Vraag & Antwoord

Beveiliging & privacy

Windows defender,windows updater en AVG niet meer updaten

Anoniem
None
11 antwoorden
 • Klik met je rechtermuisknop op hijackthis.exe en klik op uitvoeren als administrator.
  en kies voor 'do a system scan only'
  Selecteer alleen de items die hieronder zijn genoemd:
  [b:48ff81f9dd]O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
  O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - (no file)
  O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
  O3 - Toolbar: Ask Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
  O9 - Extra button: (no name) - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - (no file)[/b:48ff81f9dd]
  Sluit alle vensters behalve Hijackthis
  Klik op 'Fix checked' om de items te verwijderen.
  Download OTMoveIt.exe en plaats het op je bureaublad:

  * Start OTMoveIt door dubbel te klikken op OTMoveIt.exe
  In het linkerpaneel, waar het zegt: Paste List of Files/Folders to be Moved ,kopieer en plak je onderstaand gedeelte:

  [b:48ff81f9dd]C:\Program Files\AskBarDis\[/b:48ff81f9dd]


  Klik daarna op de knop MoveIt onderaan.
  Wanneer voltooid zal het een log aanmaken (********_******.log – de * staat voor datum en tijd) in de volgende map: C:\_OTMoveIt\MovedFiles.
  Post de inhoud daarvan in je volgende bericht.
 • De link naar OTMoveIt.exe werkt niet, download.bleepingcomputer.com

  dan krijg ik namelijk de volgende melding:

  Oeps! Deze link lijkt niet te werken -
  HTTP 404: bestand niet gevonden.
  ——————————————————————————–

  Suggesties
  Deze webpagina later opnieuw laden
  Ga naar de startpagina van de site: bleepingcomputer­.­com
  Probeer op Google te zoeken:


  Ik heb wel via configuratiescherm > programma's en onderdelen de ASK-toolbar verwijderd.

  mijn nieuwe hijacthis log is als volgt:

  Logfile of Trend Micro HijackThis v2.0.2
  Scan saved at 20:26:35, on 13-1-2009
  Platform: Windows Vista SP1 (WinNT 6.00.1905)
  MSIE: Internet Explorer v7.00 (7.00.6001.18000)
  Boot mode: Normal

  Running processes:
  C:\Windows\system32\taskeng.exe
  C:\Windows\system32\Dwm.exe
  C:\Windows\Explorer.EXE
  C:\Programma's\PRINTERS\ScanSoft\OmniPageSE4\OpWareSE4.exe
  C:\Program Files\Java\jre6\bin\jusched.exe
  C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe
  C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
  C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
  C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe
  C:\Program Files\Dell Support Center\bin\sprtcmd.exe
  C:\Program Files\COMODO\SafeSurf\cssurf.exe
  C:\Program Files\COMODO\COMODO Internet Security\cfp.exe
  C:\Program Files\Orange\GLOBAL\Mnu\IGOMNU.EXE
  C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
  C:\Windows\System32\rundll32.exe
  C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
  C:\Windows\system32\wbem\unsecapp.exe
  C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
  C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
  C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSHelpRunner.exe
  C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
  C:\Windows\system32\wuauclt.exe
  C:\Program Files\uTorrent\uTorrent.exe
  C:\Program Files\Internet Explorer\ieuser.exe
  C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
  C:\Program Files\Internet Explorer\iexplore.exe
  C:\Program Files\Google\Google Toolbar\GoogleToolbarUser.exe

  R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
  R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.nl/ig/dell?hl=nl&client=dell-row&channel=nl&ibd=3070808
  R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
  R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
  R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
  R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
  R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
  R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
  R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer aangeboden door Dell
  O1 - Hosts: ::1 localhost
  O2 - BHO: Adobe PDF Reader Help bij koppelingen - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
  O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
  O2 - BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
  O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
  O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll
  O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll
  O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\BAE\BAE.dll
  O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
  O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
  O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
  O4 - HKLM\..\Run: [OpwareSE4] "C:\ProgramMA'S\PRINTERS\ScanSoft\OmniPageSE4\OpwareSE4.exe"
  O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
  O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
  O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe"
  O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
  O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
  O4 - HKLM\..\Run: [ECenter] c:\dell\E-Center\EULALauncher.exe
  O4 - HKLM\..\Run: [Fast3202] E:\Setup\Livebox.exe
  O4 - HKLM\..\Run: [dscactivate] "C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe"
  O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe"
  O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
  O4 - HKLM\..\Run: [DellSupportCenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter
  O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
  O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
  O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
  O4 - HKLM\..\Run: [COMODO SafeSurf] "C:\Program Files\COMODO\SafeSurf\cssurf.exe" -s
  O4 - HKLM\..\Run: [COMODO Internet Security] "C:\Program Files\COMODO\COMODO Internet Security\cfp.exe" -h
  O4 - HKLM\..\Run: [HitmanPro3] "C:\Program Files\Hitman Pro 3\hitmanpro3.exe" -autocheck
  O4 - HKCU\..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
  O4 - HKCU\..\Run: [mnu] C:\Program Files\Orange\GLOBAL\Mnu\igomnu.exe /S:T
  O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
  O4 - HKCU\..\Run: [DellSupportCenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter
  O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
  O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
  O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
  O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
  O4 - Startup: Canon IJ Status Monitor Canon MP520 series Printer.lnk = ?
  O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
  O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
  O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
  O13 - Gopher Prefix:
  O15 - Trusted IP range: http://194.45.8.201
  O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL,C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL,C:\Windows\system32\cssdll32.dll,C:\Windows\system32\guard32.dll
  O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
  O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - Unknown owner - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
  O23 - Service: Cisco Systems, Inc. VPN Service (CVPND) - Cisco Systems, Inc. - C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
  O23 - Service: Google Desktop Manager 5.7.806.10245 (GoogleDesktopManager-061008-081103) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
  O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
  O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
  O23 - Service: PIXMA Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
  O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
  O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
  O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\Windows\system32\IoctlSvc.exe
  O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
  O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
  O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
  O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
  O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Programma's\Spyware Doctor\svcntaux.exe
  O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Programma's\Spyware Doctor\swdsvc.exe
  O23 - Service: SupportSoft Sprocket Service (dellsupportcenter) (sprtsvc_dellsupportcenter) - SupportSoft, Inc. - C:\Program Files\Dell Support Center\bin\sprtsvc.exe
  O23 - Service: SigmaTel Audio Service (STacSV) - SigmaTel, Inc. - C:\Windows\system32\STacSV.exe
  O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe


  End of file - 9632 bytes
 • Kan je weer updaten?
 • sinds kort (laatste windows update 20-11) kan ik geen nieuwe updates meer binnen halen voor windows, ook windows defender update werkt niet meer en AVG kan ook niet meer zijn updates binnen halen.

  Nadat AVG niet meer werkte heb ik COMODO geinstalleerd deze vindt niets.

  Ook heb ik via microsoft.nl geprobeerd de updates handmatig te downloaden maar dan wordt ik elke keer doorgelinkt naar msn.com misschien heeft dit er ook mee te maken.

  Kan iemand mij helpen met een mogelijke oplossing?

  Ik heb mijn hyjackthis log hieronder bijgevoegd:

  Logfile of Trend Micro HijackThis v2.0.2
  Scan saved at 16:54:54, on 2-1-2009
  Platform: Windows Vista SP1 (WinNT 6.00.1905)
  MSIE: Internet Explorer v7.00 (7.00.6001.18000)
  Boot mode: Normal

  Running processes:
  C:\Windows\system32\taskeng.exe
  C:\Windows\system32\Dwm.exe
  C:\Windows\Explorer.EXE
  C:\Programma's\PRINTERS\ScanSoft\OmniPageSE4\OpWareSE4.exe
  C:\Program Files\Java\jre6\bin\jusched.exe
  C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe
  C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
  C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe
  C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
  C:\Program Files\Dell Support Center\bin\sprtcmd.exe
  C:\Program Files\COMODO\SafeSurf\cssurf.exe
  C:\Program Files\COMODO\COMODO Internet Security\cfp.exe
  C:\Program Files\Orange\GLOBAL\Mnu\IGOMNU.EXE
  C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
  C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
  C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
  C:\Windows\System32\rundll32.exe
  C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
  C:\Windows\system32\wbem\unsecapp.exe
  C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSHelpRunner.exe
  C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
  C:\Windows\system32\wuauclt.exe
  C:\Program Files\uTorrent\uTorrent.exe
  C:\Program Files\Internet Explorer\ieuser.exe
  C:\Program Files\Internet Explorer\iexplore.exe
  C:\Program Files\Google\Google Toolbar\GoogleToolbarUser.exe
  C:\Windows\system32\Macromed\Flash\FlashUtil10a.exe
  C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
  C:\Windows\system32\SearchFilterHost.exe

  R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
  R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.nl/ig/dell?hl=nl&client=dell-row&channel=nl&ibd=3070808
  R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
  R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
  R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
  R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
  R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
  R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
  R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer aangeboden door Dell
  R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
  O1 - Hosts: ::1 localhost
  O2 - BHO: Adobe PDF Reader Help bij koppelingen - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
  O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
  O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - (no file)
  O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
  O2 - BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
  O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
  O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
  O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll
  O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll
  O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\BAE\BAE.dll
  O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
  O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
  O3 - Toolbar: Ask Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
  O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
  O4 - HKLM\..\Run: [OpwareSE4] "C:\ProgramMA'S\PRINTERS\ScanSoft\OmniPageSE4\OpwareSE4.exe"
  O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
  O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
  O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe"
  O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
  O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
  O4 - HKLM\..\Run: [ECenter] c:\dell\E-Center\EULALauncher.exe
  O4 - HKLM\..\Run: [Fast3202] E:\Setup\Livebox.exe
  O4 - HKLM\..\Run: [dscactivate] "C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe"
  O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe"
  O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
  O4 - HKLM\..\Run: [DellSupportCenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter
  O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
  O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
  O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
  O4 - HKLM\..\Run: [COMODO SafeSurf] "C:\Program Files\COMODO\SafeSurf\cssurf.exe" -s
  O4 - HKLM\..\Run: [COMODO Internet Security] "C:\Program Files\COMODO\COMODO Internet Security\cfp.exe" -h
  O4 - HKCU\..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
  O4 - HKCU\..\Run: [mnu] C:\Program Files\Orange\GLOBAL\Mnu\igomnu.exe /S:T
  O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
  O4 - HKCU\..\Run: [DellSupportCenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter
  O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
  O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
  O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
  O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
  O4 - Startup: Canon IJ Status Monitor Canon MP520 series Printer.lnk = ?
  O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
  O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
  O9 - Extra button: (no name) - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - (no file)
  O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
  O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
  O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
  O13 - Gopher Prefix:
  O15 - Trusted IP range: http://194.45.8.201
  O17 - HKLM\System\CCS\Services\Tcpip\..\{63120665-69D7-47C6-90A0-6FBA365ABF80}: NameServer = 85.255.112.122;85.255.112.66
  O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL,C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL,C:\Windows\system32\cssdll32.dll,C:\Windows\system32\guard32.dll
  O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
  O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - Unknown owner - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
  O23 - Service: Cisco Systems, Inc. VPN Service (CVPND) - Cisco Systems, Inc. - C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
  O23 - Service: Google Desktop Manager 5.7.806.10245 (GoogleDesktopManager-061008-081103) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
  O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
  O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
  O23 - Service: PIXMA Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
  O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
  O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
  O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\Windows\system32\IoctlSvc.exe
  O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
  O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
  O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
  O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
  O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Programma's\Spyware Doctor\svcntaux.exe
  O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Programma's\Spyware Doctor\swdsvc.exe
  O23 - Service: SupportSoft Sprocket Service (dellsupportcenter) (sprtsvc_dellsupportcenter) - SupportSoft, Inc. - C:\Program Files\Dell Support Center\bin\sprtsvc.exe
  O23 - Service: SigmaTel Audio Service (STacSV) - SigmaTel, Inc. - C:\Windows\system32\STacSV.exe
  O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
  O23 - Service: Windows Tribute Service - Unknown owner - C:\Windows\system32\kdymx.exe


  End of file - 10650 bytes
 • Start hijackthis en kies voor 'do a system scan only'
  Selecteer alleen de items die hieronder zijn genoemd:
  [b:39d5773d67]R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
  R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
  R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
  O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
  O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - (no file)
  O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
  O3 - Toolbar: Ask Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
  O9 - Extra button: (no name) - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - (no file)
  O17 - HKLM\System\CCS\Services\Tcpip\..\{63120665-69D7-47C6-90A0-6FBA365ABF80}: NameServer = 85.255.112.122;85.255.112.66[/b:39d5773d67]

  Sluit alle vensters behalve Hijackthis
  Klik op 'Fix checked' om de items te verwijderen.

  Ga naar Virustotal.com
  Upload het volgende bestand door het volgende te kopiëren/plakken (dus niet via "Bladeren…" opzoeken!): C:\Windows\system32\kdymx.exe
  Wacht totdat het resultaat verschijnt. Post dit mee in je volgende reactie

  Download [b:39d5773d67] en sla het op je bureaublad op.
  Dubbelklik op [b:39d5773d67]mbam-setup.exe[/b:39d5773d67] om het programma te installeren.

  Zorg dat er na de installatie een vinkje is geplaatst bij:[list:39d5773d67]
  [*:39d5773d67]Update MalwareBytes' Anti-Malware
  [*:39d5773d67]Start MalwareBytes' Anti-Malware
  [/list:u:39d5773d67]Klik daarna op "[b:39d5773d67]Voltooien[/b:39d5773d67]".
  Indien een update gevonden wordt, zal die gedownload en geïnstalleerd worden.[list:39d5773d67]
  [*:39d5773d67]Zodra het programma gestart is, ga dan naar het tabblad "[b:39d5773d67]Instellingen[/b:39d5773d67]".
  [*:39d5773d67]Vink hier aan: "[b:39d5773d67]Sluit Internet Explorer tijdens verwijdering van malware[/b:39d5773d67]".
  [*:39d5773d67]Ga daarna naar het tabblad "[b:39d5773d67]Scanner[/b:39d5773d67]", kies hier voor "[b:39d5773d67]Snelle Scan[/b:39d5773d67]".
  [*:39d5773d67]Druk vervolgens op "[b:39d5773d67]Scannen[/b:39d5773d67]" om de scan te starten.
  [*:39d5773d67]Het scannen kan een tijdje duren, dus wees geduldig.

  [*:39d5773d67]Wanneer de scan voltooid is, klik op [b:39d5773d67]OK[/b:39d5773d67], daarna "[b:39d5773d67]Bekijk Resultaten[/b:39d5773d67]" om de resultaten te zien.
  [*:39d5773d67]Zorg ervoor dat daar alles aangevinkt is, daarna klik op: "[b:39d5773d67]Verwijder geselecteerde[/b:39d5773d67]".
  [*:39d5773d67]Na het verwijderen zal een log openen en zal er gevraagd worden om de computer opnieuw op te starten.
  [/list:u:39d5773d67]Het log wordt automatisch bewaard door MalwareBytes' Anti-Malware en kan je terugvinden door op de "[b:39d5773d67]Logs[/b:39d5773d67]" tab te klikken in het programma.

  Plaats dit logje in je volgende bericht.

  Ga naar Start – Uitvoeren en tik in: cmd
  Druk op enter.
  Een dosventer (opdrachtprompt) zal open.
  Tik in: ipconfig /flushdns
  Druk op enter.
  Sluit het venster.
  Herstart de computer, en plaats een nieuw hijackthis logje.
 • Bedankt voor de Info,

  Virustotal.com
  Helaas heb ik eerst malware bytes gedraaid voordat ik het bestand ging uploaden, en nu is het bestand weg.

  ————————————————————————————
  Malwarebytes uitgevoerd, dit is de log:

  Malwarebytes' Anti-Malware 1.32
  Database versie: 1648
  Windows 6.0.6001 Service Pack 1

  13-1-2009 17:18:07
  mbam-log-2009-01-13 (17-18-07).txt

  Scan type: Snelle Scan
  Objecten gescand: 51504
  Verstreken tijd: 3 minute(s), 14 second(s)

  Geheugenprocessen geïnfecteerd: 0
  Geheugenmodulen geïnfecteerd: 0
  Registersleutels geïnfecteerd: 2
  Registerwaarden geïnfecteerd: 0
  Registerdata bestanden geïnfecteerd: 6
  Mappen geïnfecteerd: 2
  Bestanden geïnfecteerd: 1

  Geheugenprocessen geïnfecteerd:
  (Geen kwaadaardige items gevonden)

  Geheugenmodulen geïnfecteerd:
  (Geen kwaadaardige items gevonden)

  Registersleutels geïnfecteerd:
  HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Windows Tribute Service (Trojan.Agent) -> Quarantined and deleted successfully.
  HKEY_CLASSES_ROOT\homeview (Trojan.DNSChanger) -> Quarantined and deleted successfully.

  Registerwaarden geïnfecteerd:
  (Geen kwaadaardige items gevonden)

  Registerdata bestanden geïnfecteerd:
  HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{63120665-69d7-47c6-90a0-6fba365abf80}\NameServer (Trojan.DNSChanger) -> Data: 85.255.112.122;85.255.112.66 -> Quarantined and deleted successfully.
  HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{ef6a2ff7-15fb-4157-8f62-5c1d3e7a0db5}\DhcpNameServer (Trojan.DNSChanger) -> Data: 85.255.112.122;85.255.112.66 -> Quarantined and deleted successfully.
  HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip\Parameters\Interfaces\{63120665-69d7-47c6-90a0-6fba365abf80}\NameServer (Trojan.DNSChanger) -> Data: 85.255.112.122;85.255.112.66 -> Quarantined and deleted successfully.
  HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip\Parameters\Interfaces\{ef6a2ff7-15fb-4157-8f62-5c1d3e7a0db5}\DhcpNameServer (Trojan.DNSChanger) -> Data: 85.255.112.122;85.255.112.66 -> Quarantined and deleted successfully.
  HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\Tcpip\Parameters\Interfaces\{63120665-69d7-47c6-90a0-6fba365abf80}\NameServer (Trojan.DNSChanger) -> Data: 85.255.112.122;85.255.112.66 -> Quarantined and deleted successfully.
  HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\Tcpip\Parameters\Interfaces\{ef6a2ff7-15fb-4157-8f62-5c1d3e7a0db5}\DhcpNameServer (Trojan.DNSChanger) -> Data: 85.255.112.122;85.255.112.66 -> Quarantined and deleted successfully.

  Mappen geïnfecteerd:
  C:\resycled (Trojan.DNSChanger) -> Quarantined and deleted successfully.
  C:\ProgramData\Microsoft\Windows\Start Menu\Programs\homeview (Trojan.DNSChanger) -> Quarantined and deleted successfully.

  Bestanden geïnfecteerd:
  C:\ProgramData\Microsoft\Windows\Start Menu\Programs\homeview\Uninstall.lnk (Trojan.DNSChanger) -> Quarantined and deleted successfully.

  ————————————————————————————
  ipconfig /flushdns,
  dit heb ik gedaan.
  ————————————————————————————
  Dit is nu mijn hyjackthis log:

  Logfile of Trend Micro HijackThis v2.0.2
  Scan saved at 17:50:20, on 13-1-2009
  Platform: Windows Vista SP1 (WinNT 6.00.1905)
  MSIE: Internet Explorer v7.00 (7.00.6001.18000)
  Boot mode: Normal

  Running processes:
  C:\Windows\system32\taskeng.exe
  C:\Windows\system32\Dwm.exe
  C:\Windows\Explorer.EXE
  C:\Programma's\PRINTERS\ScanSoft\OmniPageSE4\OpWareSE4.exe
  C:\Program Files\Java\jre6\bin\jusched.exe
  C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe
  C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
  C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
  C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe
  C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
  C:\Program Files\Dell Support Center\bin\sprtcmd.exe
  C:\Program Files\COMODO\SafeSurf\cssurf.exe
  C:\Program Files\COMODO\COMODO Internet Security\cfp.exe
  C:\Program Files\Orange\GLOBAL\Mnu\IGOMNU.EXE
  C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
  C:\Windows\System32\rundll32.exe
  C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
  C:\Windows\system32\wbem\unsecapp.exe
  C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
  C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
  C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSHelpRunner.exe
  C:\Program Files\Dell Support Center\gs_agent\dsc.exe
  C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
  C:\Windows\system32\SearchProtocolHost.exe
  C:\Windows\system32\SearchFilterHost.exe
  C:\Windows\system32\taskmgr.exe
  C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

  R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
  R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.nl/ig/dell?hl=nl&client=dell-row&channel=nl&ibd=3070808
  R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
  R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
  R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
  R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
  R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
  R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
  R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer aangeboden door Dell
  O1 - Hosts: ::1 localhost
  O2 - BHO: Adobe PDF Reader Help bij koppelingen - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
  O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
  O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - (no file)
  O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
  O2 - BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
  O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
  O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
  O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll
  O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll
  O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\BAE\BAE.dll
  O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
  O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
  O3 - Toolbar: Ask Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
  O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
  O4 - HKLM\..\Run: [OpwareSE4] "C:\ProgramMA'S\PRINTERS\ScanSoft\OmniPageSE4\OpwareSE4.exe"
  O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
  O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
  O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe"
  O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
  O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
  O4 - HKLM\..\Run: [ECenter] c:\dell\E-Center\EULALauncher.exe
  O4 - HKLM\..\Run: [Fast3202] E:\Setup\Livebox.exe
  O4 - HKLM\..\Run: [dscactivate] "C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe"
  O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe"
  O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
  O4 - HKLM\..\Run: [DellSupportCenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter
  O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
  O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
  O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
  O4 - HKLM\..\Run: [COMODO SafeSurf] "C:\Program Files\COMODO\SafeSurf\cssurf.exe" -s
  O4 - HKLM\..\Run: [COMODO Internet Security] "C:\Program Files\COMODO\COMODO Internet Security\cfp.exe" -h
  O4 - HKLM\..\Run: [HitmanPro3] "C:\Program Files\Hitman Pro 3\hitmanpro3.exe" -autocheck
  O4 - HKCU\..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
  O4 - HKCU\..\Run: [mnu] C:\Program Files\Orange\GLOBAL\Mnu\igomnu.exe /S:T
  O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
  O4 - HKCU\..\Run: [DellSupportCenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter
  O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
  O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
  O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
  O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
  O4 - Startup: Canon IJ Status Monitor Canon MP520 series Printer.lnk = ?
  O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
  O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
  O9 - Extra button: (no name) - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - (no file)
  O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
  O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
  O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
  O13 - Gopher Prefix:
  O15 - Trusted IP range: http://194.45.8.201
  O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL,C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL,C:\Windows\system32\cssdll32.dll,C:\Windows\system32\guard32.dll
  O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
  O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - Unknown owner - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
  O23 - Service: Cisco Systems, Inc. VPN Service (CVPND) - Cisco Systems, Inc. - C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
  O23 - Service: Google Desktop Manager 5.7.806.10245 (GoogleDesktopManager-061008-081103) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
  O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
  O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
  O23 - Service: PIXMA Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
  O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
  O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
  O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\Windows\system32\IoctlSvc.exe
  O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
  O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
  O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
  O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
  O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Programma's\Spyware Doctor\svcntaux.exe
  O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Programma's\Spyware Doctor\swdsvc.exe
  O23 - Service: SupportSoft Sprocket Service (dellsupportcenter) (sprtsvc_dellsupportcenter) - SupportSoft, Inc. - C:\Program Files\Dell Support Center\bin\sprtsvc.exe
  O23 - Service: SigmaTel Audio Service (STacSV) - SigmaTel, Inc. - C:\Windows\system32\STacSV.exe
  O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe


  End of file - 10371 bytes
  ————————————————————————————

  Ik hoop dat je mij verder kan helpen.
 • Zou je graag mijn instrucites van HijackThis ook uit willen voeren?
 • Dat heb ik gedaan (en nu nog een keer) maar als ik daarna nog een keer scan staat een deel weer terug.

  PS. die ask toelbar komt van COMODO antivirus.
 • sorry,
  Ik probeer het nu, en ja het werkt!
  Weet je nu ook wat er dwars zat? Dan toch die ask toolbar?

  In ieder geval heel erg bedankt!!
 • Dit blokkeerde het updaten:
  O17 - HKLM\System\CCS\Services\Tcpip\..\{63120665-69D7-47C6-90A0-6FBA365ABF80}: NameServer = 85.255.112.122;85.255.112.66

  Dat ip beheerste je dns en Ask Toolbar was nog wat extra malware een schepje boven op op wat je al had.

  Doe nog even dit:

  Download ATF cleaner (mirror)(gemaakt door Atribune)

  Belangrijk: Sluit al je browservensters(IE en/of Firefox en/of Opera) om de tool goed te kunnen laten werken.

  Dubbelklik op

  ATF cleaner om het programma te starten.
  Op het tabblad Main, plaats je een vinkje bij Select All.
  Klik op de knop Empty Selected.

  Het volgende doen als je ook FireFox als browser hebt:

  Klik op tabblad Firefox, plaats een vinkje bij Select All.
  Wil je de door Firefox opgeslagen wachtwoorden behouden, dan klik je in het venster dat verschijnt op No.
  (dit haalt het vinkje weer weg bij Firefox saved passwords)
  Klik op de knop Empty Selected.

  Het volgende doen als je ook Opera als browser hebt:

  Klik op tabblad Opera, plaats een vinkje bij Select All.
  Wil je de door Opera opgeslagen wachtwoorden behouden, dan klik je in het venster dat verschijnt op No.
  Klik op de knop Empty Selected.
  Ga naar het tabblad Main en klik op de knop Exit om het programma af te sluiten.3. Je mag alle gebruikte tools en aangemaakte mappen terug verwijderen.


  - Ga naar Start/Alle programma's/Bureau-accessoires/Systeemwerkset/Systeemherstel.
  - Klik in de linkerhelft van het venster op "Instellingen van systeemherstel".
  - Zet een vinkje voor "Systeemherstel uitschakelen".
  - Klik "Toepassen".
  - Windows vraagt of je dat zeker weet.
  - Klik "Ja".
  - Klik "OK".
  - Start de pc opnieuw op.
  - Ga weer naar Start/Alle programma's/Bureau-accessoires/Systeemwerkset/Systeemherstel.
  - Je krijgt de melding: "Systeemherstel is uitgeschakeld. Wilt u systeemherstel nu inschakelen?"
  - Klik "Ja".
  - Verwijder het vinkje voor "Systeemherstel uitschakelen".
  - Klik "Toepassen".
  - Klik "OK".
  - Start de pc opnieuw op
  - Er is nu een nieuw schoon herstel punt aangemaakt
 • double post, excuses moi

Beantwoord deze vraag

Dit is een gearchiveerde pagina. Antwoorden is niet meer mogelijk.