik daarna op de knop 'Bekijk Resultaten' om de resultaten te zien.
    [b:f54d1c14bc]Infecties gevonden[/b:f54d1c14bc]:
    [list[*:f54d1c14bc]Klik nu eerst op OK om de melding weg te klikken
    [*:f54d1c14bc]Klik vervolgens rechtsonder op de knop Bekijk resultaten.
    [*:f54d1c14bc]Zorg er nu voor dat alle gevonden infecties aangevinkt zijn, en klik linksonder op Verwijder geselecteerde.
    [*:f54d1c14bc]Na het verwijderen zal een log openen en zal er gevraagd worden om de computer opnieuw op te starten.
    [*:f54d1c14bc]Indien 'MBAM' moeilijkheden heeft met het verwijderen van bepaalde bestanden zal het enkele meldingen geven – dan telkens op 'OK' klikken!
    [*:f54d1c14bc]Daarna zal 'MBAM' vragen om de Computer opnieuw op te starten - dus sta toe dat de computer opnieuw opgestart wordt.[/list:u:f54d1c14bc]
    [b:f54d1c14bc]MBAM-Log[/b:f54d1c14bc]:
    [list:f54d1c14bc][*:f54d1c14bc] Het log wordt automatisch bewaard door 'MBAM en dat kan je terugvinden door in het hoofdmenu van MBAM op de tab 'Logbestanden' te klikken'.[/list:u:f54d1c14bc]
    [b:f54d1c14bc]Stap •6•[/b:f54d1c14bc][/color:f54d1c14bc]

    [b:f54d1c14bc]Welk programma[/b:f54d1c14bc]: [b:f54d1c14bc]TFC[/b:f54d1c14bc] (The File Cleaner)
    [b:f54d1c14bc]Waarvoor/waarom[/b:f54d1c14bc]: cleaner
    [b:f54d1c14bc]Moeilijkheidsgraad[/b:f54d1c14bc]: geen.

    [b:f54d1c14bc]Uitvoeren[/b:f54d1c14bc]:
    Belangrijk: gebruikers van Windows Vista en Windows 7 starten het tool middels rechtsklik en daarbij dan kiezend voor Als Administrator uitvoeren!
    [list:f54d1c14bc][*:f54d1c14bc] Klik/dubbelklik op [b:f54d1c14bc]TFC.exe[/b:f54d1c14bc] om het programma te starten.
    [*:f54d1c14bc] Niet schrikken - het tool sluit alle lopende programma's - ergo: verzeker je dus ervan, dat al je werk is opgeslagen!
    [*:f54d1c14bc] Vervolgens klik je op de knop [b:f54d1c14bc]Start[/b:f54d1c14bc] om de scan te starten. Deze scan kan kort of langer duren, wees geduldig en laat TFC zijn taak doen en wacht to TFC klaaar is.
    [*:f54d1c14bc] Indien TFC klaar is, dan komt de melding dat de computer opnieuw opgestart wordt.
    [*:f54d1c14bc] Gebeurt het afsluiten niet automatisch, start dan zelf de computer opnieuw op.
    [*:f54d1c14bc] Noot: TFC vertoont geen log![/list:u:f54d1c14bc]
    [b:f54d1c14bc]Stap •7•[/b:f54d1c14bc][/color:f54d1c14bc]

    [b:f54d1c14bc]Als laatste post je aansluitend de inhoud van de volgende logs:[/b:f54d1c14bc]
    [list:f54d1c14bc][*:f54d1c14bc] een nieuw Hijackthis-log (via de kleurcodeerder)
    [*:f54d1c14bc] MBAM scanlog[/list:u:f54d1c14bc]
    Tevens een Uninstall-lijst posten:
    [list:f54d1c14bc][*:f54d1c14bc] start HijackThis,
    [*:f54d1c14bc] klik op de knop Open the Misc Tools section,
    [*:f54d1c14bc] klik op de knop Open Uninstall Manager,
    [*:f54d1c14bc] Klik op de knop Save.[/list:u:f54d1c14bc]

    Verder mag je ook vermelden of het Microsoft Malicious Software Removal Tool iets verwijderd heeft.
  • bedankt weer voor je hulp klasse.

    Logfile of Trend Micro HijackThis v2.0.4
    Scan saved at 10:55:23 AM, on 2/10/2011
    Platform: Windows 7 (WinNT 6.00.3504)
    MSIE: Internet Explorer v8.00 (8.00.7600.16722)
    Boot mode: Normal

    Running processes:
    C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    C:\Program Files (x86)\Packard Bell\Software Suite SE\SoftSuiteSE.exe
    C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
    C:\Program Files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe
    C:\Program Files (x86)\Packard Bell Photo Frame\ButtonMonitor.exe
    C:\Program Files\Alwil Software\Avast5\AvastUI.exe
    C:\Program Files (x86)\epson\Creativity Suite\Event Manager\EEventManager.exe
    C:\Program Files (x86)\Internet Explorer\iexplore.exe
    C:\Program Files (x86)\Packard Bell\Software Suite SE\SEDevDetect.exe
    C:\Program Files (x86)\Internet Explorer\iexplore.exe
    C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SCServer\SCServer.exe
    C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe
    C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2322.0\mswinext.exe
    C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10l_ActiveX.exe
    C:\Users\250926\Desktop\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.packardbell.com
    dr.aspx?b=ACPW&l=0409&m=ixtreme_m3720&r=173612090406p03f5x175y48l19231
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.nl/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.packardbell.com
    dr.aspx?b=ACPW&l=0409&m=ixtreme_m3720&r=173612090406p03f5x175y48l19231
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://homepage.packardbell.com
    dr.aspx?b=ACPW&l=0409&m=ixtreme_m3720&r=173612090406p03f5x175y48l19231
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    F2 - REG:system.ini: UserInit=userinit.exe
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
    O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll
    O2 - BHO: Bing Bar BHO - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2322.0
    pwinext.dll
    O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
    O3 - Toolbar: @C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2322.0
    pwinext.dll,-100 - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2322.0
    pwinext.dll
    O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
    O4 - HKLM\..\Run: [Packard Bell Photo Frame] C:\Program Files (x86)\Packard Bell Photo Frame\ButtonMonitor.exe -A
    O4 - HKLM\..\Run: [avast5] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui
    O4 - HKLM\..\Run: [EEventManager] C:\Program Files (x86)\EPSON\Creativity Suite\Event Manager\EEventManager.exe
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    O4 - HKCU\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
    O4 - HKCU\..\Run: [Software Suite SE] "C:\Program Files (x86)\Packard Bell\Software Suite SE\SoftSuiteSE.exe"
    un
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
    O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
    O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
    O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
    O4 - Global Startup: McAfee Security Scan Plus.lnk = ?
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
    O8 - Extra context menu item: Google Sidewiki… - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll/cmsidewiki.html
    O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
    O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
    O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
    O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
    O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
    O16 - DPF: {4A85DBE0-BFB2-4119-8401-186A7C6EB653} - http://messenger.zone.msn.com/MessengerGamesContent/GameContent/nl/mjss/MJSS.cab109791.cab
    O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/MessengerGamesContent/GameContent/nl/uno1/GAME_UNO1.cab
    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
    O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
    O16 - DPF: {EDFCB7CB-942C-4822-AF14-F0B687409848} (Image Uploader Control) - http://cache.hyves-static.net/statics/Aurigma/ImageUploader4.cab
    O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
    O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
    O23 - Service: Adobe Active File Monitor V7 (AdobeActiveFileMonitor7.0) - Adobe Systems Incorporated - c:\Program Files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe
    O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
    O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
    O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
    O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
    O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
    O23 - Service: GRegService (Greg_Service) - Acer Incorporated - C:\Program Files (x86)\Packard Bell\Registration\GregHSRW.exe
    O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: Inkjet Printer/Scanner Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
    O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe
    O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
    O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
    O23 - Service: @%SystemRoot%\System32
    etlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32
    vvsvc.exe (file missing)
    O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
    O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
    O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Windows\SysWOW64
    vSCPAPISvr.exe
    O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
    O23 - Service: Updater Service - Acer - C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe
    O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
    O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
    O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
    O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
    O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)


    End of file - 12135 bytes


    Malwarebytes' Anti-Malware 1.50.1.1100
    www.malwarebytes.org

    Databaseversie: 5728

    Windows 6.1.7600
    Internet Explorer 8.0.7600.16385

    2/10/2011 10:47:08 AM
    mbam-log-2011-02-10 (10-47-08).txt

    Scantype: Snelle scan
    Objecten gescand: 166904
    Verstreken tijd: 3 minuut/minuten, 45 seconde(n)

    Geheugenprocessen geïnfecteerd: 0
    Geheugenmodulen geïnfecteerd: 0
    Registersleutels geïnfecteerd: 0
    Registerwaarden geïnfecteerd: 0
    Registerdata geïnfecteerd: 0
    Mappen geïnfecteerd: 0
    Bestanden geïnfecteerd: 0

    Geheugenprocessen geïnfecteerd:
    (Geen kwaadaardige objecten gedetecteerd)

    Geheugenmodulen geïnfecteerd:
    (Geen kwaadaardige objecten gedetecteerd)

    Registersleutels geïnfecteerd:
    (Geen kwaadaardige objecten gedetecteerd)

    Registerwaarden geïnfecteerd:
    (Geen kwaadaardige objecten gedetecteerd)

    Registerdata geïnfecteerd:
    (Geen kwaadaardige objecten gedetecteerd)

    Mappen geïnfecteerd:
    (Geen kwaadaardige objecten gedetecteerd)

    Bestanden geïnfecteerd:
    (Geen kwaadaardige objecten gedetecteerd)



    2007 Microsoft Office Suite Service Pack 2 (SP2)
    2007 Microsoft Office Suite Service Pack 2 (SP2)
    Aangifte inkomstenbelasting 2009
    ABBYY FineReader 6.0 Sprint
    Acrobat.com
    Adobe AIR
    Adobe AIR
    Adobe Flash Player 10 ActiveX
    Adobe Flash Player 10 Plugin
    Adobe Photoshop Elements 7.0
    Adobe Photoshop Elements 7.0
    Adobe Photoshop Elements 7.0
    Adobe Reader X
    Adobe Reader X - Nederlands
    Advertising Center
    Alice Greenfingers
    Amazonia
    ArcSoft PhotoImpression 5
    avast! Free Antivirus
    Bing Bar
    Bing Bar Platform
    C@shflow V3.4
    Canon MP Navigator EX 2.0
    Canon MP540 series User Registration
    Canon Utilities Easy-PhotoPrint EX
    Canon Utilities My Printer
    Canon Utilities Solution Menu
    Chicken Invaders 2
    Compatibiliteitspakket voor het 2007 Microsoft Office system
    D3DX10
    Dairy Dash
    Dream Day First Home
    EPSON Attach To Email
    EPSON Copy Utility 3
    EPSON Event Manager
    EPSON File Manager
    EPSON Image Clip Palette
    EPSON Scan
    EPSON Scan Assistant
    Farm Frenzy 2
    Google Toolbar for Internet Explorer
    Google Toolbar for Internet Explorer
    Google Update Helper
    Granny In Paradise
    GVOX Encore 32 v4.5
    Heroes of Hellas
    Identity Card
    Inkjet Printer/Scanner Extended Survey Program
    Java(TM) 6 Update 22
    Junk Mail filter update
    Malwarebytes' Anti-Malware
    McAfee Security Scan Plus
    Merriam Websters Spell Jam
    Mesh Runtime
    Messenger Companion
    Microsoft Office 2007 Service Pack 2 (SP2)
    Microsoft Office 2007 Service Pack 2 (SP2)
    Microsoft Office 2007 Service Pack 2 (SP2)
    Microsoft Office 2007 Service Pack 2 (SP2)
    Microsoft Office 2007 Service Pack 2 (SP2)
    Microsoft Office 2007 Service Pack 2 (SP2)
    Microsoft Office 2007 Service Pack 2 (SP2)
    Microsoft Office 2007 Service Pack 2 (SP2)
    Microsoft Office 2007 Service Pack 2 (SP2)
    Microsoft Office 2007 Service Pack 2 (SP2)
    Microsoft Office 2007 Service Pack 2 (SP2)
    Microsoft Office 2007 Service Pack 2 (SP2)
    Microsoft Office 2007 Service Pack 2 (SP2)
    Microsoft Office 2007 Service Pack 2 (SP2)
    Microsoft Office 2007 Service Pack 2 (SP2)
    Microsoft Office Access MUI (Dutch) 2007
    Microsoft Office Excel MUI (Dutch) 2007
    Microsoft Office Groove MUI (Dutch) 2007
    Microsoft Office InfoPath MUI (Dutch) 2007
    Microsoft Office Language Pack 2007 - Dutch/Nederlands
    Microsoft Office Live Add-in 1.5
    Microsoft Office O MUI (Dutch) 2007
    Microsoft Office OneNote MUI (Dutch) 2007
    Microsoft Office Outlook Connector
    Microsoft Office Outlook MUI (Dutch) 2007
    Microsoft Office PowerPoint MUI (Dutch) 2007
    Microsoft Office PowerPoint Viewer 2007 (Dutch)
    Microsoft Office Professional 2007
    Microsoft Office Professional 2007
    Microsoft Office Proof (Dutch) 2007
    Microsoft Office Proof (English) 2007
    Microsoft Office Proof (French) 2007
    Microsoft Office Proof (German) 2007
    Microsoft Office Proofing (Dutch) 2007
    Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
    Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
    Microsoft Office Publisher MUI (Dutch) 2007
    Microsoft Office Shared MUI (Dutch) 2007
    Microsoft Office SharePoint Designer 2007 Service Pack 2 (SP2)
    Microsoft Office SharePoint Designer MUI (Dutch) 2007
    Microsoft Office Suite Activation Assistant
    Microsoft Office Word MUI (Dutch) 2007
    Microsoft Office X MUI (Dutch) 2007
    Microsoft Search Enhancement Pack
    Microsoft Silverlight
    Microsoft SQL Server 2005 Compact Edition [ENU]
    Microsoft Visual C++ 2005 Redistributable
    Microsoft Visual C++ 2005 Redistributable
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
    Microsoft Works
    MSVCRT
    MSVCRT_amd64
    MSXML 4.0 SP2 (KB954430)
    MSXML 4.0 SP2 (KB973688)
    Nero 9 Essentials
    Nero ControlCenter
    Nero ControlCenter
    Nero DiscSpeed
    Nero DiscSpeed Help
    Nero DriveSpeed
    Nero DriveSpeed Help
    Nero Express Help
    Nero InfoTool
    Nero InfoTool Help
    Nero Installer
    Nero Online Upgrade
    Nero StartSmart
    Nero StartSmart Help
    Nero StartSmart OEM
    NeroExpress
    neroxml
    NVIDIA PhysX
    NVIDIA Stereoscopic 3D Driver
    Packard Bell GameZone Console
    Packard Bell InfoCentre
    Packard Bell Photo Frame 4.2.3.10
    Packard Bell Recovery Management
    Packard Bell Registration
    Packard Bell ScreenSaver
    Packard Bell Software Suite SE
    Packard Bell Updater
    Perf3490P_3590P Gebruik.handl.
    PhotoScape
    Presto! BizCard 4.1 Eng
    Realtek High Definition Audio Driver
    Revo Uninstaller 1.91
    Security Update for 2007 Microsoft Office System (KB2288621)
    Security Update for 2007 Microsoft Office System (KB2288931)
    Security Update for 2007 Microsoft Office System (KB2289158)
    Security Update for 2007 Microsoft Office System (KB2344875)
    Security Update for 2007 Microsoft Office System (KB2345043)
    Security Update for 2007 Microsoft Office System (KB969559)
    Security Update for 2007 Microsoft Office System (KB976321)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)
    Security Update for Microsoft Office Access 2007 (KB979440)
    Security Update for Microsoft Office Access 2007 (KB979440)
    Security Update for Microsoft Office Excel 2007 (KB2345035)
    Security Update for Microsoft Office InfoPath 2007 (KB979441)
    Security Update for Microsoft Office PowerPoint 2007 (KB982158)
    Security Update for Microsoft Office PowerPoint Viewer (KB2413381)
    Security Update for Microsoft Office Publisher 2007 (KB2284697)
    Security Update for Microsoft Office system 2007 (972581)
    Security Update for Microsoft Office system 2007 (KB974234)
    Security Update for Microsoft Office Visio Viewer 2007 (KB973709)
    Security Update for Microsoft Office Word 2007 (KB2344993)
    Star Defender 4
    Update for 2007 Microsoft Office System (KB2284654)
    Update for 2007 Microsoft Office System (KB967642)
    Update for Microsoft Office Outlook 2007 (KB2412171)
    Update for Outlook 2007 Junk Email Filter (KB2492475)
    Update voor Microsoft Office Excel 2007 Help (KB963678)
    Update voor Microsoft Office Powerpoint 2007 Help (KB963669)
    Update voor Microsoft Office Word 2007 Help (KB963665)
    Welcome Center
    Windows Live Communications Platform
    Windows Live Essentials
    Windows Live Essentials
    Windows Live Installer
    Windows Live Mail
    Windows Live Mail
    Windows Live Mesh
    Windows Live Mesh
    Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen
    Windows Live Messenger
    Windows Live Messenger
    Windows Live Messenger Companion Core
    Windows Live Movie Maker
    Windows Live Movie Maker
    Windows Live Photo Common
    Windows Live Photo Common
    Windows Live Photo Gallery
    Windows Live Photo Gallery
    Windows Live PIMT Platform
    Windows Live SOXE
    Windows Live SOXE Definitions
    Windows Live Sync
    Windows Live UX Platform
    Windows Live UX Platform Language Pack
    Windows Live Writer
    Windows Live Writer
    Windows Live Writer
    Windows Live Writer Resources
    Zylom Games Player Plugin

    en de msr tool heeft niets verwijdert.
  • ik moet helaas weg nu ga er morgen of zaterdag mee verder,en nogmaals bedankt.
  • Hoi kloassie, laat de rest maar achterwege en ga het volgende doen, want ik vertrouw het niet, dat MBAM en MRT niks gevonden hebben!


    B]Welk programma: ComboFix
    [b:61cb34bda3]Waarvoor/waarom[/b:61cb34bda3]: Zeer specialistische scanner om Windows diepgaand te onderzoeken en zo mogelijk op te schonen.
    [b:61cb34bda3]Moeilijkheidsgraad[/b:61cb34bda3]: Min of meer lastige voorbereidingsfase, dus lees alles eerst goed.
    [b:61cb34bda3]Downloadlokatie[/b:61cb34bda3]: Dit programma absoluut naar het bureaublad downloaden!
    [b:61cb34bda3]Download ComboFix via één van deze locaties[/b:61cb34bda3]:
    [list:61cb34bda3][*:61cb34bda3][b:61cb34bda3]Bleepingcomputer[/b:61cb34bda3]
    [*:61cb34bda3][b:61cb34bda3]ForoSpyware[/b:61cb34bda3]
    [*:61cb34bda3][b:61cb34bda3]Geekstogo[/b:61cb34bda3][/list:u:61cb34bda3]
    [b:61cb34bda3]Hier[/b:61cb34bda3] zie je hoe je ComboFix moet gebruiken.

    Antivirusprogramma en actieve malwarescanners dienen al voor de ComboFix start gedeaktiveert zijn!
    [b:61cb34bda3]Hier[/b:61cb34bda3] en [b:61cb34bda3]hier[/b:61cb34bda3] vindt je gegevens hoe antivirusprogramma's en spywarescanners te deaktiveren.

    [b:61cb34bda3]Voor alle duidelijkheid nogmaals[/b:61cb34bda3]: ComboFix dient vanaf het bureaublad gestart te worden.

    [b:61cb34bda3]Opmerkingen[/b:61cb34bda3]:
    [list:61cb34bda3][*:61cb34bda3] Bij gebruik van Windows XP zal er mogelijk gevraagd worden, om de "Recovery Console" te installeren! Sta dit dan toe (hiervoor is een actieve internet verbinding vereist).
    [*:61cb34bda3]Vista- en Windows 7 gebruikers starten Combofix op via rechtsklik met Administratorrechten.
    [*:61cb34bda3]Alle openstaande programma's en webpagina's dienen afgesloten te zijn.[/list:u:61cb34bda3]
    [b:61cb34bda3]ComboFix is opgestart[/b:61cb34bda3]:
    [list:61cb34bda3][*:61cb34bda3]Niet in het zwarte venster klikken, hierdoor kan ComboFix of zelfs Windows geheel "bevriezen"!
    [*:61cb34bda3]Combofix sluit tijdens de scan de internet verbinding – probeer deze tussentijds niet te herstellen!
    [*:61cb34bda3]Het kan voorkomen dat de computer meerdere malen opnieuw opgestart moet worden, dit is normaal.
    [*:61cb34bda3]Wanneer ComboFix gereed is, zal het het een logbestand voor je maken.
    [*:61cb34bda3]Post de inhoud van dit logbestand in je volgende bericht.
    [*:61cb34bda3]Indien het log niet opstart, is dit terug tevinden in C:\ComboFix.txt[/list:u:61cb34bda3]
    [b:61cb34bda3]Belangrijke opmerking[/b:61cb34bda3]:
    [list:61cb34bda3][*:61cb34bda3][b:61cb34bda3]Indien er een error wordt getoond met de melding: [/color:61cb34bda3]Illegal operation attempted on a registery key that has been marked for deletion.[/color:61cb34bda3] - start dan de computer opnieuw op.[/color:61cb34bda3][/b:61cb34bda3][/list:u:61cb34bda3]
  • zo was er weer hier de combofix log




    ComboFix 11-02-09.05 - 250926 02/11/2011 10:52:53.1.2 - x64
    Microsoft Windows 7 Home Premium 6.1.7600.0.1252.1.1043.18.4095.2587 [GMT 1:00]
    Running from: c:\users\250926\Desktop\ComboFix.exe
    AV: avast! Antivirus *Disabled/Updated* {C37D8F93-0602-E43C-40AA-47DAD597F308}
    SP: avast! Antivirus *Disabled/Updated* {781C6E77-2038-EBB2-7A1A-7CA8AE10B9B5}
    SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    .

    ((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
    .

    c:\users\250926\AppData\Local\Temp\9CAE.tmp
    c:\users\250926\AppData\Roaming\.#

    .
    ((((((((((((((((((((((((( Files Created from 2011-01-11 to 2011-02-11 )))))))))))))))))))))))))))))))
    .

    2011-02-11 09:56 . 2011-02-11 09:56 ——– d—–w- c:\users\Default\AppData\Local\temp
    2011-02-11 08:58 . 2011-01-13 10:20 7844688 —-a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{FED5C644-88F2-4D96-8BE8-478C806FD9BF}\mpengine.dll
    2011-02-10 09:43 . 2011-02-10 09:43 ——– d—–w- c:\users\250926\AppData\Roaming\Malwarebytes
    2011-02-10 09:43 . 2011-02-10 09:43 ——– d—–w- c:\programdata\Malwarebytes
    2011-02-10 09:43 . 2010-12-20 17:09 38224 —-a-w- c:\windows\SysWow64\drivers\mbamswissarmy.sys
    2011-02-10 09:43 . 2011-02-10 09:43 ——– d—–w- c:\program files (x86)\Malwarebytes' Anti-Malware
    2011-02-10 09:43 . 2010-12-20 17:08 24152 —-a-w- c:\windows\system32\drivers\mbam.sys
    2011-02-10 08:35 . 2011-02-10 08:35 ——– d—–w- c:\program files (x86)\VS Revo Group
    2011-01-18 18:29 . 2011-01-18 18:29 ——– d—–w- c:\users\250926\AppData\Roaming\ArcSoft
    2011-01-18 18:24 . 2006-10-12 23:00 95232 —-a-w- c:\windows\system32\esxwia52.dll
    2011-01-18 18:24 . 2006-08-06 23:00 161280 —-a-w- c:\windows\system32\esxuin52.dll
    2011-01-18 18:24 . 2006-03-09 23:00 4608 —-a-w- c:\windows\system32\esxwiaml.dll
    2011-01-18 18:24 . 2005-04-13 23:00 64000 —-a-w- c:\windows\system32\esfw52.bin
    2011-01-18 17:35 . 2011-01-18 17:35 ——– d—–w- c:\users\250926\AppData\Local\NewSoft
    2011-01-18 17:24 . 2011-01-18 19:53 ——– d—–w- c:\users\250926\AppData\Roaming\EPSON
    2011-01-18 17:19 . 2002-07-25 16:06 282624 —-a-w- c:\program files (x86)\Common Files\InstallShield\UpdateService\agent.exe
    2011-01-18 17:14 . 2011-01-18 17:15 ——– d—–w- c:\program files (x86)\ABBYY FineReader 6.0 Sprint
    2011-01-18 17:14 . 2003-09-19 14:45 21248 —-a-w- c:\windows\SysWow64\drivers\pfc.sys
    2011-01-18 17:13 . 1995-08-01 03:44 212480 —-a-w- c:\windows\PCDLIB32.DLL
    2011-01-18 17:13 . 2011-01-18 17:13 ——– d—–w- c:\program files (x86)\ArcSoft
    2011-01-18 17:13 . 2001-09-05 03:18 77824 —-a-w- c:\program files (x86)\Common Files\InstallShield\Engine\6\Intel 32\ctor.dll
    2011-01-18 17:13 . 2001-09-05 03:18 225280 ——w- c:\program files (x86)\Common Files\InstallShield\IScript\iscript.dll
    2011-01-18 17:13 . 2001-09-05 03:14 176128 ——w- c:\program files (x86)\Common Files\InstallShield\Engine\6\Intel 32\iuser.dll
    2011-01-18 17:13 . 2001-09-05 03:13 32768 ——w- c:\program files (x86)\Common Files\InstallShield\Engine\6\Intel 32\objectps.dll
    2011-01-18 17:12 . 2011-01-18 17:12 163972 —-a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\0701\Intel32\iGdi.dll
    2011-01-18 17:12 . 2003-02-27 15:12 696320 —-a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\0701\Intel32\iKernel.dll
    2011-01-18 17:12 . 2002-12-05 13:10 155648 —-a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\0701\Intel32\iuser.dll
    2011-01-18 17:12 . 2002-12-02 14:22 5632 —-a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\0701\Intel32\DotNetInstaller.exe
    2011-01-18 17:12 . 2002-12-02 12:33 57344 —-a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\0701\Intel32\ctor.dll
    2011-01-18 17:12 . 2002-12-02 12:33 237568 —-a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\0701\Intel32\iscript.dll
    2011-01-18 17:12 . 2011-01-18 17:12 282756 —-a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\0701\Intel32\setup.dll
    2011-01-18 17:12 . 2005-06-01 03:10 495616 —-a-w- c:\windows\SysWow64\PICSDK2.dll
    2011-01-18 17:12 . 2005-06-01 02:10 77824 —-a-w- c:\windows\SysWow64\PICEntry.dll
    2011-01-18 17:12 . 2005-05-31 23:10 73728 —-a-w- c:\windows\SysWow64\PICSDK.dll
    2011-01-18 17:12 . 2004-03-03 05:10 65536 —-a-w- c:\windows\SysWow64\EPPicMgr.dll
    2011-01-18 17:12 . 2004-03-03 05:10 114688 —-a-w- c:\windows\SysWow64\EpPicPrt.dll
    2011-01-18 17:11 . 2011-01-18 17:11 184452 —-a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\09\00\Intel32\iGdi.dll
    2011-01-18 17:11 . 2003-09-03 01:28 724992 —-a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\09\00\Intel32\iKernel.dll
    2011-01-18 17:11 . 2003-09-03 01:27 69715 —-a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\09\00\Intel32\ctor.dll
    2011-01-18 17:11 . 2003-09-03 01:26 266240 —-a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\09\00\Intel32\iscript.dll
    2011-01-18 17:11 . 2003-09-03 01:26 192512 —-a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\09\00\Intel32\iuser.dll
    2011-01-18 17:11 . 2003-09-03 01:25 5632 —-a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\09\00\Intel32\DotNetInstaller.exe
    2011-01-18 17:11 . 2011-01-18 17:11 311428 —-a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\09\00\Intel32\Setup.dll
    2011-01-18 17:08 . 2011-01-18 17:17 ——– d—–w- c:\program files (x86)\epson
    2011-01-18 17:08 . 2010-01-05 23:00 262144 —-a-w- c:\windows\SysWow64\esint52.dll
    2011-01-18 17:08 . 2005-04-13 23:00 64000 —-a-w- c:\windows\SysWow64\esfw52.bin
    2011-01-18 17:08 . 2005-04-13 23:00 180224 —-a-w- c:\windows\SysWow64\eswia52.dll
    2011-01-13 23:24 . 2011-01-13 08:47 237168 —-a-w- c:\windows\system32\aswBoot.exe

    .
    (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2011-01-13 08:47 . 2010-06-29 18:33 38848 —-a-w- c:\windows\avastSS.scr
    2011-01-13 08:47 . 2010-02-17 13:19 188216 —-a-w- c:\windows\SysWow64\aswBoot.exe
    2011-01-13 08:41 . 2010-02-17 13:20 273488 —-a-w- c:\windows\system32\drivers\aswSP.sys
    2011-01-13 08:40 . 2010-02-17 13:20 51792 —-a-w- c:\windows\system32\drivers\aswTdi.sys
    2011-01-13 08:37 . 2010-02-17 13:20 29264 —-a-w- c:\windows\system32\drivers\aswRdr.sys
    2011-01-13 08:37 . 2010-02-17 13:20 62032 —-a-w- c:\windows\system32\drivers\aswMonFlt.sys
    2011-01-13 08:37 . 2010-02-17 13:20 20560 —-a-w- c:\windows\system32\drivers\aswFsBlk.sys
    2001-10-24 21:32 . 2010-01-20 21:08 3138073 —-a-w- c:\program files\setupe45.EXE
    .

    ((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Note* empty entries & legit default entries are not shown
    REGEDIT4

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "swg"="c:\program files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-08-15 39408]
    "Software Suite SE"="c:\program files (x86)\Packard Bell\Software Suite SE\SoftSuiteSE.exe" [2009-07-28 2353184]
    "msnmsgr"="c:\program files (x86)\Windows Live\Messenger\msnmsgr.exe" [2010-09-22 4240760]
    "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-07-14 1475072]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
    "Packard Bell Photo Frame"="c:\program files (x86)\Packard Bell Photo Frame\ButtonMonitor.exe" [2009-07-20 124416]
    "EEventManager"="c:\program files (x86)\EPSON\Creativity Suite\Event Manager\EEventManager.exe" [2005-04-08 102400]
    "Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" [2010-11-15 35736]
    "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-11-15 932288]

    c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
    McAfee Security Scan Plus.lnk - c:\program files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe [2010-1-15 255536]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
    "ConsentPromptBehaviorAdmin"= 5 (0x5)
    "ConsentPromptBehaviorUser"= 3 (0x3)
    "EnableUIADesktopToggle"= 0 (0x0)

    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
    "mixer5"=wdmaud.drv

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
    Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp

    R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
    R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
    R3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe [2010-01-15 227232]
    R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [2010-06-02 1255736]
    R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
    S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [2008-06-16 55024]
    S1 aswSP;aswSP; [x]
    S2 AdobeActiveFileMonitor7.0;Adobe Active File Monitor V7;c:\program files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe [2008-12-08 169312]
    S2 aswFsBlk;aswFsBlk; [x]
    S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2011-01-13 62032]
    S2 Greg_Service;GRegService;c:\program files (x86)\Packard Bell\Registration\GregHSRW.exe [2009-06-04 1150496]
    S2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-02-06 135664]
    S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\windows\SysWOW64
    vSCPAPISvr.exe [2009-06-10 232960]
    S2 Updater Service;Updater Service;c:\program files\Packard Bell\Packard Bell Updater\UpdaterService.exe [2009-07-04 240160]
    S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers
    vhda64v.sys [2009-06-26 83488]
    S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2009-03-01 187392]

    .
    Contents of the 'Scheduled Tasks' folder

    2011-02-11 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
    - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-02-06 11:20]

    2011-02-11 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
    - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-02-06 11:20]
    .

    ——— x86-64 ———–


    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2009-06-16 7883296]
    "Skytel"="c:\program files\Realtek\Audio\HDA\Skytel.exe" [2009-06-16 1833504]
    "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-07-14 16333856]
    "CanonSolutionMenu"="c:\program files (x86)\Canon\SolutionMenu\CNSLMAIN.exe" [2008-03-10 689488]
    "CanonMyPrinter"="c:\program files\Canon\MyPrinter\BJMyPrt.exe" [2008-03-17 2114376]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
    "LoadAppInit_DLLs"=0x0
    .
    ——- Supplementary Scan ——-
    .
    uStart Page = hxxp://www.google.nl/
    uLocal Page = c:\windows\system32\blank.htm
    mStart Page = hxxp://homepage.packardbell.com
    dr.aspx?b=ACPW&l=0409&m=ixtreme_m3720&r=173612090406p03f5x175y48l19231
    mLocal Page = c:\windows\SysWOW64\blank.htm
    IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
    IE: Google Sidewiki… - c:\program files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll/cmsidewiki.html
    .
    - - - - ORPHANS REMOVED - - - -

    Toolbar-Locked - (no file)
    Toolbar-Locked - (no file)
    WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)


    .
    ——————— LOCKED REGISTRY KEYS ———————

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
    @Denied: (A 2) (Everyone)
    @="FlashBroker"
    "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe,-101"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
    "Enabled"=dword:00000001

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
    @Denied: (A 2) (Everyone)
    @="Shockwave Flash Object"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10l.ocx"
    "ThreadingModel"="Apartment"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
    @="0"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
    @="ShockwaveFlash.ShockwaveFlash.10"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10l.ocx, 1"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
    @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
    @="1.0"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
    @="ShockwaveFlash.ShockwaveFlash"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
    @Denied: (A 2) (Everyone)
    @="Macromedia Flash Factory Object"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10l.ocx"
    "ThreadingModel"="Apartment"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
    @="FlashFactory.FlashFactory.1"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10l.ocx, 1"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
    @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
    @="1.0"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
    @="FlashFactory.FlashFactory"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
    @Denied: (A 2) (Everyone)
    @="IFlashBroker4"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
    @="{00020424-0000-0000-C000-000000000046}"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
    "Version"="1.0"

    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
    @Denied: (Full) (Everyone)
    .
    ———————— Other Running Processes ————————
    .
    c:\program files\Alwil Software\Avast5\AvastSvc.exe
    c:\program files (x86)\Canon\IJPLM\IJPLMSVC.EXE
    c:\program files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
    .
    **************************************************************************
    .
    Completion time: 2011-02-11 11:01:01 - machine was rebooted
    ComboFix-quarantined-files.txt 2011-02-11 10:01

    Pre-Run: 440,999,206,912 bytes beschikbaar
    Post-Run: 440,571,191,296 bytes beschikbaar

    - - End Of File - - 9E7870EDB393ECDB04B07B24C1F845F1
  • Hoi kloassie, hoe gaat het inmiddels met de PC van jouw vader?
  • hoi,de pc draait inmiddels weer goed heb de psi ook geinstalleerd en gaat goed nu.

    nogmaals bedankt
  • Dan hoop ik dat je vader weer plezier heeft van zijn PC en graag gedaan.

    Alleen moet er nog wat opgeruimd worden:

    ComboFix mag nu verwijderd worden:
    [list:b28c6fdcf4][*:b28c6fdcf4] ga daarvoor naar Start - Uitvoeren
    [*:b28c6fdcf4] kopieer en plak hierin het volgende: [b:b28c6fdcf4]Combofix /Uninstall[/b:b28c6fdcf4]
    [*:b28c6fdcf4] klik daarna op [b:b28c6fdcf4]OK[/b:b28c6fdcf4].
    [*:b28c6fdcf4] indien het goed is, krijg je vervolgens een melding, dat Combofix verwijderd werd.[/list:u:b28c6fdcf4]

    Voorbeeld:

    [img:b28c6fdcf4]http://home.kpn.nl/stefsmeenk/CFUninstall.PNG[/img:b28c6fdcf4]

    Uitvoeren kan ook gestart worden door de toetsencombinatie [img:b28c6fdcf4]http://home.kpn.nl/stefsmeenk/W+R.jpg[/img:b28c6fdcf4]

Beantwoord deze vraag

Dit is een gearchiveerde pagina. Antwoorden is niet meer mogelijk.