Ga naar inhoud

[OPGELOST] Generic14.ADVK + Mirartoolbalk


 Delen

Aanbevolen berichten

hey! ik heb reeds een week de mirartoolbalk op mijn pc staan maar krijg hem er langs geen kanten af! krijg hem niet verwijdert uit de software dus heb ik mijn spybotprogramma laten scannen maar die vind niks! toen heb ik adaware gedownload, die vond wel enkele trojans maar geen mirar te bespeuren! Nadien heb ik dan maar AVG gedownload maar die geeft nu regelmatig een melding van trojaans paard Generic14.ADVK. Ik krijg deze beide dingen dus niet van mijn pc! Ik heb reeds en Hijackthis logje gemaakt, hier onder plaats ik het even. Zou iemand mij kunnen helpen aub?

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 19:29:58, on 2/09/2009

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.6000.16876)

Boot mode: Normal

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\Ashampoo\Ashampoo Magic Defrag\bin\aDefragService.exe

C:\Program Files\iWin Games\iWinGamesInstaller.exe

C:\Program Files\iWin Games\iWinTrusted.exe

C:\Program Files\Java\jre6\bin\jqs.exe

C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe

C:\Program Files\Common Files\Nikon\Monitor\NkMonitor.exe

C:\Program Files\Java\jre6\bin\jusched.exe

C:\WINDOWS\system32\svchost.exe

C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Documents and Settings\Gebruiker\Application Data\DealAssistant\DealAssistant.exe

C:\Program Files\Ashampoo\Ashampoo Magic Defrag\bin\aDefragCtrl.exe

C:\Program Files\Winter Fun Pack 2004 for Windows XP\WinterWallToy\WinterWalltoy.exe

C:\WINDOWS\system32\wuauclt.exe

C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe

C:\PROGRA~1\AVG\AVG8\avgrsx.exe

C:\PROGRA~1\AVG\AVG8\avgemc.exe

C:\Program Files\AVG\AVG8\avgcsrvx.exe

C:\Program Files\AVG\AVG8\avgcsrvx.exe

C:\PROGRA~1\AVG\AVG8\avgnsx.exe

C:\Program Files\AVG\AVG8\avgui.exe

C:\Program Files\AVG\AVG8\avgscanx.exe

C:\Program Files\AVG\AVG8\avgcsrvx.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Windows Live\Toolbar\wltuser.exe

C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Mirar=

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Het Nieuwsblad Online

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = Mirar=

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN.com

R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://toolbar.ask.com/toolbarv/askRedirect?o=101668&gct=&gc=1&q=

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen

R3 - URLSearchHook: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll

R3 - URLSearchHook: (no name) - *{EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)

R3 - URLSearchHook: (no name) - *{C94E154B-1459-4A47-966B-4B843BEFC7DB} - (no file)

R3 - URLSearchHook: (no name) - *{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)

O2 - BHO: Adobe PDF Reader Help bij koppelingen - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll

O2 - BHO: Mirar - {568B8CC3-DC0C-4682-9E6C-1CA537699FC5} - C:\WINDOWS\system32\win5e78.dll

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)

O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll

O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll

O2 - BHO: MegaSwellAdsForYou - {B8AFA6F8-90AF-2466-C153-04043912FFBC} - C:\Program Files\MegaSwellAdsForYou\MegaSwellAdsForYou.dll (file missing)

O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll

O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll

O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

O3 - Toolbar: Mirar - {568B8CC2-DC0C-4682-9E6C-1CA537699FC5} - C:\WINDOWS\system32\win5e78.dll

O3 - Toolbar: AVG Security Toolbar - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k

O4 - HKLM\..\Run: [Nikon Transfer Monitor] C:\Program Files\Common Files\Nikon\Monitor\NkMonitor.exe

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [Ad-Watch] C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe

O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe

O4 - HKLM\..\RunOnce: [isDeleteMe] "C:\WINDOWS\system32\cmd.exe" /c "C:\DOCUME~1\GEBRUI~1\LOCALS~1\Temp\isDel.bat"

O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"

O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe"

O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [sfKg6wIPuSpdcduD7] C:\Documents and Settings\Gebruiker\Application Data\Microsoft\Windows\gragde.exe

O4 - HKCU\..\Run: [DealAssistant] C:\Documents and Settings\Gebruiker\Application Data\DealAssistant\DealAssistant.exe

O4 - Global Startup: Ashampoo Magic Defrag.lnk = C:\Program Files\Ashampoo\Ashampoo Magic Defrag\bin\aDefragCtrl.exe

O4 - Global Startup: Winter Fun Wallpaper Changer.lnk = ?

O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000

O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O16 - DPF: {149E45D8-163E-4189-86FC-45022AB2B6C9} (SpinTop DRM Control) - file:///C:/Program%20Files/Home%20Sweet%20Home/Images/stg_drm.ocx

O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll

O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll

O23 - Service: AshampooDefragService - - C:\Program Files\Ashampoo\Ashampoo Magic Defrag\bin\aDefragService.exe

O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe

O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe

O23 - Service: Google Updateservice (gupdate1c9b83d16e7dc9) (gupdate1c9b83d16e7dc9) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: iWinGamesInstaller - iWin Inc. - C:\Program Files\iWin Games\iWinGamesInstaller.exe

O23 - Service: iWinTrusted - iWin Inc. - C:\Program Files\iWin Games\iWinTrusted.exe

O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe

O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe

O23 - Service: MSCSPTISRV - Sony Corporation - C:\PROGRA~1\COMMON~1\Sony Shared\AVLib\MSCSPTISRV.exe

O23 - Service: PACSPTISVR - Sony Corporation - C:\PROGRA~1\COMMON~1\Sony Shared\AVLib\PACSPTISVR.exe

O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\PROGRA~1\COMMON~1\Sony Shared\AVLib\SPTISRV.exe

--

End of file - 9977 bytes

MVG Ilse

Link naar reactie
Delen op andere sites


Ga naar Start - Uitvoeren en tik in: sc stop iWinTrusted

Druk op Enter.

Ga naar Start - Uitvoeren en tik in: sc delete iWinTrusted

Druk op Enter.

Ga naar Start - Uitvoeren en tik in: sc stop iWinGamesInstaller

Druk op Enter.

Ga naar Start - Uitvoeren en tik in: sc delete iWinGamesInstaller

Druk op Enter.

Start Hijackthis op. Ben je gebruiker van Vista kies dan voor “Run as administrator" of "Uitvoeren als administrator". Selecteer “Do a system scan only”. Selecteer alleen de items die hieronder zijn genoemd:

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Mirar=

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = Mirar=

R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://toolbar.ask.com/toolbarv/askR...68&gct=&gc=1&q=

R3 - URLSearchHook: (no name) - *{EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)

R3 - URLSearchHook: (no name) - *{C94E154B-1459-4A47-966B-4B843BEFC7DB} - (no file)

R3 - URLSearchHook: (no name) - *{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)

O2 - BHO: Mirar - {568B8CC3-DC0C-4682-9E6C-1CA537699FC5} - C:\WINDOWS\system32\win5e78.dll

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)

O2 - BHO: MegaSwellAdsForYou - {B8AFA6F8-90AF-2466-C153-04043912FFBC} - C:\Program Files\MegaSwellAdsForYou\MegaSwellAdsForYou.dll (file missing)

O3 - Toolbar: Mirar - {568B8CC2-DC0C-4682-9E6C-1CA537699FC5} - C:\WINDOWS\system32\win5e78.dll

O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k

O4 - HKLM\..\RunOnce: [isDeleteMe] "C:\WINDOWS\system32\cmd.exe" /c "C:\DOCUME~1\GEBRUI~1\LOCALS~1\Temp\isDel.bat"

O4 - HKCU\..\Run: [sfKg6wIPuSpdcduD7] C:\Documents and Settings\Gebruiker\Application Data\Microsoft\Windows\gragde.exe

O4 - HKCU\..\Run: [DealAssistant] C:\Documents and Settings\Gebruiker\Application Data\DealAssistant\DealAssistant.exe

O4 - Global Startup: Winter Fun Wallpaper Changer.lnk = ?

O16 - DPF: {149E45D8-163E-4189-86FC-45022AB2B6C9} (SpinTop DRM Control) - file:///C:/Program%20Files/Home%20Sw...es/stg_drm.ocx

Klik op 'Fix checked' om de items te verwijderen.

Verwijder volgende vetgedrukte mappen met Windows Verkenner :

C:\Program Files\MegaSwellAdsForYou

C:\Documents and Settings\Gebruiker\Application Data\DealAssistant

Download MBAM (Malwarebytes' Anti-Malware).

Dubbelklik op mbam-setup.exe om het programma te installeren.

Zorg ervoor dat er een vinkje geplaatst is voor Update Malwarebytes' Anti-Malware en Start Malwarebytes' Anti-Malware, Klik daarna op "Voltooien".

Indien een update gevonden werd, zal die gedownload en geïnstalleerd worden.

Wanneer het programma volledig up to date is, selecteer dan in het tabblad Scanner : "Snelle Scan", daarna klik op Scan.

Het scannen kan een tijdje duren, dus wees geduldig.

Wanneer de scan voltooid is, klik op OK, daarna "Bekijk Resultaten" om de resultaten te zien.

Zorg ervoor dat daar alles aangevinkt is, daarna klik op: Verwijder geselecteerde.

Na het verwijderen zal een log openen en zal er gevraagd worden om de computer opnieuw op te starten. (Zie verder). De log wordt automatisch bewaard door MBAM en kan je terugvinden door op de "Logs" tab te klikken in MBAM.

Indien MBAM moeilijkheden heeft met het verwijderen van bepaalde bestanden zal het enkele meldingen geven waar je OK moet klikken. Daarna zal het vragen om de computeropnieuw op te starten... dus sta toe dat MBAM de computer opnieuw opstart.

Plak de inhoud van het logje in je volgende bericht, samen met een nieuw HijackThis log.

Link naar reactie
Delen op andere sites

geachte,

bedankt voor u antwoord! ik vind echter de mappen megaSwellAdsForYou en dealassistent niet, ik heb het via zoeken gedaan en krijg geen resultaten...

mvg

Ilse

---------- Post toegevoegd om 15:34 ---------- Vorige post was om 15:31 ----------

oja en:

O4 - HKLM\..\RunOnce: [isDeleteMe] "C:\WINDOWS\system32\cmd.exe" /c "C:\DOCUME~1\GEBRUI~1\LOCALS~1\Temp\isDel.bat"

stond er niet meer tussen daarnet, is dat erg?

Link naar reactie
Delen op andere sites


Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 17:08:33, on 3/09/2009

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.6000.16876)

Boot mode: Normal

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\Ashampoo\Ashampoo Magic Defrag\bin\aDefragService.exe

C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe

C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

C:\Program Files\Java\jre6\bin\jqs.exe

C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe

C:\WINDOWS\system32\svchost.exe

C:\PROGRA~1\AVG\AVG8\avgemc.exe

C:\PROGRA~1\AVG\AVG8\avgrsx.exe

C:\PROGRA~1\AVG\AVG8\avgnsx.exe

C:\Program Files\Common Files\Nikon\Monitor\NkMonitor.exe

C:\Program Files\Java\jre6\bin\jusched.exe

C:\Program Files\AVG\AVG8\avgcsrvx.exe

C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe

C:\PROGRA~1\AVG\AVG8\avgtray.exe

C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

C:\Program Files\Windows Live\Messenger\msnmsgr.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\Ashampoo\Ashampoo Magic Defrag\bin\aDefragCtrl.exe

C:\Program Files\Winter Fun Pack 2004 for Windows XP\WinterWallToy\WinterWalltoy.exe

C:\WINDOWS\system32\wuauclt.exe

C:\WINDOWS\explorer.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Windows Live\Toolbar\wltuser.exe

C:\Program Files\AVG\AVG8\avgui.exe

C:\Program Files\AVG\AVG8\avgscanx.exe

C:\Program Files\AVG\AVG8\avgcsrvx.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Het Nieuwsblad Online

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN.com

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen

R3 - URLSearchHook: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll

O2 - BHO: Adobe PDF Reader Help bij koppelingen - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll

O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll

O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll

O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll

O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll

O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

O3 - Toolbar: AVG Security Toolbar - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [Nikon Transfer Monitor] C:\Program Files\Common Files\Nikon\Monitor\NkMonitor.exe

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [Ad-Watch] C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe

O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe

O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"

O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe"

O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - Global Startup: Ashampoo Magic Defrag.lnk = C:\Program Files\Ashampoo\Ashampoo Magic Defrag\bin\aDefragCtrl.exe

O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000

O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll

O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll

O23 - Service: AshampooDefragService - - C:\Program Files\Ashampoo\Ashampoo Magic Defrag\bin\aDefragService.exe

O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe

O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe

O23 - Service: Google Updateservice (gupdate1c9b83d16e7dc9) (gupdate1c9b83d16e7dc9) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe

O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe

O23 - Service: MSCSPTISRV - Sony Corporation - C:\PROGRA~1\COMMON~1\Sony Shared\AVLib\MSCSPTISRV.exe

O23 - Service: PACSPTISVR - Sony Corporation - C:\PROGRA~1\COMMON~1\Sony Shared\AVLib\PACSPTISVR.exe

O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\PROGRA~1\COMMON~1\Sony Shared\AVLib\SPTISRV.exe

--

End of file - 8215 bytes

---------- Post toegevoegd om 17:20 ---------- Vorige post was om 17:12 ----------

ps: mijn mirartoolbalk is al wel uit de internet explorer verdwenen maar zit nu enkel nog in mijn software.

Link naar reactie
Delen op andere sites

ps: mijn mirartoolbalk is al wel uit de internet explorer verdwenen maar zit nu enkel nog in mijn software.
Dat is al een flinke verbetering. Je logje ziet er trouwens prima uit :-)

Nog even een stapje verder zetten :

Download Combofix naar je Bureaublad.

Lees hier meer over correct gebruik van Combofix.

OPMERKING: indien je, tijdens of na het downloaden van Combofix of tijdens het gebruik van Combofix een melding krijgt van je Antivirus- of een andere realtime scanner, schakel dan deze scanner uit en download Combofix opnieuw.

Sommige scanners zien bepaalde componenten die Combofix gebruikt als verdacht en gaan deze blokkeren of verwijderen!


  • Dubbelklik op Combofix.exe om het te starten.
    Indien je Combofix al eerder hebt gebruikt, kan je een waarschuwing krijgen dat een update beschikbaar is. Sta toe dat ComboFix wordt geupdate.
    Volg de instructies, aanvaard de disclaimer door op Ja te klikken.
    Indien de Recovery Console niet geïnstalleerd is, wordt je gevraagd om dit alsnog te doen door op JA te klikken in het "Query - Recovery Console" venster (enkel voor XP, niet voor VISTA).
    Klik op OK en Ja om automatisch de Recovery Console te laten installeren.
    Klik na afloop terug op Ja om het scannen op malware te starten.
    Tijdens het runnen van de fix, NIET in het venster klikken, want dit zal je pc doen vasthangen.

Wanneer de fix voltooid is en na herstart, zal de log Combofix.txt openen.

Post dit logje in je volgende antwoord.

Link naar reactie
Delen op andere sites


ComboFix 09-09-03.02 - Gebruiker 04/09/2009 17:36.1.1 - NTFSx86

Microsoft Windows XP Home Edition 5.1.2600.3.1252.31.1043.18.479.162 [GMT 2:00]

Gestart vanuit: c:\documents and settings\Gebruiker\Bureaublad\ComboFix.exe

AV: AVG Anti-Virus Free *On-access scanning disabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}

.

(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))

.

c:\docume~1\GEBRUI~1\APPLIC~1\.#

c:\documents and settings\Gebruiker\Menu Start\Programma's\PlayMP3z

c:\documents and settings\Gebruiker\Menu Start\Programma's\PlayMP3z\Run PlayMP3z.pif

c:\program files\AskSearch\bin\DefaultSearch.dll

c:\program files\Uninstall Fun Web Products.dll

.

(((((((((((((((((((( Bestanden Gemaakt van 2009-08-04 to 2009-09-04 ))))))))))))))))))))))))))))))

.

2009-09-03 16:58 . 2009-09-03 16:58 -------- d--h--w- c:\documents and settings\All Users\Application Data\CanonIJSolutionMenu

2009-09-03 16:57 . 2009-09-03 16:57 -------- d--h--w- c:\documents and settings\All Users\Application Data\CanonIJMyPrinter

2009-09-03 16:57 . 2009-09-04 15:06 -------- d-----w- c:\documents and settings\All Users\Application Data\CanonIJPLM

2009-09-03 16:53 . 2009-09-03 16:53 -------- d-----w- c:\program files\Common Files\CANON

2009-09-03 16:46 . 2009-09-03 16:46 -------- d--h--w- c:\documents and settings\All Users\Application Data\CanonBJ

2009-09-03 16:44 . 2008-10-08 20:00 230912 ----a-w- c:\windows\system32\CNMLM9E.DLL

2009-09-03 16:44 . 2009-09-03 16:44 -------- d--h--w- c:\windows\system32\CanonIJ Uninstaller Information

2009-09-03 16:43 . 2007-03-15 05:12 188416 ----a-w- c:\windows\system32\CNC540O.DLL

2009-09-03 16:43 . 2008-05-30 00:27 270336 ----a-w- c:\windows\system32\CNC540L.DLL

2009-09-03 16:43 . 2008-04-07 05:58 1339392 ----a-w- c:\windows\system32\CNC540C.DLL

2009-09-03 16:43 . 2008-04-07 05:58 98304 ----a-w- c:\windows\system32\CNC540I.DLL

2009-09-03 16:42 . 2009-09-03 16:42 -------- d--h--w- c:\program files\CanonBJ

2009-09-03 16:35 . 2009-09-03 17:22 -------- d-----w- c:\program files\IKEA HomePlanner

2009-09-03 16:31 . 2009-09-03 16:31 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard

2009-09-02 17:29 . 2009-09-02 17:29 -------- d-----w- c:\program files\Trend Micro

2009-09-02 16:08 . 2009-09-03 16:24 -------- d--h--w- C:\$AVG8.VAULT$

2009-09-02 16:04 . 2009-09-02 16:04 11952 ----a-w- c:\windows\system32\avgrsstx.dll

2009-09-02 16:04 . 2009-09-02 16:04 108552 ----a-w- c:\windows\system32\drivers\avgtdix.sys

2009-09-02 16:04 . 2009-09-02 16:04 335240 ----a-w- c:\windows\system32\drivers\avgldx86.sys

2009-09-02 16:04 . 2009-09-02 16:04 27784 ----a-w- c:\windows\system32\drivers\avgmfx86.sys

2009-09-02 16:01 . 2009-09-04 15:12 -------- d-----w- c:\windows\system32\drivers\Avg

2009-09-02 16:01 . 2009-09-02 16:15 -------- d-----w- c:\documents and settings\All Users\Application Data\AVG Security Toolbar

2009-09-02 15:59 . 2009-09-02 15:59 -------- d-----w- c:\program files\AVG

2009-09-02 15:59 . 2009-09-03 12:21 -------- d-----w- c:\documents and settings\All Users\Application Data\avg8

2009-09-02 15:47 . 2009-09-02 15:47 -------- d-----w- c:\docume~1\GEBRUI~1\APPLIC~1\AVG8

2009-08-31 15:17 . 2009-08-31 14:38 15688 ----a-w- c:\windows\system32\lsdelete.exe

2009-08-31 14:38 . 2009-08-31 14:37 64160 ----a-w- c:\windows\system32\drivers\Lbd.sys

2009-08-31 14:35 . 2009-08-31 14:35 -------- dc-h--w- c:\documents and settings\All Users\Application Data\{83C91755-2546-441D-AC40-9A6B4B860800}

2009-08-31 14:34 . 2009-08-31 14:38 -------- d-----w- c:\documents and settings\All Users\Application Data\Lavasoft

2009-08-31 14:34 . 2009-08-31 14:34 -------- d-----w- c:\program files\Lavasoft

2009-08-26 14:56 . 2009-08-26 14:56 -------- d--h--w- c:\windows\PIF

2009-08-26 14:55 . 2009-09-03 12:20 -------- d-----w- c:\docume~1\GEBRUI~1\APPLIC~1\DealAssistant

2009-08-26 14:55 . 2009-08-26 14:55 532480 ----a-w- c:\windows\system32\win5e78.dll

2009-08-26 11:47 . 2009-08-26 11:47 -------- d-----w- c:\documents and settings\All Users\Application Data\Alawar Stargaze

2009-08-25 12:07 . 2009-07-10 13:31 1315328 -c----w- c:\windows\system32\dllcache\msoe.dll

.

((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2009-09-03 16:57 . 2008-11-18 14:41 -------- d-----w- c:\program files\Canon

2009-09-03 14:16 . 2008-11-27 15:33 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP

2009-09-03 12:20 . 2008-10-05 20:49 -------- d-----w- c:\program files\Common Files\Symantec Shared

2009-09-02 17:16 . 2008-10-05 20:50 -------- d-----w- c:\documents and settings\All Users\Application Data\Symantec

2009-09-01 12:34 . 2008-12-17 10:17 -------- d-----w- c:\program files\iWin.com

2009-09-01 12:33 . 2009-03-24 14:57 -------- d-----w- c:\program files\RealArcade

2009-08-31 16:30 . 2008-11-28 16:24 -------- d-----w- c:\program files\iWin Games

2009-08-27 15:44 . 2008-11-27 14:03 -------- d-----w- c:\docume~1\GEBRUI~1\APPLIC~1\FrostWire

2009-08-05 09:01 . 2006-03-02 12:00 205312 ----a-w- c:\windows\system32\mswebdvd.dll

2009-07-17 19:04 . 2006-03-02 12:00 58880 ----a-w- c:\windows\system32\atl.dll

2009-07-13 21:43 . 2006-03-02 12:00 286208 ----a-w- c:\windows\system32\wmpdxm.dll

2009-07-10 12:46 . 2009-07-10 12:46 -------- d-----w- c:\docume~1\GEBRUI~1\APPLIC~1\Home Sweet Home

2009-07-08 13:16 . 2009-07-08 13:16 -------- d-----w- c:\documents and settings\All Users\Application Data\Merscom

2009-07-08 13:16 . 2009-07-08 13:16 -------- d-----w- c:\program files\Common Files\SWF Studio

2009-07-08 13:10 . 2009-05-18 13:37 -------- d-----w- c:\documents and settings\All Users\Application Data\Escape From Paradise

2009-07-08 12:37 . 2009-07-08 12:37 -------- d-----w- c:\program files\Virtual Villagers

2009-07-08 12:37 . 2009-07-08 12:28 -------- d-----w- c:\program files\Wandering Willows

2009-06-29 16:01 . 2006-03-02 12:00 827392 ----a-w- c:\windows\system32\wininet.dll

2009-06-29 16:01 . 2006-03-02 12:00 78336 ----a-w- c:\windows\system32\ieencode.dll

2009-06-29 16:01 . 2006-03-02 12:00 17408 ----a-w- c:\windows\system32\corpol.dll

2009-06-16 14:40 . 2006-03-02 12:00 81920 ----a-w- c:\windows\system32\fontsub.dll

2009-06-16 14:40 . 2006-03-02 12:00 119808 ----a-w- c:\windows\system32\t2embed.dll

2009-06-15 10:45 . 2006-03-02 12:00 79872 ----a-w- c:\windows\system32\telnet.exe

2009-06-10 14:16 . 2006-03-02 12:00 85504 ----a-w- c:\windows\system32\avifil32.dll

2009-06-10 07:22 . 2008-09-25 15:18 2066432 ----a-w- c:\windows\system32\mstscax.dll

2009-06-10 06:16 . 2006-03-02 12:00 132096 ----a-w- c:\windows\system32\wkssvc.dll

.

((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

REGEDIT4

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]

"{A3BC75A2-1F87-4686-AA43-5347D756017C}"= "c:\program files\AVG\AVG8\Toolbar\IEToolbar.dll" [2009-07-24 1090816]

[HKEY_CLASSES_ROOT\clsid\{a3bc75a2-1f87-4686-aa43-5347d756017c}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A3BC75A2-1F87-4686-AA43-5347D756017C}]

2009-07-24 07:55 1090816 ----a-w- c:\program files\AVG\AVG8\Toolbar\IEToolbar.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]

"{CCC7A320-B3CA-4199-B1A6-9F516DD69829}"= "c:\program files\AVG\AVG8\Toolbar\IEToolbar.dll" [2009-07-24 1090816]

[HKEY_CLASSES_ROOT\clsid\{ccc7a320-b3ca-4199-b1a6-9f516dd69829}]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]

"{568B8CC2-DC0C-4682-9E6C-1CA537699FC5}"= "c:\windows\system32\win5e78.dll" [2009-08-26 532480]

"{CCC7A320-B3CA-4199-B1A6-9F516DD69829}"= "c:\program files\AVG\AVG8\Toolbar\IEToolbar.dll" [2009-07-24 1090816]

[HKEY_CLASSES_ROOT\clsid\{568b8cc2-dc0c-4682-9e6c-1ca537699fc5}]

[HKEY_CLASSES_ROOT\TypeLib\{E7D7117E-9990-415A-9099-32C4EAC7467C}]

[HKEY_CLASSES_ROOT\clsid\{ccc7a320-b3ca-4199-b1a6-9f516dd69829}]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-10-05 39408]

"MsnMsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-02-06 3885408]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-10-15 39792]

"Nikon Transfer Monitor"="c:\program files\Common Files\Nikon\Monitor\NkMonitor.exe" [2008-09-30 485208]

"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-03-09 148888]

"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2009-01-05 413696]

"Ad-Watch"="c:\program files\Lavasoft\Ad-Aware\AAWTray.exe" [2009-08-31 520024]

"AVG8_TRAY"="c:\progra~1\AVG\AVG8\avgtray.exe" [2009-09-02 2007832]

"CanonSolutionMenu"="c:\program files\Canon\SolutionMenu\CNSLMAIN.exe" [2008-03-10 689488]

"CanonMyPrinter"="c:\program files\Canon\MyPrinter\BJMyPrt.exe" [2008-03-17 1848648]

c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\

Ashampoo Magic Defrag.lnk - c:\program files\Ashampoo\Ashampoo Magic Defrag\bin\aDefragCtrl.exe [2008-10-6 4149361]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter]

2009-09-02 16:04 11952 ----a-w- c:\windows\system32\avgrsstx.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]

@="Service"

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Adobe Reader Snelle start.lnk]

path=c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\Adobe Reader Snelle start.lnk

backup=c:\windows\pss\Adobe Reader Snelle start.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Adobe Reader Synchronizer.lnk]

path=c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\Adobe Reader Synchronizer.lnk

backup=c:\windows\pss\Adobe Reader Synchronizer.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Utility Tray.lnk]

backup=c:\windows\pss\Utility Tray.lnkCommon Startup

path=c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\Utility Tray.lnk

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]

"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]

"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]

"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"%windir%\\system32\\sessmgr.exe"=

"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

"c:\\Program Files\\FrostWire\\FrostWire.exe"=

"c:\\Program Files\\iWin Games\\iWinGames.exe"=

"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=

"c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=

"c:\\Program Files\\AVG\\AVG8\\avgemc.exe"=

"c:\\Program Files\\AVG\\AVG8\\avgupd.exe"=

"c:\\Program Files\\AVG\\AVG8\\avgnsx.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]

"1723:TCP"= 1723:TCP:@xpsp2res.dll,-22015

"1701:UDP"= 1701:UDP:@xpsp2res.dll,-22016

"500:UDP"= 500:UDP:@xpsp2res.dll,-22017

R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [31/08/2009 16:38 64160]

R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2/09/2009 18:04 335240]

R1 AvgTdiX;AVG Free8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2/09/2009 18:04 108552]

R2 avg8emc;AVG Free8 E-mail Scanner;c:\progra~1\AVG\AVG8\avgemc.exe [2/09/2009 18:00 908056]

R2 avg8wd;AVG Free8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [2/09/2009 18:00 297752]

R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\Lavasoft\Ad-Aware\AAWService.exe [18/01/2009 23:34 1029456]

S2 gupdate1c9b83d16e7dc9;Google Updateservice (gupdate1c9b83d16e7dc9);c:\program files\Google\Update\GoogleUpdate.exe [8/04/2009 13:26 133104]

S3 QCEmerald;Logitech QuickCam Web;c:\windows\system32\drivers\OVCE.sys [29/05/2009 11:48 31872]

.

Inhoud van de 'Gedeelde Taken' map

2009-08-31 c:\windows\Tasks\Ad-Aware Update (Weekly).job

- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-01-18 14:37]

2009-08-26 c:\windows\Tasks\AppleSoftwareUpdate.job

- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 10:34]

2009-09-04 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files\Google\Update\GoogleUpdate.exe [2009-04-08 11:26]

2009-09-03 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files\Google\Update\GoogleUpdate.exe [2009-04-08 11:26]

2009-04-20 c:\windows\Tasks\OGADaily.job

- c:\windows\system32\OGAVerify.exe [2008-12-31 16:04]

2009-09-04 c:\windows\Tasks\OGALogon.job

- c:\windows\system32\OGAVerify.exe [2008-12-31 16:04]

.

- - - - ORPHANS VERWIJDERD - - - -

HKCU-Run-BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA} - c:\program files\Common Files\Ahead\lib\NMBgMonitor.exe

.

------- Bijkomende Scan -------

.

uStart Page = hxxp://www.nieuwsblad.be/index.html?ref=0914

uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8

IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000

.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover

Rootkit scan 2009-09-04 17:42

Windows 5.1.2600 Service Pack 3 NTFS

scannen van verborgen processen ...

scannen van verborgen autostart items ...

scannen van verborgen bestanden ...

Scan succesvol afgerond

verborgen bestanden: 0

**************************************************************************

.

--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10c.exe,-101"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\Elevation]

"Enabled"=dword:00000001

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\LocalServer32]

@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10c.exe"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}]

@Denied: (A 2) (Everyone)

@="IFlashBroker3"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\h–€|ÿÿÿÿ¤•€|ù•9~*]

"3140110900063D11C8EF10054038389C"="C?\\WINDOWS\\system32\\FM20ENU.DLL"

.

Voltooingstijd: 2009-09-04 17:44

ComboFix-quarantined-files.txt 2009-09-04 15:44

Pre-Run: 27.399.565.312 bytes beschikbaar

Post-Run: 29.969.453.056 bytes beschikbaar

WindowsXP-KB310994-SP2-Home-BootDisk-NLD.exe

[boot loader]

timeout=2

default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS

[operating systems]

c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons

multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect

222 --- E O F --- 2009-09-02 21:36

ps: de mirartoestande staan nog steeds in mijn software dus die zou ik er nogwel graag uit hebben. Mijn pc start al veel sneller op alleen dat kleine dingetje wilt er niet af blijkbaar.

Link naar reactie
Delen op andere sites

Open een kladblokbestand.

Kopieer en plak daarin de onderstaande vetgedrukte tekst.

Folder::

c:\docume~1\GEBRUI~1\APPLIC~1\DealAssistant

c:\program files\iWin.com

c:\program files\iWin Games

Registry::

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]

"{568B8CC2-DC0C-4682-9E6C-1CA537699FC5}"=-

[-HKEY_CLASSES_ROOT\clsid\{568b8cc2-dc0c-4682-9e6c-1ca537699fc5}]

Sla dit bestand op je bureaublad op als CFScript.txt.

Sleep CFScript.txt in ComboFix.exe

Dit zal ComboFix doen herstarten. Start opnieuw op als dat gevraagd wordt.

Post na herstart de inhoud van de Combofix.txt in je volgende bericht samen met een nieuw logje van HijackThis.

Hiermee is alles van Mirar van je PC verwijderd. Toch bestaat de kans dat het item in je Software aanwezig blijft. Maar dit is geheel onschadelijk ... en enkel een visueel ongemak :-)

Link naar reactie
Delen op andere sites

hey! hier hebt u de resultaten van de combofix scan en de hijackthis scan:

combofix:

ComboFix 09-09-06.06 - Gebruiker 07/09/2009 17:44.2.1 - NTFSx86

Microsoft Windows XP Home Edition 5.1.2600.3.1252.31.1043.18.479.173 [GMT 2:00]

Gestart vanuit: c:\documents and settings\Gebruiker\Bureaublad\ComboFix.exe

gebruikte Opdracht switches :: c:\documents and settings\Gebruiker\Bureaublad\CFScript.txt

AV: AVG Anti-Virus Free *On-access scanning disabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}

* Nieuw herstelpunt werd aangemaakt

.

(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))

.

c:\docume~1\GEBRUI~1\APPLIC~1\DealAssistant

c:\docume~1\GEBRUI~1\APPLIC~1\DealAssistant\config.cfg

c:\docume~1\GEBRUI~1\APPLIC~1\DealAssistant\DAUninstall.exe

c:\program files\iWin Games

c:\program files\iWin Games\AdminWorker.exe

c:\program files\iWin Games\firefox\chrome.manifest

c:\program files\iWin Games\firefox\chrome\iwinarcade.jar

c:\program files\iWin Games\firefox\install.rdf

c:\program files\iWin Games\firefox\version

c:\program files\iWin Games\ftdownload.dat

c:\program files\iWin Games\host.cfg

c:\program files\iWin Games\iWinGames.exe

c:\program files\iWin Games\iWinGamesInstaller.exe

c:\program files\iWin Games\iWinInfo.dll

c:\program files\iWin Games\iWinTrusted.exe

c:\program files\iWin Games\pages\alert32x32.gif

c:\program files\iWin Games\pages\arcadeCheck.js

c:\program files\iWin Games\pages\blank.html

c:\program files\iWin Games\pages\blank2.html

c:\program files\iWin Games\pages\error.html

c:\program files\iWin Games\pages\error404.css

c:\program files\iWin Games\pages\iwin_logo.gif

c:\program files\iWin Games\pages\login.html

c:\program files\iWin Games\pages\maintenance.html

c:\program files\iWin Games\pages\offline.css

c:\program files\iWin Games\pages\offline.html

c:\program files\iWin Games\pages\offline.jpg

c:\program files\iWin Games\pages\offline_tag.gif

c:\program files\iWin Games\pages\offlineBg.gif

c:\program files\iWin Games\pages\orange-im-connected-60.gif

c:\program files\iWin Games\pages\terrie404.gif

c:\program files\iWin Games\pages\test.html

c:\program files\iWin Games\sounds\animation.wav

c:\program files\iWin Games\sounds\animationBack.wav

c:\program files\iWin Games\sounds\button_click.wav

c:\program files\iWin Games\sounds\download_completed.wav

c:\program files\iWin Games\sounds\slidebackin.wav

c:\program files\iWin Games\sounds\slideout.wav

c:\program files\iWin Games\sounds\start.wav

c:\program files\iWin Games\Uninstall.exe

c:\program files\iWin Games\WebInstaller.exe

c:\program files\iWin Games\WebUpdater.bmp

c:\program files\iWin.com

c:\program files\iWin.com\Holly A Christmas Tale\Alawar_eula.txt

c:\program files\iWin.com\Holly A Christmas Tale\bass.dll

c:\program files\iWin.com\Holly A Christmas Tale\eng.lng

c:\program files\iWin.com\Holly A Christmas Tale\GameLauncher.exe

c:\program files\iWin.com\Holly A Christmas Tale\gamepage\buynow.html

c:\program files\iWin.com\Holly A Christmas Tale\gamepage\common.js

c:\program files\iWin.com\Holly A Christmas Tale\gamepage\css\offline.css

c:\program files\iWin.com\Holly A Christmas Tale\gamepage\end.html

c:\program files\iWin.com\Holly A Christmas Tale\gamepage\expired.html

c:\program files\iWin.com\Holly A Christmas Tale\gamepage\images\alert32x32.gif

c:\program files\iWin.com\Holly A Christmas Tale\gamepage\images\bg_header.gif

c:\program files\iWin.com\Holly A Christmas Tale\gamepage\images\continuefreetrial-32.gif

c:\program files\iWin.com\Holly A Christmas Tale\gamepage\images\logo.jpg

c:\program files\iWin.com\Holly A Christmas Tale\gamepage\images\product\feature.jpg

c:\program files\iWin.com\Holly A Christmas Tale\gamepage\open.html

c:\program files\iWin.com\Holly A Christmas Tale\gamepage\operationfailed.html

c:\program files\iWin.com\Holly A Christmas Tale\gamepage\success.html

c:\program files\iWin.com\Holly A Christmas Tale\glcfg.date

c:\program files\iWin.com\Holly A Christmas Tale\GLWorker.exe

c:\program files\iWin.com\Holly A Christmas Tale\Holly.ifn

c:\program files\iWin.com\Holly A Christmas Tale\holly.lng

c:\program files\iWin.com\Holly A Christmas Tale\Holly.vfn

c:\program files\iWin.com\Holly A Christmas Tale\Holly.vgf

c:\program files\iWin.com\Holly A Christmas Tale\holly.vsn

c:\program files\iWin.com\Holly A Christmas Tale\icon.ico

c:\program files\iWin.com\Holly A Christmas Tale\Logos\logo1.jpg

c:\program files\iWin.com\Holly A Christmas Tale\Logos\logo2.jpg

c:\program files\iWin.com\Holly A Christmas Tale\particles.an

c:\program files\iWin.com\Holly A Christmas Tale\particles.bmp

c:\program files\iWin.com\Holly A Christmas Tale\Players\dont-delete.txt

c:\program files\iWin.com\Holly A Christmas Tale\Players\Player0.vrs

c:\program files\iWin.com\Holly A Christmas Tale\Players\Player6.vrs

c:\program files\iWin.com\Holly A Christmas Tale\stdat.dat

c:\program files\iWin.com\Holly A Christmas Tale\Uninstall.exe

c:\program files\iWin.com\YoudaFarmer\GameLauncher.exe

c:\program files\iWin.com\YoudaFarmer\gamepage\buynow.html

c:\program files\iWin.com\YoudaFarmer\gamepage\common.js

c:\program files\iWin.com\YoudaFarmer\gamepage\css\offline.css

c:\program files\iWin.com\YoudaFarmer\gamepage\disconnected-upsell.html

c:\program files\iWin.com\YoudaFarmer\gamepage\end.html

c:\program files\iWin.com\YoudaFarmer\gamepage\expired.html

c:\program files\iWin.com\YoudaFarmer\gamepage\images\alert32x32.gif

c:\program files\iWin.com\YoudaFarmer\gamepage\images\bg_header.gif

c:\program files\iWin.com\YoudaFarmer\gamepage\images\buttons\close-blue-28.gif

c:\program files\iWin.com\YoudaFarmer\gamepage\images\buttons\continue-orange-132.gif

c:\program files\iWin.com\YoudaFarmer\gamepage\images\buttons\yesiwantabackupcd-orange-197.gif

c:\program files\iWin.com\YoudaFarmer\gamepage\images\common\header-bg.gif

c:\program files\iWin.com\YoudaFarmer\gamepage\images\common\header-small-bg.gif

c:\program files\iWin.com\YoudaFarmer\gamepage\images\common\loading.gif

c:\program files\iWin.com\YoudaFarmer\gamepage\images\continuefreetrial-32.gif

c:\program files\iWin.com\YoudaFarmer\gamepage\images\global\logo-invis.gif

c:\program files\iWin.com\YoudaFarmer\gamepage\images\global\logo.gif

c:\program files\iWin.com\YoudaFarmer\gamepage\images\global\page-bg-swirly.gif

c:\program files\iWin.com\YoudaFarmer\gamepage\images\global\page-bg.gif

c:\program files\iWin.com\YoudaFarmer\gamepage\images\global\page-header-small-bg.jpg

c:\program files\iWin.com\YoudaFarmer\gamepage\images\logo.jpg

c:\program files\iWin.com\YoudaFarmer\gamepage\images\misc\blue-bottom-triangle.gif

c:\program files\iWin.com\YoudaFarmer\gamepage\images\misc\information.gif

c:\program files\iWin.com\YoudaFarmer\gamepage\images\ous\divider.gif

c:\program files\iWin.com\YoudaFarmer\gamepage\images\ous\hotel-bg.gif

c:\program files\iWin.com\YoudaFarmer\gamepage\images\ous\hotel-iwin.gif

c:\program files\iWin.com\YoudaFarmer\gamepage\images\ous\opal.gif

c:\program files\iWin.com\YoudaFarmer\gamepage\images\ous\ous-promo-banner.jpg

c:\program files\iWin.com\YoudaFarmer\gamepage\images\plans\plan1.gif

c:\program files\iWin.com\YoudaFarmer\gamepage\images\plans\plan2.gif

c:\program files\iWin.com\YoudaFarmer\gamepage\images\plans\plan3.gif

c:\program files\iWin.com\YoudaFarmer\gamepage\images\product\feature.jpg

c:\program files\iWin.com\YoudaFarmer\gamepage\open.html

c:\program files\iWin.com\YoudaFarmer\gamepage\operationfailed.html

c:\program files\iWin.com\YoudaFarmer\gamepage\scripts\disconnected-upsell.js

c:\program files\iWin.com\YoudaFarmer\gamepage\scripts\prototype-1.6.js

c:\program files\iWin.com\YoudaFarmer\gamepage\styles\base.css

c:\program files\iWin.com\YoudaFarmer\gamepage\styles\disconnected-upsell.css

c:\program files\iWin.com\YoudaFarmer\gamepage\styles\shoppingcart.css

c:\program files\iWin.com\YoudaFarmer\gamepage\success.html

c:\program files\iWin.com\YoudaFarmer\glcfg.date

c:\program files\iWin.com\YoudaFarmer\GLWorker.exe

c:\program files\iWin.com\YoudaFarmer\icon.ico

c:\program files\iWin.com\YoudaFarmer\stdat.dat

c:\program files\iWin.com\YoudaFarmer\Uninstall.exe

c:\program files\iWin.com\YoudaFarmer\YoudaFarmer_iWin.ifn

c:\program files\iWin.com\YoudaFarmer\YoudaFarmer_iWin.ifn.lnk

c:\program files\iWin.com\YoudaFarmer\YoudaGames_eula.txt

.

(((((((((((((((((((( Bestanden Gemaakt van 2009-08-07 to 2009-09-07 ))))))))))))))))))))))))))))))

.

2009-09-03 16:58 . 2009-09-03 16:58 -------- d--h--w- c:\documents and settings\All Users\Application Data\CanonIJSolutionMenu

2009-09-03 16:57 . 2009-09-03 16:57 -------- d--h--w- c:\documents and settings\All Users\Application Data\CanonIJMyPrinter

2009-09-03 16:57 . 2009-09-04 15:06 -------- d-----w- c:\documents and settings\All Users\Application Data\CanonIJPLM

2009-09-03 16:53 . 2009-09-03 16:53 -------- d-----w- c:\program files\Common Files\CANON

2009-09-03 16:46 . 2009-09-03 16:46 -------- d--h--w- c:\documents and settings\All Users\Application Data\CanonBJ

2009-09-03 16:44 . 2008-10-08 20:00 230912 ----a-w- c:\windows\system32\CNMLM9E.DLL

2009-09-03 16:44 . 2009-09-03 16:44 -------- d--h--w- c:\windows\system32\CanonIJ Uninstaller Information

2009-09-03 16:43 . 2007-03-15 05:12 188416 ----a-w- c:\windows\system32\CNC540O.DLL

2009-09-03 16:43 . 2008-05-30 00:27 270336 ----a-w- c:\windows\system32\CNC540L.DLL

2009-09-03 16:43 . 2008-04-07 05:58 1339392 ----a-w- c:\windows\system32\CNC540C.DLL

2009-09-03 16:43 . 2008-04-07 05:58 98304 ----a-w- c:\windows\system32\CNC540I.DLL

2009-09-03 16:42 . 2009-09-03 16:42 -------- d--h--w- c:\program files\CanonBJ

2009-09-03 16:35 . 2009-09-03 17:22 -------- d-----w- c:\program files\IKEA HomePlanner

2009-09-03 16:31 . 2009-09-03 16:31 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard

2009-09-02 17:29 . 2009-09-02 17:29 -------- d-----w- c:\program files\Trend Micro

2009-09-02 16:08 . 2009-09-04 16:57 -------- d--h--w- C:\$AVG8.VAULT$

2009-09-02 16:04 . 2009-09-02 16:04 11952 ----a-w- c:\windows\system32\avgrsstx.dll

2009-09-02 16:04 . 2009-09-02 16:04 108552 ----a-w- c:\windows\system32\drivers\avgtdix.sys

2009-09-02 16:04 . 2009-09-02 16:04 335240 ----a-w- c:\windows\system32\drivers\avgldx86.sys

2009-09-02 16:04 . 2009-09-02 16:04 27784 ----a-w- c:\windows\system32\drivers\avgmfx86.sys

2009-09-02 16:01 . 2009-09-07 15:29 -------- d-----w- c:\windows\system32\drivers\Avg

2009-09-02 16:01 . 2009-09-02 16:15 -------- d-----w- c:\documents and settings\All Users\Application Data\AVG Security Toolbar

2009-09-02 15:59 . 2009-09-02 15:59 -------- d-----w- c:\program files\AVG

2009-09-02 15:59 . 2009-09-03 12:21 -------- d-----w- c:\documents and settings\All Users\Application Data\avg8

2009-09-02 15:47 . 2009-09-02 15:47 -------- d-----w- c:\documents and settings\Gebruiker\Application Data\AVG8

2009-08-31 15:17 . 2009-08-31 14:38 15688 ----a-w- c:\windows\system32\lsdelete.exe

2009-08-31 14:38 . 2009-08-31 14:37 64160 ----a-w- c:\windows\system32\drivers\Lbd.sys

2009-08-31 14:35 . 2009-08-31 14:35 -------- dc-h--w- c:\documents and settings\All Users\Application Data\{83C91755-2546-441D-AC40-9A6B4B860800}

2009-08-31 14:34 . 2009-08-31 14:38 -------- d-----w- c:\documents and settings\All Users\Application Data\Lavasoft

2009-08-31 14:34 . 2009-08-31 14:34 -------- d-----w- c:\program files\Lavasoft

2009-08-26 14:56 . 2009-08-26 14:56 -------- d--h--w- c:\windows\PIF

2009-08-26 14:55 . 2009-08-26 14:55 532480 ----a-w- c:\windows\system32\win5e78.dll

2009-08-26 11:47 . 2009-08-26 11:47 -------- d-----w- c:\documents and settings\All Users\Application Data\Alawar Stargaze

2009-08-25 12:07 . 2009-07-10 13:31 1315328 -c----w- c:\windows\system32\dllcache\msoe.dll

.

((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2009-09-03 16:57 . 2008-11-18 14:41 -------- d-----w- c:\program files\Canon

2009-09-03 14:16 . 2008-11-27 15:33 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP

2009-09-03 12:20 . 2008-10-05 20:49 -------- d-----w- c:\program files\Common Files\Symantec Shared

2009-09-02 17:16 . 2008-10-05 20:50 -------- d-----w- c:\documents and settings\All Users\Application Data\Symantec

2009-09-01 12:33 . 2009-03-24 14:57 -------- d-----w- c:\program files\RealArcade

2009-08-27 15:44 . 2008-11-27 14:03 -------- d-----w- c:\documents and settings\Gebruiker\Application Data\FrostWire

2009-08-05 09:01 . 2006-03-02 12:00 205312 ----a-w- c:\windows\system32\mswebdvd.dll

2009-07-17 19:04 . 2006-03-02 12:00 58880 ----a-w- c:\windows\system32\atl.dll

2009-07-13 21:43 . 2006-03-02 12:00 286208 ----a-w- c:\windows\system32\wmpdxm.dll

2009-07-10 12:46 . 2009-07-10 12:46 -------- d-----w- c:\documents and settings\Gebruiker\Application Data\Home Sweet Home

2009-06-29 16:01 . 2006-03-02 12:00 827392 ------w- c:\windows\system32\wininet.dll

2009-06-29 16:01 . 2006-03-02 12:00 78336 ----a-w- c:\windows\system32\ieencode.dll

2009-06-29 16:01 . 2006-03-02 12:00 17408 ----a-w- c:\windows\system32\corpol.dll

2009-06-16 14:40 . 2006-03-02 12:00 81920 ----a-w- c:\windows\system32\fontsub.dll

2009-06-16 14:40 . 2006-03-02 12:00 119808 ----a-w- c:\windows\system32\t2embed.dll

2009-06-15 10:45 . 2006-03-02 12:00 79872 ----a-w- c:\windows\system32\telnet.exe

2009-06-10 14:16 . 2006-03-02 12:00 85504 ----a-w- c:\windows\system32\avifil32.dll

2009-06-10 07:22 . 2008-09-25 15:18 2066432 ----a-w- c:\windows\system32\mstscax.dll

2009-06-10 06:16 . 2006-03-02 12:00 132096 ----a-w- c:\windows\system32\wkssvc.dll

.

((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

REGEDIT4

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]

"{A3BC75A2-1F87-4686-AA43-5347D756017C}"= "c:\program files\AVG\AVG8\Toolbar\IEToolbar.dll" [2009-07-24 1090816]

[HKEY_CLASSES_ROOT\clsid\{a3bc75a2-1f87-4686-aa43-5347d756017c}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A3BC75A2-1F87-4686-AA43-5347D756017C}]

2009-07-24 07:55 1090816 ----a-w- c:\program files\AVG\AVG8\Toolbar\IEToolbar.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]

"{CCC7A320-B3CA-4199-B1A6-9F516DD69829}"= "c:\program files\AVG\AVG8\Toolbar\IEToolbar.dll" [2009-07-24 1090816]

[HKEY_CLASSES_ROOT\clsid\{ccc7a320-b3ca-4199-b1a6-9f516dd69829}]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]

"{CCC7A320-B3CA-4199-B1A6-9F516DD69829}"= "c:\program files\AVG\AVG8\Toolbar\IEToolbar.dll" [2009-07-24 1090816]

[HKEY_CLASSES_ROOT\clsid\{ccc7a320-b3ca-4199-b1a6-9f516dd69829}]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-10-05 39408]

"MsnMsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-02-06 3885408]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-10-15 39792]

"Nikon Transfer Monitor"="c:\program files\Common Files\Nikon\Monitor\NkMonitor.exe" [2008-09-30 485208]

"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-03-09 148888]

"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2009-01-05 413696]

"Ad-Watch"="c:\program files\Lavasoft\Ad-Aware\AAWTray.exe" [2009-08-31 520024]

"AVG8_TRAY"="c:\progra~1\AVG\AVG8\avgtray.exe" [2009-09-02 2007832]

"CanonSolutionMenu"="c:\program files\Canon\SolutionMenu\CNSLMAIN.exe" [2008-03-10 689488]

"CanonMyPrinter"="c:\program files\Canon\MyPrinter\BJMyPrt.exe" [2008-03-17 1848648]

c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\

Ashampoo Magic Defrag.lnk - c:\program files\Ashampoo\Ashampoo Magic Defrag\bin\aDefragCtrl.exe [2008-10-6 4149361]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter]

2009-09-02 16:04 11952 ----a-w- c:\windows\system32\avgrsstx.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]

@="Service"

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Adobe Reader Snelle start.lnk]

path=c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\Adobe Reader Snelle start.lnk

backup=c:\windows\pss\Adobe Reader Snelle start.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Adobe Reader Synchronizer.lnk]

path=c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\Adobe Reader Synchronizer.lnk

backup=c:\windows\pss\Adobe Reader Synchronizer.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Utility Tray.lnk]

backup=c:\windows\pss\Utility Tray.lnkCommon Startup

path=c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\Utility Tray.lnk

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]

"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]

"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]

"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"%windir%\\system32\\sessmgr.exe"=

"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

"c:\\Program Files\\FrostWire\\FrostWire.exe"=

"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=

"c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=

"c:\\Program Files\\AVG\\AVG8\\avgemc.exe"=

"c:\\Program Files\\AVG\\AVG8\\avgupd.exe"=

"c:\\Program Files\\AVG\\AVG8\\avgnsx.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]

"1723:TCP"= 1723:TCP:@xpsp2res.dll,-22015

"1701:UDP"= 1701:UDP:@xpsp2res.dll,-22016

"500:UDP"= 500:UDP:@xpsp2res.dll,-22017

R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [31/08/2009 16:38 64160]

R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2/09/2009 18:04 335240]

R1 AvgTdiX;AVG Free8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2/09/2009 18:04 108552]

R2 avg8emc;AVG Free8 E-mail Scanner;c:\progra~1\AVG\AVG8\avgemc.exe [2/09/2009 18:00 908056]

R2 avg8wd;AVG Free8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [2/09/2009 18:00 297752]

R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\Lavasoft\Ad-Aware\AAWService.exe [18/01/2009 23:34 1029456]

S2 gupdate1c9b83d16e7dc9;Google Updateservice (gupdate1c9b83d16e7dc9);c:\program files\Google\Update\GoogleUpdate.exe [8/04/2009 13:26 133104]

S3 QCEmerald;Logitech QuickCam Web;c:\windows\system32\drivers\OVCE.sys [29/05/2009 11:48 31872]

.

Inhoud van de 'Gedeelde Taken' map

2009-08-31 c:\windows\Tasks\Ad-Aware Update (Weekly).job

- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-01-18 14:37]

2009-08-26 c:\windows\Tasks\AppleSoftwareUpdate.job

- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 10:34]

2009-09-07 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files\Google\Update\GoogleUpdate.exe [2009-04-08 11:26]

2009-09-07 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files\Google\Update\GoogleUpdate.exe [2009-04-08 11:26]

2009-04-20 c:\windows\Tasks\OGADaily.job

- c:\windows\system32\OGAVerify.exe [2008-12-31 16:04]

2009-09-07 c:\windows\Tasks\OGALogon.job

- c:\windows\system32\OGAVerify.exe [2008-12-31 16:04]

.

.

------- Bijkomende Scan -------

.

uStart Page = hxxp://www.nieuwsblad.be/index.html?ref=0914

uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8

IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000

.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover

Rootkit scan 2009-09-07 17:49

Windows 5.1.2600 Service Pack 3 NTFS

scannen van verborgen processen ...

scannen van verborgen autostart items ...

scannen van verborgen bestanden ...

Scan succesvol afgerond

verborgen bestanden: 0

**************************************************************************

.

--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10c.exe,-101"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\Elevation]

"Enabled"=dword:00000001

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\LocalServer32]

@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10c.exe"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}]

@Denied: (A 2) (Everyone)

@="IFlashBroker3"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\h–€|ÿÿÿÿ¤•€|ù•9~*]

"3140110900063D11C8EF10054038389C"="C?\\WINDOWS\\system32\\FM20ENU.DLL"

.

Voltooingstijd: 2009-09-07 17:50

ComboFix-quarantined-files.txt 2009-09-07 15:50

ComboFix2.txt 2009-09-04 15:44

Pre-Run: 30.069.932.032 bytes beschikbaar

Post-Run: 30.030.733.312 bytes beschikbaar

325 --- E O F --- 2009-09-02 21:36

en hier de resultaten van hijackthis:

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 19:06:58, on 7/09/2009

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.6000.16876)

Boot mode: Normal

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\Common Files\Nikon\Monitor\NkMonitor.exe

C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe

C:\PROGRA~1\AVG\AVG8\avgtray.exe

C:\Program Files\Canon\MyPrinter\BJMyPrt.exe

C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\Ashampoo\Ashampoo Magic Defrag\bin\aDefragService.exe

C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe

C:\Program Files\Ashampoo\Ashampoo Magic Defrag\bin\aDefragCtrl.exe

C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE

C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe

C:\WINDOWS\system32\svchost.exe

C:\PROGRA~1\AVG\AVG8\avgrsx.exe

C:\PROGRA~1\AVG\AVG8\avgemc.exe

C:\Program Files\AVG\AVG8\avgcsrvx.exe

C:\PROGRA~1\AVG\AVG8\avgnsx.exe

C:\WINDOWS\system32\wscntfy.exe

C:\WINDOWS\system32\wuauclt.exe

C:\WINDOWS\explorer.exe

C:\Program Files\AVG\AVG8\avgscanx.exe

C:\Program Files\AVG\AVG8\avgcsrvx.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Windows Live\Toolbar\wltuser.exe

C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Het Nieuwsblad Online

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN.com

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen

R3 - URLSearchHook: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll

R3 - URLSearchHook: (no name) - *{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)

O2 - BHO: Adobe PDF Reader Help bij koppelingen - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll

O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll

O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll

O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll

O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll

O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

O3 - Toolbar: AVG Security Toolbar - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [Nikon Transfer Monitor] C:\Program Files\Common Files\Nikon\Monitor\NkMonitor.exe

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [Ad-Watch] C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe

O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe

O4 - HKLM\..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe /logon

O4 - HKLM\..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon

O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"

O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background

O4 - Global Startup: Ashampoo Magic Defrag.lnk = C:\Program Files\Ashampoo\Ashampoo Magic Defrag\bin\aDefragCtrl.exe

O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000

O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll

O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll

O23 - Service: AshampooDefragService - - C:\Program Files\Ashampoo\Ashampoo Magic Defrag\bin\aDefragService.exe

O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe

O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe

O23 - Service: Google Updateservice (gupdate1c9b83d16e7dc9) (gupdate1c9b83d16e7dc9) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: Inkjet Printer/Scanner Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE

O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe

O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe

O23 - Service: MSCSPTISRV - Sony Corporation - C:\PROGRA~1\COMMON~1\Sony Shared\AVLib\MSCSPTISRV.exe

O23 - Service: PACSPTISVR - Sony Corporation - C:\PROGRA~1\COMMON~1\Sony Shared\AVLib\PACSPTISVR.exe

O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\PROGRA~1\COMMON~1\Sony Shared\AVLib\SPTISRV.exe

--

End of file - 8179 bytes

alvast bedankt voor de hulp!

Link naar reactie
Delen op andere sites

Gast
Dit topic is nu gesloten voor nieuwe reacties.
 Delen

×
×
  • Nieuwe aanmaken...