elham

Lid

Bekijk profiel Bekijk hun activiteit

Items
132
Registratiedatum
29 april 2008
Laatst bezocht
28 oktober 2017

Inhoudstype

Alle activiteit

Profielen

Forums

Store

Product Reviews

Alles dat geplaatst werd door elham

register cleanen met ccleaner

elham reageerde op elham's topic in Archief Andere software

oke, bedankt!
- 13 mei 2012
- 2 antwoorden
- - backup
  - ccleaner
  - (en 8 meer)
    Getagd met:
    
    backup
    
    ccleaner
    
    forums
    
    gelezen
    
    maken
    
    probleem
    
    software
    
    veilig
    
    voldoende
    
    weet
register cleanen met ccleaner

elham plaatste een topic in Archief Andere software

Hallo, Ik wil mijn register cleanen met CCleaner, maar is dit wel veilig? Ik heb op alle andere forums gelezen dat je eerst een herstelpunt of een register backup moet maken. Ik weet zelf wel hoe je een hertelpunt moet maken, maar is dat wel voldoende, of moet ik toch voor de zekerheid een register backup maken. En hoe doe ik dat dan? Mvg. Elham
- 10 mei 2012
- 2 antwoorden
- - backup
  - ccleaner
  - (en 8 meer)
    Getagd met:
    
    backup
    
    ccleaner
    
    forums
    
    gelezen
    
    maken
    
    probleem
    
    software
    
    veilig
    
    voldoende
    
    weet
MSI EasyFace 2

elham reageerde op elham's topic in Archief Hardware algemeen

YESSS!! Gelukt, ik heb nog een keer even gegoogeld en kwam op deze site terecht met iemand dezelfde probleem als ik: http://forum.notebookreview.com/msi/606064-msi-gt683-webcam.html. Ik moest gewoon eerst de webcam inschakelen door op fn-toets + f6 te drukken en BAM! hij werkt xd. Toch bedankt voor uw tijd en adviezen!
- 5 februari 2012
- 7 antwoorden
MSI EasyFace 2

elham reageerde op elham's topic in Archief Hardware algemeen

Beste, Mijn excuses voor mijn late antwoord, ik was druk bezig met tentamens. Nee het is nog niet opgelost en het terugbrengen doe ik niet echt liever, is er echt geen andere oplossing?
- 2 februari 2012
- 7 antwoorden
MSI EasyFace 2

elham reageerde op elham's topic in Archief Hardware algemeen

Ik ben bang dat dat niet gaat, want toen het nog wel deed was het eind oktober 2011 (toen had ik deze laptop ook binnen gekregen) en sindsdien maakte ik ook geen gebruik van de webacam, pas vorige week wilde ik hem gebruiken en toen merkte ik dat het niet deed. Andere opties?
- 8 januari 2012
- 7 antwoorden
MSI EasyFace 2

elham plaatste een topic in Archief Hardware algemeen

Beste, Telkens als ik mijn webcam programma easyface 2 opstart geeft hij aan dat hij geen webcam heeft gevonden. Dit was de eerste niet zo, want toen kon hij mijn webcam gewoon vinden en het werkte ook uitstekend. Het gaat trouwens om een ingebouwde webcam op mijn MSI GT683. Dus nu kan ik ook niet via MSN enz. webcam chats doen met familie enz. Iemand een idee? Mvg. Elham
- 4 januari 2012
- 7 antwoorden
internet explore 9

elham plaatste een topic in Archief Internet & Netwerk

Ik kreeg net een melding dat er nieuwe updates beshikbaar zijn, en één van deze updates was internet 9. Is deze wel in orde, ik bedoel bevat het niet allemaal problemen. Kan ik hem dus gewoon installeren, of is dat niet nodig?
- 8 april 2011
- 2 antwoorden
Problemen met router

elham reageerde op elham's topic in Archief Internet & Netwerk

nee niet dat lukte nog steeds niet. Zelfs met kbel had mijn laptop een internet, maar hij was wel verbonden met een onbekend netwerk. Dus heb ik de laptop van mijn moeder met de kabel aangesloten en daar heb ik de standaard gateway afgelezen, maar mijn computer is ook met kabel vervonden en daar zie ik daan een totaal andere standaard gateway. En geen van deze ip adressen deed het. Maar ja ik heb nu een nieuwere router gekocht: Linksys e1000, super makelijk intestellen en zonder problemen.
- 17 januari 2011
- 3 antwoorden
Problemen met router

elham plaatste een topic in Archief Internet & Netwerk

Ik heb vandaag bij mijn router de firmware ge-upgrade. Maar dit heeft volgens veel problemen veroozaakt. 1. Ik kan niet meer op site van de router :http://192.168.0.1/. 2. Mijn laptop kan geen draadlooz verbinding meer maken. Als ik klik op verbinding maken met een netwerk'', dan zie ik de netwerken van de buren en omgeving, maar ik zie nergens meer de netwerk van mijn router staan in die lijst. Het lijkt gewoon of op één of ander manier de draadlooze verbinding uit is geschakeld. Van middag kon nog wel op de site van de router, en daar stond gewoon dat de draadlooz verbinding aan is. 3. Ik kan ook niet meer met mijn PS3 verbinding maken met internet. Als ik selcteer op ''verbinding testen'' dan zegt hij bij ''ip adres ophalen:Geslaagd, maar bij ''interverbinding'' zegt hij: Mislukt. En daaronder staat dat het een ''DNS-fout is''. Ik heb de modem gereset en de router heb ik ook een aantal keer gereset, maar niets helpt. P.S. ik heb nu wel gewoon via kabelverbinding internet, en mijn PS3 heeft ook een kabel verbinding, dus ik snap echt niet wat het probleem nou is.
- 12 januari 2011
- 3 antwoorden
Resultbar

elham reageerde op elham's topic in Archief Bestrijding malware & virussen

nee ik krijg geen meldingen meer, dus bedankt voor uw hulp en tijd Mvg. Elham
- 13 december 2010
- 7 antwoorden
Resultbar

elham reageerde op elham's topic in Archief Bestrijding malware & virussen

hier is malware logje: Malwarebytes' Anti-Malware 1.50 www.malwarebytes.org Databaseversie: 5302 Windows 6.0.6002 Service Pack 2 Internet Explorer 7.0.6002.18005 12-12-2010 21:31:20 mbam-log-2010-12-12 (21-31-20).txt Scantype: Snelle scan Objecten gescand: 143241 Verstreken tijd: 10 minuut/minuten, 18 seconde(n) Geheugenprocessen geïnfecteerd: 2 Geheugenmodulen geïnfecteerd: 2 Registersleutels geïnfecteerd: 36 Registerwaarden geïnfecteerd: 4 Registerdata geïnfecteerd: 0 Mappen geïnfecteerd: 14 Bestanden geïnfecteerd: 24 Geheugenprocessen geïnfecteerd: c:\programdata\resultbar\resultbar113.exe (Adware.ResultBar) -> 2356 -> Unloaded process successfully. c:\program files\resultbar\resultbar.exe (Adware.ResultBar) -> 3584 -> Unloaded process successfully. Geheugenmodulen geïnfecteerd: c:\program files\resultbar\resultbar.dll (Adware.Agent.Gen) -> Delete on reboot. c:\program files\clickpotatolite\bin\10.0.628.0\clickpotatolitesahook.dll (Adware.ClickPotato) -> Delete on reboot. Registersleutels geïnfecteerd: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ResultBar Service (Adware.ResultBar) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\AppID\{0D82ACD6-A652-4496-A298-2BDE705F4227} (Adware.ClickPotato) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\AppID\{7025E484-D4B0-441a-9F0B-69063BD679CE} (Adware.ClickPotato) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\AppID\{8258B35C-05B8-4c0e-9525-9BCCC70F8F2D} (Adware.ClickPotato) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\AppID\{A89256AD-EC17-4a83-BEF5-4B8BC4F39306} (Adware.ClickPotato) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{1602F07D-8BF3-4c08-BDD6-DDDB1C48AEDC} (Adware.ClickPotato) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\TypeLib\{C55CA95C-324B-451C-B2D2-6E895AA75FEC} (Adware.ClickPotato) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{30B15818-E110-4527-9C05-46ACE5A3460D} (Adware.ClickPotato) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\ClickPotatoLiteAX.Info.1 (Adware.ClickPotato) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\ClickPotatoLiteAX.Info (Adware.ClickPotato) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1602F07D-8BF3-4C08-BDD6-DDDB1C48AEDC} (Adware.ClickPotato) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{7A3D6D17-9DD5-4C60-8076-D1784DABAF8C} (Adware.ClickPotato) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\TypeLib\{814BAA91-DC22-4350-87D6-0C86E93F7F08} (Adware.ClickPotato) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{419EDA30-6DFF-432C-B534-E15D899ABEE4} (Adware.ClickPotato) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\MenuButtonIE.ButtonIE.1 (Adware.ClickPotato) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\MenuButtonIE.ButtonIE (Adware.ClickPotato) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{AC6D819E-AA8F-4418-A3BB-D165C1B18BB5} (Adware.ClickPotato) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\ClickPotatoLiteAX.UserProfiles.1 (Adware.ClickPotato) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\ClickPotatoLiteAX.UserProfiles (Adware.ClickPotato) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{AC6D819E-AA8F-4418-A3BB-D165C1B18BB5} (Adware.ClickPotato) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{46897C77-E7A6-4C33-BFFB-E9C2E2718942} (Adware.Mp3Tube) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{B58926D6-CFB0-45D2-9C28-4B5A0F0368AE} (Adware.ClickPotato) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B58926D6-CFB0-45D2-9C28-4B5A0F0368AE} (Adware.ClickPotato) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A078F691-9C07-4AF2-BF43-35E79EECF8B7} (Adware.Softomate) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{69725738-CD68-4f36-8D02-8C43722EE5DA} (Adware.Hotbar) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\ShopperReports.Reporter (Adware.ShopperReports) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\ShopperReports.Reporter.1 (Adware.ShopperReports) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\AppID\MenuButtonIE.DLL (Adware.ClickPotato) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\Software\clickpotatolitesa (Adware.ClickPotato) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\BarDiscover (Adware.BarDiscover) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\ClickPotatoLite (Adware.ClickPotato) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\ResultBar (Adware.ResultBar) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\BarDiscover (Adware.BarDiscover) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ClickPotatoLiteSA (Adware.ClickPotato) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ResultBar (Adware.ResultBar) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BarDiscover Service (Adware.BarDiscover) -> Quarantined and deleted successfully. Registerwaarden geïnfecteerd: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser\{46897C77-E7A6-4C33-BFFB-E9C2E2718942} (Adware.Mp3Tube) -> Value: {46897C77-E7A6-4C33-BFFB-E9C2E2718942} -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser\{46897C77-E7A6-4C33-BFFB-E9C2E2718942} (Adware.Mp3Tube) -> Value: {46897C77-E7A6-4C33-BFFB-E9C2E2718942} -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Post Platform\SRS_IT_E8790270B576595535AF96 (Malware.Trace) -> Value: SRS_IT_E8790270B576595535AF96 -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Firefox\extensions\ClickPotatoLite@ClickPotatoLite.com (Adware.ClickPotato) -> Value: ClickPotatoLite@ClickPotatoLite.com -> Quarantined and deleted successfully. Registerdata geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Mappen geïnfecteerd: c:\programdata\2aca5cc3-0f83-453d-a079-1076fe1a8b65 (Adware.Seekmo) -> Quarantined and deleted successfully. c:\programdata\bardiscover (Adware.BarDiscover) -> Quarantined and deleted successfully. c:\programdata\clickpotatolitesa (Adware.ClickPotato) -> Quarantined and deleted successfully. c:\Users\Elham\AppData\Roaming\clickpotatolite (Adware.ClickPotato) -> Delete on reboot. c:\programdata\resultbar (Adware.ResultBar) -> Quarantined and deleted successfully. c:\program files\bardiscover (Adware.BarDiscover) -> Quarantined and deleted successfully. c:\program files\clickpotatolite (Adware.ClickPotato) -> Delete on reboot. c:\program files\clickpotatolite\bin (Adware.ClickPotato) -> Delete on reboot. c:\program files\clickpotatolite\bin\10.0.628.0 (Adware.ClickPotato) -> Delete on reboot. c:\program files\clickpotatolite\bin\10.0.628.0\firefox (Adware.ClickPotato) -> Quarantined and deleted successfully. c:\program files\clickpotatolite\bin\10.0.628.0\firefox\extensions (Adware.ClickPotato) -> Quarantined and deleted successfully. c:\program files\clickpotatolite\bin\10.0.628.0\firefox\extensions\plugins (Adware.ClickPotato) -> Quarantined and deleted successfully. c:\program files\resultbar (Adware.ResultBar) -> Quarantined and deleted successfully. c:\programdata\microsoft\Windows\start menu\Programs\clickpotato (Adware.ClickPotato) -> Quarantined and deleted successfully. Bestanden geïnfecteerd: c:\programdata\resultbar\resultbar113.exe (Adware.ResultBar) -> Quarantined and deleted successfully. c:\program files\resultbar\resultbar.dll (Adware.Agent.Gen) -> Quarantined and deleted successfully. c:\program files\resultbar\resultbar.exe (Adware.ResultBar) -> Quarantined and deleted successfully. c:\program files\clickpotatolite\bin\10.0.628.0\clickpotatolitesahook.dll (Adware.ClickPotato) -> Delete on reboot. c:\program files\clickpotatolite\bin\10.0.628.0\clickpotatolitesaax.dll (Adware.ClickPotato) -> Quarantined and deleted successfully. c:\program files\clickpotatolite\bin\10.0.628.0\clickpotatolitesabho.dll (Adware.ClickPotato) -> Quarantined and deleted successfully. c:\Users\Elham\Desktop\xvidsetup.exe (Adware.Hotbar) -> Quarantined and deleted successfully. c:\Windows\Temp\RES4AD5.tmp\upgrade.exe (Adware.Dropper.Gen) -> Quarantined and deleted successfully. c:\programdata\bardiscover\bardiscover141.exe (Adware.BarDiscover) -> Quarantined and deleted successfully. c:\programdata\clickpotatolitesa\clickpotatolitesa.dat (Adware.ClickPotato) -> Quarantined and deleted successfully. c:\programdata\clickpotatolitesa\clickpotatolitesaabout.mht (Adware.ClickPotato) -> Quarantined and deleted successfully. c:\programdata\clickpotatolitesa\clickpotatolitesaau.dat (Adware.ClickPotato) -> Quarantined and deleted successfully. c:\programdata\clickpotatolitesa\clickpotatolitesaeula.mht (Adware.ClickPotato) -> Quarantined and deleted successfully. c:\programdata\clickpotatolitesa\clickpotatolitesa_kyf.dat (Adware.ClickPotato) -> Quarantined and deleted successfully. c:\program files\bardiscover\bardiscover.exe (Adware.BarDiscover) -> Quarantined and deleted successfully. c:\program files\bardiscover\uninstall.exe (Adware.BarDiscover) -> Quarantined and deleted successfully. c:\program files\clickpotatolite\bin\10.0.628.0\clickpotatolitesa.exe (Adware.ClickPotato) -> Quarantined and deleted successfully. c:\program files\clickpotatolite\bin\10.0.628.0\clickpotatoliteuninstaller.exe (Adware.ClickPotato) -> Quarantined and deleted successfully. c:\program files\clickpotatolite\bin\10.0.628.0\launchhelp.dll (Adware.ClickPotato) -> Quarantined and deleted successfully. c:\program files\clickpotatolite\bin\10.0.628.0\firefox\extensions\install.rdf (Adware.ClickPotato) -> Quarantined and deleted successfully. c:\program files\clickpotatolite\bin\10.0.628.0\firefox\extensions\plugins\npclntax_clickpotatolitesa.dll (Adware.ClickPotato) -> Quarantined and deleted successfully. c:\programdata\microsoft\Windows\start menu\Programs\clickpotato\About Us.lnk (Adware.ClickPotato) -> Quarantined and deleted successfully. c:\programdata\microsoft\Windows\start menu\Programs\clickpotato\clickpotato customer support.lnk (Adware.ClickPotato) -> Quarantined and deleted successfully. c:\programdata\microsoft\Windows\start menu\Programs\clickpotato\clickpotato uninstall instructions.lnk (Adware.ClickPotato) -> Quarantined and deleted successfully. en hier is de nieuwe Hijackthis logje: Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 21:47:24, on 12-12-2010 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v7.00 (7.00.6002.18005) Boot mode: Normal Running processes: C:\Windows\system32\taskeng.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\system32\taskeng.exe C:\Program Files\Sony\Wireless Switch Setting Utility\Switcher.exe C:\Program Files\Sony\VAIO Update 5\VAIOUpdt.exe C:\Program Files\Apoint\Apoint.exe C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe C:\Program Files\AVG\AVG8\avgtray.exe C:\Program Files\Apoint\ApMsgFwd.exe C:\Program Files\Apoint\Apntex.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Windows\ehome\ehtray.exe C:\Windows\ehome\ehmsas.exe C:\Windows\system32\wbem\unsecapp.exe C:\Program Files\Internet Explorer\ieuser.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\HP\Smart Web Printing\hpswp_clipbook.exe C:\Windows\system32\Macromed\Flash\FlashUtil10i_ActiveX.exe C:\Program Files\Trend Micro\HijackThis\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,SearchAssistant = Search R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Search R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Search R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Yahoo! R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Yahoo! R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = Yahoo! SearchBar Home Page R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Yahoo! R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Yahoo! R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = Search R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = Yahoo! R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R3 - URLSearchHook: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll O1 - Hosts: ::1 localhost O2 - BHO: HP Print Clips - {053F9267-DC04-4294-A72C-58F732D338C0} - C:\Program Files\HP\Smart Web Printing\hpswp_framework.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\PROGRA~1\GOOGLE~1\BAE.dll O3 - Toolbar: AVG Security Toolbar - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe O4 - HKLM\..\Run: [symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll" O4 - HKLM\..\Run: [NeroFilterCheck] C:\Windows\system32\NeroCheck.exe O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE') O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\Elham\AppData\Roaming\DVDVideoSoftIEHelpers\youtubetomp3.htm O9 - Extra button: HP Clipboek - {58ECB495-38F0-49cb-A538-10282ABF65E7} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll O9 - Extra button: HP Slim selecteren - {700259D7-1666-479a-93B1-3250410481E8} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL O16 - DPF: {140E4DF8-9E14-4A34-9577-C77561ED7883} (SysInfo Class) - http://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_cyri_4.1.64.0.cab O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownload/srl/3.0.0.0/srl_bin/sysreqlab3.cab O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - http://download.divx.com/player/DivXBrowserPlugin.cab O16 - DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} (NVIDIA Smart Scan) - http://www.nvidia.com/content/DriverDownload/nforce/NvidiaSmartScan.cab O18 - Protocol: avgsecuritytoolbar - {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll O20 - AppInit_DLLs: avgrsstx.dll O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll O23 - Service: Adobe Active File Monitor V5 (AdobeActiveFileMonitor5.0) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 5.0\PhotoshopElementsFileAgent.exe O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: AVG Security Toolbar Service - Unknown owner - C:\Program Files\AVG\AVG8\Toolbar\ToolbarBroker.exe O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing) O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\Windows\System32\LEXBCES.EXE O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing) O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AvLib\MSCSPTISRV.exe O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing) O23 - Service: PACSPTISVR - Unknown owner - C:\Program Files\Common Files\Sony Shared\AvLib\PACSPTISVR.exe O23 - Service: SonicStage Back-End Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AvLib\SsBeSvc.exe O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AvLib\SPTISRV.exe O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AvLib\SSScsiSV.exe O23 - Service: SigmaTel Audio Service (STacSV) - SigmaTel, Inc. - C:\Windows\system32\stacsv.exe O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe O23 - Service: VAIO Event Service - Sony Corporation - C:\Program Files\sony\VAIO Event Service\VESMgr.exe O23 - Service: VAIO Media Integrated Server (VAIOMediaPlatform-IntegratedServer-AppServer) - Sony Corporation - C:\Program Files\sony\VAIO Media Integrated Server\VMISrv.exe O23 - Service: VAIO Media Integrated Server (HTTP) (VAIOMediaPlatform-IntegratedServer-HTTP) - Sony Corporation - C:\Program Files\sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe O23 - Service: VAIO Media Integrated Server (UPnP) (VAIOMediaPlatform-IntegratedServer-UPnP) - Sony Corporation - C:\Program Files\sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe O23 - Service: VAIO Media Gateway Server (VAIOMediaPlatform-Mobile-Gateway) - Sony Corporation - C:\Program Files\sony\VAIO Media Integrated Server\Platform\VmGateway.exe O23 - Service: VAIO Media Content Collection (VAIOMediaPlatform-UCLS-AppServer) - Sony Corporation - C:\Program Files\sony\VAIO Media Integrated Server\UCLS.exe O23 - Service: VAIO Media Content Collection (HTTP) (VAIOMediaPlatform-UCLS-HTTP) - Sony Corporation - C:\Program Files\sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe O23 - Service: VAIO Media Content Collection (UPnP) (VAIOMediaPlatform-UCLS-UPnP) - Sony Corporation - C:\Program Files\sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe O23 - Service: VAIO Entertainment UPnP Client Adapter (Vcsw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe O23 - Service: VUAgent - Sony Corporation - C:\Program Files\sony\VAIO Update 5\VUAgent.exe O23 - Service: VAIO Entertainment Database Service (VzCdbSvc) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe O23 - Service: VAIO Entertainment File Import Service (VzFw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe -- End of file - 11359 bytes
- 12 december 2010
- 7 antwoorden
Resultbar

elham reageerde op elham's topic in Archief Bestrijding malware & virussen

Hier is alvast een Hijackthis logje: Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 19:07:29, on 12-12-2010 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v7.00 (7.00.6002.18005) Boot mode: Normal Running processes: C:\Windows\system32\taskeng.exe C:\Windows\system32\taskeng.exe C:\Program Files\Sony\Wireless Switch Setting Utility\Switcher.exe C:\Program Files\Sony\VAIO Update 5\VAIOUpdt.exe C:\Windows\Explorer.EXE C:\Program Files\Apoint\Apoint.exe C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe C:\Program Files\AVG\AVG8\avgtray.exe C:\Program Files\ClickPotatoLite\bin\10.0.628.0\ClickPotatoLiteSA.exe C:\Program Files\Apoint\ApMsgFwd.exe C:\Windows\ehome\ehtray.exe C:\Windows\ehome\ehmsas.exe C:\Program Files\Apoint\Apntex.exe C:\Windows\system32\wbem\unsecapp.exe C:\Program Files\Windows Media Player\wmplayer.exe C:\Program Files\VideoLAN\VLC\vlc.exe C:\Program Files\Internet Explorer\ieuser.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\HP\Smart Web Printing\hpswp_clipbook.exe C:\Windows\system32\Macromed\Flash\FlashUtil10i_ActiveX.exe C:\Windows\system32\Dwm.exe C:\Windows\system32\conime.exe C:\Program Files\AVG\AVG8\avgcsrvx.exe C:\Program Files\Trend Micro\HijackThis\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,SearchAssistant = Search R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Search R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Search R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Yahoo! R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Yahoo! R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = Yahoo! SearchBar Home Page R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Yahoo! R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Yahoo! R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = Search R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = Yahoo! R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R3 - URLSearchHook: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll O1 - Hosts: ::1 localhost O2 - BHO: HP Print Clips - {053F9267-DC04-4294-A72C-58F732D338C0} - C:\Program Files\HP\Smart Web Printing\hpswp_framework.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\PROGRA~1\GOOGLE~1\BAE.dll O3 - Toolbar: AVG Security Toolbar - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe O4 - HKLM\..\Run: [symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll" O4 - HKLM\..\Run: [NeroFilterCheck] C:\Windows\system32\NeroCheck.exe O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [ClickPotatoLiteSA] "C:\Program Files\ClickPotatoLite\bin\10.0.628.0\ClickPotatoLiteSA.exe" O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O4 - HKCU\..\RunOnce: [shockwave Updater] C:\Windows\System32\Adobe\SHOCKW~1\SWHELP~2.EXE -Update -1103472 -"Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0; SLCC1; .NET CLR 2.0.50727; Media Center PC 5.0; .NET CLR 3.5.30729; .NET CLR 3.0.30729)" -"Lesson Info: Sight vs. Sound Reactions Gizmo | ExploreLearning" O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE') O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\Elham\AppData\Roaming\DVDVideoSoftIEHelpers\youtubetomp3.htm O9 - Extra button: HP Clipboek - {58ECB495-38F0-49cb-A538-10282ABF65E7} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll O9 - Extra button: HP Slim selecteren - {700259D7-1666-479a-93B1-3250410481E8} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL O9 - Extra button: ClickPotato - {B58926D6-CFB0-45d2-9C28-4B5A0F0368AE} - C:\Program Files\ClickPotatoLite\bin\10.0.628.0\ClickPotatoLiteSABHO.dll O16 - DPF: {140E4DF8-9E14-4A34-9577-C77561ED7883} (SysInfo Class) - http://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_cyri_4.1.64.0.cab O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownload/srl/3.0.0.0/srl_bin/sysreqlab3.cab O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - http://download.divx.com/player/DivXBrowserPlugin.cab O16 - DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} (NVIDIA Smart Scan) - http://www.nvidia.com/content/DriverDownload/nforce/NvidiaSmartScan.cab O18 - Protocol: avgsecuritytoolbar - {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll O20 - AppInit_DLLs: avgrsstx.dll O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll O23 - Service: Adobe Active File Monitor V5 (AdobeActiveFileMonitor5.0) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 5.0\PhotoshopElementsFileAgent.exe O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: AVG Security Toolbar Service - Unknown owner - C:\Program Files\AVG\AVG8\Toolbar\ToolbarBroker.exe O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe O23 - Service: BarDiscover Service - Unknown owner - C:\ProgramData\BarDiscover\bardiscover141.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing) O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\Windows\System32\LEXBCES.EXE O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing) O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AvLib\MSCSPTISRV.exe O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing) O23 - Service: PACSPTISVR - Unknown owner - C:\Program Files\Common Files\Sony Shared\AvLib\PACSPTISVR.exe O23 - Service: ResultBar Service - Unknown owner - C:\ProgramData\ResultBar\resultbar113.exe O23 - Service: SonicStage Back-End Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AvLib\SsBeSvc.exe O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AvLib\SPTISRV.exe O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AvLib\SSScsiSV.exe O23 - Service: SigmaTel Audio Service (STacSV) - SigmaTel, Inc. - C:\Windows\system32\stacsv.exe O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe O23 - Service: VAIO Event Service - Sony Corporation - C:\Program Files\sony\VAIO Event Service\VESMgr.exe O23 - Service: VAIO Media Integrated Server (VAIOMediaPlatform-IntegratedServer-AppServer) - Sony Corporation - C:\Program Files\sony\VAIO Media Integrated Server\VMISrv.exe O23 - Service: VAIO Media Integrated Server (HTTP) (VAIOMediaPlatform-IntegratedServer-HTTP) - Sony Corporation - C:\Program Files\sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe O23 - Service: VAIO Media Integrated Server (UPnP) (VAIOMediaPlatform-IntegratedServer-UPnP) - Sony Corporation - C:\Program Files\sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe O23 - Service: VAIO Media Gateway Server (VAIOMediaPlatform-Mobile-Gateway) - Sony Corporation - C:\Program Files\sony\VAIO Media Integrated Server\Platform\VmGateway.exe O23 - Service: VAIO Media Content Collection (VAIOMediaPlatform-UCLS-AppServer) - Sony Corporation - C:\Program Files\sony\VAIO Media Integrated Server\UCLS.exe O23 - Service: VAIO Media Content Collection (HTTP) (VAIOMediaPlatform-UCLS-HTTP) - Sony Corporation - C:\Program Files\sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe O23 - Service: VAIO Media Content Collection (UPnP) (VAIOMediaPlatform-UCLS-UPnP) - Sony Corporation - C:\Program Files\sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe O23 - Service: VAIO Entertainment UPnP Client Adapter (Vcsw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe O23 - Service: VUAgent - Sony Corporation - C:\Program Files\sony\VAIO Update 5\VUAgent.exe O23 - Service: VAIO Entertainment Database Service (VzCdbSvc) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe O23 - Service: VAIO Entertainment File Import Service (VzFw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe -- End of file - 12209 bytes
- 12 december 2010
- 7 antwoorden
Resultbar

elham plaatste een topic in Archief Bestrijding malware & virussen

Hallo, Mijn AVG, geeft telkens een bedreiging aan genaamd''Resultbar'', ik verdwijder het en na een paar sec. krijg ik weer die melding, en dit blijf zich herhalen.
- 12 december 2010
- 7 antwoorden
Dringend Hulp nodig!!!

elham reageerde op elham's topic in Archief Bestrijding malware & virussen

Ah ok, dan ga ik dat maar doen, Dank jullie voor jullie hulp en tijd!! Mvg. Elham
- 11 september 2010
- 22 antwoorden
Dringend Hulp nodig!!!

elham reageerde op elham's topic in Archief Bestrijding malware & virussen

merk: Packard Bell model/type: UTOW-SFR MSN model: SFCOO S/N: 102514990379 P/N: P880X11386 Product Name: IMEDIA J9300 AIO Is dit genoeg, of...?
- 9 september 2010
- 22 antwoorden
Dringend Hulp nodig!!!

elham reageerde op elham's topic in Archief Bestrijding malware & virussen

ik het uitgeschakeld en als ik windows opstart krijg ik die geen foute melding meer. Maar is het niet erg als activ board uitgeschakeld blijft??
- 9 september 2010
- 22 antwoorden
Dringend Hulp nodig!!!

elham reageerde op elham's topic in Archief Bestrijding malware & virussen

ja ik krijg nog steeeds weer die fout melding van activeboard aplication als ik windows start
- 8 september 2010
- 22 antwoorden
Dringend Hulp nodig!!!

elham reageerde op elham's topic in Archief Bestrijding malware & virussen

Ik heb daar nu geen last meer van, maar telkens als ik de pc opstart krijg ik een melding dat ''activboard aplication'' niet meer werkt en wordt dan afgesloten, wat betekent eigenlijk dit? Want verder werkt mijn PC weer inorde..
- 8 september 2010
- 22 antwoorden
Dringend Hulp nodig!!!

elham reageerde op elham's topic in Archief Bestrijding malware & virussen

Hier de is de combofix logbestand: ComboFix 10-09-07.01 - elham 07-09-2010 20:43:22.2.2 - x86 Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.31.1043.18.3070.1865 [GMT 2:00] Gestart vanuit: c:\users\elham\Desktop\ComboFix.exe gebruikte Opdracht switches :: c:\users\elham\Desktop\CFScript.txt SP: Windows Defender *disabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46} FILE :: "c:\programdata\54UGY1.dat" . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\programdata\54UGY1.dat c:\users\elham\AppData\Local\gnpqhgtnc c:\users\elham\AppData\Local\gnpqhgtnc\udrrtfhuqiw.exe . (((((((((((((((((((( Bestanden Gemaakt van 2010-08-07 to 2010-09-07 )))))))))))))))))))))))))))))) . 2010-09-07 18:54 . 2010-09-07 18:54 -------- d-----w- c:\users\elham\AppData\Local\temp 2010-09-07 18:54 . 2010-09-07 18:54 -------- d-----w- c:\users\Public\AppData\Local\temp 2010-09-07 18:54 . 2010-09-07 18:54 -------- d-----w- c:\users\Default\AppData\Local\temp 2010-09-07 18:54 . 2010-09-07 18:54 -------- d-----w- c:\users\Arash\AppData\Local\temp 2010-09-07 13:38 . 2010-09-07 13:38 -------- d-----w- c:\users\elham\AppData\Roaming\Malwarebytes 2010-09-07 13:37 . 2010-04-29 13:39 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2010-09-07 13:37 . 2010-09-07 13:37 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2010-09-07 13:37 . 2010-09-07 13:37 -------- d-----w- c:\programdata\Malwarebytes 2010-09-07 13:37 . 2010-04-29 13:39 20952 ----a-w- c:\windows\system32\drivers\mbam.sys 2010-09-07 13:03 . 2010-09-07 13:03 388096 ----a-r- c:\users\elham\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe 2010-09-07 13:03 . 2010-09-07 13:03 -------- d-----w- c:\program files\Trend Micro 2010-09-07 12:23 . 2010-02-23 11:35 149456 ----a-w- c:\windows\SGDetectionTool.dll 2010-09-07 12:23 . 2010-02-23 11:35 165840 ----a-w- c:\windows\PCTBDRes.dll 2010-09-07 12:23 . 2010-02-23 11:35 1652688 ----a-w- c:\windows\PCTBDCore.dll 2010-09-07 12:23 . 2010-02-23 11:35 767952 ----a-w- c:\windows\BDTSupport.dll 2010-09-07 12:23 . 2009-10-27 23:36 1152444 ----a-w- c:\windows\UDB.zip 2010-09-07 12:23 . 2008-11-26 10:08 131 ----a-w- c:\windows\IDB.zip 2010-09-07 12:21 . 2010-07-16 12:59 656320 ----a-w- c:\windows\system32\drivers\pctEFA.sys 2010-09-07 12:21 . 2010-07-16 12:59 338880 ----a-w- c:\windows\system32\drivers\pctDS.sys 2010-09-07 12:21 . 2010-08-28 09:28 102184 ----a-w- c:\windows\system32\drivers\pctwfpfilter.sys 2010-09-07 12:21 . 2010-08-28 09:25 247824 ----a-w- c:\windows\system32\drivers\pctgntdi.sys 2010-09-07 12:21 . 2010-08-27 08:13 159296 ----a-w- c:\windows\system32\drivers\PCTAppEvent.sys 2010-09-07 12:21 . 2010-08-18 11:51 237632 ----a-w- c:\windows\system32\drivers\PCTCore.sys 2010-09-07 12:20 . 2010-08-27 06:26 70536 ----a-w- c:\windows\system32\drivers\pctplsg.sys 2010-09-07 12:20 . 2010-08-27 06:26 123968 ----a-w- c:\windows\system32\drivers\pctplfw.sys 2010-09-07 12:20 . 2010-08-27 06:25 79672 ----a-w- c:\windows\system32\drivers\pctNdis-PacketFilter.sys 2010-09-07 12:20 . 2010-08-10 14:58 31960 ----a-w- c:\windows\system32\drivers\pctNdis-DNS.sys 2010-09-07 12:20 . 2010-09-07 12:25 -------- d-----w- c:\program files\Common Files\PC Tools 2010-09-07 12:20 . 2010-09-07 18:46 -------- d-----w- c:\program files\PC Tools Security 2010-09-07 12:20 . 2010-09-07 12:20 -------- d-----w- c:\users\elham\AppData\Roaming\PC Tools 2010-09-07 12:08 . 2010-09-07 12:10 80729096 ----a-w- c:\programdata\PC Tools\DownloadManager\Spyware Doctor8.0\sdsetup_aff_dl.exe 2010-09-07 12:08 . 2010-09-07 12:20 -------- d-----w- c:\programdata\PC Tools 2010-09-06 17:31 . 2010-09-07 13:35 -------- d-----w- c:\users\elham\AppData\Local\Windows 2010-09-06 06:58 . 2010-09-06 06:58 -------- d-----w- c:\program files\Real Alternative 2010-09-06 06:58 . 2010-09-06 06:58 -------- d-----w- c:\users\elham\AppData\Local\Real 2010-09-06 06:58 . 2007-06-03 12:31 10752 ----a-w- c:\windows\system32\ff_vfw.dll 2010-09-06 06:58 . 2007-04-24 15:30 60273 ----a-w- c:\windows\system32\pthreadGC2.dll 2010-09-06 06:58 . 2010-09-06 06:58 -------- d-----w- c:\program files\AviSynth 2.5 2010-09-06 06:58 . 2010-09-06 17:51 -------- d-----w- c:\program files\The FilmMachine 2010-08-14 12:14 . 2010-08-14 12:14 -------- d--h--w- c:\programdata\CanonIJSolutionMenu 2010-08-14 12:14 . 2010-08-14 12:14 -------- d--h--w- c:\programdata\CanonIJMyPrinter 2010-08-14 12:14 . 2010-09-01 05:36 -------- d-----w- c:\programdata\CanonIJPLM 2010-08-14 11:35 . 2010-08-14 11:35 -------- d-----w- c:\program files\Common Files\CANON 2010-08-14 11:31 . 2010-08-14 11:31 -------- d--h--w- c:\programdata\CanonBJ 2010-08-14 11:31 . 2009-03-24 03:00 70656 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\CNMPP9Z.DLL 2010-08-14 11:31 . 2009-03-24 03:00 27648 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\CNMPD9Z.DLL 2010-08-14 11:30 . 2010-08-14 11:30 -------- d--h--w- c:\windows\system32\CanonIJ Uninstaller Information 2010-08-14 11:30 . 2009-04-03 14:00 1310720 ----a-w- c:\windows\system32\CNC550C.dll 2010-08-14 11:30 . 2009-04-03 13:59 110592 ----a-w- c:\windows\system32\CNC550I.dll 2010-08-14 11:30 . 2009-04-03 13:57 106496 ----a-w- c:\windows\system32\CNC550U.dll 2010-08-14 11:30 . 2009-03-19 12:38 303104 ----a-w- c:\windows\system32\CNC550L.dll 2010-08-14 11:30 . 2008-08-25 16:02 15872 ----a-w- c:\windows\system32\CNHMCA.dll 2010-08-14 11:27 . 2009-03-24 03:00 272384 ----a-w- c:\windows\system32\CNMLM9Z.DLL 2010-08-14 11:27 . 2009-02-04 13:17 90112 ----a-w- c:\windows\system32\CNC550O.dll 2010-08-14 11:27 . 2009-03-18 09:09 178176 ----a-w- c:\windows\system32\CNMIU9Z.DLL 2010-08-14 11:27 . 2010-08-14 11:27 -------- d--h--w- c:\program files\CanonBJ 2010-08-14 11:24 . 2010-08-14 12:14 -------- d-----w- c:\program files\Canon . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2010-09-07 18:34 . 2010-06-11 14:59 52693 ----a-w- c:\programdata\nvModes.dat 2010-09-07 15:16 . 2007-12-26 22:41 676772 ----a-w- c:\windows\system32\perfh013.dat 2010-09-07 15:16 . 2007-12-26 22:41 131268 ----a-w- c:\windows\system32\perfc013.dat 2010-09-07 14:06 . 2009-11-13 14:16 -------- d-----w- c:\program files\Steam 2010-09-06 17:51 . 2010-05-23 18:02 57344 ----a-w- c:\programdata\DivX\RunAsUser\RUNASUSERPROCESS.dll 2010-09-06 17:51 . 2010-05-23 17:58 -------- d-----w- c:\programdata\DivX 2010-09-06 17:51 . 2010-05-23 18:01 -------- d-----w- c:\program files\Common Files\PX Storage Engine 2010-09-06 17:51 . 2010-05-23 17:59 -------- d-----w- c:\program files\DivX 2010-09-06 17:39 . 2009-07-08 13:26 -------- d-----w- c:\users\elham\AppData\Roaming\DNA 2010-09-06 17:39 . 2008-10-09 19:25 -------- d-----w- c:\users\elham\AppData\Roaming\uTorrent 2010-08-31 12:50 . 2009-11-13 14:17 -------- d-----w- c:\program files\Common Files\Steam 2010-08-27 17:20 . 2009-03-14 21:01 -------- d-----w- c:\users\elham\AppData\Roaming\dvdcss 2010-08-13 08:52 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail 2010-08-13 08:51 . 2010-06-22 14:05 -------- d-----w- c:\programdata\Microsoft Help 2010-08-03 09:26 . 2009-02-21 11:39 243024 ----a-w- c:\windows\system32\drivers\avgtdix.sys 2010-08-03 09:26 . 2010-08-03 09:26 12536 ----a-w- c:\windows\system32\avgrsstx.dll 2010-08-03 09:26 . 2009-02-21 11:39 216400 ----a-w- c:\windows\system32\drivers\avgldx86.sys 2010-07-02 14:21 . 2010-04-18 13:22 70608 ----a-w- c:\users\Arash\AppData\Local\GDIPFONTCACHEV1.DAT 2010-06-26 06:05 . 2010-08-12 11:39 916480 ----a-w- c:\windows\system32\wininet.dll 2010-06-26 06:02 . 2010-08-12 11:39 109056 ----a-w- c:\windows\system32\iesysprep.dll 2010-06-26 06:02 . 2010-08-12 11:39 71680 ----a-w- c:\windows\system32\iesetup.dll 2010-06-26 04:25 . 2010-08-12 11:39 133632 ----a-w- c:\windows\system32\ieUnatt.exe 2010-06-22 18:43 . 2008-02-19 20:47 70608 ----a-w- c:\users\elham\AppData\Local\GDIPFONTCACHEV1.DAT 2010-06-22 16:57 . 2010-06-21 14:28 138720 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys 2010-06-22 16:57 . 2010-06-21 14:28 202112 ----a-w- c:\windows\system32\PnkBstrB.exe 2010-06-21 14:28 . 2009-08-19 16:48 22328 ----a-w- c:\users\elham\AppData\Roaming\PnkBstrK.sys 2010-06-21 14:28 . 2009-08-19 16:48 22328 ----a-w- c:\users\elham\AppData\Roaming\PnkBstrK.sys 2010-06-21 14:28 . 2010-06-21 14:28 669184 ----a-w- c:\windows\system32\pbsvc.exe 2010-06-21 14:28 . 2010-06-21 14:28 66872 ----a-w- c:\windows\system32\PnkBstrA.exe 2010-06-21 13:37 . 2010-08-12 11:39 2037760 ----a-w- c:\windows\system32\win32k.sys 2010-06-18 17:31 . 2010-08-12 11:39 36864 ----a-w- c:\windows\system32\rtutils.dll 2010-06-18 15:04 . 2010-08-12 11:39 302080 ----a-w- c:\windows\system32\drivers\srv.sys 2010-06-18 15:04 . 2010-08-12 11:39 144896 ----a-w- c:\windows\system32\drivers\srv2.sys 2010-06-16 16:04 . 2010-08-12 11:39 905088 ----a-w- c:\windows\system32\drivers\tcpip.sys 2010-06-16 07:59 . 2010-03-28 16:28 43 ----a-w- c:\users\elham\jagex__preferences3.dat 2010-06-16 07:59 . 2008-11-22 10:52 45 ----a-w- c:\users\elham\jagex_runescape_preferences.dat 2010-06-16 07:57 . 2009-09-08 17:01 87 ----a-w- c:\users\elham\jagex_runescape_preferences2.dat 2010-06-11 16:16 . 2010-08-12 11:39 274944 ----a-w- c:\windows\system32\schannel.dll 2010-06-11 16:15 . 2010-08-12 11:39 1248768 ----a-w- c:\windows\system32\msxml3.dll 2006-10-11 08:04 . 2007-12-26 14:39 61036 ----a-w- c:\program files\mozilla firefox\components\jar50.dll 2006-10-11 08:04 . 2007-12-26 14:39 48742 ----a-w- c:\program files\mozilla firefox\components\jsd3250.dll 2006-10-11 08:05 . 2007-12-26 14:39 29313 ----a-w- c:\program files\mozilla firefox\components\myspell.dll 2006-10-11 08:05 . 2007-12-26 14:39 41082 ----a-w- c:\program files\mozilla firefox\components\spellchk.dll 2006-10-11 08:04 . 2007-12-26 14:39 166510 ----a-w- c:\program files\mozilla firefox\components\xpinstal.dll 2007-12-26 22:54 . 2007-12-26 22:53 8192 --sha-w- c:\windows\Users\Default\NTUSER.DAT . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks] "{A3BC75A2-1F87-4686-AA43-5347D756017C}"= "c:\program files\AVG\AVG9\Toolbar\IEToolbar.dll" [2010-04-19 2117704] [HKEY_CLASSES_ROOT\clsid\{a3bc75a2-1f87-4686-aa43-5347d756017c}] [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A3BC75A2-1F87-4686-AA43-5347D756017C}] 2010-04-19 08:25 2117704 ----a-w- c:\program files\AVG\AVG9\Toolbar\IEToolbar.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "{CCC7A320-B3CA-4199-B1A6-9F516DD69829}"= "c:\program files\AVG\AVG9\Toolbar\IEToolbar.dll" [2010-04-19 2117704] [HKEY_CLASSES_ROOT\clsid\{ccc7a320-b3ca-4199-b1a6-9f516dd69829}] [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser] "{CCC7A320-B3CA-4199-B1A6-9F516DD69829}"= "c:\program files\AVG\AVG9\Toolbar\IEToolbar.dll" [2010-04-19 2117704] [HKEY_CLASSES_ROOT\clsid\{ccc7a320-b3ca-4199-b1a6-9f516dd69829}] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "MsnMsgr"="c:\program files\Windows Live\Messenger\MsnMsgr.Exe" [2009-07-26 3883856] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2008-01-19 1008184] "RtHDVCpl"="RtHDVCpl.exe" [2007-03-01 4390912] "RoxWatchTray"="c:\program files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe" [2007-01-11 232184] "ACTIVBOARD"="c:\program files\Packard Bell\FIJI\aboard.exe" [2007-01-18 79416] "WPCUMI"="c:\windows\system32\WpcUmi.exe" [2006-11-02 176128] "AVG9_TRAY"="c:\progra~1\AVG\AVG9\avgtray.exe" [2010-08-03 2065760] "CanonMyPrinter"="c:\program files\Canon\MyPrinter\BJMyPrt.exe" [2009-07-27 1983816] "CanonSolutionMenu"="c:\program files\Canon\SolutionMenu\CNSLMAIN.exe" [2009-03-18 767312] "ISTray"="c:\program files\PC Tools Security\pctsGui.exe" [2010-08-31 1588184] "PCTools FGuard"="c:\program files\PC Tools Security\BDT\FGuard.exe" [2010-08-23 100304] "Malwarebytes Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2010-04-29 1090952] "toolbar_eula_launcher"="c:\program files\Packard Bell\GOOGLE_EULA\EULALauncher.exe" [2007-02-20 28672] "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2008-11-21 136600] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableUIADesktopToggle"= 0 (0x0) [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows] "AppInit_DLLs"=c:\windows\System32\avgrsstx.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "mixer1"=wdmaud.drv [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sr.sys] @="FSFilter System Recovery" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend] @="Service" [HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk] path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk backup=c:\windows\pss\HP Digital Imaging Monitor.lnk.CommonStartup backupExtension=.CommonStartup [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc] "VistaSp2"=hex(:41,d8,f9,67,89,3f,ca,01 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc\S-1-5-21-2234743482-642768739-2423768833-1002] "EnableNotificationsRef"=dword:00000001 R2 gupdate;Google Updateservice (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2009-12-28 135664] R2 SwOffWeb;Airytec Switch Off - Web Interface;c:\program files\Airytec\Switch Off\swoff.exe [2010-02-04 121344] R3 vaxscsi;vaxscsi;c:\windows\System32\Drivers\vaxscsi.sys [2008-11-02 223128] R4 sptd;sptd;c:\windows\system32\Drivers\sptd.sys [2009-08-19 722416] S0 PCTCore;PCTools KDS;c:\windows\system32\drivers\PCTCore.sys [2010-08-18 237632] S0 pctDS;PC Tools Data Store;c:\windows\system32\drivers\pctDS.sys [2010-07-16 338880] S1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\System32\Drivers\avgldx86.sys [2010-08-03 216400] S1 AvgTdiX;AVG Free8 Network Redirector;c:\windows\System32\Drivers\avgtdix.sys [2010-08-03 243024] S2 avg9emc;AVG Free E-mail Scanner;c:\program files\AVG\AVG9\avgemc.exe [2010-08-03 921952] S2 avg9wd;AVG Free WatchDog;c:\program files\AVG\AVG9\avgwdsvc.exe [2010-08-03 308136] S2 Browser Defender Update Service;Browser Defender Update Service;c:\program files\PC Tools Security\BDT\BDTUpdateService.exe [2010-02-23 112592] S2 sdAuxService;PC Tools Auxiliary Service;c:\program files\PC Tools Security\pctsAuxs.exe [2010-03-15 366840] S2 SwOffScheduler;Airytec Switch Off - Task Scheduler;c:\program files\Airytec\Switch Off\swoff.exe [2010-02-04 121344] S3 3xHybrid;ASUSTek SAA713x PCI Card;c:\windows\system32\DRIVERS\3xHybrid.sys [2007-01-16 1116800] S3 X10Hid;X10 Hid Device;c:\windows\system32\Drivers\x10hid.sys [2006-11-17 13976] --- Andere Services/Drivers In Geheugen --- *Deregistered* - PCTSDInjDriver32 [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12 hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache . Inhoud van de 'Gedeelde Taken' map 2010-09-07 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2009-12-28 13:38] 2010-09-07 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2009-12-28 13:38] 2010-09-07 c:\windows\Tasks\Recovery DVD Creator.job - c:\program files\Packard Bell\SetupMyPc\MCDCheck.exe [2007-12-26 16:34] 2010-09-07 c:\windows\Tasks\Uitgebreide garantie.job - c:\program files\Packard Bell\SetupmyPC\PBCarNot.exe [2007-12-26 16:38] 2010-09-07 c:\windows\Tasks\User_Feed_Synchronization-{F6F36224-B398-4ECF-9465-E681DEAB8C5E}.job - c:\windows\system32\msfeedssync.exe [2010-08-12 04:24] . . ------- Bijkomende Scan ------- . uStart Page = hxxp://www.speeleiland.nl/ uInternet Settings,ProxyOverride = <local> IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200 LSP: c:\windows\system32\wpclsp.dll LSP: c:\program files\Common Files\PC Tools\Lsp\PCTLsp.dll FF - ProfilePath - c:\users\elham\AppData\Roaming\Mozilla\Firefox\Profiles\4mqs7y65.default\ FF - prefs.js: browser.search.selectedEngine - Yahoo! Search FF - prefs.js: browser.startup.homepage - hxxp://mystart.hiyo.com/ FF - prefs.js: keyword.URL - hxxp://mystart.hiyo.com/?loc=ff_address&search= FF - component: c:\program files\AVG\AVG9\Toolbar\Firefox\avg@igeared\components\IGeared_tavgp_xputils2.dll FF - component: c:\program files\AVG\AVG9\Toolbar\Firefox\avg@igeared\components\IGeared_tavgp_xputils3.dll FF - component: c:\program files\AVG\AVG9\Toolbar\Firefox\avg@igeared\components\IGeared_tavgp_xputils35.dll FF - component: c:\program files\AVG\AVG9\Toolbar\Firefox\avg@igeared\components\xpavgtbapi.dll FF - component: c:\program files\Mozilla Firefox\components\xpinstal.dll FF - component: c:\program files\Mozilla Firefox\extensions\{46735dee-f862-49d1-876d-6382794dc625}\components\FFAlert.dll FF - component: c:\program files\Mozilla Firefox\extensions\talkback@mozilla.org\components\qfaservices.dll FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ ---- FIREFOX POLICIES ---- c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.allow_platform_file_picker", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.http.accept.default", "application/x-shockwave-flash,text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5"); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.cookie.p3plevel", 1); // 0=low, 1=medium, 2=high, 3=custom c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.enablePad", false); // Allow client to do proxy autodiscovery c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.search.param.Google.1.default", "chrome://branding/content/searchconfig.properties"); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.search.param.Google.1.custom", "chrome://branding/content/searchconfig.properties"); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.safebrowsing.remoteLookups", false); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.safebrowsing.provider.0.updateURL", "http://sb.google.com/safebrowsing/update?client={moz:client}&mozver={moz:version}-{moz:buildid}&"); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.safebrowsing.provider.0.lookupURL", "http://sb.google.com/safebrowsing/lookup?sourceid=firefox-antiphish&features=TrustRank&client={moz:client}&mozver={moz:version}-{moz:buildid}&"); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.safebrowsing.provider.0.reportURL", "http://sb.google.com/safebrowsing/report?"); . - - - - ORPHANS VERWIJDERD - - - - HKCU-Run-swg - c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2010-09-07 20:54 Windows 6.0.6002 Service Pack 2 NTFS scannen van verborgen processen ... scannen van verborgen autostart items ... scannen van verborgen bestanden ... Scan succesvol afgerond verborgen bestanden: 0 ************************************************************************** . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- [HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences] @Denied: (2) (LocalSystem) "88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15, d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,49,9e,a8,d6,b3,da,36,4b,a0,7d,7d,\ "2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15, d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,49,9e,a8,d6,b3,da,36,4b,a0,7d,7d,\ . Voltooingstijd: 2010-09-07 21:00:30 ComboFix-quarantined-files.txt 2010-09-07 19:00 ComboFix2.txt 2010-09-07 15:21 Pre-Run: 335.773.491.200 bytes beschikbaar Post-Run: 335.745.613.824 bytes beschikbaar - - End Of File - - E1EBF34BBFBF5603EE4EFFD12D277B6B hier is de HijackThis logje: Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 21:08:30, on 7-9-2010 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v8.00 (8.00.6001.18943) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\system32\taskeng.exe C:\Windows\RtHDVCpl.exe C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE C:\Program Files\PC Tools Security\pctsGui.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSHelpRunner.exe C:\Windows\system32\conime.exe C:\Windows\system32\notepad.exe C:\Windows\explorer.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Windows Live\Toolbar\wltuser.exe C:\Program Files\HP\Digital Imaging\smart web printing\hpswp_clipbook.exe C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe C:\Windows\system32\SearchFilterHost.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = SpeelEiland.nl - Spelletjes Spelen op Speel Eiland ! R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R3 - URLSearchHook: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll R3 - URLSearchHook: PC Tools Browser Guard - {472734EA-242A-422b-ADF8-83D1E48CC825} - C:\Program Files\PC Tools Security\BDT\PCTBrowserDefender.dll O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll O2 - BHO: Adobe PDF Reader Help bij koppelingen - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: Browser Defender BHO - {2A0F3D1B-0909-4FF4-B272-609CCE6054E7} - C:\Program Files\PC Tools Security\BDT\PCTBrowserDefender.dll O2 - BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Google\Google_BAE\BAE.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O3 - Toolbar: AVG Security Toolbar - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O3 - Toolbar: Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll O3 - Toolbar: PC Tools Browser Guard - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files\PC Tools Security\BDT\PCTBrowserDefender.dll O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe" O4 - HKLM\..\Run: [ACTIVBOARD] C:\Program Files\Packard Bell\FIJI\aboard.exe O4 - HKLM\..\Run: [WPCUMI] C:\Windows\system32\WpcUmi.exe O4 - HKLM\..\Run: [AVG9_TRAY] C:\PROGRA~1\AVG\AVG9\avgtray.exe O4 - HKLM\..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon O4 - HKLM\..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe /logon O4 - HKLM\..\Run: [iSTray] "C:\Program Files\PC Tools Security\pctsGui.exe" /hideGUI O4 - HKLM\..\Run: [PCTools FGuard] C:\Program Files\PC Tools Security\BDT\FGuard.exe O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript O4 - HKLM\..\Run: [toolbar_eula_launcher] C:\Program Files\Packard Bell\GOOGLE_EULA\EULALauncher.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\Office12\REFIEBAR.DLL O9 - Extra button: Toon of verberg HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w3/resources/VistaMSNPUpldnl-nl.cab O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O20 - AppInit_DLLs: C:\Windows\System32\avgrsstx.dll O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll O23 - Service: AVG Free E-mail Scanner (avg9emc) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgemc.exe O23 - Service: AVG Free WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgwdsvc.exe O23 - Service: Browser Defender Update Service - Unknown owner - C:\Program Files\PC Tools Security\BDT\BDTUpdateService.exe O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing) O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: Canon Inkjet Printer/Scanner/Fax Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing) O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe O23 - Service: PnkBstrB - Unknown owner - C:\Windows\system32\PnkBstrB.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\PC Tools Security\pctsAuxs.exe O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\PC Tools Security\pctsSvc.exe O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe O23 - Service: Airytec Switch Off - Task Scheduler (SwOffScheduler) - Airytec - C:\Program Files\Airytec\Switch Off\swoff.exe O23 - Service: Airytec Switch Off - Web Interface (SwOffWeb) - Airytec - C:\Program Files\Airytec\Switch Off\swoff.exe O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe -- End of file - 10415 bytes
- 7 september 2010
- 22 antwoorden
Dringend Hulp nodig!!!

elham reageerde op elham's topic in Archief Bestrijding malware & virussen

Het duurde wel even maar hier is de logbestand: ComboFix 10-09-06.04 - elham 07-09-2010 16:51:45.1.2 - x86 Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.31.1043.18.3070.1582 [GMT 2:00] Gestart vanuit: c:\users\elham\Desktop\ComboFix.exe SP: Windows Defender *disabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46} . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\progra~1\AVG\AVG9\avgtray.exe c:\program files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe c:\program files\Packard Bell\FIJI\aboard.exe c:\program files\PC Tools Security\BDT\FGuard.exe c:\program files\PC Tools Security\pctsGui.exe c:\programdata\5Pal1Ei0.exe c:\users\elham\AppData\Local\Windows Server c:\users\elham\AppData\Local\Windows Server\flags.ini c:\users\elham\AppData\Local\Windows Server\hlp.dat c:\users\elham\AppData\Local\Windows Server\server.dat c:\users\elham\AppData\Local\Windows Server\uses32.dat c:\users\elham\AppData\Roaming\inst.exe c:\users\elham\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Videos.url c:\users\elham\AppData\Roaming\Microsoft\Windows\Templates\memory.tmp c:\users\elham\Desktop\Videos.url c:\users\elham\FAVORI~1\Videos.url c:\users\elham\Favorites\Videos.url c:\windows\system32\AutoRun.inf <pre> c:\program files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9 .exe ---^> c:\program files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe c:\program files\Packard Bell\FIJI\aboard .exe ---^> c:\program files\Packard Bell\FIJI\aboard.exe c:\program files\PC Tools Security\pctsGui .exe ---^> c:\program files\PC Tools Security\pctsGui.exe c:\program files\PC Tools Security\BDT\FGuard .exe ---^> c:\program files\PC Tools Security\BDT\FGuard.exe </pre> . Besmet exemplaar van c:\windows\system32\drivers\atapi.sys werd aangetroffen en gedesinfecteerd Hersteld exemplaar van - Kitty ate it . (((((((((((((((((((( Bestanden Gemaakt van 2010-08-07 to 2010-09-07 )))))))))))))))))))))))))))))) . 2010-09-07 15:08 . 2010-09-07 15:14 -------- d-----w- c:\users\elham\AppData\Local\temp 2010-09-07 15:08 . 2010-09-07 15:08 -------- d-----w- c:\users\Default\AppData\Local\temp 2010-09-07 15:08 . 2010-09-07 15:08 -------- d-----w- c:\users\Arash\AppData\Local\temp 2010-09-07 13:38 . 2010-09-07 13:38 -------- d-----w- c:\users\elham\AppData\Roaming\Malwarebytes 2010-09-07 13:37 . 2010-04-29 13:39 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2010-09-07 13:37 . 2010-09-07 13:37 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2010-09-07 13:37 . 2010-09-07 13:37 -------- d-----w- c:\programdata\Malwarebytes 2010-09-07 13:37 . 2010-04-29 13:39 20952 ----a-w- c:\windows\system32\drivers\mbam.sys 2010-09-07 13:03 . 2010-09-07 13:03 -------- d-----w- c:\program files\Trend Micro 2010-09-07 12:23 . 2010-02-23 11:35 149456 ----a-w- c:\windows\SGDetectionTool.dll 2010-09-07 12:23 . 2010-02-23 11:35 165840 ----a-w- c:\windows\PCTBDRes.dll 2010-09-07 12:23 . 2010-02-23 11:35 1652688 ----a-w- c:\windows\PCTBDCore.dll 2010-09-07 12:23 . 2010-02-23 11:35 767952 ----a-w- c:\windows\BDTSupport.dll 2010-09-07 12:23 . 2009-10-27 23:36 1152444 ----a-w- c:\windows\UDB.zip 2010-09-07 12:23 . 2008-11-26 10:08 131 ----a-w- c:\windows\IDB.zip 2010-09-07 12:21 . 2010-07-16 12:59 656320 ----a-w- c:\windows\system32\drivers\pctEFA.sys 2010-09-07 12:21 . 2010-07-16 12:59 338880 ----a-w- c:\windows\system32\drivers\pctDS.sys 2010-09-07 12:21 . 2010-08-28 09:28 102184 ----a-w- c:\windows\system32\drivers\pctwfpfilter.sys 2010-09-07 12:21 . 2010-08-28 09:25 247824 ----a-w- c:\windows\system32\drivers\pctgntdi.sys 2010-09-07 12:21 . 2010-08-27 08:13 159296 ----a-w- c:\windows\system32\drivers\PCTAppEvent.sys 2010-09-07 12:21 . 2010-08-18 11:51 237632 ----a-w- c:\windows\system32\drivers\PCTCore.sys 2010-09-07 12:20 . 2010-08-27 06:26 70536 ----a-w- c:\windows\system32\drivers\pctplsg.sys 2010-09-07 12:20 . 2010-08-27 06:26 123968 ----a-w- c:\windows\system32\drivers\pctplfw.sys 2010-09-07 12:20 . 2010-08-27 06:25 79672 ----a-w- c:\windows\system32\drivers\pctNdis-PacketFilter.sys 2010-09-07 12:20 . 2010-08-10 14:58 31960 ----a-w- c:\windows\system32\drivers\pctNdis-DNS.sys 2010-09-07 12:20 . 2010-09-07 12:25 -------- d-----w- c:\program files\Common Files\PC Tools 2010-09-07 12:20 . 2010-09-07 15:14 -------- d-----w- c:\program files\PC Tools Security 2010-09-07 12:20 . 2010-09-07 12:20 -------- d-----w- c:\users\elham\AppData\Roaming\PC Tools 2010-09-07 12:08 . 2010-09-07 12:20 -------- d-----w- c:\programdata\PC Tools 2010-09-06 17:32 . 2010-09-06 17:32 -------- d-----w- c:\users\elham\AppData\Local\gnpqhgtnc 2010-09-06 17:31 . 2010-09-07 13:35 -------- d-----w- c:\users\elham\AppData\Local\Windows 2010-09-06 06:58 . 2010-09-06 06:58 -------- d-----w- c:\program files\Real Alternative 2010-09-06 06:58 . 2010-09-06 06:58 -------- d-----w- c:\users\elham\AppData\Local\Real 2010-09-06 06:58 . 2007-06-03 12:31 10752 ----a-w- c:\windows\system32\ff_vfw.dll 2010-09-06 06:58 . 2007-04-24 15:30 60273 ----a-w- c:\windows\system32\pthreadGC2.dll 2010-09-06 06:58 . 2010-09-06 06:58 -------- d-----w- c:\program files\AviSynth 2.5 2010-09-06 06:58 . 2010-09-06 17:51 -------- d-----w- c:\program files\The FilmMachine 2010-08-14 12:14 . 2010-08-14 12:14 -------- d--h--w- c:\programdata\CanonIJSolutionMenu 2010-08-14 12:14 . 2010-08-14 12:14 -------- d--h--w- c:\programdata\CanonIJMyPrinter 2010-08-14 12:14 . 2010-09-01 05:36 -------- d-----w- c:\programdata\CanonIJPLM 2010-08-14 11:35 . 2010-08-14 11:35 -------- d-----w- c:\program files\Common Files\CANON 2010-08-14 11:31 . 2010-08-14 11:31 -------- d--h--w- c:\programdata\CanonBJ 2010-08-14 11:31 . 2009-03-24 03:00 70656 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\CNMPP9Z.DLL 2010-08-14 11:31 . 2009-03-24 03:00 27648 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\CNMPD9Z.DLL 2010-08-14 11:30 . 2010-08-14 11:30 -------- d--h--w- c:\windows\system32\CanonIJ Uninstaller Information 2010-08-14 11:30 . 2009-04-03 14:00 1310720 ----a-w- c:\windows\system32\CNC550C.dll 2010-08-14 11:30 . 2009-04-03 13:59 110592 ----a-w- c:\windows\system32\CNC550I.dll 2010-08-14 11:30 . 2009-04-03 13:57 106496 ----a-w- c:\windows\system32\CNC550U.dll 2010-08-14 11:30 . 2009-03-19 12:38 303104 ----a-w- c:\windows\system32\CNC550L.dll 2010-08-14 11:30 . 2008-08-25 16:02 15872 ----a-w- c:\windows\system32\CNHMCA.dll 2010-08-14 11:27 . 2009-03-24 03:00 272384 ----a-w- c:\windows\system32\CNMLM9Z.DLL 2010-08-14 11:27 . 2009-02-04 13:17 90112 ----a-w- c:\windows\system32\CNC550O.dll 2010-08-14 11:27 . 2009-03-18 09:09 178176 ----a-w- c:\windows\system32\CNMIU9Z.DLL 2010-08-14 11:27 . 2010-08-14 11:27 -------- d--h--w- c:\program files\CanonBJ 2010-08-14 11:24 . 2010-08-14 12:14 -------- d-----w- c:\program files\Canon . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2010-09-07 15:16 . 2007-12-26 22:41 676772 ----a-w- c:\windows\system32\perfh013.dat 2010-09-07 15:16 . 2007-12-26 22:41 131268 ----a-w- c:\windows\system32\perfc013.dat 2010-09-07 15:14 . 2010-06-11 14:59 52693 ----a-w- c:\programdata\nvModes.dat 2010-09-07 14:06 . 2009-11-13 14:16 -------- d-----w- c:\program files\Steam 2010-09-07 13:03 . 2010-09-07 13:03 388096 ----a-r- c:\users\elham\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe 2010-09-07 12:32 . 2010-09-07 12:32 112 ----a-w- c:\programdata\54UGY1.dat 2010-09-07 12:10 . 2010-09-07 12:08 80729096 ----a-w- c:\programdata\PC Tools\DownloadManager\Spyware Doctor8.0\sdsetup_aff_dl.exe 2010-09-06 17:51 . 2010-05-23 18:02 57344 ----a-w- c:\programdata\DivX\RunAsUser\RUNASUSERPROCESS.dll 2010-09-06 17:51 . 2010-05-23 17:58 -------- d-----w- c:\programdata\DivX 2010-09-06 17:51 . 2010-05-23 18:01 -------- d-----w- c:\program files\Common Files\PX Storage Engine 2010-09-06 17:51 . 2010-05-23 17:59 -------- d-----w- c:\program files\DivX 2010-09-06 17:39 . 2009-07-08 13:26 -------- d-----w- c:\users\elham\AppData\Roaming\DNA 2010-09-06 17:39 . 2008-10-09 19:25 -------- d-----w- c:\users\elham\AppData\Roaming\uTorrent 2010-08-31 12:50 . 2009-11-13 14:17 -------- d-----w- c:\program files\Common Files\Steam 2010-08-27 17:20 . 2009-03-14 21:01 -------- d-----w- c:\users\elham\AppData\Roaming\dvdcss 2010-08-13 08:52 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail 2010-08-13 08:51 . 2010-06-22 14:05 -------- d-----w- c:\programdata\Microsoft Help 2010-08-03 09:26 . 2009-02-21 11:39 243024 ----a-w- c:\windows\system32\drivers\avgtdix.sys 2010-08-03 09:26 . 2010-08-03 09:26 12536 ----a-w- c:\windows\system32\avgrsstx.dll 2010-08-03 09:26 . 2009-02-21 11:39 216400 ----a-w- c:\windows\system32\drivers\avgldx86.sys 2010-07-02 14:21 . 2010-04-18 13:22 70608 ----a-w- c:\users\Arash\AppData\Local\GDIPFONTCACHEV1.DAT 2010-06-26 06:05 . 2010-08-12 11:39 916480 ----a-w- c:\windows\system32\wininet.dll 2010-06-26 06:02 . 2010-08-12 11:39 109056 ----a-w- c:\windows\system32\iesysprep.dll 2010-06-26 06:02 . 2010-08-12 11:39 71680 ----a-w- c:\windows\system32\iesetup.dll 2010-06-26 04:25 . 2010-08-12 11:39 133632 ----a-w- c:\windows\system32\ieUnatt.exe 2010-06-22 18:43 . 2008-02-19 20:47 70608 ----a-w- c:\users\elham\AppData\Local\GDIPFONTCACHEV1.DAT 2010-06-22 16:57 . 2010-06-21 14:28 138720 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys 2010-06-22 16:57 . 2010-06-21 14:28 202112 ----a-w- c:\windows\system32\PnkBstrB.exe 2010-06-21 14:28 . 2009-08-19 16:48 22328 ----a-w- c:\users\elham\AppData\Roaming\PnkBstrK.sys 2010-06-21 14:28 . 2009-08-19 16:48 22328 ----a-w- c:\users\elham\AppData\Roaming\PnkBstrK.sys 2010-06-21 14:28 . 2010-06-21 14:28 669184 ----a-w- c:\windows\system32\pbsvc.exe 2010-06-21 14:28 . 2010-06-21 14:28 66872 ----a-w- c:\windows\system32\PnkBstrA.exe 2010-06-21 13:37 . 2010-08-12 11:39 2037760 ----a-w- c:\windows\system32\win32k.sys 2010-06-18 17:31 . 2010-08-12 11:39 36864 ----a-w- c:\windows\system32\rtutils.dll 2010-06-18 15:04 . 2010-08-12 11:39 302080 ----a-w- c:\windows\system32\drivers\srv.sys 2010-06-18 15:04 . 2010-08-12 11:39 144896 ----a-w- c:\windows\system32\drivers\srv2.sys 2010-06-16 16:04 . 2010-08-12 11:39 905088 ----a-w- c:\windows\system32\drivers\tcpip.sys 2010-06-16 07:59 . 2010-03-28 16:28 43 ----a-w- c:\users\elham\jagex__preferences3.dat 2010-06-16 07:59 . 2008-11-22 10:52 45 ----a-w- c:\users\elham\jagex_runescape_preferences.dat 2010-06-16 07:57 . 2009-09-08 17:01 87 ----a-w- c:\users\elham\jagex_runescape_preferences2.dat 2010-06-11 16:16 . 2010-08-12 11:39 274944 ----a-w- c:\windows\system32\schannel.dll 2010-06-11 16:15 . 2010-08-12 11:39 1248768 ----a-w- c:\windows\system32\msxml3.dll 2006-10-11 08:04 . 2007-12-26 14:39 61036 ----a-w- c:\program files\mozilla firefox\components\jar50.dll 2006-10-11 08:04 . 2007-12-26 14:39 48742 ----a-w- c:\program files\mozilla firefox\components\jsd3250.dll 2006-10-11 08:05 . 2007-12-26 14:39 29313 ----a-w- c:\program files\mozilla firefox\components\myspell.dll 2006-10-11 08:05 . 2007-12-26 14:39 41082 ----a-w- c:\program files\mozilla firefox\components\spellchk.dll 2006-10-11 08:04 . 2007-12-26 14:39 166510 ----a-w- c:\program files\mozilla firefox\components\xpinstal.dll 2007-12-26 22:54 . 2007-12-26 22:53 8192 --sha-w- c:\windows\Users\Default\NTUSER.DAT . <pre> c:\program files\AVG\AVG9\avgtray .exe c:\program files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc .exe c:\program files\CyberLink\MagicSports\Kernel\MagicSports\MSPMirage .exe </pre> ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks] "{A3BC75A2-1F87-4686-AA43-5347D756017C}"= "c:\program files\AVG\AVG9\Toolbar\IEToolbar.dll" [2010-04-19 2117704] [HKEY_CLASSES_ROOT\clsid\{a3bc75a2-1f87-4686-aa43-5347d756017c}] [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A3BC75A2-1F87-4686-AA43-5347D756017C}] 2010-04-19 08:25 2117704 ----a-w- c:\program files\AVG\AVG9\Toolbar\IEToolbar.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "{CCC7A320-B3CA-4199-B1A6-9F516DD69829}"= "c:\program files\AVG\AVG9\Toolbar\IEToolbar.dll" [2010-04-19 2117704] [HKEY_CLASSES_ROOT\clsid\{ccc7a320-b3ca-4199-b1a6-9f516dd69829}] [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser] "{CCC7A320-B3CA-4199-B1A6-9F516DD69829}"= "c:\program files\AVG\AVG9\Toolbar\IEToolbar.dll" [2010-04-19 2117704] [HKEY_CLASSES_ROOT\clsid\{ccc7a320-b3ca-4199-b1a6-9f516dd69829}] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [N/A] "MsnMsgr"="c:\program files\Windows Live\Messenger\MsnMsgr.Exe" [2009-07-26 3883856] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2008-01-19 1008184] "RtHDVCpl"="RtHDVCpl.exe" [2007-03-01 4390912] "RoxWatchTray"="c:\program files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe" [2007-01-11 232184] "ACTIVBOARD"="c:\program files\Packard Bell\FIJI\aboard.exe" [2007-01-18 79416] "WPCUMI"="c:\windows\system32\WpcUmi.exe" [2006-11-02 176128] "AVG9_TRAY"="c:\progra~1\AVG\AVG9\avgtray.exe" [N/A] "CanonMyPrinter"="c:\program files\Canon\MyPrinter\BJMyPrt.exe" [2009-07-27 1983816] "CanonSolutionMenu"="c:\program files\Canon\SolutionMenu\CNSLMAIN.exe" [2009-03-18 767312] "ISTray"="c:\program files\PC Tools Security\pctsGui.exe" [2010-08-31 1588184] "PCTools FGuard"="c:\program files\PC Tools Security\BDT\FGuard.exe" [2010-08-23 100304] "Malwarebytes Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2010-04-29 1090952] "toolbar_eula_launcher"="c:\program files\Packard Bell\GOOGLE_EULA\EULALauncher.exe" [2007-02-20 28672] "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2008-11-21 136600] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableUIADesktopToggle"= 0 (0x0) [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows] "AppInit_DLLs"=c:\windows\System32\avgrsstx.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "mixer1"=wdmaud.drv [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sr.sys] @="FSFilter System Recovery" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend] @="Service" [HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk] path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk backup=c:\windows\pss\HP Digital Imaging Monitor.lnk.CommonStartup backupExtension=.CommonStartup [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc] "VistaSp2"=hex(:41,d8,f9,67,89,3f,ca,01 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc\S-1-5-21-2234743482-642768739-2423768833-1002] "EnableNotificationsRef"=dword:00000001 R2 gupdate;Google Updateservice (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2009-12-28 135664] R2 SwOffWeb;Airytec Switch Off - Web Interface;c:\program files\Airytec\Switch Off\swoff.exe [2010-02-04 121344] R3 vaxscsi;vaxscsi;c:\windows\System32\Drivers\vaxscsi.sys [2008-11-02 223128] R4 sptd;sptd;c:\windows\system32\Drivers\sptd.sys [2009-08-19 722416] S0 PCTCore;PCTools KDS;c:\windows\system32\drivers\PCTCore.sys [2010-08-18 237632] S0 pctDS;PC Tools Data Store;c:\windows\system32\drivers\pctDS.sys [2010-07-16 338880] S1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\System32\Drivers\avgldx86.sys [2010-08-03 216400] S1 AvgTdiX;AVG Free8 Network Redirector;c:\windows\System32\Drivers\avgtdix.sys [2010-08-03 243024] S2 avg9emc;AVG Free E-mail Scanner;c:\program files\AVG\AVG9\avgemc.exe [2010-08-03 921952] S2 avg9wd;AVG Free WatchDog;c:\program files\AVG\AVG9\avgwdsvc.exe [2010-08-03 308136] S2 Browser Defender Update Service;Browser Defender Update Service;c:\program files\PC Tools Security\BDT\BDTUpdateService.exe [2010-02-23 112592] S2 sdAuxService;PC Tools Auxiliary Service;c:\program files\PC Tools Security\pctsAuxs.exe [2010-03-15 366840] S2 SwOffScheduler;Airytec Switch Off - Task Scheduler;c:\program files\Airytec\Switch Off\swoff.exe [2010-02-04 121344] S3 3xHybrid;ASUSTek SAA713x PCI Card;c:\windows\system32\DRIVERS\3xHybrid.sys [2007-01-16 1116800] S3 X10Hid;X10 Hid Device;c:\windows\system32\Drivers\x10hid.sys [2006-11-17 13976] --- Andere Services/Drivers In Geheugen --- *Deregistered* - PCTSDInjDriver32 [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12 hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache . Inhoud van de 'Gedeelde Taken' map 2010-09-07 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2009-12-28 13:38] 2010-09-07 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2009-12-28 13:38] 2010-09-07 c:\windows\Tasks\Recovery DVD Creator.job - c:\program files\Packard Bell\SetupMyPc\MCDCheck.exe [2007-12-26 16:34] 2010-09-07 c:\windows\Tasks\Uitgebreide garantie.job - c:\program files\Packard Bell\SetupmyPC\PBCarNot.exe [2007-12-26 16:38] 2010-09-07 c:\windows\Tasks\User_Feed_Synchronization-{F6F36224-B398-4ECF-9465-E681DEAB8C5E}.job - c:\windows\system32\msfeedssync.exe [2010-08-12 04:24] . . ------- Bijkomende Scan ------- . uStart Page = hxxp://www.speeleiland.nl/ uInternet Settings,ProxyOverride = <local> IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200 LSP: c:\windows\system32\wpclsp.dll LSP: c:\program files\Common Files\PC Tools\Lsp\PCTLsp.dll FF - ProfilePath - c:\users\elham\AppData\Roaming\Mozilla\Firefox\Profiles\4mqs7y65.default\ FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT1142338&SearchSource=3&q= FF - prefs.js: browser.search.selectedEngine - Yahoo! Search FF - prefs.js: browser.startup.homepage - hxxp://mystart.hiyo.com/ FF - prefs.js: keyword.URL - hxxp://mystart.hiyo.com/?loc=ff_address&search= FF - component: c:\program files\AVG\AVG9\Toolbar\Firefox\avg@igeared\components\IGeared_tavgp_xputils2.dll FF - component: c:\program files\AVG\AVG9\Toolbar\Firefox\avg@igeared\components\IGeared_tavgp_xputils3.dll FF - component: c:\program files\AVG\AVG9\Toolbar\Firefox\avg@igeared\components\IGeared_tavgp_xputils35.dll FF - component: c:\program files\AVG\AVG9\Toolbar\Firefox\avg@igeared\components\xpavgtbapi.dll FF - component: c:\program files\Mozilla Firefox\components\xpinstal.dll FF - component: c:\program files\Mozilla Firefox\extensions\{46735dee-f862-49d1-876d-6382794dc625}\components\FFAlert.dll FF - component: c:\program files\Mozilla Firefox\extensions\talkback@mozilla.org\components\qfaservices.dll FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ ---- FIREFOX POLICIES ---- c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.allow_platform_file_picker", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.http.accept.default", "application/x-shockwave-flash,text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5"); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.cookie.p3plevel", 1); // 0=low, 1=medium, 2=high, 3=custom c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.enablePad", false); // Allow client to do proxy autodiscovery c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.search.param.Google.1.default", "chrome://branding/content/searchconfig.properties"); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.search.param.Google.1.custom", "chrome://branding/content/searchconfig.properties"); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.safebrowsing.remoteLookups", false); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.safebrowsing.provider.0.updateURL", "http://sb.google.com/safebrowsing/update?client={moz:client}&mozver={moz:version}-{moz:buildid}&"); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.safebrowsing.provider.0.lookupURL", "http://sb.google.com/safebrowsing/lookup?sourceid=firefox-antiphish&features=TrustRank&client={moz:client}&mozver={moz:version}-{moz:buildid}&"); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.safebrowsing.provider.0.reportURL", "http://sb.google.com/safebrowsing/report?"); . - - - - ORPHANS VERWIJDERD - - - - SafeBoot-dmboot.sys SafeBoot-dmio.sys SafeBoot-dmload.sys SafeBoot-dmadmin SafeBoot-dmserver SafeBoot-SRService AddRemove-InstallShield_{E48469CC-635E-4FD5-A122-1497C286D217} - c:\program files\InstallShield Installation Information\{E48469CC-635E-4FD5-A122-1497C286D217}\setup.exe ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2010-09-07 17:14 Windows 6.0.6002 Service Pack 2 NTFS scannen van verborgen processen ... scannen van verborgen autostart items ... scannen van verborgen bestanden ... Scan succesvol afgerond verborgen bestanden: 0 ************************************************************************** . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- [HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences] @Denied: (2) (LocalSystem) "88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15, d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,49,9e,a8,d6,b3,da,36,4b,a0,7d,7d,\ "2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15, d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,49,9e,a8,d6,b3,da,36,4b,a0,7d,7d,\ . --------------------- DLLs Geladen Onder Lopende Processen --------------------- - - - - - - - > 'Explorer.exe'(1760) c:\program files\PC Tools Security\pctgmhk.dll . ------------------------ Andere Aktieve Processen ------------------------ . c:\windows\system32\nvvsvc.exe c:\windows\system32\nvvsvc.exe c:\program files\Canon\IJPLM\IJPLMSVC.EXE c:\windows\system32\PnkBstrA.exe c:\windows\system32\PnkBstrB.exe c:\program files\CyberLink\Shared Files\RichVideo.exe c:\program files\AVG\AVG9\avgnsx.exe c:\program files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe c:\program files\PC Tools Security\pctsSvc.exe c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe c:\progra~1\COMMON~1\X10\Common\x10nets.exe c:\program files\AVG\AVG9\avgcsrvx.exe c:\windows\system32\WUDFHost.exe c:\program files\AVG\AVG9\avgchsvx.exe c:\program files\AVG\AVG9\avgrsx.exe c:\program files\AVG\AVG9\avgcsrvx.exe c:\program files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe c:\windows\servicing\TrustedInstaller.exe c:\windows\system32\conime.exe c:\program files\Windows Media Player\wmpnscfg.exe c:\program files\Windows Media Player\wmpnetwk.exe . ************************************************************************** . Voltooingstijd: 2010-09-07 17:21:13 - machine werd herstart ComboFix-quarantined-files.txt 2010-09-07 15:21 Pre-Run: 335.714.836.480 bytes beschikbaar Post-Run: 335.754.125.312 bytes beschikbaar - - End Of File - - CF1E392EE8B040A7EC7EFC6C7667BCCA ---------- Post toegevoegd om 17:31 ---------- Vorige post was om 17:29 ---------- is het goed als ik mijn AVG resident shield weer inschakel?
- 7 september 2010
- 22 antwoorden
Dringend Hulp nodig!!!

elham reageerde op elham's topic in Archief Bestrijding malware & virussen

hier is de malware logje: Malwarebytes' Anti-Malware 1.46 www.malwarebytes.org Databaseversie: 4562 Windows 6.0.6002 Service Pack 2 Internet Explorer 8.0.6001.18943 7-9-2010 15:56:36 mbam-log-2010-09-07 (15-56-36).txt Scantype: Snelle scan Objecten gescand: 147706 Verstreken tijd: 9 minuut/minuten, 44 seconde(n) Geheugenprocessen geïnfecteerd: 0 Geheugenmodulen geïnfecteerd: 0 Registersleutels geïnfecteerd: 2 Registerwaarden geïnfecteerd: 4 Registerdata geïnfecteerd: 0 Mappen geïnfecteerd: 1 Bestanden geïnfecteerd: 49 Geheugenprocessen geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Geheugenmodulen geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Registersleutels geïnfecteerd: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1d4db7d2-6ec9-47a3-bd87-1e41684e07bb} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\wnxmal (Rogue.SecuritySuite) -> Quarantined and deleted successfully. Registerwaarden geïnfecteerd: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\12cfg214-k641-12sf-n85p (Worm.Autorun. -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\shell (Worm.Palevo) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\taskman (Worm.Palevo) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\symantec pif alerteng (Backdoor.Bot) -> Quarantined and deleted successfully. Registerdata geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Mappen geïnfecteerd: C:\RECYCLER\S-1-5-21-0243936033-3052116371-381863308-1811 (Trojan.Agent) -> Quarantined and deleted successfully. Bestanden geïnfecteerd: C:\RECYCLER\S-1-5-21-0243936033-3052116371-381863308-1811\vsbntlo.exe (Worm.Autorun. -> Quarantined and deleted successfully. C:\Users\elham\AppData\Roaming\ohydy.exe (Heuristics.Shuriken) -> Delete on reboot. C:\Users\elham\AppData\Local\Temp\mkcxhunr.exe (Rogue.SecuritySuite) -> Quarantined and deleted successfully. C:\Users\elham\AppData\Local\Temp\0159.exe (Backdoor.Agent) -> Quarantined and deleted successfully. C:\Users\elham\AppData\Local\Temp\022793.exe (Trojan.Agent) -> Quarantined and deleted successfully. C:\Users\elham\AppData\Local\Temp\tpcuqc.exe (Heuristics.Shuriken) -> Quarantined and deleted successfully. C:\Users\elham\AppData\Local\Temp\70054.exe (Backdoor.Agent) -> Quarantined and deleted successfully. C:\Users\elham\AppData\Local\Temp\717.exe (Backdoor.Agent) -> Quarantined and deleted successfully. C:\Users\elham\AppData\Local\Temp\7240.exe (Trojan.Agent) -> Quarantined and deleted successfully. C:\Users\elham\AppData\Local\Temp\72618.exe (Trojan.Agent) -> Quarantined and deleted successfully. C:\Users\elham\AppData\Local\Temp\74338.exe (Backdoor.Agent) -> Quarantined and deleted successfully. C:\Users\elham\AppData\Local\Temp\7721335.exe (Trojan.Agent) -> Quarantined and deleted successfully. C:\Users\elham\AppData\Local\Temp\398.exe (Backdoor.Agent) -> Quarantined and deleted successfully. C:\Users\elham\AppData\Local\Temp\459976.exe (Backdoor.Agent) -> Quarantined and deleted successfully. C:\Users\elham\AppData\Local\Temp\4607355.exe (Trojan.Agent) -> Quarantined and deleted successfully. C:\Users\elham\AppData\Local\Temp\46575.exe (Backdoor.Agent) -> Quarantined and deleted successfully. C:\Users\elham\AppData\Local\Temp\21806.exe (Backdoor.Agent) -> Quarantined and deleted successfully. C:\Users\elham\AppData\Local\Temp\2363359.exe (Trojan.Agent) -> Quarantined and deleted successfully. C:\Users\elham\AppData\Local\Temp\2399.exe (Backdoor.Agent) -> Quarantined and deleted successfully. C:\Users\elham\AppData\Local\Temp\25116.exe (Backdoor.Agent) -> Quarantined and deleted successfully. C:\Users\elham\AppData\Local\Temp\889.exe (Trojan.Agent) -> Quarantined and deleted successfully. C:\Users\elham\AppData\Local\Temp\898197.exe (Backdoor.Agent) -> Quarantined and deleted successfully. C:\Users\elham\AppData\Local\Temp\908869.exe (Trojan.Agent) -> Quarantined and deleted successfully. C:\Users\elham\AppData\Local\Temp\908953.exe (Trojan.Agent) -> Quarantined and deleted successfully. C:\Users\elham\AppData\Local\Temp\9480180.exe (Trojan.Agent) -> Quarantined and deleted successfully. C:\Users\elham\AppData\Local\Temp\954.exe (Trojan.Agent) -> Quarantined and deleted successfully. C:\Users\elham\AppData\Local\Temp\9623.exe (Backdoor.Agent) -> Quarantined and deleted successfully. C:\Users\elham\AppData\Local\Temp\53413.exe (Backdoor.Agent) -> Quarantined and deleted successfully. C:\Users\elham\AppData\Local\Temp\5524.exe (Trojan.Agent) -> Quarantined and deleted successfully. C:\Users\elham\AppData\Local\Temp\15337.exe (Trojan.Agent) -> Quarantined and deleted successfully. C:\Users\elham\AppData\Local\Temp\165.exe (Backdoor.Agent) -> Quarantined and deleted successfully. C:\Users\elham\AppData\Local\Temp\1697.exe (Trojan.Agent) -> Quarantined and deleted successfully. C:\Users\elham\AppData\Local\Temp\5927794.exe (Trojan.Agent) -> Quarantined and deleted successfully. C:\Users\elham\AppData\Local\Temp\6782.exe (Backdoor.Agent) -> Quarantined and deleted successfully. C:\Users\elham\AppData\Local\Temp\6E2E.tmp (Rootkit.Dropper) -> Quarantined and deleted successfully. C:\Users\elham\AppData\Local\Temp\8125.exe (Backdoor.Agent) -> Quarantined and deleted successfully. C:\Users\elham\AppData\Local\Temp\8667.exe (Backdoor.Agent) -> Quarantined and deleted successfully. C:\Users\elham\AppData\Local\Temp\869.exe (Trojan.Agent) -> Quarantined and deleted successfully. C:\Users\elham\AppData\Local\Temp\2819.exe (Trojan.Agent) -> Quarantined and deleted successfully. C:\Users\elham\AppData\Local\Temp\2926340.exe (Trojan.Agent) -> Quarantined and deleted successfully. C:\Users\elham\AppData\Local\Temp\312.exe (Trojan.Agent) -> Quarantined and deleted successfully. C:\Users\elham\AppData\Local\Temp\33519.exe (Backdoor.Agent) -> Quarantined and deleted successfully. C:\Users\elham\AppData\Local\Temp\34409.exe (Trojan.Agent) -> Quarantined and deleted successfully. C:\Users\elham\AppData\Local\Temp\9841.exe (Trojan.Agent) -> Quarantined and deleted successfully. C:\RECYCLER\S-1-5-21-0243936033-3052116371-381863308-1811\Desktop.ini (Trojan.Agent) -> Quarantined and deleted successfully. C:\RECYCLER\S-1-5-21-0243936033-3052116371-381863308-1811\vsbntlo .exe (Trojan.Agent) -> Quarantined and deleted successfully. C:\Users\elham\Local Settings\Application Data\Windows Server\admin.txt (Malware.Trace) -> Quarantined and deleted successfully. C:\Windows\Fonts\2pPywl.com (Malware.Generic) -> Quarantined and deleted successfully. C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe (Backdoor.Bot) -> Delete on reboot. en hier is de nieuwe hijackthis logje: Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 16:04:42, on 7-9-2010 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v8.00 (8.00.6001.18943) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\system32\taskeng.exe C:\Program Files\PC Tools Security\pctsGui.exe C:\Program Files\PC Tools Security\pctsGui .exe C:\Windows\RtHDVCpl.exe C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9 .exe C:\Program Files\AVG\AVG9\avgtray .exe C:\Program Files\PC Tools Security\BDT\FGuard .exe C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSHelpRunner.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Windows Live\Toolbar\wltuser.exe C:\Program Files\HP\Digital Imaging\smart web printing\hpswp_clipbook.exe C:\Windows\system32\Macromed\Flash\FlashUtil10h_ActiveX.exe C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe C:\Windows\system32\SearchFilterHost.exe C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = SpeelEiland.nl - Spelletjes Spelen op Speel Eiland ! R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R3 - URLSearchHook: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll R3 - URLSearchHook: PC Tools Browser Guard - {472734EA-242A-422b-ADF8-83D1E48CC825} - C:\Program Files\PC Tools Security\BDT\PCTBrowserDefender.dll O1 - Hosts: ::1 localhost O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll O2 - BHO: Adobe PDF Reader Help bij koppelingen - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: Browser Defender BHO - {2A0F3D1B-0909-4FF4-B272-609CCE6054E7} - C:\Program Files\PC Tools Security\BDT\PCTBrowserDefender.dll O2 - BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Google\Google_BAE\BAE.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O3 - Toolbar: AVG Security Toolbar - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O3 - Toolbar: Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll O3 - Toolbar: PC Tools Browser Guard - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files\PC Tools Security\BDT\PCTBrowserDefender.dll O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe" O4 - HKLM\..\Run: [ACTIVBOARD] C:\Program Files\Packard Bell\FIJI\aboard.exe O4 - HKLM\..\Run: [WPCUMI] C:\Windows\system32\WpcUmi.exe O4 - HKLM\..\Run: [AVG9_TRAY] C:\PROGRA~1\AVG\AVG9\avgtray.exe O4 - HKLM\..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon O4 - HKLM\..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe /logon O4 - HKLM\..\Run: [iSTray] "C:\Program Files\PC Tools Security\pctsGui.exe" /hideGUI O4 - HKLM\..\Run: [PCTools FGuard] C:\Program Files\PC Tools Security\BDT\FGuard.exe O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE') O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\Office12\REFIEBAR.DLL O9 - Extra button: Toon of verberg HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w3/resources/VistaMSNPUpldnl-nl.cab O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O20 - AppInit_DLLs: avgrsstx.dll O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll O23 - Service: AVG Free E-mail Scanner (avg9emc) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgemc.exe O23 - Service: AVG Free WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgwdsvc.exe O23 - Service: Browser Defender Update Service - Unknown owner - C:\Program Files\PC Tools Security\BDT\BDTUpdateService.exe O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing) O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: Canon Inkjet Printer/Scanner/Fax Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing) O23 - Service: LiveUpdate Notice Service - Unknown owner - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe (file missing) O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe O23 - Service: PnkBstrB - Unknown owner - C:\Windows\system32\PnkBstrB.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\PC Tools Security\pctsAuxs.exe O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\PC Tools Security\pctsSvc.exe O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe O23 - Service: Airytec Switch Off - Task Scheduler (SwOffScheduler) - Airytec - C:\Program Files\Airytec\Switch Off\swoff.exe O23 - Service: Airytec Switch Off - Web Interface (SwOffWeb) - Airytec - C:\Program Files\Airytec\Switch Off\swoff.exe O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe -- End of file - 10950 bytes
- 7 september 2010
- 22 antwoorden
Dringend Hulp nodig!!!

elham reageerde op elham's topic in Archief Bestrijding malware & virussen

ik heb de instructies van die site gevolgd ben nu gelukkig af van die security suit, maar nou zit ik met nog een groot probleem: 1: Telkens als ik mijn PC start dan ik een melding dat ''activboard aplication niet meer werkt en wordt afgesloten''. Is dit een probleem of..? 2: Ongeveer na ieder 30 seconde krijg ik een melding dat windows verkenner niet meer werkt en wordt opnieuw gestart en gelijk daarna meldt mijn avg dat hij een paar trojaanse paarden gevonden heeft en dit blijft zig maar herhalen! Hier is de hijackthis Logje: Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 15:09:22, on 7-9-2010 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v8.00 (8.00.6001.18943) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\system32\taskeng.exe C:\Windows\RtHDVCpl.exe C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe C:\Windows\System32\wpcumi.exe C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc .exe C:\Program Files\AVG\AVG9\avgtray .exe C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9 .exe C:\Program Files\CyberLink\MagicSports\Kernel\MagicSports\MSPMirage .exe C:\Program Files\PC Tools Security\pctsGui .exe C:\Program Files\PC Tools Security\BDT\FGuard .exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Users\elham\AppData\Local\Temp\7862800.exe C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSHelpRunner.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Windows Live\Toolbar\wltuser.exe C:\Program Files\HP\Digital Imaging\smart web printing\hpswp_clipbook.exe C:\Windows\system32\Macromed\Flash\FlashUtil10h_ActiveX.exe C:\Windows\explorer.exe C:\Windows\system32\SearchFilterHost.exe C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = SpeelEiland.nl - Spelletjes Spelen op Speel Eiland ! R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:6092 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll R3 - URLSearchHook: (no name) - {930f1200-f5f1-4870-bac6-e233ec8e7023} - (no file) R3 - URLSearchHook: (no name) - {ecdee021-0d17-467f-a1ff-c7a115230949} - (no file) R3 - URLSearchHook: (no name) - {3ad798d0-4642-4c55-bc14-cfe7dd19e0d1} - (no file) R3 - URLSearchHook: (no name) - {46735dee-f862-49d1-876d-6382794dc625} - (no file) R3 - URLSearchHook: PC Tools Browser Guard - {472734EA-242A-422b-ADF8-83D1E48CC825} - C:\Program Files\PC Tools Security\BDT\PCTBrowserDefender.dll O1 - Hosts: ::1 localhost O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll O2 - BHO: Adobe PDF Reader Help bij koppelingen - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: Browser Defender BHO - {2A0F3D1B-0909-4FF4-B272-609CCE6054E7} - C:\Program Files\PC Tools Security\BDT\PCTBrowserDefender.dll O2 - BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Google\Google_BAE\BAE.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O3 - Toolbar: AVG Security Toolbar - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O3 - Toolbar: Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll O3 - Toolbar: PC Tools Browser Guard - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files\PC Tools Security\BDT\PCTBrowserDefender.dll O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe" O4 - HKLM\..\Run: [MSPService] C:\Program Files\CyberLink\MagicSports\Kernel\MagicSports\MSPMirage.exe O4 - HKLM\..\Run: [ACTIVBOARD] C:\Program Files\Packard Bell\FIJI\aboard.exe O4 - HKLM\..\Run: [symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll" O4 - HKLM\..\Run: [WPCUMI] C:\Windows\system32\WpcUmi.exe O4 - HKLM\..\Run: [AVG9_TRAY] C:\PROGRA~1\AVG\AVG9\avgtray.exe O4 - HKLM\..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon O4 - HKLM\..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe /logon O4 - HKLM\..\Run: [iSTray] "C:\Program Files\PC Tools Security\pctsGui.exe" /hideGUI O4 - HKLM\..\Run: [PCTools FGuard] C:\Program Files\PC Tools Security\BDT\FGuard.exe O4 - HKCU\..\Run: [12CFG214-K641-12SF-N85P] C:\RECYCLER\S-1-5-21-0243936033-3052116371-381863308-1811\vsbntlo.exe O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE') O4 - User Startup: winhelp.exe O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\Office12\REFIEBAR.DLL O9 - Extra button: Toon of verberg HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll O16 - DPF: {149E45D8-163E-4189-86FC-45022AB2B6C9} (SpinTop DRM Control) - file:///C:/Program%20Files/Solitaire%20Cruise/Images/stg_drm.ocx O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w3/resources/VistaMSNPUpldnl-nl.cab O16 - DPF: {CC450D71-CC90-424C-8638-1F2DBAC87A54} (ArmHelper Control) - file:///C:/Program%20Files/Solitaire%20Cruise/Images/armhelper.ocx O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O20 - AppInit_DLLs: avgrsstx.dll O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll O23 - Service: AVG Free E-mail Scanner (avg9emc) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgemc.exe O23 - Service: AVG Free WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgwdsvc.exe O23 - Service: Browser Defender Update Service - Unknown owner - C:\Program Files\PC Tools Security\BDT\BDTUpdateService.exe O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing) O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: Canon Inkjet Printer/Scanner/Fax Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing) O23 - Service: LiveUpdate Notice Service - Unknown owner - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe O23 - Service: PnkBstrB - Unknown owner - C:\Windows\system32\PnkBstrB.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\PC Tools Security\pctsAuxs.exe O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\PC Tools Security\pctsSvc.exe O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe O23 - Service: Airytec Switch Off - Task Scheduler (SwOffScheduler) - Airytec - C:\Program Files\Airytec\Switch Off\swoff.exe O23 - Service: Airytec Switch Off - Web Interface (SwOffWeb) - Airytec - C:\Program Files\Airytec\Switch Off\swoff.exe O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe -- End of file - 12436 bytes
- 7 september 2010
- 22 antwoorden
Dringend Hulp nodig!!!

elham reageerde op elham's topic in Archief Bestrijding malware & virussen

Dat lukt niet. Want telkens als ik op een site wil gaan dan krijg ik een wit pagina met als tekst''dat ik deze site niet kan bezoeken omdat het anders schade toe brengt aan mijn pc''?!!! Ik kan zelfs niet op google of op deze site. En daaronder staat dat ik die ''security suit'' moet gaan kopen om de virussen te verdwijderen en de site waar je security suit kan kopen doet het WEL! Nou is de vraag hoe verdwijder ik nou die security suit van mijn PC???? ---------- Post toegevoegd om 13:43 ---------- Vorige post was om 13:29 ---------- ik heb net even gegoogeld op mijn laptop en heb deze info gevonden:Security Suite is a rogue anti-spyware program from the same family as AV Security Suite and Antivir Solution Pro. The rogue program states that your computer is infected with adware, spyware and other viruses that may steel your sensitive information or even make your PC unusable. Security Suite reports false system security threats and infections to scare you into thinking that your computer is infected with malware. It then prompts to pay for a full version of the program to remove the infections. Don't buy this rogue program, it will give you a false sense of security and nothing more. Instead, please use the removal instructions below to remove Security Suite from your computer as soon as possible. SecuritySuite is promoted mainly through the use of Trojans. Once installed, the rogue program will scan your computer and state that there are several critical and high risk threats that should be removed from the system immediately. As a typical rogue program it won't let you to remove the infections unless you first purchase it. What is more, it will constantly display fake security alerts about serious system threats and critical infections. En op deze site:Remove Security Suite, removal instructions '' staat instructies van hoe security suit moet verdwijderen, maar vinden jullie dit een anbevolen site?
- 7 september 2010
- 22 antwoorden
Dringend Hulp nodig!!!

elham plaatste een topic in Archief Bestrijding malware & virussen

Hallo, Om 19:41 vandaag, vindt mijn AVG een heleboel trojaanse paarden, ik heb ze verdwijderd (ik heb ze ook verdwijderd uit quarantaine), maar daana start een programma genaamd''security suit''een scan. Dit is een demo-versie, en ik heb nog nooit deze programma eerder gezien of gedownload, maar nadat hij gescand heeft zegt hij dat mijn pc gevaar loopt, en om de virussen te verdwijderen moet ik de volledige versie kopen. En deze programma blokkeerd al mijn andere programma's: als ik avg wil starten voor een scan, dan blokkeerd ''security suit'' dat en geeft een melding van''dat avg ook geiinfecteerd is. Als ik bijv. taakbeheer wil starten dan blokkeerd hij dat ook en zegt dat dat ook geinfecteerd is!!!?? En na een paar minuten werd mijn beeldscherm helemaal blauw en er staat dan dat het computer zig afsluit om verder schade te vermijden!? Ik heb het in veilige modus gestart en daarin geeft hij geen melding van virus. Dus wat ik denk is dat volgens mij is die ''security suit'' gewoon de virus zelf! En mijn computer kan ook geen programma vinden met deze naam!? En AVG is opdit moment bezig mijn computer te scanne in veilige modus. Kan iemand mij s.v.p. meer info en advies geven?? Alvast bedankt! Mvg. Elham p.s. ik gebruik nu mijn laptop.
- 6 september 2010
- 22 antwoorden
Internet verbinding met Windows 7

elham reageerde op elham's topic in Archief Internet & Netwerk

Het lukt nog steeds niet om een draadlooz internet verbinding te maken Klik nu op draadloze netwerk beheren. Klik op router en start eventueel. Ik zie geen router hier. Klik nu op volledig overzicht weergeven (Rechts bovenaan in netwerkcentrum) Daar moet je draadloos router selecteren. Dit moet je ook doen als je wilt wisselen tussen draadloos en LAN
- 16 maart 2010
- 4 antwoorden

Inloggen

Profielen

Forums

Store

Alles dat geplaatst werd door elham

OVER ONS

SITEMAP

Belangrijke informatie