Mededeling

Collapse
No announcement yet.

IE opent zich herhaaldelijk

Collapse
X
Collapse
  •  
  • Page of 1
  • Tijd
  • Show
Clear All
new posts
Vorige template Volgende
  • #1

    IE opent zich herhaaldelijk

    Allereerst de beste wensen voor jullie allemaal!

    Het probleem:
    Wanneer er op deze laptop internet-explore wordt gebruikt, gebeurd het momenteel soms dat er aan de lopende band IE schermpjes worden geopend. Typisch iets voor een virus dacht ik, maar mijn virusscanner vind niks. Ook met Adware alleen maar wat cookies gevonden meer niet.

    Heeft iemand van jullie een idee hoe dit kan? Hieronder mijn log bestand:

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 23:57:58, on 4-1-2008
    Platform: Windows Vista (WinNT 6.00.1904)
    MSIE: Internet Explorer v7.00 (7.00.6000.16575)
    Boot mode: Normal

    Running processes:
    C:\Windows\system32\Dwm.exe
    C:\Windows\Explorer.EXE
    C:\Program Files\Windows Defender\MSASCui.exe
    C:\Windows\RtHDVCpl.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\Windows\System32\hkcmd.exe
    C:\Windows\System32\igfxpers.exe
    C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
    C:\Program Files\Launch Manager\LaunchAp.exe
    C:\Program Files\Launch Manager\HotkeyApp.exe
    C:\Program Files\Launch Manager\OSDCtrl.exe
    C:\Program Files\Launch Manager\WButton.exe
    C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
    C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
    C:\Program Files\Logitech\Video\LogiTray.exe
    C:\Windows\System32\wpcumi.exe
    C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
    C:\Program Files\Corel\Corel Paint Shop Pro Photo X2\CorelIOMonitor.exe
    C:\Program Files\McAfee.com\Agent\mcagent.exe
    C:\Program Files\Windows Sidebar\sidebar.exe
    C:\Windows\ehome\ehtray.exe
    C:\Program Files\Windows Media Player\wmpnscfg.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    C:\Windows\ehome\ehmsas.exe
    C:\Acer\Empowering Technology\EPOWER\EPOWER_DMC.EXE
    C:\Acer\Empowering Technology\ACER.EMPOWERING.FRAMEWORK.SUPERVISOR.EXE
    C:\Acer\Empowering Technology\eRecovery\ERAGENT.EXE
    C:\Windows\system32\taskeng.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
    C:\Program Files\Internet Explorer\ieuser.exe
    C:\Windows\system32\Taskmgr.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Windows\system32\SearchFilterHost.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.nl/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://nl.intl.acer.yahoo.com
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://nl.intl.acer.yahoo.com
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    O1 - Hosts: ::1 localhost
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: McAntiPhishingBHO - {377C180E-6F0E-4D4C-980F-F45BD3D40CF4} - c:\PROGRA~1\mcafee\msk\mcapbho.dll
    O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptsn.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\system32\eDStoolbar.dll
    O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
    O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
    O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
    O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
    O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
    O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
    O4 - HKLM\..\Run: [LaunchAp] "C:\Program Files\Launch Manager\LaunchAp.exe"
    O4 - HKLM\..\Run: [PowerKey] "C:\Program Files\Launch Manager\PowerKey.exe"
    O4 - HKLM\..\Run: [LManager] "C:\Program Files\Launch Manager\HotkeyApp.exe"
    O4 - HKLM\..\Run: [LMgrOSD] "C:\Program Files\Launch Manager\OSDCtrl.exe"
    O4 - HKLM\..\Run: [Wbutton] "C:\Program Files\Launch Manager\Wbutton.exe"
    O4 - HKLM\..\Run: [WarReg_PopUp] C:\Acer\WR_PopUp\WarReg_PopUp.exe
    O4 - HKLM\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
    O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
    O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
    O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
    O4 - HKLM\..\Run: [WPCUMI] C:\Windows\system32\WpcUmi.exe
    O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
    O4 - HKLM\..\Run: [Corel Photo Downloader] "C:\Program Files\Common Files\Corel\Corel PhotoDownloader\Corel PhotoDownloader.exe" -startup
    O4 - HKLM\..\Run: [Corel File Shell Monitor] C:\Program Files\Corel\Corel Paint Shop Pro Photo X2\CorelIOMonitor.exe
    O4 - HKLM\..\Run: [mcagent_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey
    O4 - HKLM\..\Run: [McENUI] C:\PROGRA~1\McAfee\MHN\McENUI.exe /hide
    O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
    O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
    O4 - HKCU\..\Run: [updateMgr] c:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_0
    O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
    O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
    O4 - Startup: OneNote 2007 Schermopname en Snel starten.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
    O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    O4 - Global Startup: Empowering Technology Launcher.lnk = ?
    O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
    O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
    O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
    O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
    O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
    O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
    O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
    O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
    O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
    O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
    O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
    O13 - Gopher Prefix:
    O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
    O23 - Service: McAfee Application Installer Cleanup (0067551199469404) (0067551199469404mcinstcleanup) - McAfee, Inc. - C:\Windows\TEMP\006755~1.EXE
    O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
    O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe
    O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
    O23 - Service: eDSService.exe (eDataSecurity Service) - HiTRSUT - C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe
    O23 - Service: eLock Service (eLockService) - Acer Inc. - C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe
    O23 - Service: eNet Service - Acer Inc. - C:\Acer\Empowering Technology\eNet\eNet Service.exe
    O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
    O23 - Service: eSettings Service (eSettingsService) - Unknown owner - C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
    O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
    O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
    O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
    O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
    O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
    O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
    O23 - Service: MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exe
    O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
    O23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - C:\Program Files\McAfee\MSK\MskSrver.exe
    O23 - Service: ProtexisLicensing - Unknown owner - C:\Windows\system32\PSIService.exe
    O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
    O23 - Service: WisLMSvc - Wistron Corp. - C:\Program Files\Launch Manager\WisLMSvc.exe
    O23 - Service: ePower Service (WMIService) - acer - C:\Acer\Empowering Technology\ePower\ePowerSvc.exe

    --
    End of file - 10765 bytes


    Alvast bedankt!
    Labels: Geen
      • Citaat
    • #2
      Hallo,


      Schakel tijdelijk Windows Defender uit
      Want deze kan voor stoorzender spelen bij het fixen met HJT (de fix terug ongedaan maken ed., wat zo te zien nu gebeurd is omdat de gefixte regels er nog/terug in staan)
      * Open Windows Defender > Klik Tools
      * Klik "General Settings"
      * Scroll naar "Real Time Protection Options"
      * Haal het vinkje weg bij "Turn on Real Time Protection (recommended)" > Klik "Save"
      * Sluit Windows Defender
      (als de problemen over zijn, logje weer schoon verklaard is, kan je 'm weer aanzetten)

      Start Hijackthis op en kies voor 'Do a system scan only'
      Selecteer alleen de items die hieronder zijn genoemd:

      R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
      R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
      R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
      O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

      Sluit alle vensters behalve Hijackthis
      Klik op 'Fix checked' om de items te verwijderen.

      Download Combofix naar je Bureaublad.
      Indien je Combofix al eerder hebt gebruikt, gelieve die versie te verwijderen en Combofix opnieuw te downloaden via bovenstaande link, want Combofix wordt dagelijks geupdate.

      OPMERKING: indien je, tijdens of na het downloaden van Combofix of tijdens het gebruik van Combofix een melding krijgt van je Antivirus- of een andere realtime scanner, schakel dan deze scanner uit en download Combofix opnieuw. Sommige scanners zien bepaalde componenten die Combofix gebruikt als verdacht en gaan deze blokkeren of verwijderen!
      • Dubbelklik op Combofix.exe
        Volg de instructies, aanvaard de disclaimer door 1 (continue) te typen, gevolgd door ENTER.
        Tijdens het runnen van de fix, NIET in het venster klikken, want dit zal je pc doen vasthangen.

      Wanneer de fix voltooid is en na herstart, zal de log combofix.txt openen.
      Plaats deze log in je volgende post samen met een nieuw HijackThis log.

      Windows 10 opstarten in Veilige Modus
        • Citaat

        Comment

        • #3
          Bedankt voor al deze informatie. Ik heb het allemaal uitgevoerd, bij deze de logs:

          ComboFix 08-01-11.3 - Bas 2008-01-12 1:39:49.1 - NTFSx86
          Microsoft® Windows Vista™ Home Premium 6.0.6000.0.1252.1.1043.18.1206 [GMT 1:00]
          Gestart vanuit: C:\Users\Bas\Desktop\ComboFix.exe
          * Nieuw herstelpunt werd aangemaakt
          .

          (((((((((((((((((((( Bestanden Gemaakt van 2007-12-12 to 2008-01-12 ))))))))))))))))))))))))))))))
          .

          2008-01-12 01:38 . 2000-08-31 08:00 51,200 --a------ C:\Windows\NirCmd.exe
          2008-01-09 14:37 . 2008-01-09 14:37 802,816 --a------ C:\Windows\System32\drivers\tcpip.sys
          2008-01-09 14:37 . 2008-01-09 14:37 216,760 --a------ C:\Windows\System32\drivers\netio.sys
          2008-01-09 14:37 . 2008-01-09 14:37 167,424 --a------ C:\Windows\System32\tcpipcfg.dll
          2008-01-09 14:37 . 2008-01-09 14:37 24,064 --a------ C:\Windows\System32\netcfg.exe
          2008-01-09 14:37 . 2008-01-09 14:37 22,016 --a------ C:\Windows\System32\netiougc.exe
          2008-01-09 14:36 . 2008-01-09 14:36 4,247,552 --a------ C:\Windows\System32\GameUXLegacyGDFs.dll
          2008-01-09 14:36 . 2008-01-09 14:36 1,686,016 --a------ C:\Windows\System32\gameux.dll
          2008-01-09 14:36 . 2008-01-09 14:36 1,060,920 --a------ C:\Windows\System32\drivers\ntfs.sys
          2008-01-09 14:36 . 2008-01-09 14:36 211,000 --a------ C:\Windows\System32\drivers\volsnap.sys
          2008-01-09 14:36 . 2008-01-09 14:36 154,624 --a------ C:\Windows\System32\drivers\nwifi.sys
          2008-01-09 14:36 . 2008-01-09 14:36 109,624 --a------ C:\Windows\System32\drivers\ataport.sys
          2008-01-09 14:36 . 2008-01-09 14:36 45,112 --a------ C:\Windows\System32\drivers\pciidex.sys
          2008-01-09 14:36 . 2008-01-09 14:36 21,560 --a------ C:\Windows\System32\drivers\atapi.sys
          2008-01-09 14:36 . 2008-01-09 14:36 17,464 --a------ C:\Windows\System32\drivers\intelide.sys
          2008-01-09 14:35 . 2008-01-09 14:35 11,776 --a------ C:\Windows\System32\sbunattend.exe
          2008-01-04 23:56 . 2008-01-04 23:56 <DIR> d-------- C:\Program Files\Trend Micro
          2008-01-01 13:31 . 2008-01-12 01:42 12,063 --a------ C:\Windows\System32\Config.MPF
          2008-01-01 13:30 . 2006-03-03 11:07 143,360 --a------ C:\Windows\System32\dunzip32.dll
          2008-01-01 13:28 . 2007-07-21 09:08 201,288 --a------ C:\Windows\System32\drivers\mfehidk.sys
          2008-01-01 13:28 . 2007-07-13 09:21 125,728 --a------ C:\Windows\System32\drivers\Mpfp.sys
          2008-01-01 13:28 . 2007-07-24 07:40 79,304 --a------ C:\Windows\System32\drivers\mfeavfk.sys
          2008-01-01 13:28 . 2007-07-21 09:08 40,488 --a------ C:\Windows\System32\drivers\mfesmfk.sys
          2008-01-01 13:28 . 2007-07-21 09:08 35,240 --a------ C:\Windows\System32\drivers\mfebopk.sys
          2008-01-01 13:28 . 2007-07-24 12:02 33,800 --a------ C:\Windows\System32\drivers\mferkdk.sys
          2008-01-01 13:27 . 2008-01-01 13:27 <DIR> d-------- C:\Program Files\McAfee.com
          2008-01-01 13:27 . 2008-01-11 21:36 <DIR> d-------- C:\Program Files\McAfee
          2008-01-01 13:27 . 2008-01-01 13:28 <DIR> d-------- C:\Program Files\Common Files\McAfee
          2008-01-01 13:26 . 2008-01-01 13:31 <DIR> d-------- C:\Users\All Users\McAfee
          2008-01-01 13:26 . 2008-01-01 13:31 <DIR> d-------- C:\ProgramData\McAfee
          2007-12-30 13:02 . 2007-12-30 13:02 <DIR> d-------- C:\Windows\System32\loveearth Hot Air Balloon dir
          2007-12-30 13:02 . 2007-12-30 13:02 503,808 --a------ C:\Windows\System32\loveearth Hot Air Balloon.scr
          2007-12-29 23:00 . 2007-12-29 23:00 <DIR> d-------- C:\Users\All Users\Office Genuine Advantage
          2007-12-29 23:00 . 2007-12-29 23:00 <DIR> d-------- C:\ProgramData\Office Genuine Advantage
          2007-12-18 19:07 . 2007-12-18 19:07 <DIR> d-------- C:\Program Files\mcesoft
          2007-12-14 18:59 . 2008-01-06 18:10 952 --ahs---- C:\Windows\System32\KGyGaAvL.sys
          2007-12-14 18:09 . 2007-12-14 18:59 <DIR> d-------- C:\Users\Bas\AppData\Roaming\Corel
          2007-12-14 18:08 . 2007-12-31 08:50 <DIR> d-------- C:\Users\All Users\Corel
          2007-12-14 18:08 . 2007-12-31 08:50 <DIR> d-------- C:\ProgramData\Corel
          2007-12-14 18:01 . 2007-12-14 18:01 <DIR> d-------- C:\Program Files\Corel
          2007-12-14 18:01 . 2007-12-14 18:04 <DIR> d-------- C:\Program Files\Common Files\Corel
          2007-12-12 21:13 . 2007-12-12 21:13 1,327,104 --a------ C:\Windows\System32\quartz.dll
          2007-12-12 21:13 . 2007-12-12 21:13 223,232 --a------ C:\Windows\System32\WMASF.DLL
          2007-12-12 21:13 . 2007-12-12 21:13 9,728 --a------ C:\Windows\System32\LAPRXY.DLL
          2007-12-12 21:13 . 2007-12-12 21:13 2,048 --a------ C:\Windows\System32\asferror.dll
          2007-12-12 21:11 . 2007-12-12 21:11 130,048 --a------ C:\Windows\System32\drivers\srv2.sys
          2007-12-12 21:11 . 2007-12-12 21:11 101,888 --a------ C:\Windows\System32\drivers\mrxsmb.sys
          2007-12-12 21:11 . 2007-12-12 21:11 84,992 --a------ C:\Windows\System32\drivers\srvnet.sys
          2007-12-12 21:11 . 2007-12-12 21:11 58,368 --a------ C:\Windows\System32\drivers\mrxsmb20.sys
          2007-12-12 21:10 . 2007-12-12 21:10 3,504,824 --a------ C:\Windows\System32\ntkrnlpa.exe
          2007-12-12 21:10 . 2007-12-12 21:10 3,470,520 --a------ C:\Windows\System32\ntoskrnl.exe
          2007-12-12 21:09 . 2007-12-12 21:09 2,048 --a------ C:\Windows\System32\tzres.dll

          .
          ((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
          .
          2008-01-09 13:43 --------- d-----w C:\Program Files\Windows Mail
          2008-01-09 13:36 537,600 ----a-w C:\Windows\AppPatch\AcLayers.dll
          2008-01-09 13:36 449,024 ----a-w C:\Windows\AppPatch\AcSpecfc.dll
          2008-01-09 13:36 2,143,744 ----a-w C:\Windows\AppPatch\AcGenral.dll
          2008-01-09 13:36 173,056 ----a-w C:\Windows\AppPatch\AcXtrnal.dll
          2008-01-09 13:35 --------- d-----w C:\Program Files\Windows Sidebar
          2008-01-01 12:48 --------- d-----w C:\Program Files\Common Files\Symantec Shared
          2008-01-01 12:45 --------- d-----w C:\ProgramData\Symantec
          2007-12-14 16:48 --------- d--h--w C:\Program Files\InstallShield Installation Information
          2007-12-14 16:48 --------- d-----w C:\Program Files\Atari
          2007-12-14 16:47 --------- d-----w C:\Users\Bas\AppData\Roaming\Atari
          2007-12-14 16:44 --------- d-----w C:\Program Files\PokerTH
          2007-12-12 20:14 --------- d-----w C:\ProgramData\Microsoft Help
          2007-12-12 20:12 824,832 ----a-w C:\Windows\System32\wininet.dll
          2007-12-12 20:12 56,320 ----a-w C:\Windows\System32\iesetup.dll
          2007-12-12 20:12 52,736 ----a-w C:\Windows\AppPatch\iebrshim.dll
          2007-12-12 20:12 26,624 ----a-w C:\Windows\System32\ieUnatt.exe
          2007-12-10 17:45 --------- d-----w C:\ProgramData\Spybot - Search & Destroy
          2007-12-05 18:24 --------- d-----w C:\Users\Bas\AppData\Roaming\pokerth
          2007-12-03 15:21 --------- d-----w C:\Program Files\MSECache
          2007-11-26 19:31 9 ----a-w C:\Users\Bas\AppData\Roaming\mdb.bin
          2007-11-24 16:39 --------- d-----w C:\Program Files\Picasa2
          2007-11-24 16:36 --------- d-----w C:\Program Files\Google
          2007-11-17 10:07 1,244,672 ----a-w C:\Windows\System32\mcmde.dll
          2007-11-17 06:56 --------- d-----w C:\Program Files\Logitech
          2007-11-15 19:55 704,000 ----a-w C:\Windows\System32\PhotoScreensaver.scr
          2007-11-15 19:55 67,584 ----a-w C:\Windows\System32\wlanhlp.dll
          2007-11-15 19:55 542,720 ----a-w C:\Windows\System32\sysmain.dll
          2007-11-15 19:55 502,784 ----a-w C:\Windows\System32\wlansvc.dll
          2007-11-15 19:55 47,104 ----a-w C:\Windows\System32\wlanapi.dll
          2007-11-15 19:55 297,984 ----a-w C:\Windows\System32\wlansec.dll
          2007-11-15 19:55 290,816 ----a-w C:\Windows\System32\wlanmsm.dll
          2007-11-15 19:55 28,344 ----a-w C:\Windows\system32\drivers\battc.sys
          2007-11-15 19:55 258,232 ----a-w C:\Windows\system32\drivers\acpi.sys
          2007-11-15 19:55 24,064 ----a-w C:\Windows\System32\wtsapi32.dll
          2007-11-15 19:55 20,920 ----a-w C:\Windows\system32\drivers\compbatt.sys
          2007-11-15 19:55 2,923,520 ----a-w C:\Windows\explorer.exe
          2007-11-15 19:55 2,027,008 ----a-w C:\Windows\System32\win32k.sys
          2007-11-15 19:55 14,208 ----a-w C:\Windows\system32\drivers\CmBatt.sys
          2007-11-15 19:55 11,264 ----a-w C:\Windows\system32\drivers\wmiacpi.sys
          2007-11-15 16:18 12,464 ----a-w C:\Windows\system32\drivers\SECDRV.SYS
          2007-10-12 21:06 98,304 ----a-w C:\Windows\System32\CmdLineExt.dll
          2007-10-03 07:03 0 ----a-w C:\Users\Bas\AppData\Roaming\wklnhst.dat
          2007-10-02 18:09 174 --sha-w C:\Program Files\desktop.ini
          .

          ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
          .
          .
          REGEDIT4
          *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

          [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
          "Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe" [2008-01-09 14:35 1232896]
          "ehTray.exe"="C:\Windows\ehome\ehTray.exe" [2006-11-02 13:35 125440]
          "updateMgr"="c:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" [2004-11-22 07:18 307200]
          "WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" [2006-11-02 13:36 201728]

          [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
          "Windows Defender"="C:\Program Files\Windows Defender\MSASCui.exe" [2007-10-02 18:59 1006264]
          "RtHDVCpl"="RtHDVCpl.exe" [2006-11-09 19:57 3784704 C:\Windows\RtHDVCpl.exe]
          "SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [2006-10-23 20:00 815104]
          "Acer Tour"=""
          "IgfxTray"="C:\Windows\system32\igfxtray.exe" [2006-11-06 17:02 98304]
          "HotKeysCmds"="C:\Windows\system32\hkcmd.exe" [2006-11-06 17:05 106496]
          "Persistence"="C:\Windows\system32\igfxpers.exe" [2006-11-06 17:02 81920]
          "eDataSecurity Loader"="C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe" [2007-02-06 23:04 464168]
          "LaunchAp"="C:\Program Files\Launch Manager\LaunchAp.exe" [2005-07-25 12:36 32768]
          "PowerKey"="C:\Program Files\Launch Manager\PowerKey.exe" [ ]
          "LManager"="C:\Program Files\Launch Manager\HotkeyApp.exe" [2007-01-10 10:34 200704]
          "LMgrOSD"="C:\Program Files\Launch Manager\OSDCtrl.exe" [2006-08-29 08:26 241664]
          "Wbutton"="C:\Program Files\Launch Manager\Wbutton.exe" [2006-11-09 13:37 86016]
          "eRecoveryService"=""
          "WarReg_PopUp"="C:\Acer\WR_PopUp\WarReg_PopUp.exe" [2006-11-05 20:48 57344]
          "Acer Tour Reminder"="C:\Acer\AcerTour\Reminder.exe" [2007-01-17 08:01 151552]
          "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 00:11 132496]
          "HP Software Update"="C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" [2006-12-10 20:52 49152]
          "LogitechVideoRepair"="C:\Program Files\Logitech\Video\ISStart.exe" [2003-08-29 13:17 188416]
          "LogitechVideoTray"="C:\Program Files\Logitech\Video\LogiTray.exe" [2003-08-29 13:20 77824]
          "WPCUMI"="C:\Windows\system32\WpcUmi.exe" [2006-11-02 13:35 176128]
          "GrooveMonitor"="C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-26 23:47 31016]
          "Corel Photo Downloader"="C:\Program Files\Common Files\Corel\Corel PhotoDownloader\Corel PhotoDownloader.exe" [ ]
          "Corel File Shell Monitor"="C:\Program Files\Corel\Corel Paint Shop Pro Photo X2\CorelIOMonitor.exe" [2007-10-30 19:52 16200]
          "mcagent_exe"="C:\Program Files\McAfee.com\Agent\mcagent.exe" [2007-08-03 22:33 582992]
          "McENUI"="C:\PROGRA~1\McAfee\MHN\McENUI.exe" [2007-07-22 20:29 1160480]

          C:\Users\Bas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
          OneNote 2007 Schermopname en Snel starten.lnk - C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE [2006-10-26 19:24:54]

          C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\
          Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2004-12-14 03:44:06]
          Empowering Technology Launcher.lnk - C:\Acer\Empowering Technology\eAPLauncher.exe [2007-04-17 07:46:34]
          HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [2007-01-02 20:40:10]
          Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office\OSA9.EXE [1999-02-18 01:05:56]

          [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
          "LogonHoursAction"= 2 (0x2)
          "DontDisplayLogonHoursWarnings"= 1 (0x1)

          [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
          "LoadAppInit_DLLs"=1 (0x1)

          R0 PSDFilter;PSDFilter;C:\Windows\system32\DRIVERS\psdfilter.sys [2007-02-06 23:04]
          R0 PSDNServ;PSDNSERVER;C:\Windows\system32\drivers\PSDNServ.sys [2007-02-06 23:04]
          R0 psdvdisk;psdvdisk;C:\Windows\system32\drivers\psdvdisk.sys [2007-02-06 23:04]
          R1 Hotkey;Hotkey;C:\Windows\system32\drivers\Hotkey.sys [2003-04-28 10:27]
          R2 eDataSecurity Service;eDSService.exe;"C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe" [2007-02-06 23:04]
          R2 eNet Service;eNet Service;C:\Acer\Empowering Technology\eNet\eNet Service.exe [2007-03-22 17:21]
          R2 eSettingsService;eSettings Service;C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe [2007-04-24 18:17]
          R2 int15;int15;C:\Acer\Empowering Technology\eRecovery\int15.sys [2006-12-07 17:12]
          R2 MobilityService;MobilityService;C:\Acer\Mobility Center\MobilityService.exe [2006-11-24 11:57]
          R2 WMIService;ePower Service;C:\Acer\Empowering Technology\ePower\ePowerSvc.exe [2007-01-02 08:33]
          R3 igfx;igfx;C:\Windows\system32\DRIVERS\igdkmd32.sys [2006-11-06 18:29]
          R3 RTL8169;Realtek 8169 NT Driver;C:\Windows\system32\DRIVERS\Rtlh86.sys [2006-11-02 08:30]
          R3 WisLMSvc;WisLMSvc;"C:\Program Files\Launch Manager\WisLMSvc.exe" [2006-11-17 19:45]
          S3 athr;Atheros Extensible Wireless LAN device driver;C:\Windows\system32\DRIVERS\athr.sys [2006-11-02 08:30]
          S3 BCM43XV;Broadcom Extensible 802.11 Network Adapter Driver;C:\Windows\system32\DRIVERS\bcmwl6.sys [2006-12-19 20:18]

          [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
          LocalSystemNetworkRestricted REG_MULTI_SZ hidserv UxSms WdiSystemHost Netman trkwks AudioEndpointBuilder WUDFSvc irmon sysmain IPBusEnum dot3svc PcaSvc EMDMgmt TabletInputService wlansvc WPDBusEnum
          HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
          hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc

          *Newly Created Service* - PROCEXP90
          .
          Inhoud van de 'Gedeelde Taken' map
          "2008-01-01 16:31:49 C:\Windows\Tasks\McDefragTask.job"
          - c:\PROGRA~1\mcafee\mqc\QcConsol.exe'
          "2008-01-01 16:31:49 C:\Windows\Tasks\McQcTask.job"
          - c:\PROGRA~1\mcafee\mqc\QcConsol.exe
          .
          **************************************************************************

          catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
          Rootkit scan 2008-01-12 01:42:51
          Windows 6.0.6000 NTFS

          scannen van verborgen processen ...

          scannen van verborgen autostart items ...

          scannen van verborgen bestanden ...

          Scan succesvol afgerond
          verborgen bestanden: 0

          **************************************************************************
          .
          Voltooingstijd: 2008-01-12 1:44:14
          .
          2008-01-11 13:45:16 --- E O F ---




          En het Hijackthis logje:

          Logfile of Trend Micro HijackThis v2.0.2
          Scan saved at 1:45:33, on 12-1-2008
          Platform: Windows Vista (WinNT 6.00.1904)
          MSIE: Internet Explorer v7.00 (7.00.6000.16575)
          Boot mode: Normal

          Running processes:
          C:\Windows\system32\Dwm.exe
          C:\Windows\system32\taskeng.exe
          C:\Program Files\Windows Defender\MSASCui.exe
          C:\Windows\RtHDVCpl.exe
          C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
          C:\Windows\System32\hkcmd.exe
          C:\Windows\System32\igfxpers.exe
          C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
          C:\Program Files\Launch Manager\LaunchAp.exe
          C:\Program Files\Launch Manager\HotkeyApp.exe
          C:\Program Files\Launch Manager\OSDCtrl.exe
          C:\Program Files\Launch Manager\WButton.exe
          C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
          C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
          C:\Program Files\Logitech\Video\LogiTray.exe
          C:\Windows\System32\wpcumi.exe
          C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
          C:\Program Files\Corel\Corel Paint Shop Pro Photo X2\CorelIOMonitor.exe
          C:\Program Files\McAfee.com\Agent\mcagent.exe
          C:\Program Files\Windows Sidebar\sidebar.exe
          C:\Windows\ehome\ehtray.exe
          C:\Program Files\Windows Media Player\wmpnscfg.exe
          C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
          C:\Windows\ehome\ehmsas.exe
          C:\Acer\Empowering Technology\EPOWER\EPOWER_DMC.EXE
          C:\Acer\Empowering Technology\ACER.EMPOWERING.FRAMEWORK.SUPERVISOR.EXE
          C:\Acer\Empowering Technology\eRecovery\ERAGENT.EXE
          C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
          C:\Windows\system32\taskeng.exe
          C:\Windows\system32\conime.exe
          C:\Windows\explorer.exe
          C:\Windows\system32\notepad.exe
          c:\PROGRA~1\mcafee\VIRUSS~1\mcvsshld.exe
          C:\Program Files\Internet Explorer\ieuser.exe
          C:\Program Files\Internet Explorer\iexplore.exe
          C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

          R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.nl/
          R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://nl.intl.acer.yahoo.com
          R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
          R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
          R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://nl.intl.acer.yahoo.com
          O1 - Hosts: ::1 localhost
          O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
          O2 - BHO: McAntiPhishingBHO - {377C180E-6F0E-4D4C-980F-F45BD3D40CF4} - c:\PROGRA~1\mcafee\msk\mcapbho.dll
          O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
          O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
          O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptsn.dll
          O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\system32\eDStoolbar.dll
          O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
          O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
          O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
          O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
          O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
          O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
          O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
          O4 - HKLM\..\Run: [LaunchAp] "C:\Program Files\Launch Manager\LaunchAp.exe"
          O4 - HKLM\..\Run: [PowerKey] "C:\Program Files\Launch Manager\PowerKey.exe"
          O4 - HKLM\..\Run: [LManager] "C:\Program Files\Launch Manager\HotkeyApp.exe"
          O4 - HKLM\..\Run: [LMgrOSD] "C:\Program Files\Launch Manager\OSDCtrl.exe"
          O4 - HKLM\..\Run: [Wbutton] "C:\Program Files\Launch Manager\Wbutton.exe"
          O4 - HKLM\..\Run: [WarReg_PopUp] C:\Acer\WR_PopUp\WarReg_PopUp.exe
          O4 - HKLM\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe
          O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
          O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
          O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
          O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
          O4 - HKLM\..\Run: [WPCUMI] C:\Windows\system32\WpcUmi.exe
          O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
          O4 - HKLM\..\Run: [Corel Photo Downloader] "C:\Program Files\Common Files\Corel\Corel PhotoDownloader\Corel PhotoDownloader.exe" -startup
          O4 - HKLM\..\Run: [Corel File Shell Monitor] C:\Program Files\Corel\Corel Paint Shop Pro Photo X2\CorelIOMonitor.exe
          O4 - HKLM\..\Run: [mcagent_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey
          O4 - HKLM\..\Run: [McENUI] C:\PROGRA~1\McAfee\MHN\McENUI.exe /hide
          O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
          O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
          O4 - HKCU\..\Run: [updateMgr] c:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_0
          O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
          O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
          O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
          O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
          O4 - Startup: OneNote 2007 Schermopname en Snel starten.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
          O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
          O4 - Global Startup: Empowering Technology Launcher.lnk = ?
          O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
          O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
          O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
          O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
          O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
          O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
          O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
          O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
          O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
          O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
          O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
          O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
          O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
          O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
          O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
          O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
          O13 - Gopher Prefix:
          O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
          O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
          O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe
          O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
          O23 - Service: eDSService.exe (eDataSecurity Service) - HiTRSUT - C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe
          O23 - Service: eLock Service (eLockService) - Acer Inc. - C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe
          O23 - Service: eNet Service - Acer Inc. - C:\Acer\Empowering Technology\eNet\eNet Service.exe
          O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
          O23 - Service: eSettings Service (eSettingsService) - Unknown owner - C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe
          O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
          O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
          O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
          O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
          O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
          O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
          O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
          O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
          O23 - Service: MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exe
          O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
          O23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - C:\Program Files\McAfee\MSK\MskSrver.exe
          O23 - Service: ProtexisLicensing - Unknown owner - C:\Windows\system32\PSIService.exe
          O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
          O23 - Service: WisLMSvc - Wistron Corp. - C:\Program Files\Launch Manager\WisLMSvc.exe
          O23 - Service: ePower Service (WMIService) - acer - C:\Acer\Empowering Technology\ePower\ePowerSvc.exe

          --
          End of file - 10271 bytes



          Ben benieuwd wat nu de conclusie is.....

          Groeten
            • Citaat

            Comment

            • #4
              Zeg jij het maar, het logje is schoon.

              Windows 10 opstarten in Veilige Modus
                • Citaat

                Comment

                • #5
                  Vreemd... naja.. aan de andere kant natuurlijk fijn dat er niks (meer) is.

                  Bedankt voor de aandacht en de hulp tot zo ver!

                  Succes met alles! Groeten Bas
                    • Citaat

                    Comment

                    • #6
                      Toch nog wat proberen.

                      Download: RVAXO.exe
                      Sla het bestand op je bureaublad op, daarna mag je het dubbelklikken.
                      Je kunt het programma laten uitpakken naar je bureaublad.
                      Open nu de map RVAXO op je bureaublad en dubbelklik RVAXO.cmd
                      Er zal een schermpje openen, daarin zullen snel enkele regels over niet gevonden bestanden voorbijkomen, dit is normaal.
                      Mogelijk start er ook een uninstaller van een rogue scanner op, sluit deze niet af maar volg eventuele aanwijzingen en laat deze zijn werk doen.

                      Daarna zal je PC herstarten, na de herstart opent het venster van RVAXO opnieuw.
                      Laat deze lopen en wacht tot er een logfile opent.
                      Deze is eventueel ook hier te vinden: C:\RVAXO-results.log
                      Post de inhoud in je volgende bericht tesamen met een nieuw logje van HijackThis.

                      Herstart je PC niet?

                      Laat RVAXO nog een keer lopen en post dan het nieuwe logje: C:\rvaxo-results.log

                      Windows 10 opstarten in Veilige Modus
                        • Citaat

                        Comment

                        • #7
                          Ik heb bovenstaande uitgevoerd, maar:
                          - die uninstaller start niet
                          - de PC herstart niet
                          - Het RVAXO-logje is nergens te vinden op mijn pc. Hij geeft zelf ook aan dat hij het niet kan vinden (in dat RVAXO - scherm).

                          Is dit allemaal normaal? Moet ik nu een gewoon logje posten?
                            • Citaat

                            Comment

                            • #8
                              Neen , verwijder maar, windows vista he, de tool werkt daar tijdelijk niet op.

                              Download en installeer AVG Anti-Spyware 7.5
                              • Scroll iets naar beneden, klik ?download now? en sla het programma op.
                              • Klik tweemaal ?uitvoeren? en selecteer een taal.
                              • Doorloop enkele vensters en klik op ?installeren?.
                              • Als het niet automatisch gebeurt klik je op ?updates?
                              • Selecteer "Scanner" bovenin het scherm en selecteer dan "Settings"
                              • Eenmaal in het Settings gedeelte klik je "Recommended actions" en vervolgens "Quarantine"
                              • Sluit Ewido. Laat het nog niet scannen




                              Start AVG Anti-Spyware, (er is een icon op je desktop
                              • klik op Scanner
                              • Klik op Complete System Scan
                              • Laat het programma je pc scannen, dit kan even duren.
                              • Als er ge?nfecteerde bestanden zijn gevonden, klik dan op "Apply all actions"
                                Daarna zal je een knop zien Save report
                              • Klik op Save Report
                              • Klik daarna op Save Report as en bewaar het rapport op op je bureaublad.
                              • Sluit AVG Anti-spyware af en herstart de computer in normale mode.

                              Post het log tesamen met een nieuw hijackthis log.

                              Windows 10 opstarten in Veilige Modus
                                • Citaat

                                Comment

                                • #9
                                  Alles uitgevoerd en de volgende logjes, volgens mij is het allemaal schoon of niet? Toch blijft IE 7 raar doen, met afsluiten reageerd hij vaak niet meer en soms nog opent hij vaker.

                                  Logje scan:
                                  ---------------------------------------------------------
                                  AVG Anti-Spyware - Scan Report
                                  ---------------------------------------------------------

                                  + Created at: 13:31:56 20-1-2008

                                  + Scan result:



                                  C:\Users\Bas\AppData\Roaming\Microsoft\Windows\Cookies\Low\bas@247realmedia[1].txt -> TrackingCookie.247realmedia : Cleaned.
                                  C:\Users\Bas\AppData\Roaming\Microsoft\Windows\Cookies\Low\bas@2o7[1].txt -> TrackingCookie.2o7 : Cleaned.
                                  C:\Users\Bas\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][1].txt -> TrackingCookie.2o7 : Cleaned.
                                  C:\Users\Bas\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][1].txt -> TrackingCookie.2o7 : Cleaned.
                                  C:\Users\Bas\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][1].txt -> TrackingCookie.2o7 : Cleaned.
                                  C:\Users\Bas\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][1].txt -> TrackingCookie.2o7 : Cleaned.
                                  C:\Users\Bas\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][2].txt -> TrackingCookie.Adbrite : Cleaned.
                                  C:\Users\Bas\AppData\Roaming\Microsoft\Windows\Cookies\Low\bas@adbrite[2].txt -> TrackingCookie.Adbrite : Cleaned.
                                  C:\Users\Bas\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][2].txt -> TrackingCookie.Adbrite : Cleaned.
                                  C:\Users\Bas\AppData\Roaming\Microsoft\Windows\Cookies\Low\bas@adrevolver[1].txt -> TrackingCookie.Adrevolver : Cleaned.
                                  C:\Users\Bas\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][1].txt -> TrackingCookie.Adrevolver : Cleaned.
                                  C:\Users\Bas\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][1].txt -> TrackingCookie.Adrevolver : Cleaned.
                                  C:\Users\Bas\AppData\Roaming\Microsoft\Windows\Cookies\Low\bas@adtech[1].txt -> TrackingCookie.Adtech : Cleaned.
                                  C:\Users\Bas\AppData\Roaming\Microsoft\Windows\Cookies\Low\bas@advertising[2].txt -> TrackingCookie.Advertising : Cleaned.
                                  C:\Users\Bas\AppData\Roaming\Microsoft\Windows\Cookies\Low\bas@atdmt[2].txt -> TrackingCookie.Atdmt : Cleaned.
                                  C:\Users\Bas\AppData\Roaming\Microsoft\Windows\Cookies\bas@atdmt[2].txt -> TrackingCookie.Atdmt : Cleaned.
                                  C:\Users\Bas\AppData\Roaming\Microsoft\Windows\Cookies\Low\bas@bfast[2].txt -> TrackingCookie.Bfast : Cleaned.
                                  C:\Users\Bas\AppData\Roaming\Microsoft\Windows\Cookies\Low\bas@bluestreak[1].txt -> TrackingCookie.Bluestreak : Cleaned.
                                  C:\Users\Bas\AppData\Roaming\Microsoft\Windows\Cookies\bas@bluestreak[2].txt -> TrackingCookie.Bluestreak : Cleaned.
                                  C:\Users\Bas\AppData\Roaming\Microsoft\Windows\Cookies\Low\bas@burstnet[2].txt -> TrackingCookie.Burstnet : Cleaned.
                                  C:\Users\Bas\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][2].txt -> TrackingCookie.Burstnet : Cleaned.
                                  C:\Users\Bas\AppData\Roaming\Microsoft\Windows\Cookies\Low\bas@casalemedia[1].txt -> TrackingCookie.Casalemedia : Cleaned.
                                  C:\Users\Bas\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][1].txt -> TrackingCookie.Coremetrics : Cleaned.
                                  C:\Users\Bas\AppData\Roaming\Microsoft\Windows\Cookies\Low\bas@doubleclick[1].txt -> TrackingCookie.Doubleclick : Cleaned.
                                  C:\Users\Bas\AppData\Roaming\Microsoft\Windows\Cookies\bas@doubleclick[1].txt -> TrackingCookie.Doubleclick : Cleaned.
                                  C:\Users\Bas\AppData\Roaming\Microsoft\Windows\Cookies\Low\bas@estat[1].txt -> TrackingCookie.Estat : Cleaned.
                                  C:\Users\Bas\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][1].txt -> TrackingCookie.Etracker : Cleaned.
                                  C:\Users\Bas\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][2].txt -> TrackingCookie.Euroclick : Cleaned.
                                  C:\Users\Bas\AppData\Roaming\Microsoft\Windows\Cookies\Low\bas@fastclick[2].txt -> TrackingCookie.Fastclick : Cleaned.
                                  C:\Users\Bas\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][2].txt -> TrackingCookie.Gemius : Cleaned.
                                  C:\Users\Bas\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][2].txt -> TrackingCookie.Hitbox : Cleaned.
                                  C:\Users\Bas\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][1].txt -> TrackingCookie.Hitbox : Cleaned.
                                  C:\Users\Bas\AppData\Roaming\Microsoft\Windows\Cookies\Low\bas@hitbox[2].txt -> TrackingCookie.Hitbox : Cleaned.
                                  C:\Users\Bas\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][1].txt -> TrackingCookie.Hitbox : Cleaned.
                                  C:\Users\Bas\AppData\Roaming\Microsoft\Windows\Cookies\[email protected][1].txt -> TrackingCookie.Hitbox : Cleaned.
                                  C:\Users\Bas\AppData\Roaming\Microsoft\Windows\Cookies\bas@hitbox[1].txt -> TrackingCookie.Hitbox : Cleaned.
                                  C:\Users\Bas\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][1].txt -> TrackingCookie.Information : Cleaned.
                                  C:\Users\Bas\AppData\Roaming\Microsoft\Windows\Cookies\Low\bas@ivwbox[1].txt -> TrackingCookie.Ivwbox : Cleaned.
                                  C:\Users\Bas\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][1].txt -> TrackingCookie.Liveperson : Cleaned.
                                  C:\Users\Bas\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][1].txt -> TrackingCookie.Masterstats : Cleaned.
                                  C:\Users\Bas\AppData\Roaming\Microsoft\Windows\Cookies\Low\bas@mediaplex[1].txt -> TrackingCookie.Mediaplex : Cleaned.
                                  C:\Users\Bas\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][1].txt -> TrackingCookie.Netflame : Cleaned.
                                  C:\Users\Bas\AppData\Roaming\Microsoft\Windows\Cookies\Low\bas@oewabox[1].txt -> TrackingCookie.Oewabox : Cleaned.
                                  C:\Users\Bas\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][2].txt -> TrackingCookie.Onestat : Cleaned.
                                  C:\Users\Bas\AppData\Roaming\Microsoft\Windows\Cookies\Low\bas@overture[1].txt -> TrackingCookie.Overture : Cleaned.
                                  C:\Users\Bas\AppData\Roaming\Microsoft\Windows\Cookies\Low\bas@questionmarket[2].txt -> TrackingCookie.Questionmarket : Cleaned.
                                  C:\Users\Bas\AppData\Roaming\Microsoft\Windows\Cookies\Low\bas@revenue[2].txt -> TrackingCookie.Revenue : Cleaned.
                                  C:\Users\Bas\AppData\Roaming\Microsoft\Windows\Cookies\Low\bas@revsci[1].txt -> TrackingCookie.Revsci : Cleaned.
                                  C:\Users\Bas\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][1].txt -> TrackingCookie.Serving-sys : Cleaned.
                                  C:\Users\Bas\AppData\Roaming\Microsoft\Windows\Cookies\Low\bas@serving-sys[1].txt -> TrackingCookie.Serving-sys : Cleaned.
                                  C:\Users\Bas\AppData\Roaming\Microsoft\Windows\Cookies\[email protected][1].txt -> TrackingCookie.Serving-sys : Cleaned.
                                  C:\Users\Bas\AppData\Roaming\Microsoft\Windows\Cookies\bas@serving-sys[1].txt -> TrackingCookie.Serving-sys : Cleaned.
                                  C:\Users\Bas\AppData\Roaming\Microsoft\Windows\Cookies\Low\bas@smartadserver[1].txt -> TrackingCookie.Smartadserver : Cleaned.
                                  C:\Users\Bas\AppData\Roaming\Microsoft\Windows\Cookies\Low\bas@statcounter[2].txt -> TrackingCookie.Statcounter : Cleaned.
                                  C:\Users\Bas\AppData\Roaming\Microsoft\Windows\Cookies\Low\bas@tradedoubler[1].txt -> TrackingCookie.Tradedoubler : Cleaned.
                                  C:\Users\Bas\AppData\Roaming\Microsoft\Windows\Cookies\Low\bas@tribalfusion[2].txt -> TrackingCookie.Tribalfusion : Cleaned.
                                  C:\Users\Bas\AppData\Roaming\Microsoft\Windows\Cookies\Low\bas@weborama[1].txt -> TrackingCookie.Weborama : Cleaned.
                                  C:\Users\Bas\AppData\Roaming\Microsoft\Windows\Cookies\bas@weborama[1].txt -> TrackingCookie.Weborama : Cleaned.
                                  C:\Users\Bas\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][1].txt -> TrackingCookie.Webtrends : Cleaned.
                                  C:\Users\Bas\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][1].txt -> TrackingCookie.Webtrendslive : Cleaned.
                                  C:\Users\Bas\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][1].txt -> TrackingCookie.Yieldmanager : Cleaned.


                                  ::Report end

                                  Hijackthis logje:

                                  Logfile of Trend Micro HijackThis v2.0.2
                                  Scan saved at 1:45:33, on 12-1-2008
                                  Platform: Windows Vista (WinNT 6.00.1904)
                                  MSIE: Internet Explorer v7.00 (7.00.6000.16575)
                                  Boot mode: Normal

                                  Running processes:
                                  C:\Windows\system32\Dwm.exe
                                  C:\Windows\system32\taskeng.exe
                                  C:\Program Files\Windows Defender\MSASCui.exe
                                  C:\Windows\RtHDVCpl.exe
                                  C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
                                  C:\Windows\System32\hkcmd.exe
                                  C:\Windows\System32\igfxpers.exe
                                  C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
                                  C:\Program Files\Launch Manager\LaunchAp.exe
                                  C:\Program Files\Launch Manager\HotkeyApp.exe
                                  C:\Program Files\Launch Manager\OSDCtrl.exe
                                  C:\Program Files\Launch Manager\WButton.exe
                                  C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
                                  C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
                                  C:\Program Files\Logitech\Video\LogiTray.exe
                                  C:\Windows\System32\wpcumi.exe
                                  C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
                                  C:\Program Files\Corel\Corel Paint Shop Pro Photo X2\CorelIOMonitor.exe
                                  C:\Program Files\McAfee.com\Agent\mcagent.exe
                                  C:\Program Files\Windows Sidebar\sidebar.exe
                                  C:\Windows\ehome\ehtray.exe
                                  C:\Program Files\Windows Media Player\wmpnscfg.exe
                                  C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
                                  C:\Windows\ehome\ehmsas.exe
                                  C:\Acer\Empowering Technology\EPOWER\EPOWER_DMC.EXE
                                  C:\Acer\Empowering Technology\ACER.EMPOWERING.FRAMEWORK.SUPERVISOR.EXE
                                  C:\Acer\Empowering Technology\eRecovery\ERAGENT.EXE
                                  C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
                                  C:\Windows\system32\taskeng.exe
                                  C:\Windows\system32\conime.exe
                                  C:\Windows\explorer.exe
                                  C:\Windows\system32\notepad.exe
                                  c:\PROGRA~1\mcafee\VIRUSS~1\mcvsshld.exe
                                  C:\Program Files\Internet Explorer\ieuser.exe
                                  C:\Program Files\Internet Explorer\iexplore.exe
                                  C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

                                  R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.nl/
                                  R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://nl.intl.acer.yahoo.com
                                  R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
                                  R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
                                  R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://nl.intl.acer.yahoo.com
                                  O1 - Hosts: ::1 localhost
                                  O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
                                  O2 - BHO: McAntiPhishingBHO - {377C180E-6F0E-4D4C-980F-F45BD3D40CF4} - c:\PROGRA~1\mcafee\msk\mcapbho.dll
                                  O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
                                  O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
                                  O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptsn.dll
                                  O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\system32\eDStoolbar.dll
                                  O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
                                  O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
                                  O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
                                  O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
                                  O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
                                  O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
                                  O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
                                  O4 - HKLM\..\Run: [LaunchAp] "C:\Program Files\Launch Manager\LaunchAp.exe"
                                  O4 - HKLM\..\Run: [PowerKey] "C:\Program Files\Launch Manager\PowerKey.exe"
                                  O4 - HKLM\..\Run: [LManager] "C:\Program Files\Launch Manager\HotkeyApp.exe"
                                  O4 - HKLM\..\Run: [LMgrOSD] "C:\Program Files\Launch Manager\OSDCtrl.exe"
                                  O4 - HKLM\..\Run: [Wbutton] "C:\Program Files\Launch Manager\Wbutton.exe"
                                  O4 - HKLM\..\Run: [WarReg_PopUp] C:\Acer\WR_PopUp\WarReg_PopUp.exe
                                  O4 - HKLM\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe
                                  O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
                                  O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
                                  O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
                                  O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
                                  O4 - HKLM\..\Run: [WPCUMI] C:\Windows\system32\WpcUmi.exe
                                  O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
                                  O4 - HKLM\..\Run: [Corel Photo Downloader] "C:\Program Files\Common Files\Corel\Corel PhotoDownloader\Corel PhotoDownloader.exe" -startup
                                  O4 - HKLM\..\Run: [Corel File Shell Monitor] C:\Program Files\Corel\Corel Paint Shop Pro Photo X2\CorelIOMonitor.exe
                                  O4 - HKLM\..\Run: [mcagent_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey
                                  O4 - HKLM\..\Run: [McENUI] C:\PROGRA~1\McAfee\MHN\McENUI.exe /hide
                                  O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
                                  O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
                                  O4 - HKCU\..\Run: [updateMgr] c:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_0
                                  O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
                                  O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
                                  O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
                                  O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
                                  O4 - Startup: OneNote 2007 Schermopname en Snel starten.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
                                  O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
                                  O4 - Global Startup: Empowering Technology Launcher.lnk = ?
                                  O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
                                  O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
                                  O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
                                  O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
                                  O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
                                  O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
                                  O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
                                  O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
                                  O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
                                  O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
                                  O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
                                  O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
                                  O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
                                  O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
                                  O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
                                  O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
                                  O13 - Gopher Prefix:
                                  O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
                                  O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
                                  O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe
                                  O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
                                  O23 - Service: eDSService.exe (eDataSecurity Service) - HiTRSUT - C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe
                                  O23 - Service: eLock Service (eLockService) - Acer Inc. - C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe
                                  O23 - Service: eNet Service - Acer Inc. - C:\Acer\Empowering Technology\eNet\eNet Service.exe
                                  O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
                                  O23 - Service: eSettings Service (eSettingsService) - Unknown owner - C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe
                                  O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
                                  O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
                                  O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
                                  O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
                                  O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
                                  O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
                                  O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
                                  O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
                                  O23 - Service: MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exe
                                  O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
                                  O23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - C:\Program Files\McAfee\MSK\MskSrver.exe
                                  O23 - Service: ProtexisLicensing - Unknown owner - C:\Windows\system32\PSIService.exe
                                  O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
                                  O23 - Service: WisLMSvc - Wistron Corp. - C:\Program Files\Launch Manager\WisLMSvc.exe
                                  O23 - Service: ePower Service (WMIService) - acer - C:\Acer\Empowering Technology\ePower\ePowerSvc.exe

                                  --
                                  End of file - 10271 bytes
                                    • Citaat

                                    Comment

                                    • #10
                                      probeer de stappen op deze pagina eens.
                                      Fout - Office.com - Microsoft Ondersteuning
                                      http://support.microsoft.com/kb/923737/nl

                                      Windows 10 opstarten in Veilige Modus
                                        • Citaat

                                        Comment

                                        Vorige template Volgende
                                        Sorry, you are not authorized to view this page
                                        Working...
                                        X
                                        😀
                                        🥰
                                        🤢
                                        😎
                                        😡
                                        👍
                                        👎