Ga naar inhoud

suske

Lid
 Bekijk profiel  Bekijk hun activiteit

  • Items

    47

  • Registratiedatum

  • Laatst bezocht

 Inhoudstype 

Alles dat geplaatst werd door suske

  1. suske
    hallo , yes , yes , yes !!!!!!!! ! probleem helemaal opgelost , heb er de versie "windows 7 opgezet en alles is terug pico bello , toch een hééle dikke mercie voor de hulp die jullie mij hebben gegeven.;-) groetjes suske ,
  2. suske
    oké , zal dat eens proberen indien het in orde is zal ik jullie iets laten weten en van harte bedankt om de goede hulp die ik van jullie heb gekregen . ;-) groetjes suske ,
  3. suske
    nee niks , alleen smart restore en alleen maar met herstelschijf
  4. suske
    smart restore heeft niet geholpen er was ook geen herstel cd bij , hoe kan ik dan de fabrieksinstellingen terugzetten ? en de recovery cd die ik heb gemaakt in het begin dan krijg ik de nota dat die niet meer werkt.
  5. suske
    hallo , tja goede vraag van "waar heb ik dit gevonden" niet op internet in ieder geval , wanneer ik systeemherstel wou gebruiken kreeg ik een bericht dat het niet "compatibel" is. ik heb de handleiding ook doorgenomen van "windows vista" en daar staat dat ik met "smartrestore" het ook kan verhelpen , maar... hoe het daar staat uitgelegd ? daar vind ik op de pc niks van terug , ja "smartstore" het programma wel maar niet zoals in de beschrijvig. ---------- Post toegevoegd om 11:14 ---------- Vorige post was om 11:07 ---------- dit is wat er in staat en wat ik niet terugvind. smartrestore starten 1.Sla uw werk op en sluit alle actieve toepassingen. 2.VanuitWindows klikt u op Start, selecteert u Programma's en Hulpprogramma's en klikt u opSmartRestore. Ophet hoofdscherm van SmartRestore vindt u drie tabbladen: • Software (standaardtab):voor het verwijderen en opnieuw installeren van software, • Hardware: voor het verwijderen enopnieuw installeren van door Packard Bell geleverdehardware, • Hulpprogramma's: om controles enonderhoud op uw systeem uit te voeren. [TABLE] [TR] [TD=bgcolor: transparent] [/TD] [/TR] [/TABLE]
  6. suske
    hallo , na veel zoeken ben ik erachter gekomen dat het een probleem met de "Compatibiliteit" zou zijn. nu snap ik er niks meer van, en hoe los ik dit op ?
  7. suske
    hallo , kan het zijn dat ik met de recovery cd die ik in het begin gemaakt hebt , dat ik de vroegere instellingen kan terug zetten ? en hoe begin ik daaraan ?
  8. suske
    goedemorgen , ik wou eens weten of er een oplossing bestaat voor het download probleem?
  9. suske
    ja met allemaal , en nu ook de linken als ik een mail ontvang die gaat wel open maar het is een blanco blad.
  10. suske
    hallo , het probleem is nog altijd niet opgelost alles is gescand en toch kan ik niet downloaden. ik weet het niet meer, is er nog wel een oplossing ?
  11. suske
    hallo , op die locatie is dit C:\Program Files\EsetOnlineScanner\log.txt niet te vinden ---------- Post toegevoegd om 11:36 ---------- Vorige post was om 11:30 ---------- dit is de scanner die ik gedaan heb met "eset" C:\Program Files\Application Updater\ApplicationUpdater.exe probably a variant of Win32/Adware.Toolbar.Dealio application cleaned by deleting - quarantined C:\Program Files\RealArcade\Installer\bin\OCSetupHlp.dll Win32/OpenCandy application cleaned by deleting - quarantined C:\Qoobox\Quarantine\C\Program Files\Search Settings\SearchSettings.dll.vir Win32/Adware.Toolbar.Dealio application cleaned by deleting - quarantined C:\Qoobox\Quarantine\C\Program Files\Search Settings\SearchSettings.exe.vir Win32/Adware.Toolbar.Dealio application cleaned by deleting - quarantined C:\Qoobox\Quarantine\C\Program Files\Search Settings\SearchSettingsRes409.dll.vir Win32/Adware.Toolbar.Dealio application cleaned by deleting - quarantined C:\Users\suske\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00007d Win32/Adware.Toolbar.Dealio application deleted - quarantined C:\Users\suske\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00009c Win32/OpenCandy application deleted - quarantined C:\Users\suske\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\61\746c6e3d-4f9f6e42 Java/TrojanDownloader.Agent.NCM trojan deleted - quarantined C:\Users\suske\Documents\Downloads\frostwire-4.18.0.windows.exe Win32/OpenCandy application deleted - quarantined C:\Users\suske\Documents\Downloads\Setup_FreeFlvConverter.exe Win32/Adware.Toolbar.Dealio application deleted - quarantined C:\Users\suske\Documents\LimeWire\Saved\suske 1\highland fling.mp3 a variant of WMA/TrojanDownloader.GetCodec.gen trojan cleaned - quarantined C:\Users\suske\Documents\LimeWire\Saved\suske 1\Shania Twain - Party for Two with Billy Currington (Country Version with intro).mp3 a variant of WMA/TrojanDownloader.GetCodec.gen trojan cleaned - quarantined
  12. suske
    op die locatie is dit C:\Program Files\EsetOnlineScanner\log.txt niet te vinden
  13. suske
    logje "eset" ESETSmartInstaller@High as CAB hook log: OnlineScanner.ocx - registred OK is da alles wat er in staat ?
  14. suske
    der staat niks in ? ---------- Post toegevoegd om 12:11 ---------- Vorige post was om 12:03 ---------- zelfs het logbestand van avg 8 is leeg
  15. suske
    kan het zelfs niet opgeslagen krijgen ? dus vind ook geen bestand , en de anti virus is avg ---------- Post toegevoegd om 11:35 ---------- Vorige post was om 11:33 ---------- nog een probleem bij nu krijg ik zelfs de linken niet meer open als ik jullie mail terugkrijg ook niet van andere linken ??
  16. suske
    néééééééé , krijg nog altijd dezelfde melding vb : "i tunes.exe. bevatte een virus en is verwijderd
  17. suske
    hopelijk is het nu gelukt , ComboFix 11-10-03.01 - suske 04/10/2011 9:41.14.2 - x86 Microsoft® Windows Vista™ Home Basic 6.0.6002.2.1252.32.1043.18.2686.1402 [GMT 2:00] Gestart vanuit: C:\ComboFix.exe gebruikte Opdracht switches :: c:\users\suske\Desktop\CFScript.txt..txt AV: AVG Anti-Virus Free Edition 2011 *Disabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0} SP: AVG Anti-Virus Free Edition 2011 *Disabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D} SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . FILE :: "c:\windows\msdownld.tmp" "c:\windows\system32\ConduitEngine.tmp" "c:\windows\System32\drivers\acaeh.sys" "c:\windows\System32\drivers\xlnk.sys" . . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\program files\ESET c:\program files\ESET\ESET Online Scanner\esets_apiA.dll c:\program files\ESET\ESET Online Scanner\esets_apiW.dll c:\program files\ESET\ESET Online Scanner\esets_apiW_a.dll c:\program files\ESET\ESET Online Scanner\ESETSmartInstaller.exe c:\program files\ESET\ESET Online Scanner\log.txt c:\program files\ESET\ESET Online Scanner\Modules\data\updfiles\http_update.eset.com\update.ver c:\program files\ESET\ESET Online Scanner\Modules\data\updfiles\lastupd.ver c:\program files\ESET\ESET Online Scanner\Modules\data\updfiles\nod04E5.nup c:\program files\ESET\ESET Online Scanner\Modules\data\updfiles\nod06E7.nup c:\program files\ESET\ESET Online Scanner\Modules\data\updfiles\nod076F.nup c:\program files\ESET\ESET Online Scanner\Modules\data\updfiles\nod0D62.nup c:\program files\ESET\ESET Online Scanner\Modules\data\updfiles\nod0F3C.nup c:\program files\ESET\ESET Online Scanner\Modules\data\updfiles\nod1B67.nup c:\program files\ESET\ESET Online Scanner\Modules\data\updfiles\nod1F7A.nup c:\program files\ESET\ESET Online Scanner\Modules\data\updfiles\nod4E34.nup c:\program files\ESET\ESET Online Scanner\Modules\data\updfiles\nod5343.nup c:\program files\ESET\ESET Online Scanner\Modules\data\updfiles\nod58DA.nup c:\program files\ESET\ESET Online Scanner\Modules\data\updfiles\nod5CC5.nup c:\program files\ESET\ESET Online Scanner\Modules\data\updfiles\nod6FA3.nup c:\program files\ESET\ESET Online Scanner\Modules\data\updfiles\nod71C0.nup c:\program files\ESET\ESET Online Scanner\Modules\data\updfiles\nod7668.nup c:\program files\ESET\ESET Online Scanner\Modules\data\updfiles\nod76D6.nup c:\program files\ESET\ESET Online Scanner\Modules\data\updfiles\nod79C7.nup c:\program files\ESET\ESET Online Scanner\Modules\data\updfiles\nod7B7E.nup c:\program files\ESET\ESET Online Scanner\Modules\data\updfiles\temp\em000_32.dat c:\program files\ESET\ESET Online Scanner\Modules\data\updfiles\temp\em001_32.dat c:\program files\ESET\ESET Online Scanner\Modules\data\updfiles\temp\em002_32.dat c:\program files\ESET\ESET Online Scanner\Modules\data\updfiles\temp\em003_32.dat c:\program files\ESET\ESET Online Scanner\Modules\data\updfiles\temp\em004_32.dat c:\program files\ESET\ESET Online Scanner\Modules\data\updfiles\temp\em005_32.dat c:\program files\ESET\ESET Online Scanner\Modules\data\updfiles\temp\em006_32.dat c:\program files\ESET\ESET Online Scanner\Modules\data\updfiles\upd.ver c:\program files\ESET\ESET Online Scanner\Modules\em000_32.dat c:\program files\ESET\ESET Online Scanner\Modules\em001_32.dat c:\program files\ESET\ESET Online Scanner\Modules\em002_32.dat c:\program files\ESET\ESET Online Scanner\Modules\em003_32.dat c:\program files\ESET\ESET Online Scanner\Modules\em004_32.dat c:\program files\ESET\ESET Online Scanner\Modules\em005_32.dat c:\program files\ESET\ESET Online Scanner\Modules\em006_32.dat c:\program files\ESET\ESET Online Scanner\OnlineCmdLineScanner.exe c:\program files\ESET\ESET Online Scanner\OnlineCmdLineScannerA.exe c:\program files\ESET\ESET Online Scanner\OnlineScanner.inf c:\program files\ESET\ESET Online Scanner\OnlineScanner.ocx c:\program files\ESET\ESET Online Scanner\OnlineScanner64.ocx c:\program files\ESET\ESET Online Scanner\OnlineScannerApp.exe c:\program files\ESET\ESET Online Scanner\OnlineScannerLang.dll c:\program files\ESET\ESET Online Scanner\OnlineScannerUninstaller.exe c:\program files\ESET\ESET Online Scanner\unicows.dll c:\windows\system32\ConduitEngine.tmp . . ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . . -------\Service_oxgijw -------\Service_ylygcak . . (((((((((((((((((((( Bestanden Gemaakt van 2011-09-04 to 2011-10-04 )))))))))))))))))))))))))))))) . . 2011-10-04 08:07 . 2011-10-04 08:16 -------- d-----w- c:\users\suske\AppData\Local\temp 2011-10-04 08:07 . 2011-10-04 08:07 -------- d-----w- c:\users\Default\AppData\Local\temp 2011-09-20 09:08 . 2011-09-20 09:08 -------- d-----w- c:\users\suske\AppData\Roaming\Malwarebytes 2011-09-20 09:08 . 2011-09-20 09:08 -------- d-----w- c:\programdata\Malwarebytes 2011-09-20 09:08 . 2011-09-20 09:08 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2011-09-20 09:08 . 2011-08-31 15:00 22216 ----a-w- c:\windows\system32\drivers\mbam.sys 2011-09-20 08:03 . 2011-09-20 08:03 388096 ----a-r- c:\users\suske\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe 2011-09-20 08:03 . 2011-09-20 08:03 -------- d-----w- c:\program files\Trend Micro 2011-09-18 09:06 . 2011-09-18 09:06 -------- d-----w- c:\program files\Common Files\AVG Secure Search 2011-09-18 09:06 . 2011-09-18 09:07 -------- d-----w- c:\program files\AVG Secure Search 2011-09-17 12:31 . 2011-09-17 12:33 -------- d--h--w- c:\windows\msdownld.tmp 2011-09-17 10:28 . 2011-08-10 12:14 2409784 ----a-w- c:\program files\Windows Mail\OESpamFilter.dat . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2011-08-26 15:04 . 2011-05-22 03:30 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2011-08-25 11:21 . 2011-08-25 11:21 18328 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll 2011-07-22 02:54 . 2011-08-20 07:37 1797632 ----a-w- c:\windows\system32\jscript9.dll 2011-07-22 02:48 . 2011-08-20 07:37 1126912 ----a-w- c:\windows\system32\wininet.dll 2011-07-22 02:44 . 2011-08-20 07:37 2382848 ----a-w- c:\windows\system32\mshtml.tlb 2011-07-12 09:20 . 2011-07-12 09:20 83816 ----a-w- c:\windows\system32\dns-sd.exe 2011-07-12 09:20 . 2011-07-12 09:20 73064 ----a-w- c:\windows\system32\dnssd.dll 2011-07-11 13:25 . 2011-08-25 08:58 2048 ----a-w- c:\windows\system32\tzres.dll 2011-07-06 15:31 . 2011-08-19 06:47 214016 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys . . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}] 2011-09-18 09:06 1451336 ----a-w- c:\program files\AVG Secure Search\8.0.0.34\AVG Secure Search_toolbar.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "{95B7759C-8C7F-4BF1-B163-73684A933233}"= "c:\program files\AVG Secure Search\8.0.0.34\AVG Secure Search_toolbar.dll" [2011-09-18 1451336] . [HKEY_CLASSES_ROOT\clsid\{95b7759c-8c7f-4bf1-b163-73684a933233}] [HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj.1] [HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj] . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IncrediMail"="c:\program files\IncrediMail\bin\IncMail.exe" [2011-09-22 366024] "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Nero\Lib\NMBgMonitor.exe" [2007-08-21 202024] "TomTomHOME.exe"="c:\program files\TomTom HOME 2\TomTomHOMERunner.exe" [2011-04-22 247728] "msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2011-05-13 4283256] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2011-04-20 58656] "RtHDVCpl"="RtHDVCpl.exe" [2007-08-17 4702208] "Skytel"="Skytel.exe" [2007-08-03 1826816] "NBKeyScan"="c:\program files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [2007-08-08 1828136] "GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072] "lxdnmon.exe"="c:\program files\Lexmark 2600 Series\lxdnmon.exe" [2009-08-31 660136] "lxdnamon"="c:\program files\Lexmark 2600 Series\lxdnamon.exe" [2009-08-31 16040] "FaxCenterServer"="c:\program files\Lexmark Fax Solutions\fm3032.exe" [2009-08-31 320168] "NeroFilterCheck"="c:\program files\Common Files\Nero\Lib\NeroCheck.exe" [2007-03-01 153136] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-09-07 37296] "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-03-30 937920] "AVG_TRAY"="c:\program files\AVG\AVG10\avgtray.exe" [2011-09-10 2338656] "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2011-07-05 421888] "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2011-08-18 421736] "fssui"="c:\program files\Windows Live\Family Safety\fsui.exe" [2011-05-13 884584] "vProt"="c:\program files\AVG Secure Search\vprot.exe" [2011-09-18 218440] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "aux"=wdmaud.drv . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher] 2011-09-07 22:58 37296 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor] 2008-10-25 10:44 31072 ----a-w- c:\program files\Microsoft Office\Office12\GrooveMonitor.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] 2007-08-21 13:52 1422632 ----a-w- c:\program files\Common Files\Nero\Lib\NMIndexStoreSvr.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper] 2011-08-18 23:07 421736 ----a-w- c:\program files\iTunes\iTunesHelper.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] 2011-07-05 16:36 421888 ----a-w- c:\program files\QuickTime\QTTask.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl] 2007-08-17 05:27 4702208 ----a-w- c:\windows\RtHDVCpl.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skytel] 2007-08-03 05:22 1826816 ----a-w- c:\windows\SkyTel.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SmpcSys] 2008-02-04 09:13 1038136 ----a-w- c:\program files\Packard Bell\SetUpMyPC\SmpSys.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StartCCC] 2006-11-10 10:35 90112 ----a-w- c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched] 2009-04-20 20:57 148888 ----a-w- c:\program files\Java\jre6\bin\jusched.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPEnh] 2007-03-01 13:24 857648 ----a-w- c:\program files\Synaptics\SynTP\SynTPEnh.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\toolbar_eula_launcher] 2007-02-20 16:20 28672 ----a-w- c:\program files\Packard Bell\GOOGLE_EULA\EULALauncher.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender] 2008-01-21 02:33 1008184 ----a-w- c:\program files\Windows Defender\MSASCui.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WMPNSCFG] 2008-01-21 02:35 202240 ----a-w- c:\program files\Windows Media Player\wmpnscfg.exe . [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring] "DisableMonitoring"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus] "DisableMonitoring"=dword:00000001 . R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] R3 FsUsbExDisk;FsUsbExDisk;c:\windows\system32\FsUsbExDisk.SYS [2009-03-31 36608] R3 gupdatem;Google Update-service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [2011-01-31 136176] R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [x] R3 nosGetPlusHelper;getPlus® Helper 3004;c:\windows\System32\svchost.exe [2008-01-21 21504] R3 StkCMini;Syntek AVStream USB2.0 VGA WebCam;c:\windows\system32\Drivers\StkCMini.sys [2007-09-26 1355520] R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504] R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 51040] S0 AVGIDSEH;AVGIDSEH;c:\windows\system32\DRIVERS\AVGIDSEH.Sys [2011-02-22 22992] S1 Avgtdix;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdix.sys [2011-04-04 297168] S2 avgwd;AVG WatchDog;c:\program files\AVG\AVG10\avgwdsvc.exe [2011-02-08 269520] S2 gupdate;Google Updateservice (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2011-01-31 136176] S2 lxbk_device;lxbk_device;c:\windows\system32\lxbkcoms.exe [2008-02-19 537256] S2 lxdn_device;lxdn_device;c:\windows\system32\lxdncoms.exe [2009-08-13 594600] S2 lxdnCATSCustConnectService;lxdnCATSCustConnectService;c:\windows\system32\spool\DRIVERS\W32X86\3\\lxdnserv.exe [2009-08-13 98984] S2 StkSSrv;Syntek AVStream USB2.0 WebCam Service;c:\windows\System32\StkCSrv.exe [2007-09-17 24576] S2 TomTomHOMEService;TomTomHOMEService;c:\program files\TomTom HOME 2\TomTomHOMEService.exe [2011-04-22 92592] S2 vToolbarUpdater;vToolbarUpdater;c:\program files\Common Files\AVG Secure Search\vToolbarUpdater\8.0.1\ToolbarUpdater.exe [2011-09-18 246600] . . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache nosGetPlusHelper REG_MULTI_SZ nosGetPlusHelper . Inhoud van de 'Gedeelde Taken' map . 2011-10-04 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2011-01-31 17:01] . 2011-10-03 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2011-01-31 17:01] . 2011-10-04 c:\windows\Tasks\Uitgebreide garantie-suske.job - c:\program files\Packard Bell\SetupmyPC\PBCarNot.exe [2008-10-14 09:13] . . ------- Bijkomende Scan ------- . uStart Page = hxxp://www.google.be/ uInternet Settings,ProxyOverride = *.local TCP: DhcpNameServer = 195.130.131.129 195.130.130.1 Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files\Common Files\AVG Secure Search\ViProtocolInstaller\8.0.1\ViProtocol.dll . - - - - ORPHANS VERWIJDERD - - - - . AddRemove-ESET Online Scanner - c:\program files\ESET\ESET Online Scanner\OnlineScannerUninstaller.exe . . . ************************************************************************** scannen van verborgen processen ... . scannen van verborgen autostart items ... . HKCU\Software\Microsoft\Windows\CurrentVersion\Run msnmsgr = "c:\program files\Windows Live\Messenger\msnmsgr.exe" /background??s . scannen van verborgen bestanden ... . Scan succesvol afgerond verborgen bestanden: . ************************************************************************** . ------------------------ Andere Aktieve Processen ------------------------ . c:\windows\system32\Ati2evxx.exe c:\windows\system32\Ati2evxx.exe c:\program files\ATK Hotkey\ASLDRSrv.exe c:\windows\System32\LEXBCES.EXE c:\windows\System32\LEXPPS.EXE c:\program files\ATK Hotkey\Hcontrol.exe c:\program files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe c:\program files\Bonjour\mDNSResponder.exe c:\program files\Windows Live\Family Safety\fsssvc.exe c:\program files\ATK Hotkey\ATKOSD.exe c:\windows\system32\spool\DRIVERS\W32X86\3\lxdnserv.exe c:\program files\Nero\Nero8\Nero BackItUp\NBService.exe c:\windows\system32\IoctlSvc.exe c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe c:\program files\AVG\AVG10\avgnsx.exe c:\windows\system32\WUDFHost.exe c:\windows\system32\conime.exe . ************************************************************************** . Voltooingstijd: 2011-10-04 10:19:34 - machine werd herstart ComboFix-quarantined-files.txt 2011-10-04 08:19 ComboFix2.txt 2011-10-03 11:08 ComboFix3.txt 2011-10-03 10:18 ComboFix4.txt 2011-10-01 18:27 ComboFix5.txt 2011-10-04 07:38 . Pre-Run: 126.200.524.800 bytes beschikbaar Post-Run: 125.837.811.712 bytes beschikbaar . - - End Of File - - 857754A2E639D2FEF61C231B3752ACEB
  18. suske
    zo staat het op mijn bureaublad CFScript.txt. snelkoppeling
  19. suske
    maar als ik dit bestand c:\users\suske\Desktop\CFScript.txt..lnk. opsla in documenten dan verwijder ik de "ink" en dan komt da no ni goe sorrry ???
  20. suske
    hopelijk is het gelukt ComboFix 11-10-02.03 - suske 03/10/2011 12:57:42.13.2 - x86 Microsoft® Windows Vista™ Home Basic 6.0.6002.2.1252.32.1043.18.2686.1607 [GMT 2:00] Gestart vanuit: C:\ComboFix.exe gebruikte Opdracht switches :: c:\users\suske\Desktop\CFScript.txt..lnk AV: AVG Anti-Virus Free Edition 2011 *Disabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0} SP: AVG Anti-Virus Free Edition 2011 *Disabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D} SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . (((((((((((((((((((( Bestanden Gemaakt van 2011-09-03 to 2011-10-03 )))))))))))))))))))))))))))))) . . 2011-10-03 11:05 . 2011-10-03 11:05 -------- d-----w- c:\users\Default\AppData\Local\temp 2011-10-03 11:05 . 2011-10-03 11:05 -------- d-----w- c:\users\suske\AppData\Local\temp 2011-09-20 09:08 . 2011-09-20 09:08 -------- d-----w- c:\users\suske\AppData\Roaming\Malwarebytes 2011-09-20 09:08 . 2011-09-20 09:08 -------- d-----w- c:\programdata\Malwarebytes 2011-09-20 09:08 . 2011-09-20 09:08 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2011-09-20 09:08 . 2011-08-31 15:00 22216 ----a-w- c:\windows\system32\drivers\mbam.sys 2011-09-20 08:03 . 2011-09-20 08:03 388096 ----a-r- c:\users\suske\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe 2011-09-20 08:03 . 2011-09-20 08:03 -------- d-----w- c:\program files\Trend Micro 2011-09-18 09:06 . 2011-09-18 09:06 -------- d-----w- c:\program files\Common Files\AVG Secure Search 2011-09-18 09:06 . 2011-09-18 09:07 -------- d-----w- c:\program files\AVG Secure Search 2011-09-17 12:54 . 2011-09-17 12:54 -------- d-----w- c:\program files\ESET 2011-09-17 12:31 . 2011-09-17 12:33 -------- d--h--w- c:\windows\msdownld.tmp 2011-09-17 10:28 . 2011-08-10 12:14 2409784 ----a-w- c:\program files\Windows Mail\OESpamFilter.dat . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2011-08-26 15:04 . 2011-05-22 03:30 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2011-08-25 11:21 . 2011-08-25 11:21 18328 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll 2011-07-24 09:19 . 2011-07-24 09:19 0 ----a-w- c:\windows\system32\ConduitEngine.tmp 2011-07-22 02:54 . 2011-08-20 07:37 1797632 ----a-w- c:\windows\system32\jscript9.dll 2011-07-22 02:48 . 2011-08-20 07:37 1126912 ----a-w- c:\windows\system32\wininet.dll 2011-07-22 02:44 . 2011-08-20 07:37 2382848 ----a-w- c:\windows\system32\mshtml.tlb 2011-07-12 09:20 . 2011-07-12 09:20 83816 ----a-w- c:\windows\system32\dns-sd.exe 2011-07-12 09:20 . 2011-07-12 09:20 73064 ----a-w- c:\windows\system32\dnssd.dll 2011-07-11 13:25 . 2011-08-25 08:58 2048 ----a-w- c:\windows\system32\tzres.dll 2011-07-06 15:31 . 2011-08-19 06:47 214016 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys 2011-07-05 16:37 . 2011-07-05 16:37 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx 2011-07-05 16:37 . 2011-07-05 16:37 69632 ----a-w- c:\windows\system32\QuickTime.qts . . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}] 2011-09-18 09:06 1451336 ----a-w- c:\program files\AVG Secure Search\8.0.0.34\AVG Secure Search_toolbar.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "{95B7759C-8C7F-4BF1-B163-73684A933233}"= "c:\program files\AVG Secure Search\8.0.0.34\AVG Secure Search_toolbar.dll" [2011-09-18 1451336] . [HKEY_CLASSES_ROOT\clsid\{95b7759c-8c7f-4bf1-b163-73684a933233}] [HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj.1] [HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj] . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IncrediMail"="c:\program files\IncrediMail\bin\IncMail.exe" [2011-09-22 366024] "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Nero\Lib\NMBgMonitor.exe" [2007-08-21 202024] "TomTomHOME.exe"="c:\program files\TomTom HOME 2\TomTomHOMERunner.exe" [2011-04-22 247728] "msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2011-05-13 4283256] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2011-04-20 58656] "RtHDVCpl"="RtHDVCpl.exe" [2007-08-17 4702208] "Skytel"="Skytel.exe" [2007-08-03 1826816] "NBKeyScan"="c:\program files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [2007-08-08 1828136] "GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072] "lxdnmon.exe"="c:\program files\Lexmark 2600 Series\lxdnmon.exe" [2009-08-31 660136] "lxdnamon"="c:\program files\Lexmark 2600 Series\lxdnamon.exe" [2009-08-31 16040] "FaxCenterServer"="c:\program files\Lexmark Fax Solutions\fm3032.exe" [2009-08-31 320168] "NeroFilterCheck"="c:\program files\Common Files\Nero\Lib\NeroCheck.exe" [2007-03-01 153136] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-09-07 37296] "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-03-30 937920] "AVG_TRAY"="c:\program files\AVG\AVG10\avgtray.exe" [2011-09-10 2338656] "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2011-07-05 421888] "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2011-08-18 421736] "fssui"="c:\program files\Windows Live\Family Safety\fsui.exe" [2011-05-13 884584] "vProt"="c:\program files\AVG Secure Search\vprot.exe" [2011-09-18 218440] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "aux"=wdmaud.drv . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher] 2011-09-07 22:58 37296 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor] 2008-10-25 10:44 31072 ----a-w- c:\program files\Microsoft Office\Office12\GrooveMonitor.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] 2007-08-21 13:52 1422632 ----a-w- c:\program files\Common Files\Nero\Lib\NMIndexStoreSvr.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper] 2011-08-18 23:07 421736 ----a-w- c:\program files\iTunes\iTunesHelper.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] 2011-07-05 16:36 421888 ----a-w- c:\program files\QuickTime\QTTask.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl] 2007-08-17 05:27 4702208 ----a-w- c:\windows\RtHDVCpl.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skytel] 2007-08-03 05:22 1826816 ----a-w- c:\windows\SkyTel.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SmpcSys] 2008-02-04 09:13 1038136 ----a-w- c:\program files\Packard Bell\SetUpMyPC\SmpSys.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StartCCC] 2006-11-10 10:35 90112 ----a-w- c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched] 2009-04-20 20:57 148888 ----a-w- c:\program files\Java\jre6\bin\jusched.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPEnh] 2007-03-01 13:24 857648 ----a-w- c:\program files\Synaptics\SynTP\SynTPEnh.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\toolbar_eula_launcher] 2007-02-20 16:20 28672 ----a-w- c:\program files\Packard Bell\GOOGLE_EULA\EULALauncher.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender] 2008-01-21 02:33 1008184 ----a-w- c:\program files\Windows Defender\MSASCui.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WMPNSCFG] 2008-01-21 02:35 202240 ----a-w- c:\program files\Windows Media Player\wmpnscfg.exe . [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring] "DisableMonitoring"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus] "DisableMonitoring"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall] "DisableMonitoring"=dword:00000001 . R0 oxgijw;oxgijw;c:\windows\System32\drivers\xlnk.sys [x] R0 ylygcak;ylygcak;c:\windows\System32\drivers\acaeh.sys [x] R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] R2 gupdate;Google Updateservice (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2011-01-31 136176] R3 FsUsbExDisk;FsUsbExDisk;c:\windows\system32\FsUsbExDisk.SYS [2009-03-31 36608] R3 gupdatem;Google Update-service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [2011-01-31 136176] R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [x] R3 nosGetPlusHelper;getPlus® Helper 3004;c:\windows\System32\svchost.exe [2008-01-21 21504] R3 StkCMini;Syntek AVStream USB2.0 VGA WebCam;c:\windows\system32\Drivers\StkCMini.sys [2007-09-26 1355520] R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504] R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 51040] S0 AVGIDSEH;AVGIDSEH;c:\windows\system32\DRIVERS\AVGIDSEH.Sys [2011-02-22 22992] S1 Avgtdix;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdix.sys [2011-04-04 297168] S2 avgwd;AVG WatchDog;c:\program files\AVG\AVG10\avgwdsvc.exe [2011-02-08 269520] S2 lxbk_device;lxbk_device;c:\windows\system32\lxbkcoms.exe [2008-02-19 537256] S2 lxdn_device;lxdn_device;c:\windows\system32\lxdncoms.exe [2009-08-13 594600] S2 lxdnCATSCustConnectService;lxdnCATSCustConnectService;c:\windows\system32\spool\DRIVERS\W32X86\3\\lxdnserv.exe [2009-08-13 98984] S2 StkSSrv;Syntek AVStream USB2.0 WebCam Service;c:\windows\System32\StkCSrv.exe [2007-09-17 24576] S2 TomTomHOMEService;TomTomHOMEService;c:\program files\TomTom HOME 2\TomTomHOMEService.exe [2011-04-22 92592] S2 vToolbarUpdater;vToolbarUpdater;c:\program files\Common Files\AVG Secure Search\vToolbarUpdater\8.0.1\ToolbarUpdater.exe [2011-09-18 246600] . . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache nosGetPlusHelper REG_MULTI_SZ nosGetPlusHelper . Inhoud van de 'Gedeelde Taken' map . 2011-10-03 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2011-01-31 17:01] . 2011-10-03 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2011-01-31 17:01] . 2011-10-03 c:\windows\Tasks\Uitgebreide garantie-suske.job - c:\program files\Packard Bell\SetupmyPC\PBCarNot.exe [2008-10-14 09:13] . . ------- Bijkomende Scan ------- . uStart Page = hxxp://www.google.be/ uInternet Settings,ProxyOverride = *.local TCP: DhcpNameServer = 195.130.130.1 195.130.131.1 Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files\Common Files\AVG Secure Search\ViProtocolInstaller\8.0.1\ViProtocol.dll . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2011-10-03 13:05 Windows 6.0.6002 Service Pack 2 NTFS . scannen van verborgen processen ... . scannen van verborgen autostart items ... . HKCU\Software\Microsoft\Windows\CurrentVersion\Run msnmsgr = "c:\program files\Windows Live\Messenger\msnmsgr.exe" /background??s . scannen van verborgen bestanden ... . Scan succesvol afgerond verborgen bestanden: 0 . ************************************************************************** . Voltooingstijd: 2011-10-03 13:08:31 ComboFix-quarantined-files.txt 2011-10-03 11:08 ComboFix2.txt 2011-10-03 10:18 ComboFix3.txt 2011-10-01 18:27 ComboFix4.txt 2011-10-01 07:50 ComboFix5.txt 2011-10-03 10:35 . Pre-Run: 129.040.265.216 bytes beschikbaar Post-Run: 129.009.364.992 bytes beschikbaar . - - End Of File - - 0B5D3705CF90695D8D7A876217645B06
  21. suske
    staat nu op de harde schijf "c" moet ik terug een nieuw logje maken ? ---------- Post toegevoegd om 10:57 ---------- Vorige post was om 10:48 ---------- heb het op de c gezet maar in welke map moet ik dit zetten ? in programfiles ? want er staat een lege map in van combofix en als ik dit er in zet dan verwijst hij mij dat deze naam niet overeen komt "combo fix" als ik de naam dan verander in CFScript krijg ik de mededeling dat sommige programmas niet meer zouden werken .
  22. suske
    hallo suske, ComboFix 11-10-01.03 - suske 01/10/2011 19:56:46.10.2 - x86 Microsoft® Windows Vista™ Home Basic 6.0.6002.2.1252.32.1043.18.2686.1627 [GMT 2:00] Gestart vanuit: E:\ComboFix.exe gebruikte Opdracht switches :: E:\CFScript.txt. AV: AVG Anti-Virus Free Edition 2011 *Disabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0} SP: AVG Anti-Virus Free Edition 2011 *Disabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D} SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . (((((((((((((((((((( Bestanden Gemaakt van 2011-09-01 to 2011-10-01 )))))))))))))))))))))))))))))) . . 2011-10-01 18:24 . 2011-10-01 18:24 -------- d-----w- c:\users\suske\AppData\Local\temp 2011-10-01 18:24 . 2011-10-01 18:24 -------- d-----w- c:\users\Default\AppData\Local\temp 2011-09-20 09:08 . 2011-09-20 09:08 -------- d-----w- c:\users\suske\AppData\Roaming\Malwarebytes 2011-09-20 09:08 . 2011-09-20 09:08 -------- d-----w- c:\programdata\Malwarebytes 2011-09-20 09:08 . 2011-09-20 09:08 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2011-09-20 09:08 . 2011-08-31 15:00 22216 ----a-w- c:\windows\system32\drivers\mbam.sys 2011-09-20 08:03 . 2011-09-20 08:03 388096 ----a-r- c:\users\suske\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe 2011-09-20 08:03 . 2011-09-20 08:03 -------- d-----w- c:\program files\Trend Micro 2011-09-18 09:06 . 2011-09-18 09:06 -------- d-----w- c:\program files\Common Files\AVG Secure Search 2011-09-18 09:06 . 2011-09-18 09:07 -------- d-----w- c:\program files\AVG Secure Search 2011-09-17 12:54 . 2011-09-17 12:54 -------- d-----w- c:\program files\ESET 2011-09-17 12:31 . 2011-09-17 12:33 -------- d--h--w- c:\windows\msdownld.tmp 2011-09-17 10:28 . 2011-08-10 12:14 2409784 ----a-w- c:\program files\Windows Mail\OESpamFilter.dat 2011-09-02 07:35 . 2011-09-02 07:35 -------- d-----w- c:\users\suske\Documents steaker . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2011-08-26 15:04 . 2011-05-22 03:30 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2011-08-25 11:21 . 2011-08-25 11:21 18328 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll 2011-07-24 09:19 . 2011-07-24 09:19 0 ----a-w- c:\windows\system32\ConduitEngine.tmp 2011-07-22 02:54 . 2011-08-20 07:37 1797632 ----a-w- c:\windows\system32\jscript9.dll 2011-07-22 02:48 . 2011-08-20 07:37 1126912 ----a-w- c:\windows\system32\wininet.dll 2011-07-22 02:44 . 2011-08-20 07:37 2382848 ----a-w- c:\windows\system32\mshtml.tlb 2011-07-12 09:20 . 2011-07-12 09:20 83816 ----a-w- c:\windows\system32\dns-sd.exe 2011-07-12 09:20 . 2011-07-12 09:20 73064 ----a-w- c:\windows\system32\dnssd.dll 2011-07-11 13:25 . 2011-08-25 08:58 2048 ----a-w- c:\windows\system32\tzres.dll 2011-07-06 15:31 . 2011-08-19 06:47 214016 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys 2011-07-05 16:37 . 2011-07-05 16:37 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx 2011-07-05 16:37 . 2011-07-05 16:37 69632 ----a-w- c:\windows\system32\QuickTime.qts . . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}] 2011-09-18 09:06 1451336 ----a-w- c:\program files\AVG Secure Search\8.0.0.34\AVG Secure Search_toolbar.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "{95B7759C-8C7F-4BF1-B163-73684A933233}"= "c:\program files\AVG Secure Search\8.0.0.34\AVG Secure Search_toolbar.dll" [2011-09-18 1451336] . [HKEY_CLASSES_ROOT\clsid\{95b7759c-8c7f-4bf1-b163-73684a933233}] [HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj.1] [HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj] . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IncrediMail"="c:\program files\IncrediMail\bin\IncMail.exe" [2011-09-22 366024] "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Nero\Lib\NMBgMonitor.exe" [2007-08-21 202024] "TomTomHOME.exe"="c:\program files\TomTom HOME 2\TomTomHOMERunner.exe" [2011-04-22 247728] "msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2011-05-13 4283256] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2011-04-20 58656] "RtHDVCpl"="RtHDVCpl.exe" [2007-08-17 4702208] "Skytel"="Skytel.exe" [2007-08-03 1826816] "NBKeyScan"="c:\program files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [2007-08-08 1828136] "GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072] "lxdnmon.exe"="c:\program files\Lexmark 2600 Series\lxdnmon.exe" [2009-08-31 660136] "lxdnamon"="c:\program files\Lexmark 2600 Series\lxdnamon.exe" [2009-08-31 16040] "FaxCenterServer"="c:\program files\Lexmark Fax Solutions\fm3032.exe" [2009-08-31 320168] "NeroFilterCheck"="c:\program files\Common Files\Nero\Lib\NeroCheck.exe" [2007-03-01 153136] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-09-07 37296] "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-03-30 937920] "AVG_TRAY"="c:\program files\AVG\AVG10\avgtray.exe" [2011-09-10 2338656] "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2011-07-05 421888] "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2011-08-18 421736] "fssui"="c:\program files\Windows Live\Family Safety\fsui.exe" [2011-05-13 884584] "vProt"="c:\program files\AVG Secure Search\vprot.exe" [2011-09-18 218440] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "aux"=wdmaud.drv . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher] 2011-09-07 22:58 37296 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor] 2008-10-25 10:44 31072 ----a-w- c:\program files\Microsoft Office\Office12\GrooveMonitor.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] 2007-08-21 13:52 1422632 ----a-w- c:\program files\Common Files\Nero\Lib\NMIndexStoreSvr.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper] 2011-08-18 23:07 421736 ----a-w- c:\program files\iTunes\iTunesHelper.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] 2011-07-05 16:36 421888 ----a-w- c:\program files\QuickTime\QTTask.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl] 2007-08-17 05:27 4702208 ----a-w- c:\windows\RtHDVCpl.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skytel] 2007-08-03 05:22 1826816 ----a-w- c:\windows\SkyTel.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SmpcSys] 2008-02-04 09:13 1038136 ----a-w- c:\program files\Packard Bell\SetUpMyPC\SmpSys.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StartCCC] 2006-11-10 10:35 90112 ----a-w- c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched] 2009-04-20 20:57 148888 ----a-w- c:\program files\Java\jre6\bin\jusched.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPEnh] 2007-03-01 13:24 857648 ----a-w- c:\program files\Synaptics\SynTP\SynTPEnh.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\toolbar_eula_launcher] 2007-02-20 16:20 28672 ----a-w- c:\program files\Packard Bell\GOOGLE_EULA\EULALauncher.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender] 2008-01-21 02:33 1008184 ----a-w- c:\program files\Windows Defender\MSASCui.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WMPNSCFG] 2008-01-21 02:35 202240 ----a-w- c:\program files\Windows Media Player\wmpnscfg.exe . [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring] "DisableMonitoring"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus] "DisableMonitoring"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall] "DisableMonitoring"=dword:00000001 . R0 oxgijw;oxgijw;c:\windows\System32\drivers\xlnk.sys [x] R0 ylygcak;ylygcak;c:\windows\System32\drivers\acaeh.sys [x] R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] R2 gupdate;Google Updateservice (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2011-01-31 136176] R3 FsUsbExDisk;FsUsbExDisk;c:\windows\system32\FsUsbExDisk.SYS [2009-03-31 36608] R3 gupdatem;Google Update-service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [2011-01-31 136176] R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [x] R3 nosGetPlusHelper;getPlus® Helper 3004;c:\windows\System32\svchost.exe [2008-01-21 21504] R3 StkCMini;Syntek AVStream USB2.0 VGA WebCam;c:\windows\system32\Drivers\StkCMini.sys [2007-09-26 1355520] R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504] R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 51040] S0 AVGIDSEH;AVGIDSEH;c:\windows\system32\DRIVERS\AVGIDSEH.Sys [2011-02-22 22992] S1 Avgtdix;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdix.sys [2011-04-04 297168] S2 avgwd;AVG WatchDog;c:\program files\AVG\AVG10\avgwdsvc.exe [2011-02-08 269520] S2 lxbk_device;lxbk_device;c:\windows\system32\lxbkcoms.exe [2008-02-19 537256] S2 lxdn_device;lxdn_device;c:\windows\system32\lxdncoms.exe [2009-08-13 594600] S2 lxdnCATSCustConnectService;lxdnCATSCustConnectService;c:\windows\system32\spool\DRIVERS\W32X86\3\\lxdnserv.exe [2009-08-13 98984] S2 StkSSrv;Syntek AVStream USB2.0 WebCam Service;c:\windows\System32\StkCSrv.exe [2007-09-17 24576] S2 TomTomHOMEService;TomTomHOMEService;c:\program files\TomTom HOME 2\TomTomHOMEService.exe [2011-04-22 92592] S2 vToolbarUpdater;vToolbarUpdater;c:\program files\Common Files\AVG Secure Search\vToolbarUpdater\8.0.1\ToolbarUpdater.exe [2011-09-18 246600] . . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache nosGetPlusHelper REG_MULTI_SZ nosGetPlusHelper . Inhoud van de 'Gedeelde Taken' map . 2011-10-01 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2011-01-31 17:01] . 2011-10-01 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2011-01-31 17:01] . 2011-10-01 c:\windows\Tasks\Uitgebreide garantie-suske.job - c:\program files\Packard Bell\SetupmyPC\PBCarNot.exe [2008-10-14 09:13] . . ------- Bijkomende Scan ------- . uStart Page = hxxp://www.google.be/ uInternet Settings,ProxyOverride = *.local TCP: DhcpNameServer = 195.130.130.1 195.130.131.1 Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files\Common Files\AVG Secure Search\ViProtocolInstaller\8.0.1\ViProtocol.dll . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2011-10-01 20:24 Windows 6.0.6002 Service Pack 2 NTFS . scannen van verborgen processen ... . scannen van verborgen autostart items ... . HKCU\Software\Microsoft\Windows\CurrentVersion\Run msnmsgr = "c:\program files\Windows Live\Messenger\msnmsgr.exe" /background??s . scannen van verborgen bestanden ... . Scan succesvol afgerond verborgen bestanden: 0 . ************************************************************************** . Voltooingstijd: 2011-10-01 20:27:22 ComboFix-quarantined-files.txt 2011-10-01 18:27 ComboFix2.txt 2011-10-01 07:50 ComboFix3.txt 2011-09-30 15:55 ComboFix4.txt 2011-09-30 15:07 ComboFix5.txt 2011-10-01 17:54 . Pre-Run: 129.559.867.392 bytes beschikbaar Post-Run: 129.526.190.080 bytes beschikbaar . - - End Of File - - CFAC0A2F1A5BB91A7C6C9AE03EC61E1F Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 9:26:41 , on 2/10/2011 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v9.00 (9.00.8112.16421) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\system32\taskeng.exe C:\Windows\RtHDVCpl.exe C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe C:\Program Files\Lexmark 2600 Series\lxdnmon.exe C:\Program Files\AVG\AVG10\avgtray.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Windows Live\Family Safety\fsui.exe C:\Program Files\AVG Secure Search\vprot.exe C:\Program Files\IncrediMail\bin\IncMail.exe C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe C:\Program Files\Lexmark 2600 Series\lxdnMsdMon.exe C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\IncrediMail\Bin\ImApp.exe C:\Program Files\Windows Live\Contacts\wlcomm.exe C:\Windows\System32\mobsync.exe C:\Windows\system32\NOTEPAD.EXE C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Windows\system32\Macromed\Flash\FlashUtil10w_ActiveX.exe C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local O2 - BHO: Lexmark Werkbalk - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG10\avgssie.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\8.0.0.34\AVG Secure Search_toolbar.dll O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O3 - Toolbar: Lexmark Werkbalk - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll O3 - Toolbar: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\8.0.0.34\AVG Secure Search_toolbar.dll O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe O4 - HKLM\..\Run: [skytel] Skytel.exe O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [lxdnmon.exe] "C:\Program Files\Lexmark 2600 Series\lxdnmon.exe" O4 - HKLM\..\Run: [lxdnamon] "C:\Program Files\Lexmark 2600 Series\lxdnamon.exe" O4 - HKLM\..\Run: [FaxCenterServer] "C:\Program Files\Lexmark Fax Solutions\fm3032.exe" /s O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [AVG_TRAY] C:\Program Files\AVG\AVG10\avgtray.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [fssui] "C:\Program Files\Windows Live\Family Safety\fsui.exe" -autorun O4 - HKLM\..\Run: [vProt] "C:\Program Files\AVG Secure Search\vprot.exe" O4 - HKCU\..\Run: [incrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe" O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files\Windows Live\Companion\companioncore.dll O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} (OnlineScanner Control) - http://download.eset.com/special/eos/OnlineScanner.cab O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} - http://wwwimages.adobe.com/www.adobe.com/products/acrobat/nos/gp.cab O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG10\avgpp.dll O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\8.0.1\ViProtocol.dll O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll O23 - Service: Adobe Active File Monitor V6 (AdobeActiveFileMonitor6.0) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: ASLDR Service (ASLDRService) - Unknown owner - C:\Program Files\ATK Hotkey\ASLDRSrv.exe O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG10\avgwdsvc.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: getPlus® Helper - NOS Microsystems Ltd. - C:\Program Files\NOS\bin\getPlus_HelperSvc.exe O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\Windows\System32\LEXBCES.EXE O23 - Service: lxbk_device - - C:\Windows\system32\lxbkcoms.exe O23 - Service: lxdnCATSCustConnectService - Lexmark International, Inc. - C:\Windows\system32\spool\DRIVERS\W32X86\3\\lxdnserv.exe O23 - Service: lxdn_device - - C:\Windows\system32\lxdncoms.exe O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\Windows\system32\IoctlSvc.exe O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe O23 - Service: Syntek AVStream USB2.0 WebCam Service (StkSSrv) - Syntek America Inc. - C:\Windows\System32\StkCSrv.exe O23 - Service: TomTomHOMEService - TomTom - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe O23 - Service: vToolbarUpdater - Unknown owner - C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\8.0.1\ToolbarUpdater.exe -- End of file - 9629 bytes
  23. suske
    goeiemorgen suske , hopelijk is dit het goede ComboFix 11-10-01.03 - suske 01/10/2011 19:56:46.10.2 - x86 Microsoft® Windows Vista™ Home Basic 6.0.6002.2.1252.32.1043.18.2686.1627 [GMT 2:00] Gestart vanuit: E:\ComboFix.exe gebruikte Opdracht switches :: E:\CFScript.txt. AV: AVG Anti-Virus Free Edition 2011 *Disabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0} SP: AVG Anti-Virus Free Edition 2011 *Disabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D} SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . (((((((((((((((((((( Bestanden Gemaakt van 2011-09-01 to 2011-10-01 )))))))))))))))))))))))))))))) . . 2011-10-01 18:24 . 2011-10-01 18:24 -------- d-----w- c:\users\suske\AppData\Local\temp 2011-10-01 18:24 . 2011-10-01 18:24 -------- d-----w- c:\users\Default\AppData\Local\temp 2011-09-20 09:08 . 2011-09-20 09:08 -------- d-----w- c:\users\suske\AppData\Roaming\Malwarebytes 2011-09-20 09:08 . 2011-09-20 09:08 -------- d-----w- c:\programdata\Malwarebytes 2011-09-20 09:08 . 2011-09-20 09:08 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2011-09-20 09:08 . 2011-08-31 15:00 22216 ----a-w- c:\windows\system32\drivers\mbam.sys 2011-09-20 08:03 . 2011-09-20 08:03 388096 ----a-r- c:\users\suske\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe 2011-09-20 08:03 . 2011-09-20 08:03 -------- d-----w- c:\program files\Trend Micro 2011-09-18 09:06 . 2011-09-18 09:06 -------- d-----w- c:\program files\Common Files\AVG Secure Search 2011-09-18 09:06 . 2011-09-18 09:07 -------- d-----w- c:\program files\AVG Secure Search 2011-09-17 12:54 . 2011-09-17 12:54 -------- d-----w- c:\program files\ESET 2011-09-17 12:31 . 2011-09-17 12:33 -------- d--h--w- c:\windows\msdownld.tmp 2011-09-17 10:28 . 2011-08-10 12:14 2409784 ----a-w- c:\program files\Windows Mail\OESpamFilter.dat 2011-09-02 07:35 . 2011-09-02 07:35 -------- d-----w- c:\users\suske\Documents steaker . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2011-08-26 15:04 . 2011-05-22 03:30 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2011-08-25 11:21 . 2011-08-25 11:21 18328 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll 2011-07-24 09:19 . 2011-07-24 09:19 0 ----a-w- c:\windows\system32\ConduitEngine.tmp 2011-07-22 02:54 . 2011-08-20 07:37 1797632 ----a-w- c:\windows\system32\jscript9.dll 2011-07-22 02:48 . 2011-08-20 07:37 1126912 ----a-w- c:\windows\system32\wininet.dll 2011-07-22 02:44 . 2011-08-20 07:37 2382848 ----a-w- c:\windows\system32\mshtml.tlb 2011-07-12 09:20 . 2011-07-12 09:20 83816 ----a-w- c:\windows\system32\dns-sd.exe 2011-07-12 09:20 . 2011-07-12 09:20 73064 ----a-w- c:\windows\system32\dnssd.dll 2011-07-11 13:25 . 2011-08-25 08:58 2048 ----a-w- c:\windows\system32\tzres.dll 2011-07-06 15:31 . 2011-08-19 06:47 214016 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys 2011-07-05 16:37 . 2011-07-05 16:37 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx 2011-07-05 16:37 . 2011-07-05 16:37 69632 ----a-w- c:\windows\system32\QuickTime.qts . . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}] 2011-09-18 09:06 1451336 ----a-w- c:\program files\AVG Secure Search\8.0.0.34\AVG Secure Search_toolbar.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "{95B7759C-8C7F-4BF1-B163-73684A933233}"= "c:\program files\AVG Secure Search\8.0.0.34\AVG Secure Search_toolbar.dll" [2011-09-18 1451336] . [HKEY_CLASSES_ROOT\clsid\{95b7759c-8c7f-4bf1-b163-73684a933233}] [HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj.1] [HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj] . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IncrediMail"="c:\program files\IncrediMail\bin\IncMail.exe" [2011-09-22 366024] "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Nero\Lib\NMBgMonitor.exe" [2007-08-21 202024] "TomTomHOME.exe"="c:\program files\TomTom HOME 2\TomTomHOMERunner.exe" [2011-04-22 247728] "msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2011-05-13 4283256] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2011-04-20 58656] "RtHDVCpl"="RtHDVCpl.exe" [2007-08-17 4702208] "Skytel"="Skytel.exe" [2007-08-03 1826816] "NBKeyScan"="c:\program files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [2007-08-08 1828136] "GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072] "lxdnmon.exe"="c:\program files\Lexmark 2600 Series\lxdnmon.exe" [2009-08-31 660136] "lxdnamon"="c:\program files\Lexmark 2600 Series\lxdnamon.exe" [2009-08-31 16040] "FaxCenterServer"="c:\program files\Lexmark Fax Solutions\fm3032.exe" [2009-08-31 320168] "NeroFilterCheck"="c:\program files\Common Files\Nero\Lib\NeroCheck.exe" [2007-03-01 153136] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-09-07 37296] "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-03-30 937920] "AVG_TRAY"="c:\program files\AVG\AVG10\avgtray.exe" [2011-09-10 2338656] "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2011-07-05 421888] "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2011-08-18 421736] "fssui"="c:\program files\Windows Live\Family Safety\fsui.exe" [2011-05-13 884584] "vProt"="c:\program files\AVG Secure Search\vprot.exe" [2011-09-18 218440] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "aux"=wdmaud.drv . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher] 2011-09-07 22:58 37296 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor] 2008-10-25 10:44 31072 ----a-w- c:\program files\Microsoft Office\Office12\GrooveMonitor.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] 2007-08-21 13:52 1422632 ----a-w- c:\program files\Common Files\Nero\Lib\NMIndexStoreSvr.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper] 2011-08-18 23:07 421736 ----a-w- c:\program files\iTunes\iTunesHelper.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] 2011-07-05 16:36 421888 ----a-w- c:\program files\QuickTime\QTTask.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl] 2007-08-17 05:27 4702208 ----a-w- c:\windows\RtHDVCpl.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skytel] 2007-08-03 05:22 1826816 ----a-w- c:\windows\SkyTel.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SmpcSys] 2008-02-04 09:13 1038136 ----a-w- c:\program files\Packard Bell\SetUpMyPC\SmpSys.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StartCCC] 2006-11-10 10:35 90112 ----a-w- c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched] 2009-04-20 20:57 148888 ----a-w- c:\program files\Java\jre6\bin\jusched.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPEnh] 2007-03-01 13:24 857648 ----a-w- c:\program files\Synaptics\SynTP\SynTPEnh.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\toolbar_eula_launcher] 2007-02-20 16:20 28672 ----a-w- c:\program files\Packard Bell\GOOGLE_EULA\EULALauncher.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender] 2008-01-21 02:33 1008184 ----a-w- c:\program files\Windows Defender\MSASCui.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WMPNSCFG] 2008-01-21 02:35 202240 ----a-w- c:\program files\Windows Media Player\wmpnscfg.exe . [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring] "DisableMonitoring"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus] "DisableMonitoring"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall] "DisableMonitoring"=dword:00000001 . R0 oxgijw;oxgijw;c:\windows\System32\drivers\xlnk.sys [x] R0 ylygcak;ylygcak;c:\windows\System32\drivers\acaeh.sys [x] R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] R2 gupdate;Google Updateservice (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2011-01-31 136176] R3 FsUsbExDisk;FsUsbExDisk;c:\windows\system32\FsUsbExDisk.SYS [2009-03-31 36608] R3 gupdatem;Google Update-service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [2011-01-31 136176] R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [x] R3 nosGetPlusHelper;getPlus® Helper 3004;c:\windows\System32\svchost.exe [2008-01-21 21504] R3 StkCMini;Syntek AVStream USB2.0 VGA WebCam;c:\windows\system32\Drivers\StkCMini.sys [2007-09-26 1355520] R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504] R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 51040] S0 AVGIDSEH;AVGIDSEH;c:\windows\system32\DRIVERS\AVGIDSEH.Sys [2011-02-22 22992] S1 Avgtdix;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdix.sys [2011-04-04 297168] S2 avgwd;AVG WatchDog;c:\program files\AVG\AVG10\avgwdsvc.exe [2011-02-08 269520] S2 lxbk_device;lxbk_device;c:\windows\system32\lxbkcoms.exe [2008-02-19 537256] S2 lxdn_device;lxdn_device;c:\windows\system32\lxdncoms.exe [2009-08-13 594600] S2 lxdnCATSCustConnectService;lxdnCATSCustConnectService;c:\windows\system32\spool\DRIVERS\W32X86\3\\lxdnserv.exe [2009-08-13 98984] S2 StkSSrv;Syntek AVStream USB2.0 WebCam Service;c:\windows\System32\StkCSrv.exe [2007-09-17 24576] S2 TomTomHOMEService;TomTomHOMEService;c:\program files\TomTom HOME 2\TomTomHOMEService.exe [2011-04-22 92592] S2 vToolbarUpdater;vToolbarUpdater;c:\program files\Common Files\AVG Secure Search\vToolbarUpdater\8.0.1\ToolbarUpdater.exe [2011-09-18 246600] . . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache nosGetPlusHelper REG_MULTI_SZ nosGetPlusHelper . Inhoud van de 'Gedeelde Taken' map . 2011-10-01 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2011-01-31 17:01] . 2011-10-01 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2011-01-31 17:01] . 2011-10-01 c:\windows\Tasks\Uitgebreide garantie-suske.job - c:\program files\Packard Bell\SetupmyPC\PBCarNot.exe [2008-10-14 09:13] . . ------- Bijkomende Scan ------- . uStart Page = hxxp://www.google.be/ uInternet Settings,ProxyOverride = *.local TCP: DhcpNameServer = 195.130.130.1 195.130.131.1 Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files\Common Files\AVG Secure Search\ViProtocolInstaller\8.0.1\ViProtocol.dll . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2011-10-01 20:24 Windows 6.0.6002 Service Pack 2 NTFS . scannen van verborgen processen ... . scannen van verborgen autostart items ... . HKCU\Software\Microsoft\Windows\CurrentVersion\Run msnmsgr = "c:\program files\Windows Live\Messenger\msnmsgr.exe" /background??s . scannen van verborgen bestanden ... . Scan succesvol afgerond verborgen bestanden: 0 . ************************************************************************** . Voltooingstijd: 2011-10-01 20:27:22 ComboFix-quarantined-files.txt 2011-10-01 18:27 ComboFix2.txt 2011-10-01 07:50 ComboFix3.txt 2011-09-30 15:55 ComboFix4.txt 2011-09-30 15:07 ComboFix5.txt 2011-10-01 17:54 . Pre-Run: 129.559.867.392 bytes beschikbaar Post-Run: 129.526.190.080 bytes beschikbaar . - - End Of File - - CFAC0A2F1A5BB91A7C6C9AE03EC61E1F hijack Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 9:26:41 , on 2/10/2011 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v9.00 (9.00.8112.16421) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\system32\taskeng.exe C:\Windows\RtHDVCpl.exe C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe C:\Program Files\Lexmark 2600 Series\lxdnmon.exe C:\Program Files\AVG\AVG10\avgtray.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Windows Live\Family Safety\fsui.exe C:\Program Files\AVG Secure Search\vprot.exe C:\Program Files\IncrediMail\bin\IncMail.exe C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe C:\Program Files\Lexmark 2600 Series\lxdnMsdMon.exe C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\IncrediMail\Bin\ImApp.exe C:\Program Files\Windows Live\Contacts\wlcomm.exe C:\Windows\System32\mobsync.exe C:\Windows\system32\NOTEPAD.EXE C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Windows\system32\Macromed\Flash\FlashUtil10w_ActiveX.exe C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local O2 - BHO: Lexmark Werkbalk - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG10\avgssie.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\8.0.0.34\AVG Secure Search_toolbar.dll O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O3 - Toolbar: Lexmark Werkbalk - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll O3 - Toolbar: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\8.0.0.34\AVG Secure Search_toolbar.dll O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe O4 - HKLM\..\Run: [skytel] Skytel.exe O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [lxdnmon.exe] "C:\Program Files\Lexmark 2600 Series\lxdnmon.exe" O4 - HKLM\..\Run: [lxdnamon] "C:\Program Files\Lexmark 2600 Series\lxdnamon.exe" O4 - HKLM\..\Run: [FaxCenterServer] "C:\Program Files\Lexmark Fax Solutions\fm3032.exe" /s O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [AVG_TRAY] C:\Program Files\AVG\AVG10\avgtray.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [fssui] "C:\Program Files\Windows Live\Family Safety\fsui.exe" -autorun O4 - HKLM\..\Run: [vProt] "C:\Program Files\AVG Secure Search\vprot.exe" O4 - HKCU\..\Run: [incrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe" O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files\Windows Live\Companion\companioncore.dll O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} (OnlineScanner Control) - http://download.eset.com/special/eos/OnlineScanner.cab O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} - http://wwwimages.adobe.com/www.adobe.com/products/acrobat/nos/gp.cab O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG10\avgpp.dll O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\8.0.1\ViProtocol.dll O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll O23 - Service: Adobe Active File Monitor V6 (AdobeActiveFileMonitor6.0) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: ASLDR Service (ASLDRService) - Unknown owner - C:\Program Files\ATK Hotkey\ASLDRSrv.exe O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG10\avgwdsvc.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: getPlus® Helper - NOS Microsystems Ltd. - C:\Program Files\NOS\bin\getPlus_HelperSvc.exe O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\Windows\System32\LEXBCES.EXE O23 - Service: lxbk_device - - C:\Windows\system32\lxbkcoms.exe O23 - Service: lxdnCATSCustConnectService - Lexmark International, Inc. - C:\Windows\system32\spool\DRIVERS\W32X86\3\\lxdnserv.exe O23 - Service: lxdn_device - - C:\Windows\system32\lxdncoms.exe O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\Windows\system32\IoctlSvc.exe O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe O23 - Service: Syntek AVStream USB2.0 WebCam Service (StkSSrv) - Syntek America Inc. - C:\Windows\System32\StkCSrv.exe O23 - Service: TomTomHOMEService - TomTom - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe O23 - Service: vToolbarUpdater - Unknown owner - C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\8.0.1\ToolbarUpdater.exe -- End of file - 9629 bytes
  24. suske
    dus als ik het goed heb begrepen het scriptje opslaan op usb (is gebeurt) en moet ik het scriptje vanuit usb dan slepen of ni? pfff ....... toch wel proficiat voor jullie hoor , omdat je met zoveel vragen van "leken" te maken krijgt en jullie je geduld ni verliezen
  25. suske
    momentje suske , wat is c-partitie ? en hoe bedoel je op welke drive ? de combo fix die staat op mijn ucb stick want anders kan ik er niets mee aanvangen ,en omdat ik niets kan downloaden , dus als ik zowel combo als hijack wil activeren is dit met hulp van de usb.
Logo

OVER ONS

PC Helpforum helpt GRATIS computergebruikers sinds juli 2006. Ons team geeft via het forum professioneel antwoord op uw vragen en probeert uw pc problemen zo snel mogelijk op te lossen. Word lid vandaag, plaats je vraag online en het PC Helpforum-team helpt u graag verder!

SITEMAP

×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.