misteragga

ik wilde weten of mij hardware geupdate is me touch path geeft wel eens een foutmelding met het programa werkt niet meer en word dan afgesloten en me num lk Scr lk die gaat ineens uit

hoelang is een windows vista geldig dan een legale versie die je uit de winkel haald?

oke hartelijk dank voor jullie hulp ik zal dit als opgelost door geven

oke kan ik derest van de programa's verwijderen zoals hijackthis en combofix en malawarebytes? ---------- Post toegevoegd om 19:09 ---------- Vorige post was om 19:05 ---------- en als ik mij pc opstart dan vraag mij pc eerst een een bevestiging om de ccleaner door te laten gaan is dat normaal kan ik dat zo laten staan?

ik had nog een vraagje wat voor programa is het beste om al je geschiedenis te verwijdren elke keer als je je afmeld van windows ik had ie privacy keeper in gebruik maar gister heb ik de ccleaner geinstaleerd moet ik die nog instelen of gewoon in zn waarden laten hoe die is geinstaleerd?

dit is de malwarebytes logje Malwarebytes' Anti-Malware 1.41 Database versie: 2947 Windows 6.0.6002 Service Pack 2 13-10-2009 15:31:07 mbam-log-2009-10-13 (15-31-07).txt Scan type: Snelle Scan Objecten gescand: 87122 Verstreken tijd: 2 minute(s), 42 second(s) Geheugenprocessen geïnfecteerd: 0 Geheugenmodulen geïnfecteerd: 0 Registersleutels geïnfecteerd: 0 Registerwaarden geïnfecteerd: 0 Registerdata bestanden geïnfecteerd: 0 Mappen geïnfecteerd: 0 Bestanden geïnfecteerd: 0 Geheugenprocessen geïnfecteerd: (Geen kwaadaardige items gevonden) Geheugenmodulen geïnfecteerd: (Geen kwaadaardige items gevonden) Registersleutels geïnfecteerd: (Geen kwaadaardige items gevonden) Registerwaarden geïnfecteerd: (Geen kwaadaardige items gevonden) Registerdata bestanden geïnfecteerd: (Geen kwaadaardige items gevonden) Mappen geïnfecteerd: (Geen kwaadaardige items gevonden) Bestanden geïnfecteerd: (Geen kwaadaardige items gevonden)

en dit is de combofix log ComboFix 09-10-11.03 - brian 12-10-2009 21:38.1.2 - NTFSx86 Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.31.1043.18.1790.998 [GMT 2:00] Gestart vanuit: c:\users\brian\Desktop\ComboFix.exe SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46} . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\users\brian\AppData\Roaming\inst.exe c:\windows\Installer\f04b8.msi . (((((((((((((((((((( Bestanden Gemaakt van 2009-09-12 to 2009-10-12 )))))))))))))))))))))))))))))) . 2009-10-12 19:44 . 2009-10-12 19:44 -------- d-----w- c:\users\brian\AppData\Local\temp 2009-10-12 19:44 . 2009-10-12 19:44 -------- d-----w- c:\users\Default\AppData\Local\temp 2009-10-12 17:55 . 2009-10-12 17:55 -------- d-----w- c:\users\brian\AppData\Roaming\Malwarebytes 2009-10-12 17:55 . 2009-09-10 12:54 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2009-10-12 17:55 . 2009-10-12 17:55 -------- d-----w- c:\programdata\Malwarebytes 2009-10-12 17:55 . 2009-09-10 12:53 19160 ----a-w- c:\windows\system32\drivers\mbam.sys 2009-10-12 17:41 . 2009-10-12 17:41 -------- d-----w- c:\programdata\F-Secure 2009-10-09 21:39 . 2009-10-09 21:39 -------- d-----w- C:\Nieuwe map 2009-10-09 21:38 . 2009-10-09 21:38 -------- d-----w- c:\program files\Nieuwe map 2009-10-08 19:09 . 2009-10-08 19:09 -------- d-----w- c:\programdata\vsosdk 2009-10-08 17:37 . 2009-10-08 17:37 47360 ----a-w- c:\windows\system32\drivers\pcouffin.sys 2009-10-08 17:37 . 2009-10-08 17:37 47360 ----a-w- c:\users\brian\AppData\Roaming\pcouffin.sys 2009-10-08 17:37 . 2009-10-08 23:36 -------- d-----w- c:\users\brian\AppData\Roaming\Vso 2009-10-08 17:37 . 2007-03-18 19:37 65602 ----a-w- c:\windows\system32\cook3260.dll 2009-10-08 17:37 . 2006-09-29 11:26 176165 ----a-w- c:\windows\system32\drv23260.dll 2009-10-08 17:37 . 2006-09-29 11:25 208935 ----a-w- c:\windows\system32\drv33260.dll 2009-10-08 17:37 . 2006-09-29 11:24 217127 ----a-w- c:\windows\system32\drv43260.dll 2009-10-08 17:37 . 2006-05-20 15:16 1184984 ----a-w- c:\windows\system32\wvc1dmod.dll 2009-10-08 17:37 . 2006-05-11 18:21 626688 ----a-w- c:\windows\system32\vp7vfw.dll 2009-10-08 17:37 . 2002-12-10 01:20 102439 ----a-w- c:\windows\system32\sipr3260.dll 2009-10-08 17:37 . 2009-10-08 17:37 -------- d-----w- c:\program files\VSO 2009-10-07 16:04 . 2009-10-07 16:04 -------- d-----w- c:\windows\BDOSCAN8 2009-10-06 23:32 . 2009-10-06 23:32 -------- d-----w- c:\programdata\XoftSpySE 2009-10-06 14:29 . 2009-10-06 14:29 -------- d-----w- c:\windows\Sun 2009-10-05 19:12 . 2009-10-05 19:12 -------- d-----w- c:\users\brian\AppData\Roaming\Serif 2009-10-04 18:25 . 2009-10-04 18:26 -------- d-----w- c:\users\brian\AppData\Local\Microsoft Games 2009-10-02 21:17 . 2009-10-02 21:17 -------- d-----w- c:\users\brian\AppData\Roaming\dvdcss 2009-10-02 17:42 . 2006-06-20 08:56 225280 ----a-w- c:\windows\system32\rewire.dll 2009-10-02 17:41 . 2009-10-09 21:18 -------- d-----w- c:\program files\Image-Line 2009-10-02 17:41 . 2009-10-02 17:41 -------- d-----w- c:\program files\Outsim 2009-10-02 16:57 . 2009-10-05 21:19 -------- d-----w- c:\program files\Common Files\Program4Pc 2009-10-01 23:11 . 2009-10-01 23:11 -------- d-----w- c:\program files\Microsoft 2009-10-01 23:08 . 2009-10-01 23:08 -------- d-----w- c:\programdata\Office Genuine Advantage 2009-10-01 22:47 . 2009-10-01 22:47 -------- d-----w- c:\users\brian\AppData\Local\Microsoft Help 2009-10-01 22:30 . 2009-10-07 17:01 -------- d-----w- c:\program files\Windows Live Safety Center 2009-10-01 22:23 . 2009-10-08 21:56 -------- d-----w- c:\users\brian\AppData\Roaming\vlc 2009-10-01 22:18 . 2009-10-02 19:46 -------- d-----w- c:\users\brian\AppData\Local\Adobe 2009-10-01 21:56 . 2006-09-18 12:12 843776 ----a-w- c:\windows\vsnpstd3.exe 2009-10-01 21:56 . 2007-03-30 15:43 61440 ----a-w- c:\windows\system32\vsnpstd3.dll 2009-10-01 21:56 . 2007-03-30 09:12 10199296 ----a-w- c:\windows\system32\drivers\snpstd3.sys 2009-10-01 21:56 . 2006-09-18 12:12 843776 ----a-w- c:\windows\system32\vsnpstd3.exe 2009-10-01 21:56 . 2005-11-23 11:55 53248 ----a-w- c:\windows\system32\csnpstd3.dll 2009-10-01 21:56 . 2009-10-01 21:56 -------- d-----w- c:\program files\VGA USB Camera 2009-10-01 21:56 . 2006-12-27 12:33 172032 ----a-w- c:\windows\system32\rsnpstd3.dll 2009-10-01 21:56 . 2006-12-27 12:33 172032 ----a-w- c:\windows\rsnpstd3.dll 2009-10-01 21:56 . 2004-11-29 17:43 458752 ----a-w- c:\windows\amcap.exe 2009-10-01 21:55 . 2009-10-01 21:55 -------- d-----w- c:\users\brian\AppData\Roaming\InstallShield 2009-10-01 21:23 . 2009-10-01 21:23 -------- d-----w- c:\users\brian\AppData\Roaming\UnH Solutions 2009-10-01 21:18 . 2009-10-01 21:19 -------- d-----w- c:\program files\Messenger Plus! Live 2009-10-01 21:11 . 2009-10-01 21:11 -------- d-----w- c:\program files\Microsoft Silverlight 2009-10-01 20:48 . 2009-10-01 22:14 -------- d-----w- C:\Downloads 2009-10-01 20:44 . 2009-10-01 20:45 -------- dcsh--w- c:\program files\Common Files\WindowsLiveInstaller 2009-10-01 20:44 . 2009-10-01 20:46 -------- d-----w- c:\program files\Windows Live 2009-10-01 20:44 . 2009-10-01 20:44 -------- d-----w- c:\programdata\WLInstaller 2009-10-01 20:41 . 2009-10-01 20:41 411368 ----a-w- c:\windows\system32\deploytk.dll 2009-10-01 20:41 . 2009-10-01 20:41 -------- d-----w- c:\program files\Java 2009-10-01 20:35 . 2009-08-07 02:24 44768 ----a-w- c:\windows\system32\wups2.dll 2009-10-01 20:35 . 2009-08-07 02:24 53472 ----a-w- c:\windows\system32\wuauclt.exe 2009-10-01 20:35 . 2009-08-07 02:23 1929952 ----a-w- c:\windows\system32\wuaueng.dll 2009-10-01 20:35 . 2009-08-07 01:45 2421760 ----a-w- c:\windows\system32\wucltux.dll 2009-10-01 20:35 . 2009-08-07 02:24 35552 ----a-w- c:\windows\system32\wups.dll 2009-10-01 20:35 . 2009-08-07 02:23 575704 ----a-w- c:\windows\system32\wuapi.dll 2009-10-01 20:35 . 2009-08-07 01:44 87552 ----a-w- c:\windows\system32\wudriver.dll 2009-10-01 20:35 . 2009-08-06 17:23 171608 ----a-w- c:\windows\system32\wuwebv.dll 2009-10-01 20:35 . 2009-08-06 16:44 33792 ----a-w- c:\windows\system32\wuapp.exe 2009-10-01 20:23 . 2009-10-01 20:23 -------- d-----w- c:\windows\system32\eu-ES 2009-10-01 20:23 . 2009-10-01 20:23 -------- d-----w- c:\windows\system32\ca-ES 2009-10-01 20:23 . 2009-10-01 20:23 -------- d-----w- c:\windows\system32\vi-VN 2009-10-01 20:01 . 2009-10-01 20:01 -------- d-----w- c:\windows\system32\EventProviders 2009-10-01 19:49 . 2009-04-11 06:28 1216000 ----a-w- c:\windows\system32\AuxiliaryDisplayCpl.dll 2009-10-01 19:48 . 2009-04-11 06:28 738816 ----a-w- c:\windows\system32\inetcomm.dll 2009-10-01 19:47 . 2009-04-11 06:28 93696 ----a-w- c:\windows\system32\eappgnui.dll 2009-10-01 19:46 . 2009-04-11 06:28 218624 ----a-w- c:\windows\system32\wdscore.dll 2009-10-01 19:46 . 2009-04-11 06:27 130560 ----a-w- c:\windows\system32\PkgMgr.exe 2009-10-01 19:45 . 2009-04-11 06:28 247808 ----a-w- c:\windows\system32\drvstore.dll 2009-10-01 19:13 . 2009-06-15 14:53 156672 ----a-w- c:\windows\system32\t2embed.dll 2009-10-01 19:13 . 2009-06-15 14:52 23552 ----a-w- c:\windows\system32\lpk.dll 2009-10-01 19:13 . 2009-06-15 14:52 72704 ----a-w- c:\windows\system32\fontsub.dll 2009-10-01 19:13 . 2009-06-15 14:51 10240 ----a-w- c:\windows\system32\dciman32.dll 2009-10-01 19:13 . 2009-06-15 12:42 289792 ----a-w- c:\windows\system32\atmfd.dll 2009-10-01 19:13 . 2009-04-11 06:28 34304 ----a-w- c:\windows\system32\atmlib.dll 2009-10-01 19:09 . 2009-10-01 20:29 -------- d-----w- c:\programdata\NVIDIA 2009-10-01 19:00 . 2009-06-22 10:09 2048 ----a-w- c:\windows\system32\tzres.dll 2009-10-01 18:56 . 2007-11-17 21:22 3636 ----a-w- c:\windows\system32\drivers\nvphy.bin 2009-10-01 18:43 . 2009-03-08 11:32 72704 ----a-w- c:\windows\system32\admparse.dll 2009-10-01 18:39 . 2008-05-27 04:59 18904 ----a-w- c:\windows\system32\StructuredQuerySchemaTrivial.bin 2009-10-01 18:29 . 2009-03-27 22:03 801312 ----a-w- c:\windows\system32\nvcplui.exe 2009-10-01 18:29 . 2009-03-27 22:03 1108512 ----a-w- c:\windows\system32\nvcpluir.dll 2009-10-01 18:14 . 2008-07-27 18:03 41984 ----a-w- c:\windows\system32\netfxperf.dll 2009-10-01 18:13 . 2009-10-01 18:13 -------- d-----w- c:\program files\MSXML 4.0 2009-10-01 18:10 . 2009-08-14 16:27 904776 ----a-w- c:\windows\system32\drivers\tcpip.sys 2009-10-01 18:09 . 2009-08-14 13:49 27136 ----a-w- c:\windows\system32\NETSTAT.EXE 2009-10-01 18:09 . 2009-08-14 13:49 19968 ----a-w- c:\windows\system32\ARP.EXE 2009-10-01 18:09 . 2009-08-14 13:48 30720 ----a-w- c:\windows\system32\drivers\tcpipreg.sys 2009-10-01 18:09 . 2009-08-14 13:48 105984 ----a-w- c:\windows\system32\netiohlp.dll 2009-10-01 18:09 . 2009-08-14 15:53 17920 ----a-w- c:\windows\system32\netevent.dll 2009-10-01 18:09 . 2009-08-14 13:49 9728 ----a-w- c:\windows\system32\TCPSVCS.EXE 2009-10-01 18:09 . 2009-08-14 13:49 17920 ----a-w- c:\windows\system32\ROUTE.EXE 2009-10-01 18:09 . 2009-08-14 13:49 11264 ----a-w- c:\windows\system32\MRINFO.EXE 2009-10-01 18:09 . 2009-08-14 13:49 8704 ----a-w- c:\windows\system32\HOSTNAME.EXE 2009-10-01 18:09 . 2009-08-14 13:49 10240 ----a-w- c:\windows\system32\finger.exe 2009-10-01 18:07 . 2009-07-17 13:54 71680 ----a-w- c:\windows\system32\atl.dll 2009-10-01 18:04 . 2009-04-11 06:28 1696768 ----a-w- c:\windows\system32\gameux.dll 2009-10-01 18:04 . 2009-08-29 00:27 4240384 ----a-w- c:\windows\system32\GameUXLegacyGDFs.dll 2009-10-01 18:04 . 2009-08-29 00:14 28672 ----a-w- c:\windows\system32\Apphlpdm.dll 2009-10-01 17:59 . 2009-04-23 12:15 784896 ----a-w- c:\windows\system32\rpcrt4.dll 2009-10-01 17:35 . 2009-10-01 17:35 -------- d-----w- C:\Netgear 2009-10-01 17:20 . 2009-09-15 10:54 52368 ----a-w- c:\windows\system32\drivers\aswTdi.sys 2009-10-01 17:20 . 2009-09-15 10:54 23152 ----a-w- c:\windows\system32\drivers\aswRdr.sys 2009-10-01 17:20 . 2009-09-15 10:53 97480 ----a-w- c:\windows\system32\AvastSS.scr 2009-10-01 17:20 . 2009-09-15 10:55 114768 ----a-w- c:\windows\system32\drivers\aswSP.sys 2009-10-01 17:20 . 2009-09-15 10:55 20560 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys 2009-10-01 17:20 . 2009-09-15 10:55 53328 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys 2009-10-01 17:20 . 2009-09-15 10:59 1279968 ----a-w- c:\windows\system32\aswBoot.exe 2009-10-01 17:02 . 2009-10-01 17:02 -------- d---a-w- c:\windows\CIR 2009-10-01 16:57 . 2008-01-16 16:35 44544 ----a-w- c:\windows\system32\msxml4a.dll 2009-10-01 16:56 . 2009-10-01 16:56 -------- d-----w- c:\users\brian\AppData\Local\PlayMovie 2009-10-01 16:55 . 2009-10-01 16:55 -------- d-----w- c:\users\brian\AppData\Local\PowerCinema 2009-10-01 16:55 . 2009-10-06 21:58 -------- d-----w- c:\programdata\CyberLink 2009-10-01 16:52 . 2009-10-01 16:57 -------- d-----w- c:\program files\Acer Arcade Deluxe 2009-10-01 16:51 . 2009-10-01 16:51 -------- d-----w- c:\program files\Acer Inc 2009-10-01 16:49 . 2009-10-01 16:49 -------- d-----w- c:\program files\Launch Manager 2009-10-01 16:47 . 2009-10-01 16:47 -------- d-----w- c:\windows\Downloaded Installations 2009-10-01 16:45 . 2008-05-02 06:43 233472 ----a-w- c:\windows\system32\BtwRSupport.dll 2009-10-01 16:45 . 2009-10-01 16:45 -------- d-----w- c:\windows\system32\es-MX . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2009-10-12 19:10 . 2008-01-21 06:47 652386 ----a-w- c:\windows\system32\perfh013.dat 2009-10-12 19:10 . 2008-01-21 06:47 121922 ----a-w- c:\windows\system32\perfc013.dat 2009-10-09 21:18 . 2008-04-07 11:59 -------- d--h--w- c:\program files\InstallShield Installation Information 2009-10-09 21:18 . 2008-04-07 13:07 -------- d-----w- c:\program files\Cyberlink 2009-10-06 19:42 . 2009-10-01 19:50 -------- d-----w- c:\programdata\Spybot - Search & Destroy 2009-10-02 21:57 . 2008-04-07 12:46 -------- d-----w- c:\program files\Common Files\Adobe 2009-10-01 23:08 . 2009-10-01 16:32 71280 ----a-w- c:\users\brian\AppData\Local\GDIPFONTCACHEV1.DAT 2009-10-01 22:51 . 2008-04-07 12:49 -------- d-----w- c:\programdata\Microsoft Help 2009-10-01 22:50 . 2008-04-07 12:51 -------- d-----w- c:\program files\Microsoft Works 2009-10-01 20:23 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Sidebar 2009-10-01 20:23 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Calendar 2009-10-01 20:23 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail 2009-10-01 20:23 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Photo Gallery 2009-10-01 20:23 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Journal 2009-10-01 20:23 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Defender 2009-10-01 20:23 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Collaboration 2009-10-01 18:51 . 2009-10-01 16:32 680 ----a-w- c:\users\brian\AppData\Local\d3d9caps.dat 2009-10-01 17:15 . 2008-04-07 12:11 -------- d-----w- c:\program files\Acer 2009-08-03 13:07 . 2009-08-03 13:07 403816 ----a-w- c:\windows\system32\OGACheckControl.dll 2009-08-03 13:07 . 2009-08-03 13:07 322928 ----a-w- c:\windows\system32\OGAAddin.dll 2009-08-03 13:07 . 2009-08-03 13:07 230768 ----a-w- c:\windows\system32\OGAEXEC.exe 2009-07-21 21:52 . 2009-10-01 18:45 915456 ----a-w- c:\windows\system32\wininet.dll 2009-07-21 21:47 . 2009-10-01 18:45 109056 ----a-w- c:\windows\system32\iesysprep.dll 2009-07-21 21:47 . 2009-10-01 18:45 71680 ----a-w- c:\windows\system32\iesetup.dll 2009-07-21 20:13 . 2009-10-01 18:45 133632 ----a-w- c:\windows\system32\ieUnatt.exe 2009-07-15 12:40 . 2009-10-01 18:08 8147456 ----a-w- c:\windows\system32\wmploc.DLL 2009-07-15 12:39 . 2009-10-01 18:08 313344 ----a-w- c:\windows\system32\wmpdxm.dll 2009-07-15 12:39 . 2009-10-01 18:08 4096 ----a-w- c:\windows\system32\dxmasf.dll 2009-07-15 12:39 . 2009-10-01 18:08 7680 ----a-w- c:\windows\system32\spwmp.dll . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP] @="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}" [HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}] 2008-05-14 15:05 121392 ----a-w- c:\program files\Acer\Empowering Technology\eDataSecurity\x86\PSDProtect.dll [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "MsnMsgr"="c:\program files\Windows Live\Messenger\MsnMsgr.Exe" [2007-10-18 5724184] "IE Privacy Keeper"="d:\program files\IEPrivacyKeeper\IE Privacy Keeper\IEPrivacyKeeper.exe" [2005-12-03 1015808] "ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 125952] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2008-01-21 1008184] "ePower_DMC"="c:\program files\Acer\Empowering Technology\ePower\ePower_DMC.exe" [2008-05-09 397312] "eDataSecurity Loader"="c:\program files\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe" [2008-05-14 526896] "eAudio"="c:\program files\Acer\Empowering Technology\eAudio\eAudio.exe" [2008-05-30 544768] "BkupTray"="c:\program files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe" [2008-04-25 28672] "WarReg_PopUp"="c:\program files\Acer\WR_PopUp\WarReg_PopUp.exe" [2008-01-29 303104] "LManager"="c:\progra~1\LAUNCH~1\QtZgAcer.EXE" [2008-07-16 821768] "ArcadeDeluxeAgent"="c:\program files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe" [2008-05-12 147456] "CLMLServer"="c:\program files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe" [2008-05-12 167936] "PlayMovie"="c:\program files\Acer Arcade Deluxe\PlayMovie\PMVService.exe" [2008-05-12 167936] "avast!"="d:\progra~1\ALWILS~1\ashDisp.exe" [2009-09-15 81000] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-03-27 13687328] "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2009-03-27 92704] "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-10-01 149280] "snpstd3"="c:\windows\vsnpstd3.exe" [2006-09-18 843776] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-10-14 39792] "Malwarebytes Anti-Malware (reboot)"="d:\program files\Nieuwe map\Malwarebytes' Anti-Malware\mbam.exe" [2009-09-10 1312080] "RtHDVCpl"="RtHDVCpl.exe" - c:\windows\RtHDVCpl.exe [2008-05-20 6144000] "Skytel"="Skytel.exe" - c:\windows\SkyTel.exe [2007-11-20 1826816] c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ BTTray.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2008-4-23 727592] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableUIADesktopToggle"= 0 (0x0) [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend] @="Service" [HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc] "VistaSp2"=hex(:af,32,50,cd,d5,42,ca,01 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules] "{6B5AD9BF-91E0-4227-B146-CDCC15A56207}"= UDP:c:\program files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe:BackupSvc.exe "{C965CFC6-84A4-4F54-A71D-EE1122AAFB1A}"= UDP:c:\program files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe:SchedulerSvc.exe "{1B93C2B8-03F2-41F9-9F3B-2484E7C3FD88}"= TCP:c:\program files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe:BackupSvc.exe "{8D2A5454-7499-4136-814F-4B2DEC3146FC}"= TCP:c:\program files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe:SchedulerSvc.exe "{82818C65-230A-4FAC-9B6C-7B8E1DDC43B4}"= UDP:c:\program files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe:AgentSvc.exe "{A0CAEF45-7D24-41E4-A2C0-B95C73FD446A}"= TCP:c:\program files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe:AgentSvc.exe "{352E2D9B-F0CF-4160-BCE7-47AE6CD505AE}"= UDP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote "{8FCD6FBD-6043-433C-B082-4EA54E8F5C40}"= TCP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote "{FA99614E-9079-47FD-B041-FA304F014EC4}"= c:\program files\Cyberlink\PowerDirector\PDR.EXE:CyberLink PowerDirector "{81FF6D6D-F302-4F44-8B68-71A1CE856BED}"= c:\program files\Acer Arcade Deluxe\Acer Arcade Deluxe\Acer Arcade Deluxe.exe:Acer Arcade Deluxe "{8BF17B0B-29B4-4FA0-8CEF-92F3B409CF80}"= c:\program files\Acer Arcade Deluxe\PlayMovie\PlayMovie.exe:Acer Play Movie "{509084E7-FBC0-44E7-821A-ABD95B6F7771}"= c:\program files\Acer Arcade Deluxe\PlayMovie\PMVService.exe:Acer Play Movie Resident Program "{5EADDA89-3920-4226-9ABB-67ACFA2C0213}"= c:\program files\Acer Arcade Deluxe\HomeMedia\HomeMedia.exe:Acer HomeMedia "{E5595CBE-A071-462F-A0FF-BA4AAB761657}"= c:\program files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone) "{EE707D43-B378-4F83-AA8E-D23AA21DDBD4}"= UDP:d:\program files\bitcomet\BitComet.exe:BitComet.exe "{944860A2-55E9-4548-AC44-FAF5CD274EA8}"= TCP:d:\program files\bitcomet\BitComet.exe:BitComet.exe "{9E184F99-31B4-439B-9256-A67AFFAC3F40}"= TCP:18644:bitcomet [HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile\AuthorizedApplications\List] "c:\\Program Files\\Acer\\Empowering Technology\\eDataSecurity\\x86\\eDSfsu.exe"= c:\program files\Acer\Empowering Technology\eDataSecurity\x86\eDSfsu.exe:*:Enabled:eDSfsu "c:\\Program Files\\Acer\\Empowering Technology\\eDataSecurity\\x86\\encryption.exe"= c:\program files\Acer\Empowering Technology\eDataSecurity\x86\encryption.exe:*:Enabled:encryption "c:\\Program Files\\Acer\\Empowering Technology\\eDataSecurity\\x86\\decryption.exe"= c:\program files\Acer\Empowering Technology\eDataSecurity\x86\decryption.exe:*:Enabled:decryption "c:\\Program Files\\Acer\\Empowering Technology\\eDataSecurity\\x86\\eDSMgr.exe"= c:\program files\Acer\Empowering Technology\eDataSecurity\x86\eDSMgr.exe:*:Enabled:eDSMgr "c:\\Program Files\\Acer\\Empowering Technology\\eDataSecurity\\x86\\eDStbmngr.exe"= c:\program files\Acer\Empowering Technology\eDataSecurity\x86\eDStbmngr.exe:*:Enabled:eDStbmngr "c:\\Program Files\\Acer\\Empowering Technology\\eDataSecurity\\x64\\eDSfsu.exe"= c:\program files\Acer\Empowering Technology\eDataSecurity\x64\eDSfsu.exe:*:Enabled:eDSfsu "c:\\Program Files\\Acer\\Empowering Technology\\eDataSecurity\\x64\\encryption.exe"= c:\program files\Acer\Empowering Technology\eDataSecurity\x64\encryption.exe:*:Enabled:encryption "c:\\Program Files\\Acer\\Empowering Technology\\eDataSecurity\\x64\\decryption.exe"= c:\program files\Acer\Empowering Technology\eDataSecurity\x64\decryption.exe:*:Enabled:decryption "c:\\Program Files\\Acer\\Empowering Technology\\eDataSecurity\\x64\\eDSMgr.exe"= c:\program files\Acer\Empowering Technology\eDataSecurity\x64\eDSMgr.exe:*:Enabled:eDSMgr "c:\\Program Files\\Acer\\Empowering Technology\\eDataSecurity\\x64\\eDStbmngr.exe"= c:\program files\Acer\Empowering Technology\eDataSecurity\x64\eDStbmngr.exe:*:Enabled:eDStbmngr R1 aswSP;avast! Self Protection;c:\windows\System32\drivers\aswSP.sys [1-10-2009 19:20 114768] R2 {49DE1C67-83F8-4102-99E0-C16DCC7EEC796};{49DE1C67-83F8-4102-99E0-C16DCC7EEC796};c:\program files\Acer Arcade Deluxe\PlayMovie\000.fcl [1-10-2009 18:55 61424] R2 aswFsBlk;aswFsBlk;c:\windows\System32\drivers\aswFsBlk.sys [1-10-2009 19:20 20560] R2 aswMonFlt;aswMonFlt;c:\windows\System32\drivers\aswMonFlt.sys [1-10-2009 19:20 53328] R2 BUNAgentSvc;NTI Backup Now 5 Agent Service;c:\program files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe [3-3-2008 13:11 16384] R2 CLHNService;CLHNService;c:\program files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe [1-10-2009 18:57 81504] R2 ETService;Empowering Technology Service;c:\program files\Acer\Empowering Technology\Service\ETService.exe [7-4-2008 14:11 24576] R2 NTIBackupSvc;NTI Backup Now 5 Backup Service;c:\program files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [25-4-2008 21:36 45056] R2 NTIPPKernel;NTIPPKernel;c:\program files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\NTIPPKernel.sys [1-10-2009 18:57 122368] R3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\System32\drivers\nvhda32v.sys [23-7-2008 8:24 44064] S2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service;c:\program files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [25-4-2008 21:36 131072] S2 wlidsvc;Windows Live ID Sign-in Assistant;c:\program files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE [30-3-2009 16:28 1533808] S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\System32\drivers\b57nd60x.sys [7-4-2008 23:21 210432] S3 winbondcir;Winbond IR Transceiver;c:\windows\System32\drivers\winbondcir.sys [28-3-2007 7:51 43008] [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}] "c:\windows\System32\rundll32.exe" "c:\windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP . Inhoud van de 'Gedeelde Taken' map 2009-10-12 c:\windows\Tasks\User_Feed_Synchronization-{5702D009-4177-4AD9-83B2-61A4B31D9403}.job - c:\windows\system32\msfeedssync.exe [2009-10-01 20:13] . . ------- Bijkomende Scan ------- . uStart Page = google.nl/ IE: &D&ownload &met BitComet - d:\program files\bitcomet\BitComet.exe/AddLink.htm IE: &D&ownload alle video met BitComet - d:\program files\bitcomet\BitComet.exe/AddVideo.htm IE: &D&ownload alles met BitComet - d:\program files\bitcomet\BitComet.exe/AddAllLink.htm IE: Afbeelding verzenden naar &Bluetooth-apparaat... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000 IE: Pagina verzenden naar &Bluetooth-apparaat... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm . ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2009-10-12 21:44 Windows 6.0.6002 Service Pack 2 NTFS scannen van verborgen processen ... scannen van verborgen autostart items ... scannen van verborgen bestanden ... Scan succesvol afgerond verborgen bestanden: 0 ************************************************************************** [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\{49DE1C67-83F8-4102-99E0-C16DCC7EEC796}] "ImagePath"="\??\c:\program files\Acer Arcade Deluxe\PlayMovie\000.fcl" . Voltooingstijd: 2009-10-12 21:45 ComboFix-quarantined-files.txt 2009-10-12 19:45 Pre-Run: 118.396.051.456 bytes beschikbaar Post-Run: 118.457.638.912 bytes beschikbaar 289 --- E O F --- 2009-10-01 23:11

dit is de nieuwe log Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 21:23:08, on 12-10-2009 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v8.00 (8.00.6001.18813) Boot mode: Normal Running processes: C:\Windows\system32\taskeng.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe C:\Program Files\Acer\Empowering Technology\eAudio\eAudio.exe C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe C:\Windows\RtHDVCpl.exe C:\Program Files\Launch Manager\QtZgAcer.EXE C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe C:\Program Files\Acer Arcade Deluxe\PlayMovie\PMVService.exe D:\Program Files\Alwil SoftwareAvast4\ashDisp.exe C:\Windows\System32\rundll32.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\Windows\vsnpstd3.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe D:\Program Files\IEPrivacyKeeper\IE Privacy Keeper\IEPrivacyKeeper.exe C:\Windows\system32\wbem\unsecapp.exe C:\Windows\ehome\ehtray.exe C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe C:\Windows\ehome\ehmsas.exe C:\Windows\system32\taskmgr.exe C:\Windows\system32\SearchFilterHost.exe D:\Program Files\Nieuwe map\HijackThis.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Windows\system32\SearchProtocolHost.exe C:\Windows\system32\Macromed\Flash\FlashUtil9f.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = iGoogle Redirect R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = google.nl/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Yahoo! UK & Ireland R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = O1 - Hosts: ::1 localhost O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - D:\Program Files\bitcomet\tools\BitCometBHO_1.3.7.16.dll O2 - BHO: ShowBarObj Class - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\ActiveToolBand.dll O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [ePower_DMC] C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe O4 - HKLM\..\Run: [eAudio] "C:\Program Files\Acer\Empowering Technology\eAudio\eAudio.exe" O4 - HKLM\..\Run: [bkupTray] "C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe" O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe O4 - HKLM\..\Run: [skytel] Skytel.exe O4 - HKLM\..\Run: [WarReg_PopUp] C:\Program Files\Acer\WR_PopUp\WarReg_PopUp.exe O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\QtZgAcer.EXE Systemboot O4 - HKLM\..\Run: [ArcadeDeluxeAgent] "C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe" O4 - HKLM\..\Run: [CLMLServer] "C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe" O4 - HKLM\..\Run: [PlayMovie] "C:\Program Files\Acer Arcade Deluxe\PlayMovie\PMVService.exe" O4 - HKLM\..\Run: [avast!] D:\PROGRA~1\ALWILS~1\ashDisp.exe O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [snpstd3] C:\Windows\vsnpstd3.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "D:\Program Files\Nieuwe map\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [iE Privacy Keeper] "D:\Program Files\IEPrivacyKeeper\IE Privacy Keeper\IEPrivacyKeeper.exe" -startup O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE') O4 - Startup: Orion.lnk = C:\Program Files\Convesoft\Orion\Messenger.exe O4 - Global Startup: BTTray.lnk = ? O8 - Extra context menu item: &D&ownload &met BitComet - res://D:\Program Files\bitcomet\BitComet.exe/AddLink.htm O8 - Extra context menu item: &D&ownload alle video met BitComet - res://D:\Program Files\bitcomet\BitComet.exe/AddVideo.htm O8 - Extra context menu item: &D&ownload alles met BitComet - res://D:\Program Files\bitcomet\BitComet.exe/AddAllLink.htm O8 - Extra context menu item: Afbeelding verzenden naar &Bluetooth-apparaat... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Pagina verzenden naar &Bluetooth-apparaat... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O13 - Gopher Prefix: O16 - DPF: {076169AA-8C3D-4CFC-AC23-3ACA88FC21B5} (F-Secure Online Scanner Launcher) - http://download.sp.f-secure.com/ols/f-secure-rtm/resources/fslauncher.cab O16 - DPF: {3860DD98-0549-4D50-AA72-5D17D200EE10} (Windows Live OneCare safety scanner control) - http://cdn.scan.onecare.live.com/resource/download/scanner/nl-be/wlscctrl2.cab O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - D:\Program Files\Alwil SoftwareAvast4\aswUpdSv.exe O23 - Service: avast! Antivirus - ALWIL Software - D:\Program Files\Alwil SoftwareAvast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - D:\Program Files\Alwil SoftwareAvast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - D:\Program Files\Alwil SoftwareAvast4\ashWebSv.exe O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe O23 - Service: NTI Backup Now 5 Agent Service (BUNAgentSvc) - NewTech Infosystems, Inc. - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe O23 - Service: CLHNService - Unknown owner - C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe O23 - Service: eDataSecurity Service - Egis Incorporated - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe O23 - Service: Empowering Technology Service (ETService) - Unknown owner - C:\Program Files\Acer\Empowering Technology\Service\ETService.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exe O23 - Service: NTI Backup Now 5 Backup Service (NTIBackupSvc) - NewTech InfoSystems, Inc. - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe O23 - Service: NTI Backup Now 5 Scheduler Service (NTISchedulerSvc) - Unknown owner - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\Cyberlink\Shared files\RichVideo.exe O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe -- End of file - 9669 bytes

ik kan bepaalde dingen niet verwijderen hoe kan ik dat laten zien?

dit is de hijack log Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 20:09:26, on 12-10-2009 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v8.00 (8.00.6001.18813) Boot mode: Normal Running processes: C:\Windows\system32\taskeng.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe C:\Program Files\Acer\Empowering Technology\eAudio\eAudio.exe C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe C:\Windows\RtHDVCpl.exe C:\Program Files\Launch Manager\QtZgAcer.EXE C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe C:\Windows\system32\wbem\unsecapp.exe C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe C:\Program Files\Acer Arcade Deluxe\PlayMovie\PMVService.exe D:\Program Files\Alwil SoftwareAvast4\ashDisp.exe C:\Windows\System32\rundll32.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\Windows\vsnpstd3.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe D:\Program Files\IEPrivacyKeeper\IE Privacy Keeper\IEPrivacyKeeper.exe C:\Windows\ehome\ehtray.exe C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe C:\Windows\ehome\ehmsas.exe C:\Windows\system32\taskmgr.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Windows\system32\SearchFilterHost.exe C:\Windows\system32\Macromed\Flash\FlashUtil9f.exe D:\Program Files\Nieuwe map\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = iGoogle Redirect R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = google.nl/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Yahoo! UK & Ireland R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O1 - Hosts: ::1 localhost O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file) O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - D:\Program Files\bitcomet\tools\BitCometBHO_1.3.7.16.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: ShowBarObj Class - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\ActiveToolBand.dll O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll O3 - Toolbar: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file) O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [ePower_DMC] C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe O4 - HKLM\..\Run: [eAudio] "C:\Program Files\Acer\Empowering Technology\eAudio\eAudio.exe" O4 - HKLM\..\Run: [bkupTray] "C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe" O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe O4 - HKLM\..\Run: [skytel] Skytel.exe O4 - HKLM\..\Run: [WarReg_PopUp] C:\Program Files\Acer\WR_PopUp\WarReg_PopUp.exe O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\QtZgAcer.EXE Systemboot O4 - HKLM\..\Run: [ArcadeDeluxeAgent] "C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe" O4 - HKLM\..\Run: [CLMLServer] "C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe" O4 - HKLM\..\Run: [PlayMovie] "C:\Program Files\Acer Arcade Deluxe\PlayMovie\PMVService.exe" O4 - HKLM\..\Run: [avast!] D:\PROGRA~1\ALWILS~1\ashDisp.exe O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [snpstd3] C:\Windows\vsnpstd3.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] D:\Program Files\Nieuwe map\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [iE Privacy Keeper] "D:\Program Files\IEPrivacyKeeper\IE Privacy Keeper\IEPrivacyKeeper.exe" -startup O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE') O4 - Startup: Orion.lnk = C:\Program Files\Convesoft\Orion\Messenger.exe O4 - Global Startup: BTTray.lnk = ? O8 - Extra context menu item: &D&ownload &met BitComet - res://D:\Program Files\bitcomet\BitComet.exe/AddLink.htm O8 - Extra context menu item: &D&ownload alle video met BitComet - res://D:\Program Files\bitcomet\BitComet.exe/AddVideo.htm O8 - Extra context menu item: &D&ownload alles met BitComet - res://D:\Program Files\bitcomet\BitComet.exe/AddAllLink.htm O8 - Extra context menu item: Afbeelding verzenden naar &Bluetooth-apparaat... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Pagina verzenden naar &Bluetooth-apparaat... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe (file missing) O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe (file missing) O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://D:\Program Files\bitcomet\tools\BitCometBHO_1.3.7.16.dll/206 (file missing) O13 - Gopher Prefix: O16 - DPF: {076169AA-8C3D-4CFC-AC23-3ACA88FC21B5} (F-Secure Online Scanner Launcher) - http://download.sp.f-secure.com/ols/f-secure-rtm/resources/fslauncher.cab O16 - DPF: {3860DD98-0549-4D50-AA72-5D17D200EE10} (Windows Live OneCare safety scanner control) - http://cdn.scan.onecare.live.com/resource/download/scanner/nl-be/wlscctrl2.cab O20 - Winlogon Notify: AWinNotifyVitaKey MC3000 - C:\Windows\ O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - D:\Program Files\Alwil SoftwareAvast4\aswUpdSv.exe O23 - Service: avast! Antivirus - ALWIL Software - D:\Program Files\Alwil SoftwareAvast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - D:\Program Files\Alwil SoftwareAvast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - D:\Program Files\Alwil SoftwareAvast4\ashWebSv.exe O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe O23 - Service: NTI Backup Now 5 Agent Service (BUNAgentSvc) - NewTech Infosystems, Inc. - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe O23 - Service: CLHNService - Unknown owner - C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe O23 - Service: eDataSecurity Service - Egis Incorporated - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe O23 - Service: Empowering Technology Service (ETService) - Unknown owner - C:\Program Files\Acer\Empowering Technology\Service\ETService.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exe O23 - Service: NTI Backup Now 5 Backup Service (NTIBackupSvc) - NewTech InfoSystems, Inc. - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe O23 - Service: NTI Backup Now 5 Scheduler Service (NTISchedulerSvc) - Unknown owner - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\Cyberlink\Shared files\RichVideo.exe O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe -- End of file - 10404 bytes

ik wilde nog een na laten kijken of ik virusen of dergelijk in me systeem heb zitten

oke dan ga ik dat nu evetjes doen en deze forum laten sluiten 1000 maal dank

oke maar ik heb wel alles gedaan wat er werd gezegt ik vind wel resultaten het sneler reageren en dergelijke alles wat niet goed was is verwijderd registersleutels enz maar ik had nog wel een vraagje ik heb een nog een laatste pc die na gekeken moet woorde met de hijack log enz maar moet ik daar weer een nieuwe forum voor openen of kan ik dat gewoon hier doen?

hmm ik merk wel wat verschil maar ik weet niet of mij laptop opnieuw opstart kon het niet gezien woorde in de logjes waarom de laptop niet opnieuw opstart? of zal ik het proberen om te kijken of die nu wel opnieuw opstart? ---------- Post toegevoegd om 18:07 ---------- Vorige post was om 18:05 ---------- mij cpu gedraagt zich ook raar als ik explorer opstart dan gaat de cpu in een keer omhoog en omlaag ik weet dat explorer veel proces vermogen vraagt maar ik weet ook weer niet of het te veel is wat die nu neemt

dit isComboFix 09-10-11.03 - missbollywood 12-10-2009 14:15.1.2 - NTFSx86 Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.31.1043.18.2814.1833 [GMT 2:00] Gestart vanuit: c:\users\missbollywood\Desktop\ComboFix.exe SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46} . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\windows\Installer\1a03ab.msi c:\windows\Suyin.reg F:\Autorun.inf . (((((((((((((((((((( Bestanden Gemaakt van 2009-09-12 to 2009-10-12 )))))))))))))))))))))))))))))) . 2009-10-12 12:23 . 2009-10-12 12:23 -------- d-----w- c:\users\missbollywood\AppData\Local\temp 2009-10-12 12:23 . 2009-10-12 12:23 -------- d-----w- c:\users\Default\AppData\Local\temp 2009-10-11 20:46 . 2009-10-11 20:46 -------- d-----w- c:\programdata\Messenger Plus! 2009-10-11 18:44 . 2009-10-11 18:44 -------- d-----w- c:\users\missbollywood\AppData\Roaming\Malwarebytes 2009-10-11 18:44 . 2009-09-10 12:54 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2009-10-11 18:44 . 2009-10-11 18:44 -------- d-----w- c:\programdata\Malwarebytes 2009-10-11 18:44 . 2009-09-10 12:53 19160 ----a-w- c:\windows\system32\drivers\mbam.sys 2009-10-06 20:10 . 2009-10-11 20:32 -------- d-----w- c:\programdata\Spybot - Search & Destroy 2009-10-02 23:28 . 2009-10-02 23:28 -------- d-----w- c:\program files\Microsoft CAPICOM 2.1.0.2 2009-10-01 19:13 . 2009-10-01 19:13 -------- d-----w- c:\users\missbollywood\AppData\Local\Scansoft 2009-10-01 15:09 . 2009-10-01 15:10 -------- d-----w- c:\users\missbollywood\AppData\Roaming\Canon 2009-10-01 15:09 . 2009-10-01 15:09 -------- d-----w- c:\programdata\CanonIJPLM 2009-10-01 14:57 . 2009-10-01 14:57 -------- d-----w- c:\programdata\InstallShield 2009-10-01 14:57 . 2009-10-01 14:57 -------- d-----w- c:\users\missbollywood\AppData\Roaming\ScanSoft 2009-10-01 14:57 . 2009-10-01 14:57 -------- d-----w- c:\programdata\ScanSoft 2009-10-01 14:57 . 2009-10-01 14:57 -------- d-----w- c:\program files\Common Files\ScanSoft Shared 2009-10-01 14:56 . 2009-10-01 14:56 -------- d-----w- c:\program files\ScanSoft 2009-10-01 14:54 . 2009-10-01 14:54 -------- d-----w- c:\program files\Common Files\CANON 2009-10-01 14:51 . 2009-10-01 14:51 -------- d--h--w- c:\programdata\CanonBJ 2009-10-01 14:51 . 2009-10-01 14:51 -------- d--h--w- c:\windows\system32\CanonIJ Uninstaller Information 2009-10-01 14:49 . 2007-03-18 20:00 215040 ----a-w- c:\windows\system32\CNMLM8S.DLL 2009-10-01 14:49 . 2007-03-23 07:30 1400832 ----a-w- c:\windows\system32\CNC210C.DLL 2009-10-01 14:49 . 2007-03-23 07:29 98304 ----a-w- c:\windows\system32\CNC210I.DLL 2009-10-01 14:49 . 2007-03-19 01:16 200704 ----a-w- c:\windows\system32\CNC210L.DLL 2009-10-01 14:49 . 2007-03-15 05:12 188416 ----a-w- c:\windows\system32\CNC210O.DLL 2009-10-01 14:49 . 2009-10-01 14:49 -------- d--h--w- c:\program files\CanonBJ 2009-10-01 14:48 . 2009-10-01 15:09 -------- d-----w- c:\program files\Canon 2009-09-30 00:04 . 2009-09-30 00:04 -------- d-----w- c:\users\missbollywood\AppData\Local\CyberLink 2009-09-30 00:04 . 2009-09-30 00:05 -------- d-----w- c:\users\missbollywood\AppData\Local\SoftDMA 2009-09-30 00:04 . 2009-09-30 00:04 -------- d-----w- c:\users\missbollywood\AppData\Local\Acer Arcade Deluxe 2009-09-30 00:04 . 2009-09-30 00:04 -------- d-----w- c:\users\missbollywood\AppData\Roaming\CyberLink 2009-09-29 15:51 . 2009-09-29 15:51 -------- d-----w- c:\program files\Microsoft 2009-09-27 22:21 . 2009-09-27 22:21 -------- d-----w- c:\windows\system32\eu-ES 2009-09-27 22:21 . 2009-09-27 22:21 -------- d-----w- c:\windows\system32\ca-ES 2009-09-27 22:21 . 2009-09-27 22:21 -------- d-----w- c:\windows\system32\vi-VN 2009-09-27 22:09 . 2009-09-27 22:09 -------- d-----w- c:\users\missbollywood\AppData\Roaming\eSobi 2009-09-27 19:02 . 2009-09-27 19:02 -------- d-----w- c:\windows\system32\EventProviders 2009-09-27 19:01 . 2009-10-06 16:37 -------- d-----w- c:\users\missbollywood\AppData\Roaming\vlc 2009-09-24 20:08 . 2009-04-11 06:32 3601896 ----a-w- c:\windows\system32\ntkrnlpa.exe 2009-09-24 20:07 . 2009-04-11 06:28 223744 ----a-w- c:\windows\system32\wscntfy.dll 2009-09-24 20:06 . 2009-04-11 06:28 247808 ----a-w- c:\windows\system32\drvstore.dll 2009-09-23 18:55 . 2009-09-23 18:55 -------- d-----w- c:\windows\Sun 2009-09-23 18:19 . 2009-09-23 18:19 -------- d-----w- c:\programdata\Office Genuine Advantage 2009-09-22 22:48 . 2009-09-22 22:48 -------- d-----w- c:\program files\Windows Live Safety Center 2009-09-22 22:46 . 2009-09-22 22:46 -------- d-----w- c:\program files\Microsoft Silverlight 2009-09-22 22:42 . 2009-09-22 22:42 -------- d-----w- c:\users\missbollywood\AppData\Local\Microsoft Help 2009-09-22 22:29 . 2009-09-22 22:29 411368 ----a-w- c:\windows\system32\deploytk.dll 2009-09-22 22:29 . 2009-09-22 22:29 -------- d-----w- c:\program files\Java 2009-09-22 22:23 . 2009-09-22 22:24 -------- d-----w- c:\program files\Windows Live 2009-09-22 22:21 . 2009-09-22 22:21 -------- d-----w- c:\users\missbollywood\AppData\Roaming\UnH Solutions 2009-09-22 22:19 . 2009-10-09 23:22 -------- d-----w- c:\users\missbollywood\AppData\Local\Adobe 2009-09-22 22:10 . 2009-09-22 22:11 -------- dcsh--w- c:\program files\Common Files\WindowsLiveInstaller 2009-09-22 22:10 . 2009-10-11 20:37 -------- d-----w- c:\programdata\WLInstaller 2009-09-22 21:05 . 2009-06-22 10:09 2048 ----a-w- c:\windows\system32\tzres.dll 2009-09-22 20:35 . 2008-05-27 04:59 18904 ----a-w- c:\windows\system32\StructuredQuerySchemaTrivial.bin 2009-09-22 20:09 . 2008-07-27 18:03 41984 ----a-w- c:\windows\system32\netfxperf.dll 2009-09-22 20:07 . 2009-09-22 20:07 -------- d-----w- c:\program files\MSXML 4.0 2009-09-22 20:07 . 2009-08-14 16:27 904776 ----a-w- c:\windows\system32\drivers\tcpip.sys 2009-09-22 20:07 . 2009-08-14 13:48 30720 ----a-w- c:\windows\system32\drivers\tcpipreg.sys 2009-09-22 20:07 . 2009-08-14 13:48 105984 ----a-w- c:\windows\system32\netiohlp.dll 2009-09-22 20:07 . 2009-08-14 13:49 9728 ----a-w- c:\windows\system32\TCPSVCS.EXE 2009-09-22 20:07 . 2009-08-14 13:49 17920 ----a-w- c:\windows\system32\ROUTE.EXE 2009-09-22 20:07 . 2009-08-14 13:49 11264 ----a-w- c:\windows\system32\MRINFO.EXE 2009-09-22 20:07 . 2009-08-14 13:49 27136 ----a-w- c:\windows\system32\NETSTAT.EXE 2009-09-22 20:07 . 2009-08-14 13:49 8704 ----a-w- c:\windows\system32\HOSTNAME.EXE 2009-09-22 20:07 . 2009-08-14 13:49 19968 ----a-w- c:\windows\system32\ARP.EXE 2009-09-22 20:07 . 2009-08-14 13:49 10240 ----a-w- c:\windows\system32\finger.exe 2009-09-22 20:06 . 2009-08-14 15:53 17920 ----a-w- c:\windows\system32\netevent.dll 2009-09-22 20:03 . 2009-06-15 14:52 1259008 ----a-w- c:\windows\system32\lsasrv.dll 2009-09-22 20:03 . 2009-06-15 14:54 175104 ----a-w- c:\windows\system32\wdigest.dll 2009-09-22 20:03 . 2009-06-15 14:53 218624 ----a-w- c:\windows\system32\msv1_0.dll 2009-09-22 20:03 . 2009-06-15 14:52 499712 ----a-w- c:\windows\system32\kerberos.dll 2009-09-22 20:03 . 2009-06-15 23:15 439864 ----a-w- c:\windows\system32\drivers\ksecdd.sys 2009-09-22 20:03 . 2009-06-15 14:53 72704 ----a-w- c:\windows\system32\secur32.dll 2009-09-22 20:03 . 2009-06-15 14:53 270848 ----a-w- c:\windows\system32\schannel.dll 2009-09-22 20:03 . 2009-06-15 12:48 9728 ----a-w- c:\windows\system32\lsass.exe 2009-09-22 20:01 . 2009-07-11 19:01 513536 ----a-w- c:\windows\system32\wlansvc.dll 2009-09-22 20:01 . 2009-07-11 19:01 293376 ----a-w- c:\windows\system32\wlanmsm.dll 2009-09-22 20:01 . 2009-04-11 06:28 68096 ----a-w- c:\windows\system32\wlanhlp.dll 2009-09-22 20:01 . 2009-07-11 19:01 302592 ----a-w- c:\windows\system32\wlansec.dll 2009-09-22 20:01 . 2009-07-11 19:01 65024 ----a-w- c:\windows\system32\wlanapi.dll 2009-09-22 20:01 . 2009-07-11 17:03 127488 ----a-w- c:\windows\system32\L2SecHC.dll 2009-09-22 20:01 . 2009-06-15 12:42 289792 ----a-w- c:\windows\system32\atmfd.dll 2009-09-22 20:01 . 2009-06-15 14:53 156672 ----a-w- c:\windows\system32\t2embed.dll 2009-09-22 20:01 . 2009-06-15 14:52 23552 ----a-w- c:\windows\system32\lpk.dll 2009-09-22 20:01 . 2009-06-15 14:52 72704 ----a-w- c:\windows\system32\fontsub.dll 2009-09-22 20:01 . 2009-06-15 14:51 10240 ----a-w- c:\windows\system32\dciman32.dll 2009-09-22 20:01 . 2009-04-11 06:28 34304 ----a-w- c:\windows\system32\atmlib.dll 2009-09-22 20:01 . 2009-04-23 12:14 623616 ----a-w- c:\windows\system32\localspl.dll 2009-09-22 20:00 . 2009-06-10 11:42 160256 ----a-w- c:\windows\system32\wkssvc.dll 2009-09-22 20:00 . 2009-04-21 11:39 2034688 ----a-w- c:\windows\system32\win32k.sys 2009-09-22 20:00 . 2009-06-10 11:38 91136 ----a-w- c:\windows\system32\avifil32.dll 2009-09-22 20:00 . 2009-07-17 13:54 71680 ----a-w- c:\windows\system32\atl.dll 2009-09-22 20:00 . 2009-04-11 06:28 1696768 ----a-w- c:\windows\system32\gameux.dll 2009-09-22 20:00 . 2009-08-29 00:14 28672 ----a-w- c:\windows\system32\Apphlpdm.dll 2009-09-22 20:00 . 2009-08-29 00:27 4240384 ----a-w- c:\windows\system32\GameUXLegacyGDFs.dll 2009-09-22 19:51 . 2009-04-23 12:15 784896 ----a-w- c:\windows\system32\rpcrt4.dll 2009-09-22 19:46 . 2008-10-16 21:09 51224 ----a-w- c:\windows\system32\wuauclt.exe 2009-09-22 19:46 . 2008-10-16 21:09 43544 ----a-w- c:\windows\system32\wups2.dll 2009-09-22 19:46 . 2008-10-16 21:13 1809944 ----a-w- c:\windows\system32\wuaueng.dll 2009-09-22 19:46 . 2008-10-16 20:56 1524736 ----a-w- c:\windows\system32\wucltux.dll 2009-09-22 19:45 . 2008-10-16 21:08 34328 ----a-w- c:\windows\system32\wups.dll 2009-09-22 19:45 . 2008-10-16 21:12 561688 ----a-w- c:\windows\system32\wuapi.dll 2009-09-22 19:45 . 2008-10-16 20:55 83456 ----a-w- c:\windows\system32\wudriver.dll 2009-09-22 19:45 . 2008-10-16 12:08 162064 ----a-w- c:\windows\system32\wuwebv.dll 2009-09-22 19:45 . 2008-10-16 11:56 31232 ----a-w- c:\windows\system32\wuapp.exe 2009-09-22 19:28 . 2009-09-15 10:54 52368 ----a-w- c:\windows\system32\drivers\aswTdi.sys 2009-09-22 19:28 . 2009-09-15 10:54 23152 ----a-w- c:\windows\system32\drivers\aswRdr.sys 2009-09-22 19:28 . 2009-09-15 10:55 114768 ----a-w- c:\windows\system32\drivers\aswSP.sys 2009-09-22 19:28 . 2009-09-15 10:55 20560 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys 2009-09-22 19:28 . 2009-09-15 10:53 97480 ----a-w- c:\windows\system32\AvastSS.scr 2009-09-22 19:28 . 2009-09-15 10:55 53328 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys 2009-09-22 19:28 . 2009-09-15 10:59 1279968 ----a-w- c:\windows\system32\aswBoot.exe 2009-09-22 18:35 . 2009-09-22 18:35 -------- d-----w- c:\program files\Winbond Electronics Corporation 2009-09-22 18:35 . 2009-09-22 18:35 -------- d---a-w- c:\windows\CIR 2009-09-22 18:35 . 2009-09-29 21:53 -------- d-----w- c:\programdata\NVIDIA 2009-09-22 17:59 . 2008-01-16 16:35 44544 ----a-w- c:\windows\system32\msxml4a.dll 2009-09-22 17:58 . 2009-09-30 16:19 -------- d-----w- c:\users\missbollywood\AppData\Local\PlayMovie 2009-09-22 17:57 . 2009-10-03 18:40 -------- d-----w- c:\users\missbollywood\AppData\Local\PowerCinema 2009-09-22 17:57 . 2009-09-24 00:34 -------- d-----w- c:\programdata\CyberLink 2009-09-22 17:54 . 2009-09-22 18:00 -------- d-----w- c:\program files\Acer Arcade Deluxe 2009-09-22 17:52 . 2009-09-22 17:52 -------- d-----w- c:\program files\Acer Inc 2009-09-22 17:50 . 2009-09-22 17:50 -------- d-----w- c:\program files\Launch Manager 2009-09-22 17:49 . 2008-06-30 15:56 200704 ----a-w- c:\windows\PLFSetI.exe 2009-09-22 17:49 . 2008-05-20 07:57 262144 ----a-w- c:\windows\Acer Crystal Eye webcam.EXE . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2009-10-11 20:13 . 2009-09-29 21:53 28599 ----a-w- c:\programdata\nvModes.dat 2009-10-09 23:21 . 2008-01-21 06:47 667352 ----a-w- c:\windows\system32\perfh013.dat 2009-10-09 23:21 . 2008-01-21 06:47 126854 ----a-w- c:\windows\system32\perfc013.dat 2009-10-06 20:06 . 2009-09-22 17:32 1356 ----a-w- c:\users\missbollywood\AppData\Local\d3d9caps.dat 2009-10-01 14:57 . 2008-04-07 12:00 -------- d-----w- c:\program files\Common Files\InstallShield 2009-09-27 22:21 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Sidebar 2009-09-27 22:21 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Calendar 2009-09-27 22:21 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail 2009-09-27 22:21 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Photo Gallery 2009-09-27 22:21 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Journal 2009-09-27 22:21 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Collaboration 2009-09-27 22:21 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Defender 2009-09-22 22:57 . 2009-09-22 17:32 71280 ----a-w- c:\users\missbollywood\AppData\Local\GDIPFONTCACHEV1.DAT 2009-09-22 22:46 . 2008-04-07 12:49 -------- d-----w- c:\programdata\Microsoft Help 2009-09-22 22:45 . 2008-04-07 12:51 -------- d-----w- c:\program files\Microsoft Works 2009-09-22 18:00 . 2008-04-07 11:59 -------- d--h--w- c:\program files\InstallShield Installation Information 2009-09-22 17:32 . 2008-04-07 12:11 -------- d-----w- c:\program files\Acer 2009-09-22 16:44 . 2009-09-22 16:44 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_SynTP_01000.Wdf 2009-09-05 12:25 . 2009-09-05 12:25 1183744 ----a-w- c:\windows\system32\drivers\athr.sys 2009-08-03 13:07 . 2009-08-03 13:07 403816 ----a-w- c:\windows\system32\OGACheckControl.dll 2009-08-03 13:07 . 2009-08-03 13:07 322928 ----a-w- c:\windows\system32\OGAAddin.dll 2009-08-03 13:07 . 2009-08-03 13:07 230768 ----a-w- c:\windows\system32\OGAEXEC.exe 2009-07-21 21:52 . 2009-09-22 20:44 915456 ----a-w- c:\windows\system32\wininet.dll 2009-07-21 21:47 . 2009-09-22 20:44 109056 ----a-w- c:\windows\system32\iesysprep.dll 2009-07-21 21:47 . 2009-09-22 20:44 71680 ----a-w- c:\windows\system32\iesetup.dll 2009-07-21 20:13 . 2009-09-22 20:44 133632 ----a-w- c:\windows\system32\ieUnatt.exe 2009-07-15 12:40 . 2009-09-22 20:02 8147456 ----a-w- c:\windows\system32\wmploc.DLL 2009-07-15 12:39 . 2009-09-22 20:02 313344 ----a-w- c:\windows\system32\wmpdxm.dll 2009-07-15 12:39 . 2009-09-22 20:02 4096 ----a-w- c:\windows\system32\dxmasf.dll 2009-07-15 12:39 . 2009-09-22 20:02 7680 ----a-w- c:\windows\system32\spwmp.dll . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP] @="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}" [HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}] 2008-05-14 15:05 121392 ----a-w- c:\program files\Acer\Empowering Technology\eDataSecurity\x86\PSDProtect.dll [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IE Privacy Keeper"="d:\program files\UnH SolutionsIE Privacy Keeper\IE Privacy Keeper\IEPrivacyKeeper.exe" [2005-12-03 1015808] "MsnMsgr"="c:\program files\Windows Live\Messenger\MsnMsgr.Exe" [2007-10-18 5724184] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2008-01-21 1008184] "ePower_DMC"="c:\program files\Acer\Empowering Technology\ePower\ePower_DMC.exe" [2008-05-09 397312] "eDataSecurity Loader"="c:\program files\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe" [2008-05-14 526896] "eAudio"="c:\program files\Acer\Empowering Technology\eAudio\eAudio.exe" [2008-05-30 544768] "BkupTray"="c:\program files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe" [2008-04-25 28672] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-03-08 40048] "WarReg_PopUp"="c:\program files\Acer\WR_PopUp\WarReg_PopUp.exe" [2008-01-29 303104] "PLFSetI"="c:\windows\PLFSetI.exe" [2008-06-30 200704] "LManager"="c:\progra~1\LAUNCH~1\QtZgAcer.EXE" [2008-07-16 821768] "ArcadeDeluxeAgent"="c:\program files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe" [2008-05-12 147456] "CLMLServer"="c:\program files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe" [2008-05-12 167936] "PlayMovie"="c:\program files\Acer Arcade Deluxe\PlayMovie\PMVService.exe" [2008-05-12 167936] "avast!"="d:\progra~1\ALWILS~1\ashDisp.exe" [2009-09-15 81000] "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-09-22 149280] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-12-17 13552160] "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-12-17 92704] "CanonSolutionMenu"="c:\program files\Canon\SolutionMenu\CNSLMAIN.exe" [2007-05-14 644696] "CanonMyPrinter"="c:\program files\Canon\MyPrinter\BJMyPrt.exe" [2007-04-03 1603152] "SSBkgdUpdate"="c:\program files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2006-10-25 210472] "OpwareSE4"="c:\program files\ScanSoft\priter\OpwareSE4.exe" [2007-02-04 79400] "RtHDVCpl"="RtHDVCpl.exe" - c:\windows\RtHDVCpl.exe [2008-05-20 6144000] "Skytel"="Skytel.exe" - c:\windows\SkyTel.exe [2007-11-20 1826816] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableUIADesktopToggle"= 0 (0x0) [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "aux"=wdmaud.drv [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend] @="Service" [HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc] "VistaSp2"=hex(:79,93,5f,39,6a,40,ca,01 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules] "{6B5AD9BF-91E0-4227-B146-CDCC15A56207}"= UDP:c:\program files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe:BackupSvc.exe "{C965CFC6-84A4-4F54-A71D-EE1122AAFB1A}"= UDP:c:\program files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe:SchedulerSvc.exe "{1B93C2B8-03F2-41F9-9F3B-2484E7C3FD88}"= TCP:c:\program files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe:BackupSvc.exe "{8D2A5454-7499-4136-814F-4B2DEC3146FC}"= TCP:c:\program files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe:SchedulerSvc.exe "{82818C65-230A-4FAC-9B6C-7B8E1DDC43B4}"= UDP:c:\program files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe:AgentSvc.exe "{A0CAEF45-7D24-41E4-A2C0-B95C73FD446A}"= TCP:c:\program files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe:AgentSvc.exe "{352E2D9B-F0CF-4160-BCE7-47AE6CD505AE}"= UDP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote "{8FCD6FBD-6043-433C-B082-4EA54E8F5C40}"= TCP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote "{FA99614E-9079-47FD-B041-FA304F014EC4}"= c:\program files\Cyberlink\PowerDirector\PDR.EXE:CyberLink PowerDirector "{A99E79CF-0F9E-4403-B258-D4FE7DE47D49}"= c:\program files\Acer Arcade Deluxe\Acer Arcade Deluxe\Acer Arcade Deluxe.exe:Acer Arcade Deluxe "{E1782699-DEEA-4682-9031-7D57D62123EE}"= c:\program files\Acer Arcade Deluxe\PlayMovie\PlayMovie.exe:Acer Play Movie "{A78A7BB3-762B-46C4-B527-80A320366E0F}"= c:\program files\Acer Arcade Deluxe\PlayMovie\PMVService.exe:Acer Play Movie Resident Program "{F838EB95-9DA7-4536-AB14-9826E3131E90}"= c:\program files\Acer Arcade Deluxe\HomeMedia\HomeMedia.exe:Acer HomeMedia "{343DA92B-E070-4D10-8C11-4E53A94F11C6}"= c:\program files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone) "{04774619-BBBD-4552-9E96-B8F34FC8B478}"= c:\program files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone) "{6134C2EE-CD89-44C5-A23E-EFFCC0347346}"= c:\program files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone) R1 aswSP;avast! Self Protection;c:\windows\System32\drivers\aswSP.sys [22-9-2009 21:28 114768] R2 {49DE1C67-83F8-4102-99E0-C16DCC7EEC796};{49DE1C67-83F8-4102-99E0-C16DCC7EEC796};c:\program files\Acer Arcade Deluxe\PlayMovie\000.fcl [22-9-2009 19:58 61424] R2 aswFsBlk;aswFsBlk;c:\windows\System32\drivers\aswFsBlk.sys [22-9-2009 21:28 20560] R2 aswMonFlt;aswMonFlt;c:\windows\System32\drivers\aswMonFlt.sys [22-9-2009 21:28 53328] R2 BUNAgentSvc;NTI Backup Now 5 Agent Service;c:\program files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe [3-3-2008 13:11 16384] R2 CLHNService;CLHNService;c:\program files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe [22-9-2009 19:59 81504] R2 ETService;Empowering Technology Service;c:\program files\Acer\Empowering Technology\Service\ETService.exe [7-4-2008 14:11 24576] R2 NTIBackupSvc;NTI Backup Now 5 Backup Service;c:\program files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [25-4-2008 21:36 45056] R2 NTIPPKernel;NTIPPKernel;c:\program files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\NTIPPKernel.sys [22-9-2009 20:00 122368] R3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\System32\drivers\b57nd60x.sys [7-4-2008 23:21 210432] R3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\System32\drivers\nvhda32v.sys [23-7-2008 8:24 44064] R3 winbondcir;Winbond IR Transceiver;c:\windows\System32\drivers\winbondcir.sys [28-3-2007 7:51 43008] S2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service;c:\program files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [25-4-2008 21:36 131072] S2 wlidsvc;Windows Live ID Sign-in Assistant;c:\program files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE [30-3-2009 16:28 1533808] [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}] "c:\windows\System32\rundll32.exe" "c:\windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP . Inhoud van de 'Gedeelde Taken' map 2009-10-12 c:\windows\Tasks\User_Feed_Synchronization-{67EB4E3E-CEC7-4233-A647-E5020555F09D}.job - c:\windows\system32\msfeedssync.exe [2009-09-22 20:13] . . ------- Bijkomende Scan ------- . uStart Page = hxxp://www.google.nl/ mStart Page = hxxp://nl.intl.acer.yahoo.com . - - - - ORPHANS VERWIJDERD - - - - HKLM-Run-eRecoveryService - (no file) AddRemove-Yahoo! Toolbar - c:\progra~1\Yahoo!\Common\UNYT_W~1.EXE ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2009-10-12 14:23 Windows 6.0.6002 Service Pack 2 NTFS scannen van verborgen processen ... scannen van verborgen autostart items ... scannen van verborgen bestanden ... Scan succesvol afgerond verborgen bestanden: 0 ************************************************************************** [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\{49DE1C67-83F8-4102-99E0-C16DCC7EEC796}] "ImagePath"="\??\c:\program files\Acer Arcade Deluxe\PlayMovie\000.fcl" . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . Voltooingstijd: 2009-10-12 14:25 ComboFix-quarantined-files.txt 2009-10-12 12:25 Pre-Run: 95.684.366.336 bytes beschikbaar Post-Run: 95.657.713.664 bytes beschikbaar 286 --- E O F --- 2009-10-02 23:28 de combofix file ---------- Post toegevoegd om 14:36 ---------- Vorige post was om 14:32 ---------- dit bestand kan ik niet vinden C:\PrograA ---------- Post toegevoegd om 14:38 ---------- Vorige post was om 14:36 ---------- en dit is de hijack file Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 14:37:33, on 12-10-2009 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v8.00 (8.00.6001.18813) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\system32\taskeng.exe C:\Windows\RtHDVCpl.exe C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe C:\Program Files\Acer\Empowering Technology\eAudio\eAudio.exe C:\Windows\system32\wbem\unsecapp.exe C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe C:\Program Files\Launch Manager\QtZgAcer.EXE C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe C:\Program Files\Acer Arcade Deluxe\PlayMovie\PMVService.exe D:\program files\Alwil Software\ashDisp.exe C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE C:\Program Files\ScanSoft\priter\OpWareSE4.exe D:\program files\UnH SolutionsIE Privacy Keeper\IE Privacy Keeper\IEPrivacyKeeper.exe C:\Windows\system32\conime.exe C:\Windows\Explorer.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Windows\system32\taskmgr.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Windows\system32\Macromed\Flash\FlashUtil9f.exe D:\program files\Nieuwe map\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Yahoo! UK & Ireland O1 - Hosts: ::1 localhost O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (file missing) O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: ShowBarObj Class - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\ActiveToolBand.dll O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (file missing) O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe O4 - HKLM\..\Run: [ePower_DMC] C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe O4 - HKLM\..\Run: [eAudio] "C:\Program Files\Acer\Empowering Technology\eAudio\eAudio.exe" O4 - HKLM\..\Run: [bkupTray] "C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [WarReg_PopUp] C:\Program Files\Acer\WR_PopUp\WarReg_PopUp.exe O4 - HKLM\..\Run: [PLFSetI] C:\Windows\PLFSetI.exe O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\QtZgAcer.EXE Systemboot O4 - HKLM\..\Run: [ArcadeDeluxeAgent] "C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe" O4 - HKLM\..\Run: [CLMLServer] "C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe" O4 - HKLM\..\Run: [PlayMovie] "C:\Program Files\Acer Arcade Deluxe\PlayMovie\PMVService.exe" O4 - HKLM\..\Run: [avast!] D:\PROGRA~1\ALWILS~1\ashDisp.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [skytel] Skytel.exe O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe /logon O4 - HKLM\..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon O4 - HKLM\..\Run: [sSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot O4 - HKLM\..\Run: [OpwareSE4] "C:\Program Files\ScanSoft\priter\OpwareSE4.exe" O4 - HKCU\..\Run: [iE Privacy Keeper] "D:\program files\UnH SolutionsIE Privacy Keeper\IE Privacy Keeper\IEPrivacyKeeper.exe" -startup O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} (a-squared Scanner) - http://ax.emsisoft.com/asquared.cab O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - D:\program files\Alwil Software\aswUpdSv.exe O23 - Service: avast! Antivirus - ALWIL Software - D:\program files\Alwil Software\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - D:\program files\Alwil Software\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - D:\program files\Alwil Software\ashWebSv.exe O23 - Service: NTI Backup Now 5 Agent Service (BUNAgentSvc) - NewTech Infosystems, Inc. - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe O23 - Service: CLHNService - Unknown owner - C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe O23 - Service: eDataSecurity Service - Egis Incorporated - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe O23 - Service: Empowering Technology Service (ETService) - Unknown owner - C:\Program Files\Acer\Empowering Technology\Service\ETService.exe O23 - Service: PIXMA Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exe O23 - Service: NTI Backup Now 5 Backup Service (NTIBackupSvc) - NewTech InfoSystems, Inc. - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe O23 - Service: NTI Backup Now 5 Scheduler Service (NTISchedulerSvc) - Unknown owner - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\Cyberlink\Shared files\RichVideo.exe O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe -- End of file - 7837 bytes

oke zal ik doen nog sorry van me ongeduldig heid zal e rmeer rekening mee houde:$

sorry van mij ongeduldig heid ik zal later de actie onder nemen ben nu momenteel evetjes niet aanwezig

waarom krijg ik geen andwoord terug???

ik heb er geen idee van is het altijd zo dat je latere reactie krijgt? ik ben hier nieuw namelijk

zou er aub wat sneler naar gekeken kunen woorde?

dit is de mbam file Malwarebytes' Anti-Malware 1.41 Database versie: 2943 Windows 6.0.6002 Service Pack 2 11-10-2009 20:49:17 mbam-log-2009-10-11 (20-49-17).txt Scan type: Snelle Scan Objecten gescand: 85493 Verstreken tijd: 3 minute(s), 32 second(s) Geheugenprocessen geïnfecteerd: 0 Geheugenmodulen geïnfecteerd: 0 Registersleutels geïnfecteerd: 0 Registerwaarden geïnfecteerd: 0 Registerdata bestanden geïnfecteerd: 0 Mappen geïnfecteerd: 0 Bestanden geïnfecteerd: 0 Geheugenprocessen geïnfecteerd: (Geen kwaadaardige items gevonden) Geheugenmodulen geïnfecteerd: (Geen kwaadaardige items gevonden) Registersleutels geïnfecteerd: (Geen kwaadaardige items gevonden) Registerwaarden geïnfecteerd: (Geen kwaadaardige items gevonden) Registerdata bestanden geïnfecteerd: (Geen kwaadaardige items gevonden) Mappen geïnfecteerd: (Geen kwaadaardige items gevonden) Bestanden geïnfecteerd: (Geen kwaadaardige items gevonden) ---------- Post toegevoegd om 20:56 ---------- Vorige post was om 20:52 ---------- dit is de hijack file Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 20:55:26, on 11-10-2009 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v8.00 (8.00.6001.18813) Boot mode: Normal Running processes: C:\Windows\system32\taskeng.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\RtHDVCpl.exe C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe C:\PrograA Files\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe C:\Program Files\Acer\Empowering Technology\eAudio\eAudio.exe C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe C:\Windows\system32\wbem\unsecapp.exe C:\Windows\PLFSetI.exe C:\Program Files\Launch Manager\QtZgAcer.EXE C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe C:\Program Files\Acer Arcade Deluxe\PlayMovie\PMVService.exe D:\program files\Alwil Software\ashDisp.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\Windows\System32\rundll32.exe C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE C:\Program Files\ScanSoft\priter\OpWareSE4.exe C:\Users\MISSBO~1\AppData\Local\Temp\RtkBtMnt.exe D:\program files\UnH SolutionsIE Privacy Keeper\IE Privacy Keeper\IEPrivacyKeeper.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Windows\system32\taskmgr.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Windows\system32\Macromed\Flash\FlashUtil9f.exe D:\program files\Nieuwe map\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = iGoogle Redirect R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Yahoo! UK & Ireland R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Yahoo! UK & Ireland R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = O1 - Hosts: ::1 localhost O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (file missing) O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: ShowBarObj Class - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\ActiveToolBand.dll O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (file missing) O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe O4 - HKLM\..\Run: [ePower_DMC] C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe O4 - HKLM\..\Run: [eAudio] "C:\Program Files\Acer\Empowering Technology\eAudio\eAudio.exe" O4 - HKLM\..\Run: [bkupTray] "C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [WarReg_PopUp] C:\Program Files\Acer\WR_PopUp\WarReg_PopUp.exe O4 - HKLM\..\Run: [PLFSetI] C:\Windows\PLFSetI.exe O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\QtZgAcer.EXE Systemboot O4 - HKLM\..\Run: [ArcadeDeluxeAgent] "C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe" O4 - HKLM\..\Run: [CLMLServer] "C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe" O4 - HKLM\..\Run: [PlayMovie] "C:\Program Files\Acer Arcade Deluxe\PlayMovie\PMVService.exe" O4 - HKLM\..\Run: [avast!] D:\PROGRA~1\ALWILS~1\ashDisp.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [skytel] Skytel.exe O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe /logon O4 - HKLM\..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon O4 - HKLM\..\Run: [sSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot O4 - HKLM\..\Run: [OpwareSE4] "C:\Program Files\ScanSoft\priter\OpwareSE4.exe" O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] D:\program files\Nieuwe map\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent O4 - HKCU\..\Run: [iE Privacy Keeper] "D:\program files\UnH SolutionsIE Privacy Keeper\IE Privacy Keeper\IEPrivacyKeeper.exe" -startup O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE') O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O13 - Gopher Prefix: O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} (a-squared Scanner) - http://ax.emsisoft.com/asquared.cab O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - D:\program files\Alwil Software\aswUpdSv.exe O23 - Service: avast! Antivirus - ALWIL Software - D:\program files\Alwil Software\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - D:\program files\Alwil Software\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - D:\program files\Alwil Software\ashWebSv.exe O23 - Service: NTI Backup Now 5 Agent Service (BUNAgentSvc) - NewTech Infosystems, Inc. - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe O23 - Service: CLHNService - Unknown owner - C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe O23 - Service: eDataSecurity Service - Egis Incorporated - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe O23 - Service: Empowering Technology Service (ETService) - Unknown owner - C:\Program Files\Acer\Empowering Technology\Service\ETService.exe O23 - Service: PIXMA Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exe O23 - Service: NTI Backup Now 5 Backup Service (NTIBackupSvc) - NewTech InfoSystems, Inc. - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe O23 - Service: NTI Backup Now 5 Scheduler Service (NTISchedulerSvc) - Unknown owner - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\Cyberlink\Shared files\RichVideo.exe O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe -- End of file - 8752 bytes

oke zal het doen

ik had een vraagje is deze site gratis als je een forum opent?

oke dan zal ik maar wachten

zou er naar gekeken woorde a.u.b