Danny87

Allright, ik heb alles uitgevoerd zoals gezegd, en mijn pc werkt terug perfect. Bedankt!!

Malwarebytes Anti-Malware 1.60.1.1000 www.malwarebytes.org Databaseversie: v2012.03.10.05 Windows Vista Service Pack 2 x86 NTFS (Veilige modus/netwerkmogelijkheden) Internet Explorer 9.0.8112.16421 Danny :: PC_VAN_DANNY [administrator] 10/03/2012 23:08:45 mbam-log-2012-03-10 (23-08-45).txt Scantype: Snelle scan Ingeschakelde scanopties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM Uitgeschakelde scanopties: P2P Objecten gescand: 190255 Verstreken tijd: 3 minuut/minuten, 55 seconde(n) Geheugenprocessen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Geheugenmodulen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registersleutels gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registerwaarden gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registerdata gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Mappen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Bestanden gedetecteerd: 1 C:\Users\Danny\AppData\Local\temp\0.33335242981672697.exe (Spyware.Zbot.ES) -> Succesvol in quarantaine geplaatst en verwijderd. (einde) --------------------- Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 0:48:42, on 11/03/2012 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v9.00 (9.00.8112.16421) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\system32\taskeng.exe C:\Windows\Explorer.EXE C:\Program Files\Acer\Acer Bio Protection\PdtWzd.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\Launch Manager\QtZgAcer.EXE C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe C:\Program Files\Acer\Empowering Technology\eAudio\eAudio.exe C:\Program Files\Microsoft Security Client\msseces.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Windows\ehome\ehtray.exe C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe C:\Users\Danny\AppData\Roaming\Spotify\spotify.exe C:\Windows\system32\wbem\unsecapp.exe C:\Program Files\Acer\Acer Bio Protection\PwdBank.exe C:\Windows\ehome\ehmsas.exe C:\Program Files\Synaptics\SynTP\SynTPHelper.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Yahoo! UK R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local;*.local O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll O2 - BHO: ShowBarObj Class - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\ActiveToolBand.dll O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O4 - HKLM\..\Run: [ZPdtWzdVitaKey MC3000] "C:\Program Files\Acer\Acer Bio Protection\PdtWzd.exe" show O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\QtZgAcer.EXE O4 - HKLM\..\Run: [ePower_DMC] C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe O4 - HKLM\..\Run: [eAudio] "C:\Program Files\Acer\Empowering Technology\eAudio\eAudio.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [bCSSync] "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O4 - HKCU\..\Run: [VeohPlugin] "C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe" O4 - HKCU\..\Run: [spotify] "C:\Users\Danny\AppData\Roaming\Spotify\Spotify.exe" /uri spotify:autostart O4 - Startup: Orion.lnk = C:\Program Files\Convesoft\Orion\Messenger.exe O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000 O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll/cmsidewiki.html O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105 O9 - Extra button: Quick-Launching Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Program Files\Acer\Acer Bio Protection\PwdBank.exe O9 - Extra 'Tools' menuitem: Quick-Launching Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Program Files\Acer\Acer Bio Protection\PwdBank.exe O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra button: Unibet Poker - {C53BFCFC-7A54-4627-AEBA-2CD4871FCA97} - C:\Microgaming\Poker\UnibetpokerMPP\MPPoker.exe O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O18 - Protocol: vsharechrome - {3F3A4B8A-86FC-43A4-BB00-6D7EBE9D4484} - C:\Program Files\vShare\vshare_toolbar.dll (file missing) O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O20 - Winlogon Notify: AWinNotifyVitaKey MC3000 - C:\Program Files\Acer\Acer Bio Protection\WinNotify.dll O20 - Winlogon Notify: spba - C:\Program Files\Common Files\SPBA\homefus2.dll O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: eDataSecurity Service - Egis Incorporated - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe O23 - Service: Empowering Technology Service (ETService) - Unknown owner - C:\Program Files\Acer\Empowering Technology\Service\ETService.exe O23 - Service: Google Updateservice (gupdate1c98ee976a6d920) (gupdate1c98ee976a6d920) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe -- End of file - 9515 bytes ---------- Post toegevoegd om 00:49 ---------- Vorige post was om 00:48 ---------- Thx! De pc is allesinds al terug handelbaar. Volgens mij is het opgelost. Heel hartelijk dank

Thanks man!

Ok, al hartelijk bedankt allemaal. het is me gelukg op de door jullie gevraagde zaken te doen (heb het via usb gedaan) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 13:14:40, on 10/03/2012 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v9.00 (9.00.8112.16421) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\system32\taskeng.exe C:\Windows\Explorer.EXE C:\Windows\System32\mobsync.exe C:\Program Files\Acer\Acer Bio Protection\PdtWzd.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\Launch Manager\QtZgAcer.EXE C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe C:\Program Files\Acer\Empowering Technology\eAudio\eAudio.exe C:\Program Files\Microsoft Security Client\msseces.exe C:\Program Files\Ask.com\Updater\Updater.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Windows\ehome\ehtray.exe C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe C:\Users\Danny\AppData\Roaming\Spotify\spotify.exe C:\Program Files\Synaptics\SynTP\SynTPHelper.exe C:\Windows\explorer.exe C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Yahoo! UK R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local;*.local R3 - URLSearchHook: UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files\Ask.com\GenericAskToolbar.dll O2 - BHO: vShare Toolbar - {043C5167-00BB-4324-AF7E-62013FAEDACF} - C:\Program Files\vShare\vshare_toolbar.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll O2 - BHO: ShowBarObj Class - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\ActiveToolBand.dll O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O3 - Toolbar: vShare Toolbar - {043C5167-00BB-4324-AF7E-62013FAEDACF} - C:\Program Files\vShare\vshare_toolbar.dll O3 - Toolbar: Sopcast Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll O4 - HKLM\..\Run: [ZPdtWzdVitaKey MC3000] "C:\Program Files\Acer\Acer Bio Protection\PdtWzd.exe" show O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\QtZgAcer.EXE O4 - HKLM\..\Run: [ePower_DMC] C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe O4 - HKLM\..\Run: [eAudio] "C:\Program Files\Acer\Empowering Technology\eAudio\eAudio.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey O4 - HKLM\..\Run: [ApnUpdater] "C:\Program Files\Ask.com\Updater\Updater.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [bCSSync] "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O4 - HKCU\..\Run: [VeohPlugin] "C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe" O4 - HKCU\..\Run: [spotify] "C:\Users\Danny\AppData\Roaming\Spotify\Spotify.exe" /uri spotify:autostart O4 - Startup: 0.33335242981672697.exe.lnk = C:\Windows\System32\rundll32.exe O4 - Startup: Orion.lnk = C:\Program Files\Convesoft\Orion\Messenger.exe O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000 O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll/cmsidewiki.html O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105 O9 - Extra button: Quick-Launching Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Program Files\Acer\Acer Bio Protection\PwdBank.exe O9 - Extra 'Tools' menuitem: Quick-Launching Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Program Files\Acer\Acer Bio Protection\PwdBank.exe O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra button: Unibet Poker - {C53BFCFC-7A54-4627-AEBA-2CD4871FCA97} - C:\Microgaming\Poker\UnibetpokerMPP\MPPoker.exe O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O18 - Protocol: vsharechrome - {3F3A4B8A-86FC-43A4-BB00-6D7EBE9D4484} - C:\Program Files\vShare\vshare_toolbar.dll O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O20 - Winlogon Notify: AWinNotifyVitaKey MC3000 - C:\Program Files\Acer\Acer Bio Protection\WinNotify.dll O20 - Winlogon Notify: spba - C:\Program Files\Common Files\SPBA\homefus2.dll O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: eDataSecurity Service - Egis Incorporated - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe O23 - Service: Empowering Technology Service (ETService) - Unknown owner - C:\Program Files\Acer\Empowering Technology\Service\ETService.exe O23 - Service: Google Updateservice (gupdate1c98ee976a6d920) (gupdate1c98ee976a6d920) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe -- End of file - 10093 bytes ---------- Post toegevoegd om 13:21 ---------- Vorige post was om 13:19 ---------- Ik heb het wel in normale modus moeten uitvoeren, omdat ik in veilige modus niet kan installeren blijkbaar. Maar nu zit ik in veilige modus met netwerkmogelijkheden

Ik had dus mijn virusscan laten lopen even, dan was hij weer geblokkeerd (zoals stond in vorig bericht). Nu heb ik hem opnieuw opgestart, internet uitgeschakeld, en ik kan terug 'iets' doen met mijn pc, maar volgens mij moet ik opletten wat ik doe. Ik ben nu mijn virusscan aan het laten draaien (volgens mij heeft de vorige iets in quarantaine geplaatst ofzo waardoor ik terug iets kan doen, als dat mogelijk is, want ik ken er niet zoveel van). Maar het virus is duidelijk nog aanwezig. Als ik op internet explorer klik (terwijl mn verbinding uitstaat) dan opent weer een kader dat ik niet kan sluiten, maar nu blijf ik wel controle hebben over mijn taakbalk. Maar ik kan dus proberen mijn internet aan te zetten, om hijackthis te downloaden, maar volgens mij is dat geen goed idee en gaat dat sowieso niet lukken, omdat de virusafbeelding telkens weer zal verschijnen. Wat denkt U? Toch proberen via internet het te downloaden? Of het via mijn andere pc downloaden, op USB zetten, overzetten op de geinfecteerde pc (en vervolgens de USB stick nooit meer gebruiken)? Alvast bedankt ---------- Post toegevoegd om 12:38 ---------- Vorige post was om 12:38 ---------- Onderaan staat ook in de taakbalk te zien iets dat geopend is 'Run DLL'

Beste allen, Ik ben het slachtoffer geworden van een virus waar in volgend bericht melding van wordt gemaakt: Politie waarschuwt voor 'valse politieberichten' (Herzele) - Het Nieuwsblad Er opent dus een kader waar ik niet uit kan, zogezegd van de FCCU (politie). Er staat mn IP adres te lezen en zelfs het feit dat ik Telenet heb. Vrij beangstigend dus. Er is de melding dat ik 100 euro moet betalen wegens het plegen van strafbare feiten ofzo. En dan uiteraard voorstellen tot betalen, hoe ik moet betalen en dergelijke. Bij het opnieuw opstarten duurt het even voor het weer verschijnt, ik kon even mn virusscanner laten lopen, maar na 1 minuut na opstarten is het scherm weer daar en is het om zeep. Als ik mijn internet uitzet (draadloze LAN opheffen) verschijnt dat kader nog, maar dan gewoon met 'webpagina kan niet worden weergegeven', en is de PC ook onbestuurbaar. Ik heb niet veel hoop eigenlijk, maar kan iemand helpen? Bedankt ---------- Post toegevoegd om 12:30 ---------- Vorige post was om 12:25 ---------- of het komt hier ook dicht bij in de buurt: Nederlands virus gijzelt computer voor 100 euro - Security.NL

Ok, hartelijk dank nogmaals! Leve de computerexperten

Ik heb de batterij er uit gehaald. Sindsdien werk hij terug perfect. Dus het zal wel met grote zekerheid aan de batterij gelegen hebben. Ik heb niet veel zin om te testen of hij het was, omdat er zo misschien nieuwe fouten kunnen ontstaan? Anyway, hij ging toch nog maar een half uurtje mee, dus ik ben van plan een nieuwe batterij te kopen. Ik wil iedereen nogmaals hartelijk bedanken voor de snelle en efficiënte hulp. Ik had dit helemaal niet verwacht. Bedankt!

ComboFix 11-01-31.02 - Danny 05/02/2011 14:53:04.2.2 - x86 Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1252.32.1043.18.3066.1885 [GMT 1:00] Gestart vanuit: c:\users\Danny\Desktop\ComboFix.exe gebruikte Opdracht switches :: c:\users\Danny\Desktop\CFScript.txt AV: Microsoft Security Essentials *Disabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160} SP: Microsoft Security Essentials *Disabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD} SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} FILE :: "c:\windows\system32\drivers\hitmanpro3.sys" . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . C:\found.001 c:\found.001\dir0000.chk\GrooveMUI.XML c:\found.001\dir0000.chk\GrooveMUISet.XML c:\found.001\dir0000.chk\SETUP.XML c:\found.001\dir0001.chk\ANALYS32.XLL c:\found.001\dir0001.chk\ATPVBAEN.XLAM c:\found.001\dir0001.chk\FUNCRES.XLAM c:\found.001\dir0001.chk\PROCDB.XLAM c:\found.001\dir0002.chk\OCT.CHM c:\found.001\dir0002.chk\OfficeMUISet.XML c:\found.001\dir0002.chk\OSETUPUI.DLL c:\found.001\dir0002.chk\PSCONFIG.CHM c:\found.001\dir0002.chk\PSS10O.CHM c:\found.001\dir0002.chk\PSS10R.CHM c:\found.001\dir0002.chk\SETUP.CHM c:\found.001\dir0002.chk\SETUP.XML c:\found.001\dir0003.chk\SOLVER.XLAM c:\found.001\dir0003.chk\SOLVER32.DLL c:\found.001\dir0004.chk\1043\CMDDEFUI.DLL c:\found.001\dir0004.chk\1043\compsvcspkgui.dll c:\found.001\dir0004.chk\1043\CSSMetaData.xml c:\found.001\dir0004.chk\1043\CSSPKGUI.DLL c:\found.001\dir0004.chk\1043\DISCO.XSL c:\found.001\dir0004.chk\1043\EMPTY.HTM c:\found.001\dir0004.chk\1043\HelpWatermark.htm c:\found.001\dir0004.chk\1043\htmdlgsUI.dll c:\found.001\dir0004.chk\1043\HTMEDUI.DLL c:\found.001\dir0004.chk\1043\MSENVUI.DLL c:\found.001\dir0004.chk\1043\VisualStudioTeamCoreUI.dll c:\found.001\dir0004.chk\1043\vsbrowseUI.dll c:\found.001\dir0004.chk\ATL70.DLL c:\found.001\dir0004.chk\CMDDEF.DLL c:\found.001\dir0004.chk\Compsvcspkg.dll c:\found.001\dir0004.chk\CSSMetaDataSchema.xml c:\found.001\dir0004.chk\CSSPKG.DLL c:\found.001\dir0004.chk\DISCO.GIF c:\found.001\dir0004.chk\HTMDLGS.DLL c:\found.001\dir0004.chk\HTMED.DLL c:\found.001\dir0004.chk\MSENV.DLL c:\found.001\dir0004.chk\MSVCP70.DLL c:\found.001\dir0004.chk\MSVCR70.DLL c:\found.001\dir0004.chk\MSVCR71.DLL c:\found.001\dir0004.chk\SCHEMA.GIF c:\found.001\dir0004.chk\SCHEMAS\HTML\HTM32DOM.TLB c:\found.001\dir0004.chk\SCHEMAS\HTML\HTM40DOM.TLB c:\found.001\dir0004.chk\SCHEMAS\HTML\HTML32.XSD c:\found.001\dir0004.chk\SCHEMAS\HTML\HTML40.XSD c:\found.001\dir0004.chk\SCHEMAS\HTML\NSC40DOM.TLB c:\found.001\dir0004.chk\SCHEMAS\HTML\NSCP40.XSD c:\found.001\dir0004.chk\SCHEMAS\XML\adrotator.xsd c:\found.001\dir0004.chk\SCHEMAS\XML\ASP.XSD c:\found.001\dir0004.chk\SCHEMAS\XML\WSHMETA.XSD c:\found.001\dir0004.chk\SCHEMAS\XML\xsdschema.xsd c:\found.001\dir0004.chk\SERVICE.GIF c:\found.001\dir0004.chk\TRIDSN.DLL c:\found.001\dir0004.chk\VisualStudioTeamCore.dll c:\found.001\dir0004.chk\VSBROWSE.DLL c:\found.001\dir0004.chk\VSTLBINF.DLL c:\found.001\dir0005.chk\context.html c:\found.001\dir0005.chk\ctxhelp_cls.gif c:\found.001\dir0005.chk\ctxhelp_opn.gif c:\found.001\dir0005.chk\ctxmsc_cls.gif c:\found.001\dir0005.chk\ctxmsc_opn.gif c:\found.001\dir0005.chk\ctxtrain_cls.gif c:\found.001\dir0005.chk\ctxtrain_opn.gif c:\found.001\dir0005.chk\ctxwiz_cls.gif c:\found.001\dir0005.chk\ctxwiz_opn.gif c:\found.001\dir0006.chk\1043\CONTEXT.XML c:\found.001\dir0006.chk\1043\CSDEBUG.XML c:\found.001\dir0006.chk\1043\CSENVIR.XML c:\found.001\dir0006.chk\1043\MSDNTRN.XML c:\found.001\dir0006.chk\1043\OFFICE.XML c:\found.001\dir0006.chk\DEF_CTX.XML c:\found.001\dir0007.chk\CSDEBUG.XML c:\found.001\dir0007.chk\CSENVIR.XML c:\found.001\dir0007.chk\OFFICE.XML c:\found.001\dir0008.chk\ACEINTL.DLL c:\found.001\dir0008.chk\ACEWSTR.DLL c:\found.001\dir0008.chk\ALRTINTL.DLL c:\found.001\dir0008.chk\MSEINTL.DLL c:\found.001\dir0008.chk\MSOINTL.DLL c:\found.001\dir0008.chk\MSSOAPR3.DLL c:\found.001\dir0008.chk\xlsrvintl.dll c:\found.001\dir0009.chk\_Setup.dll c:\found.001\dir0009.chk\data1.cab c:\found.001\dir0009.chk\data1.hdr c:\found.001\dir0009.chk\ISSetup.dll c:\found.001\dir0009.chk\setup.exe c:\found.001\dir0009.chk\setup.ilg c:\found.001\dir0009.chk\setup.ini c:\found.001\dir0009.chk\setup.inx c:\found.001\dir0011.chk\swf\flvplayer-sapo.swf\sapo_video_player.sol c:\found.001\dir0011.chk\swf\flvplayer.swf\sapo_video_player.sol c:\found.001\file0000.chk c:\found.001\file0001.chk c:\found.001\file0002.chk C:\found.002 c:\found.002\file0000.chk C:\found.003 c:\found.003\file0000.chk . ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\Legacy_HITMANPRO3 -------\Service_hitmanpro3 (((((((((((((((((((( Bestanden Gemaakt van 2011-01-05 to 2011-02-05 )))))))))))))))))))))))))))))) . 2011-02-05 14:09 . 2011-02-05 14:09 -------- d-----w- c:\users\Default\AppData\Local\temp 2011-02-05 13:37 . 2011-01-13 00:41 5890896 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{43B2DD71-E822-4A0F-8E41-112D567D8899}\mpengine.dll 2011-02-02 12:34 . 2011-02-02 12:34 -------- d-----w- c:\users\Danny\AppData\Local\PackageAware 2011-02-01 14:36 . 2011-02-01 14:36 439632 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{A85A691E-3F77-464C-8861-8535DB87D409}\gapaengine.dll 2011-02-01 14:20 . 2011-02-01 14:20 -------- d-----w- c:\windows\TempCBE6AE3C-C6AB-D494-8572-DEE94DB37BC0-Signatures 2011-02-01 14:18 . 2011-02-01 14:22 -------- d-----w- c:\program files\Microsoft Security Client 2011-01-31 13:40 . 2011-01-31 13:40 -------- d-----w- c:\users\Danny\AppData\Roaming\Malwarebytes 2011-01-31 13:39 . 2010-12-20 17:09 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2011-01-31 13:39 . 2011-01-31 13:39 -------- d-----w- c:\programdata\Malwarebytes 2011-01-31 13:39 . 2011-01-31 13:39 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2011-01-31 13:39 . 2010-12-20 17:08 20952 ----a-w- c:\windows\system32\drivers\mbam.sys 2011-01-30 12:58 . 2011-01-30 12:58 388096 ----a-r- c:\users\Danny\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe 2011-01-30 12:58 . 2011-01-30 12:58 -------- d-----w- c:\program files\Trend Micro 2011-01-29 23:34 . 2011-02-01 14:15 -------- d-----w- c:\program files\SpeedFan 2011-01-29 22:08 . 2011-01-29 22:08 -------- d-----w- c:\users\Danny\AppData\Local\SKIDROW 2011-01-29 19:09 . 2011-01-29 19:09 -------- d-----w- c:\users\Danny\AppData\Local\My Games 2011-01-29 18:53 . 2011-02-01 14:17 -------- d-----w- c:\program files\Sid Meier's Civilization V 2011-01-26 12:27 . 2011-01-26 12:27 -------- d-----w- c:\programdata\Age of Empires 3 2011-01-26 12:24 . 2006-08-30 22:03 34304 ------r- c:\program files\Microsoft Games\Age of Empires III\SetupENU2.dll 2011-01-26 12:15 . 2011-01-26 12:24 -------- d-----w- c:\program files\Common Files\Microsoft Games 2011-01-12 10:33 . 2010-12-14 15:49 1169408 ----a-w- c:\windows\system32\sdclt.exe 2011-01-12 10:33 . 2010-12-28 14:57 409600 ----a-w- c:\windows\system32\odbc32.dll 2011-01-12 10:33 . 2010-12-28 14:56 708608 ----a-w- c:\program files\Common Files\System\ado\msado15.dll 2011-01-12 10:33 . 2010-12-28 14:56 57344 ----a-w- c:\program files\Common Files\System\msadc\msadcs.dll 2011-01-12 10:33 . 2010-12-28 14:56 253952 ----a-w- c:\program files\Common Files\System\ado\msadox.dll 2011-01-12 10:33 . 2010-12-28 14:56 241664 ----a-w- c:\program files\Common Files\System\ado\msadomd.dll 2011-01-12 10:33 . 2010-12-28 14:56 180224 ----a-w- c:\program files\Common Files\System\msadc\msadco.dll 2011-01-11 19:18 . 2011-01-11 19:21 -------- d-----w- c:\users\Danny\AppData\Roaming\SmartDraw 2011-01-10 14:01 . 1997-05-29 14:25 315904 ----a-w- c:\windows\IsUn0413.exe 2011-01-10 14:01 . 2011-01-10 14:02 -------- d-----w- c:\windows\system32\E177E04D548C4006A465EEB92D3DE021 . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2011-01-13 00:41 . 2010-01-17 20:54 5890896 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll 2010-12-23 19:56 . 2010-12-23 19:56 658696 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll 2010-11-29 16:38 . 2010-11-29 16:38 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx 2010-11-29 16:38 . 2010-11-29 16:38 69632 ----a-w- c:\windows\system32\QuickTime.qts . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP] @="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}" [HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}] 2008-05-14 15:05 121392 ----a-w- c:\program files\Acer\Empowering Technology\eDataSecurity\x86\PSDProtect.dll [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-02-14 39408] "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2008-01-21 1233920] "ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 125952] "VeohPlugin"="c:\program files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe" [2010-07-06 2634048] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ZPdtWzdVitaKey MC3000"="c:\program files\Acer\Acer Bio Protection\PdtWzd.exe" [2008-10-12 3676160] "SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2008-04-25 1049896] "LManager"="c:\progra~1\LAUNCH~1\QtZgAcer.EXE" [2008-06-04 817672] "ePower_DMC"="c:\program files\Acer\Empowering Technology\ePower\ePower_DMC.exe" [2008-08-01 405504] "eDataSecurity Loader"="c:\program files\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe" [2008-05-14 526896] "eAudio"="c:\program files\Acer\Empowering Technology\eAudio\eAudio.exe" [2008-05-30 544768] "GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072] "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-11-29 421888] "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2010-12-13 421160] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2009-12-18 40368] "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-09-21 932288] "MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2010-11-30 997408] c:\users\Danny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ OneNote 2007 Schermopname en Snel starten.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2009-2-26 97680] Orion.lnk - c:\program files\Convesoft\Orion\Messenger.exe [N/A] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableUIADesktopToggle"= 0 (0x0) "DisableCAD"= 1 (0x1) [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\AWinNotifyVitaKey MC3000] 2008-10-12 12:18 3197952 ----a-w- c:\program files\Acer\Acer Bio Protection\WinNotify.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\spba] 2008-03-25 13:24 567560 ----a-w- c:\program files\Common Files\SPBA\homefus2.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc] @="Service" [HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Acer VCM.lnk] path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Acer VCM.lnk backup=c:\windows\pss\Acer VCM.lnk.CommonStartup backupExtension=.CommonStartup [HKLM\~\startupfolder\C:^Users^Danny^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^MagicDisc.lnk] path=c:\users\Danny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MagicDisc.lnk backup=c:\windows\pss\MagicDisc.lnk.Startup backupExtension=.Startup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher] 2009-12-18 07:58 40368 ----a-w- c:\program files\Adobe\Reader 8.0\Reader\reader_sl.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BkupTray] 2008-04-25 19:36 28672 ----a-w- c:\program files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ehTray.exe] 2008-01-21 02:25 125952 ----a-w- c:\windows\ehome\ehtray.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor] 2008-10-25 09:44 31072 ----a-w- c:\program files\Microsoft Office\Office12\GrooveMonitor.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IAAnotif] 2008-07-20 09:45 182808 ----a-w- c:\program files\Intel\Intel Matrix Storage Manager\IAAnotif.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] 2010-11-29 16:38 421888 ----a-w- c:\program files\QuickTime\QTTask.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched] 2008-11-10 04:43 136600 ----a-w- c:\program files\Java\jre6\bin\jusched.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg] 2009-02-14 21:12 39408 ----a-w- c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WarReg_PopUp] 2008-01-29 07:03 303104 ----a-w- c:\program files\Acer\WR_PopUp\WarReg_PopUp.exe [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiSpyware] "DisableMonitoring"=dword:00000001 R1 MpKsl061a892d;MpKsl061a892d;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{A5A4EAF4-8A59-4923-9282-56A944150554}\MpKsl061a892d.sys [x] R1 MpKsl1e8be60e;MpKsl1e8be60e;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{C7C732B0-1599-45BB-BE03-F547D3A5D318}\MpKsl1e8be60e.sys [x] R1 MpKsl31ab6844;MpKsl31ab6844;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{A5A4EAF4-8A59-4923-9282-56A944150554}\MpKsl31ab6844.sys [x] R1 MpKsl3306aa58;MpKsl3306aa58;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{A5A4EAF4-8A59-4923-9282-56A944150554}\MpKsl3306aa58.sys [x] R1 MpKsl3ac96c6c;MpKsl3ac96c6c;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{C7C732B0-1599-45BB-BE03-F547D3A5D318}\MpKsl3ac96c6c.sys [x] R1 MpKsl423e386c;MpKsl423e386c;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{43B2DD71-E822-4A0F-8E41-112D567D8899}\MpKsl423e386c.sys [x] R1 MpKsl45d6610a;MpKsl45d6610a;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{A5A4EAF4-8A59-4923-9282-56A944150554}\MpKsl45d6610a.sys [x] R1 MpKsl5ddcdedc;MpKsl5ddcdedc;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{A5A4EAF4-8A59-4923-9282-56A944150554}\MpKsl5ddcdedc.sys [x] R1 MpKsl8c2cb156;MpKsl8c2cb156;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{B4CAE9E4-1DBB-4680-B96B-E0A3C1708667}\MpKsl8c2cb156.sys [x] R1 MpKsl9cbf7085;MpKsl9cbf7085;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{A5A4EAF4-8A59-4923-9282-56A944150554}\MpKsl9cbf7085.sys [x] R1 MpKslb0facd19;MpKslb0facd19;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{9981F184-BFB9-4A65-B851-552B824D186E}\MpKslb0facd19.sys [x] R1 MpKslb805e55e;MpKslb805e55e;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{A5A4EAF4-8A59-4923-9282-56A944150554}\MpKslb805e55e.sys [x] R1 MpKsld14123a8;MpKsld14123a8;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{A5A4EAF4-8A59-4923-9282-56A944150554}\MpKsld14123a8.sys [x] R1 MpKsld4fa9316;MpKsld4fa9316;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{B4CAE9E4-1DBB-4680-B96B-E0A3C1708667}\MpKsld4fa9316.sys [x] R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] R2 gupdate1c98ee976a6d920;Google Updateservice (gupdate1c98ee976a6d920);c:\program files\Google\Update\GoogleUpdate.exe [2009-02-14 133104] R3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\DRIVERS\MpNWMon.sys [2010-10-24 43392] R3 MusCAudio;MusCAudio;c:\windows\system32\drivers\MusCAudio.sys [2009-02-03 23096] R3 MusCVideo;MusCVideo;c:\windows\system32\DRIVERS\MusCVideo.sys [2009-02-03 3768] R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [2010-10-24 54144] R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\Antimalware\NisSrv.exe [2010-11-11 206360] R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504] R3 WSVD;WSVD;c:\windows\system32\drivers\WSVD.sys [2008-05-26 81704] R4 BUNAgentSvc;NTI Backup Now 5 Agent Service;c:\program files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe [2008-03-03 16384] R4 IGBASVC;iGroupTec Service;c:\program files\Acer\Acer Bio Protection\BASVC.exe [2008-10-12 3602432] R4 NTIBackupSvc;NTI Backup Now 5 Backup Service;c:\program files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [2008-04-25 45056] R4 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service;c:\program files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [2008-04-25 131072] R4 RS_Service;Raw Socket Service;c:\program files\Acer\Acer VCM\RS_Service.exe [2008-01-10 233472] S0 AlfaFF;AlfaFF File System mini-filter;c:\windows\system32\Drivers\AlfaFF.sys [2008-10-12 42608] S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2010-09-17 691696] S2 ETService;Empowering Technology Service;c:\program files\Acer\Empowering Technology\Service\ETService.exe [2008-06-02 24576] S3 NETw5v32;Stuurprogramma voor Intel® Wireless WiFi Link Adapter onder Windows Vista 32 Bit;c:\windows\system32\DRIVERS\NETw5v32.sys [2008-05-05 3658752] S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda32v.sys [2010-06-21 105576] S3 winbondcir;Winbond IR Transceiver;c:\windows\system32\DRIVERS\winbondcir.sys [2007-03-28 43008] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12 hpdevmgmt REG_MULTI_SZ hpqcxs08 . Inhoud van de 'Gedeelde Taken' map 2011-02-05 c:\windows\Tasks\Google Software Updater.job - c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-02-14 21:08] 2011-02-05 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2009-02-14 21:15] 2011-02-05 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2009-02-14 21:15] . . ------- Bijkomende Scan ------- . uStart Page = hxxp://www.google.be/ mStart Page = hxxp://nl.intl.acer.yahoo.com uInternet Settings,ProxyOverride = local;*.local IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000 IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll/cmsidewiki.html IE: {{C53BFCFC-7A54-4627-AEBA-2CD4871FCA97} - c:\microgaming\Poker\UnibetpokerMPP\MPPoker.exe FF - ProfilePath - c:\users\Danny\AppData\Roaming\Mozilla\Firefox\Profiles\rzkbju6l.default\ FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b} . ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2011-02-05 15:14 Windows 6.0.6001 Service Pack 1 NTFS scannen van verborgen processen ... scannen van verborgen autostart items ... scannen van verborgen bestanden ... Scan succesvol afgerond verborgen bestanden: 0 ************************************************************************** . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- [HKEY_USERS\S-1-5-21-2898258238-976231752-3870984009-1000\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*] @Allowed: (Read) (RestrictedCode) "??"=hex:29,6e,04,4d,4f,b9,c1,ab,37,87,cf,40,80,79,c4,f5,e8,1d,a9,42,0c,73,9c, 74,9c,e1,cb,07,8b,5f,e8,54,1d,a1,2d,e5,4d,c3,0f,58,79,53,b8,b4,5a,22,69,6a,\ "??"=hex:35,fc,c6,3d,c9,02,ad,db,37,1f,61,de,0f,33,8f,50 [HKEY_USERS\S-1-5-21-2898258238-976231752-3870984009-1000\Software\SecuROM\License information*] "datasecu"=hex:36,5f,7b,df,00,e4,be,15,6a,57,0a,7f,4b,27,63,9c,be,1f,37,73,47, e7,4c,b3,4c,02,a7,98,85,6d,c3,3d,3f,8b,41,dd,79,d1,ae,29,06,1d,2f,96,2a,c1,\ "rkeysecu"=hex:e9,c4,af,ed,e0,f0,36,6f,55,e2,ab,71,6e,7b,79,81 [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . --------------------- DLLs Geladen Onder Lopende Processen --------------------- - - - - - - - > 'Explorer.exe'(3296) c:\program files\Acer\Empowering Technology\eDataSecurity\x86\PSDProtect.dll c:\program files\Acer\Empowering Technology\eDataSecurity\x86\sysenv.dll . ------------------------ Andere Aktieve Processen ------------------------ . c:\windows\system32\nvvsvc.exe c:\program files\Microsoft Security Client\Antimalware\MsMpEng.exe c:\windows\system32\rundll32.exe c:\program files\Common Files\SPBA\upeksvr.exe c:\program files\Acer\Acer Bio Protection\CompPtcVUI.exe c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe c:\program files\Bonjour\mDNSResponder.exe c:\program files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe c:\windows\system32\DRIVERS\xaudio.exe c:\program files\Intel\Intel Matrix Storage Manager\IAANTMon.exe c:\windows\system32\conime.exe c:\windows\system32\wbem\unsecapp.exe c:\program files\Windows Media Player\wmpnetwk.exe c:\program files\Apple Software Update\SoftwareUpdate.exe c:\windows\ehome\mcupdate.EXE . ************************************************************************** . Voltooingstijd: 2011-02-05 15:22:15 - machine werd herstart ComboFix-quarantined-files.txt 2011-02-05 14:22 ComboFix2.txt 2011-02-02 13:27 Pre-Run: 43.787.563.008 bytes beschikbaar Post-Run: 44.397.527.040 bytes beschikbaar - - End Of File - - 324FF6012E7CE65E44C2CE7CDF54EBCA

ComboFix 11-01-31.02 - Danny 02/02/2011 13:54:46.1.2 - x86 Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1252.32.1043.18.3066.1864 [GMT 1:00] Gestart vanuit: c:\users\Danny\Desktop\ComboFix.exe AV: Microsoft Security Essentials *Disabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160} SP: Microsoft Security Essentials *Disabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD} SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} * Nieuw herstelpunt werd aangemaakt . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\program files\Acer\Acer Bio Protection\PwdFilter.dll c:\users\Danny\AppData\Roaming\.# c:\windows\system32\f . (((((((((((((((((((( Bestanden Gemaakt van 2011-01-02 to 2011-02-02 )))))))))))))))))))))))))))))) . 2011-02-02 12:34 . 2011-02-02 12:34 -------- d-----w- c:\users\Danny\AppData\Local\PackageAware 2011-02-01 14:36 . 2011-02-01 14:36 439632 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{A85A691E-3F77-464C-8861-8535DB87D409}\gapaengine.dll 2011-02-01 14:36 . 2011-01-13 00:41 5890896 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{B4CAE9E4-1DBB-4680-B96B-E0A3C1708667}\mpengine.dll 2011-02-01 14:20 . 2011-02-01 14:20 -------- d-----w- c:\windows\TempCBE6AE3C-C6AB-D494-8572-DEE94DB37BC0-Signatures 2011-02-01 14:18 . 2011-02-01 14:22 -------- d-----w- c:\program files\Microsoft Security Client 2011-01-31 13:40 . 2011-01-31 13:40 -------- d-----w- c:\users\Danny\AppData\Roaming\Malwarebytes 2011-01-31 13:39 . 2010-12-20 17:09 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2011-01-31 13:39 . 2011-01-31 13:39 -------- d-----w- c:\programdata\Malwarebytes 2011-01-31 13:39 . 2011-01-31 13:39 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2011-01-31 13:39 . 2010-12-20 17:08 20952 ----a-w- c:\windows\system32\drivers\mbam.sys 2011-01-30 12:58 . 2011-01-30 12:58 388096 ----a-r- c:\users\Danny\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe 2011-01-30 12:58 . 2011-01-30 12:58 -------- d-----w- c:\program files\Trend Micro 2011-01-30 09:57 . 2011-01-30 09:57 -------- d-----w- C:\found.003 2011-01-29 23:34 . 2011-02-01 14:15 -------- d-----w- c:\program files\SpeedFan 2011-01-29 22:08 . 2011-01-29 22:08 -------- d-----w- c:\users\Danny\AppData\Local\SKIDROW 2011-01-29 19:09 . 2011-01-29 19:09 -------- d-----w- c:\users\Danny\AppData\Local\My Games 2011-01-29 18:53 . 2011-02-01 14:17 -------- d-----w- c:\program files\Sid Meier's Civilization V 2011-01-26 12:27 . 2011-01-26 12:27 -------- d-----w- c:\programdata\Age of Empires 3 2011-01-26 12:24 . 2006-08-30 22:03 34304 ------r- c:\program files\Microsoft Games\Age of Empires III\SetupENU2.dll 2011-01-26 12:15 . 2011-01-26 12:24 -------- d-----w- c:\program files\Common Files\Microsoft Games 2011-01-12 10:33 . 2010-12-14 15:49 1169408 ----a-w- c:\windows\system32\sdclt.exe 2011-01-12 10:33 . 2010-12-28 14:57 409600 ----a-w- c:\windows\system32\odbc32.dll 2011-01-12 10:33 . 2010-12-28 14:56 708608 ----a-w- c:\program files\Common Files\System\ado\msado15.dll 2011-01-12 10:33 . 2010-12-28 14:56 57344 ----a-w- c:\program files\Common Files\System\msadc\msadcs.dll 2011-01-12 10:33 . 2010-12-28 14:56 253952 ----a-w- c:\program files\Common Files\System\ado\msadox.dll 2011-01-12 10:33 . 2010-12-28 14:56 241664 ----a-w- c:\program files\Common Files\System\ado\msadomd.dll 2011-01-12 10:33 . 2010-12-28 14:56 180224 ----a-w- c:\program files\Common Files\System\msadc\msadco.dll 2011-01-11 19:18 . 2011-01-11 19:21 -------- d-----w- c:\users\Danny\AppData\Roaming\SmartDraw 2011-01-10 14:01 . 1997-05-29 14:25 315904 ----a-w- c:\windows\IsUn0413.exe 2011-01-10 14:01 . 2011-01-10 14:02 -------- d-----w- c:\windows\system32\E177E04D548C4006A465EEB92D3DE021 2011-01-03 17:05 . 2011-01-19 23:16 -------- d-----w- C:\temp . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2010-12-23 19:56 . 2010-12-23 19:56 658696 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll 2010-11-29 16:38 . 2010-11-29 16:38 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx 2010-11-29 16:38 . 2010-11-29 16:38 69632 ----a-w- c:\windows\system32\QuickTime.qts 2010-11-06 11:10 . 2010-12-16 13:59 345088 ----a-w- c:\windows\system32\wmicmiplugin.dll 2010-11-06 11:10 . 2010-12-16 13:59 357376 ----a-w- c:\windows\system32\taskschd.dll 2010-11-06 11:10 . 2010-12-16 13:59 270336 ----a-w- c:\windows\system32\taskcomp.dll 2010-11-06 11:09 . 2010-12-16 13:59 603648 ----a-w- c:\windows\system32\schedsvc.dll 2010-11-05 00:53 . 2010-12-16 13:59 171520 ----a-w- c:\windows\system32\taskeng.exe . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP] @="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}" [HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}] 2008-05-14 15:05 121392 ----a-w- c:\program files\Acer\Empowering Technology\eDataSecurity\x86\PSDProtect.dll [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-02-14 39408] "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2008-01-21 1233920] "ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 125952] "VeohPlugin"="c:\program files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe" [2010-07-06 2634048] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ZPdtWzdVitaKey MC3000"="c:\program files\Acer\Acer Bio Protection\PdtWzd.exe" [2008-10-12 3676160] "SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2008-04-25 1049896] "LManager"="c:\progra~1\LAUNCH~1\QtZgAcer.EXE" [2008-06-04 817672] "ePower_DMC"="c:\program files\Acer\Empowering Technology\ePower\ePower_DMC.exe" [2008-08-01 405504] "eDataSecurity Loader"="c:\program files\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe" [2008-05-14 526896] "eAudio"="c:\program files\Acer\Empowering Technology\eAudio\eAudio.exe" [2008-05-30 544768] "GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072] "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-11-29 421888] "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2010-12-13 421160] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2009-12-18 40368] "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-09-21 932288] "MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2010-11-30 997408] c:\users\Danny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ OneNote 2007 Schermopname en Snel starten.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2009-2-26 97680] Orion.lnk - c:\program files\Convesoft\Orion\Messenger.exe [N/A] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableLUA"= 0 (0x0) "EnableUIADesktopToggle"= 0 (0x0) "DisableCAD"= 1 (0x1) [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\AWinNotifyVitaKey MC3000] 2008-10-12 12:18 3197952 ----a-w- c:\program files\Acer\Acer Bio Protection\WinNotify.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\spba] 2008-03-25 13:24 567560 ----a-w- c:\program files\Common Files\SPBA\homefus2.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc] @="Service" [HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Acer VCM.lnk] path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Acer VCM.lnk backup=c:\windows\pss\Acer VCM.lnk.CommonStartup backupExtension=.CommonStartup [HKLM\~\startupfolder\C:^Users^Danny^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^MagicDisc.lnk] path=c:\users\Danny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MagicDisc.lnk backup=c:\windows\pss\MagicDisc.lnk.Startup backupExtension=.Startup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher] 2009-12-18 07:58 40368 ----a-w- c:\program files\Adobe\Reader 8.0\Reader\reader_sl.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BkupTray] 2008-04-25 19:36 28672 ----a-w- c:\program files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ehTray.exe] 2008-01-21 02:25 125952 ----a-w- c:\windows\ehome\ehtray.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor] 2008-10-25 09:44 31072 ----a-w- c:\program files\Microsoft Office\Office12\GrooveMonitor.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IAAnotif] 2008-07-20 09:45 182808 ----a-w- c:\program files\Intel\Intel Matrix Storage Manager\IAAnotif.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] 2010-11-29 16:38 421888 ----a-w- c:\program files\QuickTime\QTTask.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched] 2008-11-10 04:43 136600 ----a-w- c:\program files\Java\jre6\bin\jusched.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg] 2009-02-14 21:12 39408 ----a-w- c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WarReg_PopUp] 2008-01-29 07:03 303104 ----a-w- c:\program files\Acer\WR_PopUp\WarReg_PopUp.exe [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiSpyware] "DisableMonitoring"=dword:00000001 R1 MpKsl061a892d;MpKsl061a892d;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{A5A4EAF4-8A59-4923-9282-56A944150554}\MpKsl061a892d.sys [x] R1 MpKsl31ab6844;MpKsl31ab6844;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{A5A4EAF4-8A59-4923-9282-56A944150554}\MpKsl31ab6844.sys [x] R1 MpKsl3306aa58;MpKsl3306aa58;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{A5A4EAF4-8A59-4923-9282-56A944150554}\MpKsl3306aa58.sys [x] R1 MpKsl45d6610a;MpKsl45d6610a;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{A5A4EAF4-8A59-4923-9282-56A944150554}\MpKsl45d6610a.sys [x] R1 MpKsl5ddcdedc;MpKsl5ddcdedc;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{A5A4EAF4-8A59-4923-9282-56A944150554}\MpKsl5ddcdedc.sys [x] R1 MpKsl8c2cb156;MpKsl8c2cb156;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{B4CAE9E4-1DBB-4680-B96B-E0A3C1708667}\MpKsl8c2cb156.sys [x] R1 MpKsl9cbf7085;MpKsl9cbf7085;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{A5A4EAF4-8A59-4923-9282-56A944150554}\MpKsl9cbf7085.sys [x] R1 MpKslb0facd19;MpKslb0facd19;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{9981F184-BFB9-4A65-B851-552B824D186E}\MpKslb0facd19.sys [x] R1 MpKslb805e55e;MpKslb805e55e;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{A5A4EAF4-8A59-4923-9282-56A944150554}\MpKslb805e55e.sys [x] R1 MpKsld14123a8;MpKsld14123a8;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{A5A4EAF4-8A59-4923-9282-56A944150554}\MpKsld14123a8.sys [x] R1 MpKsld4fa9316;MpKsld4fa9316;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{B4CAE9E4-1DBB-4680-B96B-E0A3C1708667}\MpKsld4fa9316.sys [x] R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] R2 gupdate1c98ee976a6d920;Google Updateservice (gupdate1c98ee976a6d920);c:\program files\Google\Update\GoogleUpdate.exe [2009-02-14 133104] R3 hitmanpro3;Hitman Pro 3 Support Driver;c:\windows\system32\drivers\hitmanpro3.sys [x] R3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\DRIVERS\MpNWMon.sys [2010-10-24 43392] R3 MusCAudio;MusCAudio;c:\windows\system32\drivers\MusCAudio.sys [2009-02-03 23096] R3 MusCVideo;MusCVideo;c:\windows\system32\DRIVERS\MusCVideo.sys [2009-02-03 3768] R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [2010-10-24 54144] R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\Antimalware\NisSrv.exe [2010-11-11 206360] R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504] R3 WSVD;WSVD;c:\windows\system32\drivers\WSVD.sys [2008-05-26 81704] R4 BUNAgentSvc;NTI Backup Now 5 Agent Service;c:\program files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe [2008-03-03 16384] R4 IGBASVC;iGroupTec Service;c:\program files\Acer\Acer Bio Protection\BASVC.exe [2008-10-12 3602432] R4 NTIBackupSvc;NTI Backup Now 5 Backup Service;c:\program files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [2008-04-25 45056] R4 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service;c:\program files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [2008-04-25 131072] R4 RS_Service;Raw Socket Service;c:\program files\Acer\Acer VCM\RS_Service.exe [2008-01-10 233472] S0 AlfaFF;AlfaFF File System mini-filter;c:\windows\system32\Drivers\AlfaFF.sys [2008-10-12 42608] S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2010-09-17 691696] S2 ETService;Empowering Technology Service;c:\program files\Acer\Empowering Technology\Service\ETService.exe [2008-06-02 24576] S3 NETw5v32;Stuurprogramma voor Intel® Wireless WiFi Link Adapter onder Windows Vista 32 Bit;c:\windows\system32\DRIVERS\NETw5v32.sys [2008-05-05 3658752] S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda32v.sys [2010-06-21 105576] S3 winbondcir;Winbond IR Transceiver;c:\windows\system32\DRIVERS\winbondcir.sys [2007-03-28 43008] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12 hpdevmgmt REG_MULTI_SZ hpqcxs08 . Inhoud van de 'Gedeelde Taken' map 2011-02-02 c:\windows\Tasks\Google Software Updater.job - c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-02-14 21:08] 2011-02-02 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2009-02-14 21:15] 2011-02-02 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2009-02-14 21:15] . . ------- Bijkomende Scan ------- . uStart Page = hxxp://www.google.be/ mStart Page = hxxp://nl.intl.acer.yahoo.com uInternet Settings,ProxyOverride = local;*.local IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000 IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll/cmsidewiki.html IE: {{C53BFCFC-7A54-4627-AEBA-2CD4871FCA97} - c:\microgaming\Poker\UnibetpokerMPP\MPPoker.exe FF - ProfilePath - c:\users\Danny\AppData\Roaming\Mozilla\Firefox\Profiles\rzkbju6l.default\ FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b} . - - - - ORPHANS VERWIJDERD - - - - WebBrowser-{CD90BF73-20F6-44EF-993D-BB920303BD2E} - (no file) HKCU-Run-EA Core - c:\program files\Electronic Arts\EADM\Core.exe HKLM-Run-eRecoveryService - (no file) MSConfigStartUp-DAEMON Tools Lite - c:\program files\DAEMON Tools Lite\daemon.exe MSConfigStartUp-OneCareUI - c:\program files\Microsoft Windows OneCare Live\winssnotify.exe ************************************************************************** scannen van verborgen processen ... scannen van verborgen autostart items ... scannen van verborgen bestanden ... Scan succesvol afgerond verborgen bestanden: ************************************************************************** . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- [HKEY_USERS\S-1-5-21-2898258238-976231752-3870984009-1000\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*] @Allowed: (Read) (RestrictedCode) "??"=hex:29,6e,04,4d,4f,b9,c1,ab,37,87,cf,40,80,79,c4,f5,e8,1d,a9,42,0c,73,9c, 74,9c,e1,cb,07,8b,5f,e8,54,1d,a1,2d,e5,4d,c3,0f,58,79,53,b8,b4,5a,22,69,6a,\ "??"=hex:35,fc,c6,3d,c9,02,ad,db,37,1f,61,de,0f,33,8f,50 [HKEY_USERS\S-1-5-21-2898258238-976231752-3870984009-1000\Software\SecuROM\License information*] "datasecu"=hex:36,5f,7b,df,00,e4,be,15,6a,57,0a,7f,4b,27,63,9c,be,1f,37,73,47, e7,4c,b3,4c,02,a7,98,85,6d,c3,3d,3f,8b,41,dd,79,d1,ae,29,06,1d,2f,96,2a,c1,\ "rkeysecu"=hex:e9,c4,af,ed,e0,f0,36,6f,55,e2,ab,71,6e,7b,79,81 [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . --------------------- DLLs Geladen Onder Lopende Processen --------------------- - - - - - - - > 'Explorer.exe'(5020) c:\program files\Acer\Empowering Technology\eDataSecurity\x86\PSDProtect.dll c:\program files\Acer\Empowering Technology\eDataSecurity\x86\sysenv.dll c:\windows\System32\SysHook.dll . ------------------------ Andere Aktieve Processen ------------------------ . c:\windows\system32\nvvsvc.exe c:\program files\Microsoft Security Client\Antimalware\MsMpEng.exe c:\windows\system32\rundll32.exe c:\program files\Common Files\SPBA\upeksvr.exe c:\program files\Acer\Acer Bio Protection\CompPtcVUI.exe c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe c:\program files\Bonjour\mDNSResponder.exe c:\program files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe c:\windows\system32\DRIVERS\xaudio.exe c:\program files\Intel\Intel Matrix Storage Manager\IAANTMon.exe c:\windows\system32\conime.exe c:\program files\Launch Manager\QtZgAcer.EXE c:\windows\system32\wbem\unsecapp.exe c:\program files\Synaptics\SynTP\SynTPHelper.exe c:\windows\ehome\ehmsas.exe c:\program files\iPod\bin\iPodService.exe c:\program files\Windows Media Player\wmpnetwk.exe . ************************************************************************** . Voltooingstijd: 2011-02-02 14:27:37 - machine werd herstart ComboFix-quarantined-files.txt 2011-02-02 13:27 Pre-Run: 42.673.020.928 bytes beschikbaar Post-Run: 44.449.337.344 bytes beschikbaar - - End Of File - - 5410995E7C1CD775DAC78F1FCC925BB4 ------------------------------------------------------------------------ Heel hartelijk bedankt!!! Ik had niet verwacht dat er vandaag de dag nog mensen waren die onbekenden willen helpen zonder tegenprestatie. Respect! Ik heb mijn batterij er uit gehaald, en werk nu alleen op netstroom, en hij werkt terug perfect! Ook zijn de prestaties terug veel beter. Misschien moet ik de batterij er eens terug insteken om te kijken of hij terug bevriest, zodat ik 100% zeker weet dat het aan de batterij lag.

Malwarebytes' Anti-Malware 1.50.1.1100 www.malwarebytes.org Databaseversie: 5647 Windows 6.0.6001 Service Pack 1 Internet Explorer 8.0.6001.18999 31/01/2011 15:40:18 mbam-log-2011-01-31 (15-40-18).txt Scantype: Snelle scan Objecten gescand: 157691 Verstreken tijd: 48 minuut/minuten, 42 seconde(n) Geheugenprocessen geïnfecteerd: 0 Geheugenmodulen geïnfecteerd: 0 Registersleutels geïnfecteerd: 0 Registerwaarden geïnfecteerd: 0 Registerdata geïnfecteerd: 1 Mappen geïnfecteerd: 7 Bestanden geïnfecteerd: 6 Geheugenprocessen geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Geheugenmodulen geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Registersleutels geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Registerwaarden geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Registerdata geïnfecteerd: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL\CheckedValue (PUM.Hijack.System.Hidden) -> Bad: (0) Good: (1) -> Quarantined and deleted successfully. Mappen geïnfecteerd: c:\Windows\System32\bycool (Worm.AutoRun) -> Quarantined and deleted successfully. c:\Windows\System32\bycool1 (Worm.AutoIT) -> Quarantined and deleted successfully. c:\Windows\System32\f\d (Worm.AutoRun) -> Quarantined and deleted successfully. c:\Windows\System32\f\d\e (Worm.AutoRun) -> Quarantined and deleted successfully. c:\Windows\System32\f\d\e\d (Worm.AutoRun) -> Quarantined and deleted successfully. c:\Windows\System32\f\d\e\d\h (Worm.AutoRun) -> Quarantined and deleted successfully. c:\Windows\System32\f\d\e\d\h\danny_17_01_2009_12_43_00 (Worm.AutoRun) -> Quarantined and deleted successfully. Bestanden geïnfecteerd: c:\programdata\iexplorer.exe (Worm.Autorun) -> Quarantined and deleted successfully. c:\Windows\System32\config\systemprofile\AppData\Roaming\iexplorer.exe (Worm.Autorun) -> Quarantined and deleted successfully. c:\Windows\System32\bycool\my.dll (Worm.AutoRun) -> Quarantined and deleted successfully. c:\Windows\System32\bycool\r.exe (Worm.AutoRun) -> Quarantined and deleted successfully. c:\Windows\System32\f\d\e\d\h\danny_17_01_2009_12_43_00\17_01_2009.k (Worm.AutoRun) -> Quarantined and deleted successfully. c:\Windows\System32\f\d\e\d\h\danny_17_01_2009_12_43_00\comp.rar (Worm.AutoRun) -> Quarantined and deleted successfully. ------------------------------- Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 15:44:19, on 31/01/2011 Platform: Windows Vista SP1 (WinNT 6.00.1905) MSIE: Internet Explorer v8.00 (8.00.6001.18999) Boot mode: Normal Running processes: C:\Windows\system32\taskeng.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\Acer\Acer Bio Protection\PdtWzd.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\Launch Manager\QtZgAcer.EXE C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe C:\Program Files\Acer\Empowering Technology\eAudio\eAudio.exe C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe C:\Program Files\Microsoft Security Essentials\msseces.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Windows\ehome\ehtray.exe C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe C:\Windows\system32\wbem\unsecapp.exe C:\Windows\ehome\ehmsas.exe C:\Program Files\Acer\Acer Bio Protection\PwdBank.exe C:\Program Files\Synaptics\SynTP\SynTPHelper.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe C:\Windows\system32\wuauclt.exe C:\Windows\system32\NOTEPAD.EXE C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = iGoogle Redirect R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Yahoo! UK R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Yahoo! UK R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local;*.local O1 - Hosts: ::1 localhost O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll O2 - BHO: ShowBarObj Class - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\ActiveToolBand.dll O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O4 - HKLM\..\Run: [ZPdtWzdVitaKey MC3000] "C:\Program Files\Acer\Acer Bio Protection\PdtWzd.exe" show O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\QtZgAcer.EXE O4 - HKLM\..\Run: [ePower_DMC] C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe O4 - HKLM\..\Run: [eAudio] "C:\Program Files\Acer\Empowering Technology\eAudio\eAudio.exe" O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [MSSE] "C:\Program Files\Microsoft Security Essentials\msseces.exe" -hide -runkey O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O4 - HKCU\..\Run: [VeohPlugin] "C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe" O4 - HKCU\..\Run: [EA Core] "C:\Program Files\Electronic Arts\EADM\Core.exe" -silent O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE') O4 - Startup: OneNote 2007 Schermopname en Snel starten.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE O4 - Startup: Orion.lnk = C:\Program Files\Convesoft\Orion\Messenger.exe O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll/cmsidewiki.html O9 - Extra button: Quick-Launching Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Program Files\Acer\Acer Bio Protection\PwdBank.exe O9 - Extra 'Tools' menuitem: Quick-Launching Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Program Files\Acer\Acer Bio Protection\PwdBank.exe O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: Unibet Poker - {C53BFCFC-7A54-4627-AEBA-2CD4871FCA97} - C:\Microgaming\Poker\UnibetpokerMPP\MPPoker.exe O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab O16 - DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} (NVIDIA Smart Scan) - http://www.nvidia.com/content/DriverDownload/nforce/NvidiaSmartScan.cab O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O20 - Winlogon Notify: AWinNotifyVitaKey MC3000 - C:\Program Files\Acer\Acer Bio Protection\WinNotify.dll O20 - Winlogon Notify: spba - C:\Program Files\Common Files\SPBA\homefus2.dll O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: eDataSecurity Service - Egis Incorporated - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe O23 - Service: Empowering Technology Service (ETService) - Unknown owner - C:\Program Files\Acer\Empowering Technology\Service\ETService.exe O23 - Service: Google Updateservice (gupdate1c98ee976a6d920) (gupdate1c98ee976a6d920) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe -- End of file - 11100 bytes ----------------- U bent hartelijk bedankt voor de moeite! ik heb een microsoft security essentials, en wist niet dat ik nog zoveel virussen had. Nu is het maar hopen dat dit de oorzaak van het probleem is. bedankt! wat doe ik vervolgens?

Bedankt! Ik heb geen adminstratormeldingen gekregen, dus ik denk dat dit ok is: Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 14:00:09, on 30/01/2011 Platform: Windows Vista SP1 (WinNT 6.00.1905) MSIE: Internet Explorer v8.00 (8.00.6001.18999) Boot mode: Normal Running processes: C:\Windows\system32\taskeng.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\Acer\Acer Bio Protection\PdtWzd.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\Launch Manager\QtZgAcer.EXE C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe C:\Program Files\Acer\Empowering Technology\eAudio\eAudio.exe C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe C:\Program Files\Microsoft Security Essentials\msseces.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Windows\ehome\ehtray.exe C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe C:\Windows\system32\wbem\unsecapp.exe C:\Windows\ehome\ehmsas.exe C:\Program Files\Acer\Acer Bio Protection\PwdBank.exe C:\Program Files\Synaptics\SynTP\SynTPHelper.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe C:\Windows\system32\wuauclt.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = iGoogle Redirect R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://nl.intl.acer.yahoo.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://nl.intl.acer.yahoo.com R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local;*.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: Veoh Web Player Toolbar - {cd90bf73-20f6-44ef-993d-bb920303bd2e} - C:\Program Files\Veoh_Web_Player\tbVeo1.dll O1 - Hosts: ::1 localhost O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file) O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll O2 - BHO: ShowBarObj Class - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\ActiveToolBand.dll O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll O2 - BHO: Veoh Web Player Toolbar - {cd90bf73-20f6-44ef-993d-bb920303bd2e} - C:\Program Files\Veoh_Web_Player\tbVeo1.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O3 - Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - (no file) O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll O3 - Toolbar: Veoh Web Player Toolbar - {cd90bf73-20f6-44ef-993d-bb920303bd2e} - C:\Program Files\Veoh_Web_Player\tbVeo1.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O4 - HKLM\..\Run: [ZPdtWzdVitaKey MC3000] "C:\Program Files\Acer\Acer Bio Protection\PdtWzd.exe" show O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\QtZgAcer.EXE O4 - HKLM\..\Run: [ePower_DMC] C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe O4 - HKLM\..\Run: [eAudio] "C:\Program Files\Acer\Empowering Technology\eAudio\eAudio.exe" O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [MSSE] "C:\Program Files\Microsoft Security Essentials\msseces.exe" -hide -runkey O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O4 - HKCU\..\Run: [VeohPlugin] "C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe" O4 - HKCU\..\Run: [EA Core] "C:\Program Files\Electronic Arts\EADM\Core.exe" -silent O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE') O4 - Startup: OneNote 2007 Schermopname en Snel starten.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE O4 - Startup: Orion.lnk = C:\Program Files\Convesoft\Orion\Messenger.exe O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll/cmsidewiki.html O9 - Extra button: Quick-Launching Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Program Files\Acer\Acer Bio Protection\PwdBank.exe O9 - Extra 'Tools' menuitem: Quick-Launching Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Program Files\Acer\Acer Bio Protection\PwdBank.exe O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: Unibet Poker - {C53BFCFC-7A54-4627-AEBA-2CD4871FCA97} - C:\Microgaming\Poker\UnibetpokerMPP\MPPoker.exe O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab O16 - DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} (NVIDIA Smart Scan) - http://www.nvidia.com/content/DriverDownload/nforce/NvidiaSmartScan.cab O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O20 - Winlogon Notify: AWinNotifyVitaKey MC3000 - C:\Program Files\Acer\Acer Bio Protection\WinNotify.dll O20 - Winlogon Notify: spba - C:\Program Files\Common Files\SPBA\homefus2.dll O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: eDataSecurity Service - Egis Incorporated - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe O23 - Service: Empowering Technology Service (ETService) - Unknown owner - C:\Program Files\Acer\Empowering Technology\Service\ETService.exe O23 - Service: Google Updateservice (gupdate1c98ee976a6d920) (gupdate1c98ee976a6d920) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe -- End of file - 11618 bytes

Ik heb reeds 2.5 jar een acer aspire 6930, Windows Vista. Deze heeft het een tijdje perfect gedaan, maar de laatste maanden wordt ik geconfronteerd met een vervelend probleem, en gisteren is dit probleem problematisch geworden : Het PC scherm bevriest vanaf wanneer de laptop iets meer dan de minimale inspanningen moet gaan doen. Hierdoor moet ik de stroomknop altijd 5 sec induwen om hem uit te zetten. Dit komt alleen voor wanneer de laptop is aangesloten op de netstroom. Wanneer ik met de batterij werk, gebeurd dit nooit. Nu is de batterij niet meer optimaal, waardoor het probleem dus zeer vervelend wordt. Ik had het een lange tijd alleen wanneer ik de pc opstartte via de netstroom. Maar dat was niet zo erg, dan startte ik hem gewoon altijd met de batterij op. Gisteren zag ik echter, dat de acer ePower Management de CPU snelheid onder netstroom op het laagste niveau had staan, even laag als wanneer ik werk met de batterij. Aangezien ik al lang het gevoel heb dat de laptop zwaar onder zijn prestaties werkt, heb ik dit naar het middelste niveau verzet. En vandaar zijn de problemen gekomen. Hij bevriest nu ook tijdens het werken, wanneer ik bijvoorbeeld en op word zit en op het internet. Of gisteren heb ik Civilization V geïnstalleerd (maar dat heeft niets met het bevriezen te maken), en na ongeveer 2 minuten spelen bevriest hij. Eén maal heeft hij het een half uurtje uitgehouden. Ik heb de instelling dan maar teruggezet naar het laagste niveau, maar het probleem blijft. Nu was ik zelfs gewoon tijdens ik aan het typen was, de bevestigingslink aan het invoeren voor pc-helpforum.be, wat genoeg was voor mn laptop om weeral te bevriezen. Ik dacht dat het misschien kwam omdat er teveel stof inzit, en heb hem zeer voorzichtig opengedaan, blijkt dat dit nog goed meeviel. De temperaturen zijn ook vrij hoog denk ik, maar toch nog altijd normaal. Kort gezegd: hij onderpresteert zwaar, bevriest direct wanneer de CPU taken ietwat zwaarder worden, en dit komt alleen voor bij de aansluiting op de netstroom. Wie kan mij helpen? Ik heb wel enig inzicht in PC's, maar ik vrees dat ik toch als een rookie mag beschouwd worden Alvast hartelijk dank. Danny

Ik heb reeds 2.5 jar een acer aspire 6930, Windows Vista. Deze heeft het een tijdje perfect gedaan, maar de laatste maanden wordt ik geconfronteerd met een vervelend probleem, en gisteren is dit probleem problematisch geworden : Het PC scherm bevriest vanaf wanneer de laptop iets meer dan de minimale inspanningen moet gaan doen. Hierdoor moet ik de stroomknop altijd 5 sec induwen om hem uit te zetten. Dit komt alleen voor wanneer de laptop is aangesloten op de netstroom. Wanneer ik met de batterij werk, gebeurd dit nooit. Nu is de batterij niet meer optimaal, waardoor het probleem dus zeer vervelend wordt. Ik had het een lange tijd alleen wanneer ik de pc opstartte via de netstroom. Maar dat was niet zo erg, dan startte ik hem gewoon altijd met de batterij op. Gisteren zag ik echter, dat de acer ePower Management de CPU snelheid onder netstroom op het laagste niveau had staan, even laag als wanneer ik werk met de batterij. Aangezien ik al lang het gevoel heb dat de laptop zwaar onder zijn prestaties werkt, heb ik dit naar het middelste niveau verzet. En vandaar zijn de problemen gekomen. Hij bevriest nu ook tijdens het werken, wanneer ik bijvoorbeeld en op word zit en op het internet. Of gisteren heb ik Civilization V geïnstalleerd (maar dat heeft niets met het bevriezen te maken), en na ongeveer 2 minuten spelen bevriest hij. Eén maal heeft hij het een half uurtje uitgehouden. Ik heb de instelling dan maar teruggezet naar het laagste niveau, maar het probleem blijft. Nu was ik zelfs gewoon tijdens ik aan het typen was, de bevestigingslink aan het invoeren voor pc-helpforum.be, wat genoeg was voor mn laptop om weeral te bevriezen. Ik dacht dat het misschien kwam omdat er teveel stof inzit, en heb hem zeer voorzichtig opengedaan, blijkt dat dit nog goed meeviel. De temperaturen zijn ook vrij hoog denk ik, maar toch nog altijd normaal. Kort gezegd: hij onderpresteert zwaar, bevriest direct wanneer de CPU taken ietwat zwaarder worden, en dit komt alleen voor bij de aansluiting op de netstroom. Wie kan mij helpen? Ik heb wel enig inzicht in PC's, maar ik vrees dat ik toch als een rookie mag beschouwd worden Alvast hartelijk dank. Danny