Mededeling

Collapse
No announcement yet.

Computerproblemen. Virus of spyware?

Collapse
X
Collapse
  •  
  • Page of 1
  • Filter
  • Tijd
  • Show
Clear All
new posts
Vorige template Volgende
  • #1

    Computerproblemen. Virus of spyware?

    Hallo allemaal,

    Sinds een tijdje werkt mijn computer niet meer optimaal. Opstarten verloopt aanzienlijk trager dan voordien en heb ook een tijdje het probleempje gehad dat mijn comp pas begon met opstarten ongeveer 5s nadat ik op de knop had geduwd.
    Maar gisteren had ik een nieuwe versie van MSN messenger geïnstalleerd en ook het programma MSN Discovery. Het laatste heb ik rap terug verwijderd, want gaf veel pop-ups en werkt ook niet naar behoren. En nu startte ik juist de laptop op en gaf ie aan dat hij niet kon opstarten vanwege een probleem en ging toen automatisch naar systeemherstel. Dat heb ik laten lopen en toen startte hij wel op.
    Nu kwam ik dit forum tegen en heb dus maar meteen Hijackthis geïnstalleerd en laten lopen. Hoop dat jullie me verder kunnen helpen.

    Alvast bedankt!
    Ytero

    Hier de log:

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 13:55:34, on 22/04/2008
    Platform: Windows Vista (WinNT 6.00.1904)
    MSIE: Internet Explorer v7.00 (7.00.6000.16609)
    Boot mode: Normal

    Running processes:
    C:\Windows\system32\Dwm.exe
    C:\Windows\Explorer.EXE
    C:\Windows\system32\taskeng.exe
    C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\Windows\System32\rundll32.exe
    C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe
    C:\Windows\System32\rundll32.exe
    C:\Program Files\Picasa2\PicasaMediaDetector.exe
    C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
    C:\Program Files\Hewlett-Packard\OrderReminder\OrderReminder.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\Program Files\Adobe\Adobe Photoshop Lightroom 1.2\apdproxy.exe
    C:\Program Files\National Instruments\NI-DAQ\HWConfig\nidevmon.exe
    C:\Program Files\Packard Bell\SetUpMyPC\SmpSys.exe
    C:\Windows\ehome\ehtray.exe
    C:\Windows\ehome\ehmsas.exe
    C:\Windows\system32\wbem\unsecapp.exe
    C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSHelpRunner.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Program Files\Grisoft\AVG Free\avgcc.exe
    C:\Program Files\Grisoft\AVG Free\avgwb.dat
    C:\Windows\system32\SearchFilterHost.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.demorgen.be/?wt.bron=ipodnano
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    O1 - Hosts: ::1 localhost
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
    O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Google\Google_BAE\BAE.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
    O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
    O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe
    O4 - HKLM\..\Run: [IAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"
    O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe"
    O4 - HKLM\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe
    O4 - HKLM\..\Run: [toolbar_eula_launcher] C:\Program Files\Packard Bell\GOOGLE_EULA\EULALauncher.exe
    O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
    O4 - HKLM\..\Run: [OrderReminder] C:\Program Files\Hewlett-Packard\OrderReminder\OrderReminder.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Adobe Photoshop Lightroom 1.2\apdproxy.exe"
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [niDevMon] C:\Program Files\National Instruments\NI-DAQ\HWConfig\nidevmon.exe
    O4 - HKCU\..\Run: [SmpcSys] C:\Program Files\Packard Bell\SetUpMyPC\SmpSys.exe
    O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
    O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVGFRE~1\avgw.exe /RUNONCE (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
    O4 - HKUS\S-1-5-18\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVGFRE~1\avgw.exe /RUNONCE (User 'SYSTEEM')
    O4 - HKUS\.DEFAULT\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVGFRE~1\avgw.exe /RUNONCE (User 'Default user')
    O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
    O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
    O13 - Gopher Prefix:
    O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
    O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
    O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
    O23 - Service: AVG7 Resident Shield Service (AvgCoreSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgrssvc.exe
    O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
    O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: Lookout Citadel Server (LkCitadelServer) - National Instruments, Inc. - C:\Windows\system32\lkcitdl.exe
    O23 - Service: National Instruments PSP Server Locator (lkClassAds) - National Instruments, Inc. - C:\Windows\system32\lkads.exe
    O23 - Service: National Instruments Time Synchronization (lkTimeSync) - National Instruments, Inc. - C:\Windows\system32\lktsrv.exe
    O23 - Service: NI Configuration Manager (mxssvr) - National Instruments Corporation - C:\Program Files\National Instruments\MAX\nimxs.exe
    O23 - Service: nidevldu - National Instruments Corporation - C:\Windows\system32\nipalsm.exe
    O23 - Service: National Instruments Domain Service (NIDomainService) - National Instruments, Inc. - C:\Program Files\National Instruments\Shared\Security\nidmsrv.exe
    O23 - Service: NILM License Manager (NILM License manager) - Macrovision Corporation - C:\Program Files\National Instruments\Shared\License Manager\Bin\lmgrd.exe
    O23 - Service: nipxirmu - National Instruments Corporation - C:\Windows\system32\nipalsm.exe
    O23 - Service: NI Service Locator (niSvcLoc) - National Instruments Corp. - C:\Windows\system32\nisvcloc.exe
    O23 - Service: National Instruments Variable Engine (NITaggerService) - National Instruments, Inc. - C:\Program Files\National Instruments\Shared\Tagger\tagsrv.exe
    O23 - Service: Planner voor Automatische LiveUpdate - Unknown owner - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe (file missing)
    O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
    O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
    O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
    O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
    O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe (file missing)

    --
    End of file - 9469 bytes
    Labels: Geen
    • Citaat
  • #2
    Ik heb juist adaware ook eens laten lopen en die vond 196 corrupte files, maar het waren allemaal cookies. Weet echter niet of dit positief of negatief is. Heb ze toen wel allemaal laten verwijderen.

    Ytero
    • Citaat

    Comment

    • #3
      Klik met de rechtermuis op het programma Hijackthis en kies voor "Uitvoeren als Administrator"
      Kies voor 'Do a system scan only'
      Selecteer alleen de items die hieronder zijn genoemd:

      R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
      R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
      R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
      O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

      Sluit alle vensters behalve Hijackthis
      Klik op 'Fix checked' om de items te verwijderen.


      Download ATF cleaner (gemaakt door Atribune)
      Dubbelklik op ATF cleaner om het programma te starten.
      Op het tabblad "Main", plaats je een vinkje bij Select All.
      Klik op de knop Empty Selected.

      Het volgende doen als je ook FireFox als browser hebt:
      Klik op tabblad "Firefox", plaats een vinkje bij Select All.
      Wil je de door Firefox opgeslagen wachtwoorden behouden, dan klik je in het venster dat verschijnt op "No".
      (dit haalt het vinkje weer weg bij "Firefox saved passwords")
      Klik op de knop Empty Selected.

      Het volgende doen als je ook Opera als browser hebt:
      Klik op tabblad "Opera", plaats een vinkje bij Select All.
      Wil je de door Opera opgeslagen wachtwoorden behouden, dan klik je in het venster dat verschijnt op "No".
      Klik op de knop Empty Selected.
      Ga naar het tabblad "Main" en klik op de knop Exit om het programma af te sluiten.

      Download Malwarebytes' Anti-Malware via hier of hier.

      Dubbelklik mbam-setup.exe om het programma te installeren.
      • Zorg ervoor dat er een vinkje geplaatst is voor Update Malwarebytes' Anti-Malware en Launch Malwarebytes' Anti-Malware, Klik daarna op "finish".
      • Indien een update gevonden werd, zal het die downloaden en de laatste versie installeren.
      • Wanneer het programma volledig up to date is, selecteer "Perform Quick Scan", daarna klik Scan.
      • Het scannen kan een tijdje duren, dus wees geduldig.
      • Wanneer de scan voltooid is, klik OK, daarna "Show Results" om de resultaten te zien.
      • Zorg ervoor dat daar alles aangevinkt is, daarna klik: Remove Selected.
      • Na het verwijderen zal een log openen en zal er gevraagd worden om de computer opnieuw op te starten. (Zie extra nota onderaan)
      • De log wordt automatisch bewaard door MBAM die je kan zien door de "Logs" tab te klikken in MBAM.
      • Kopieer en plak de resultaten van de log in je volgend antwoord, samen met een nieuw HijackThislog.

      Extra opmerking:
      Indien MBAM moeilijkheden heeft met het verwijderen van bepaalde bestanden zal het enkele meldingen geven waar je OK moet klikken. Daarna zal het vragen om de Computer opnieuw op te starten... dus sta toe dat MBAM de computer opnieuw opstart.
      Herstart de computer en plaats ook een nieuw HJT logje

      Windows 10 opstarten in Veilige Modus
      • Citaat

      Comment

      • #4
        Hallo,

        Ik heb gedaan wat je zei en hier zijn de logs:

        MBAM:

        Malwarebytes' Anti-Malware 1.11
        Database versie: 677

        Scan type: Snelle Scan
        Objecten gescand: 32529
        Verstreken tijd: 4 minute(s), 57 second(s)

        Geheugenprocessen geïnfecteerd: 0
        Geheugenmodulen geïnfecteerd: 0
        Registersleutels geïnfecteerd: 0
        Registerwaarden geïnfecteerd: 0
        Registerdata bestanden geïnfecteerd: 0
        Mappen geïnfecteerd: 0
        Bestanden geïnfecteerd: 0

        Geheugenprocessen geïnfecteerd:
        (Geen kwaadaardige items gevonden)

        Geheugenmodulen geïnfecteerd:
        (Geen kwaadaardige items gevonden)

        Registersleutels geïnfecteerd:
        (Geen kwaadaardige items gevonden)

        Registerwaarden geïnfecteerd:
        (Geen kwaadaardige items gevonden)

        Registerdata bestanden geïnfecteerd:
        (Geen kwaadaardige items gevonden)

        Mappen geïnfecteerd:
        (Geen kwaadaardige items gevonden)

        Bestanden geïnfecteerd:
        (Geen kwaadaardige items gevonden)

        en HijackThis:

        Logfile of Trend Micro HijackThis v2.0.2
        Scan saved at 20:01:56, on 24/04/2008
        Platform: Windows Vista (WinNT 6.00.1904)
        MSIE: Internet Explorer v7.00 (7.00.6000.16643)
        Boot mode: Normal

        Running processes:
        C:\Windows\system32\taskeng.exe
        C:\Windows\system32\Dwm.exe
        C:\Windows\Explorer.EXE
        C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
        C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
        C:\Windows\System32\rundll32.exe
        C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe
        C:\Program Files\Picasa2\PicasaMediaDetector.exe
        C:\Program Files\Grisoft\AVG Free\avgcc.exe
        C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
        C:\Program Files\Hewlett-Packard\OrderReminder\OrderReminder.exe
        C:\Program Files\iTunes\iTunesHelper.exe
        C:\Program Files\Adobe\Adobe Photoshop Lightroom 1.2\apdproxy.exe
        C:\Program Files\National Instruments\NI-DAQ\HWConfig\nidevmon.exe
        C:\Program Files\Packard Bell\SetUpMyPC\SmpSys.exe
        C:\Windows\ehome\ehtray.exe
        C:\Windows\System32\rundll32.exe
        C:\Windows\ehome\ehmsas.exe
        C:\Windows\system32\wbem\unsecapp.exe
        C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSHelpRunner.exe
        C:\Program Files\MSN Messenger\msnmsgr.exe
        C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

        R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
        R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.demorgen.be/?wt.bron=ipodnano
        R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
        R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
        R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
        R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
        R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
        R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
        O1 - Hosts: ::1 localhost
        O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
        O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
        O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
        O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Google\Google_BAE\BAE.dll
        O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
        O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
        O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe
        O4 - HKLM\..\Run: [IAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"
        O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
        O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
        O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
        O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
        O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe"
        O4 - HKLM\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe
        O4 - HKLM\..\Run: [toolbar_eula_launcher] C:\Program Files\Packard Bell\GOOGLE_EULA\EULALauncher.exe
        O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
        O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
        O4 - HKLM\..\Run: [OrderReminder] C:\Program Files\Hewlett-Packard\OrderReminder\OrderReminder.exe
        O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
        O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
        O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Adobe Photoshop Lightroom 1.2\apdproxy.exe"
        O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
        O4 - HKLM\..\Run: [niDevMon] C:\Program Files\National Instruments\NI-DAQ\HWConfig\nidevmon.exe
        O4 - HKCU\..\Run: [SmpcSys] C:\Program Files\Packard Bell\SetUpMyPC\SmpSys.exe
        O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
        O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
        O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
        O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVGFRE~1\avgw.exe /RUNONCE (User 'LOCAL SERVICE')
        O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
        O4 - HKUS\S-1-5-18\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVGFRE~1\avgw.exe /RUNONCE (User 'SYSTEEM')
        O4 - HKUS\.DEFAULT\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVGFRE~1\avgw.exe /RUNONCE (User 'Default user')
        O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
        O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
        O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
        O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
        O13 - Gopher Prefix:
        O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
        O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
        O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
        O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
        O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
        O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
        O23 - Service: AVG7 Resident Shield Service (AvgCoreSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgrssvc.exe
        O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
        O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
        O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
        O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
        O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
        O23 - Service: Lookout Citadel Server (LkCitadelServer) - National Instruments, Inc. - C:\Windows\system32\lkcitdl.exe
        O23 - Service: National Instruments PSP Server Locator (lkClassAds) - National Instruments, Inc. - C:\Windows\system32\lkads.exe
        O23 - Service: National Instruments Time Synchronization (lkTimeSync) - National Instruments, Inc. - C:\Windows\system32\lktsrv.exe
        O23 - Service: NI Configuration Manager (mxssvr) - National Instruments Corporation - C:\Program Files\National Instruments\MAX\nimxs.exe
        O23 - Service: nidevldu - National Instruments Corporation - C:\Windows\system32\nipalsm.exe
        O23 - Service: National Instruments Domain Service (NIDomainService) - National Instruments, Inc. - C:\Program Files\National Instruments\Shared\Security\nidmsrv.exe
        O23 - Service: NILM License Manager (NILM License manager) - Macrovision Corporation - C:\Program Files\National Instruments\Shared\License Manager\Bin\lmgrd.exe
        O23 - Service: nipxirmu - National Instruments Corporation - C:\Windows\system32\nipalsm.exe
        O23 - Service: NI Service Locator (niSvcLoc) - National Instruments Corp. - C:\Windows\system32\nisvcloc.exe
        O23 - Service: National Instruments Variable Engine (NITaggerService) - National Instruments, Inc. - C:\Program Files\National Instruments\Shared\Tagger\tagsrv.exe
        O23 - Service: Planner voor Automatische LiveUpdate - Unknown owner - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe (file missing)
        O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
        O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
        O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
        O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
        O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe (file missing)

        --
        End of file - 9350 bytes

        Het programma MBAM heeft dus blijkbaar niets meer gevonden, dus ik denk dat dit dus goed meevalt.

        Hartelijk dank voor de hulp!

        Ytero
        • Citaat

        Comment

        • #5
          Zo te zien wel, maar ik wil je toch nog wat aanbieden.


          Volg de instructies zoals beschreven op de volgende pagina: hoe-dient-combofix-gebruikt-te-worden

          Gebruik je Vista, dan hoeft de Recovery Console niet te worden geinstalleerd.
          Is er iets niet duidelijk, dan vraag je het.
          Als het tooltje klaar is, opent er een logfile (C:\combofix.txt).
          Post de inhoud van dit bestandje samen met een nieuwe hijackthislog.

          Windows 10 opstarten in Veilige Modus
          • Citaat

          Comment

          • #6
            Hallo,

            Heb de instructies op de aangewezen pagina gevolgd en combofix laten lopen. Dit is het resultaat:

            ComboFix 08-04-22.5 - Daan 2008-04-24 20:41:12.1 - NTFSx86
            Microsoft® Windows Vista™ Home Premium 6.0.6000.0.1252.1.1043.18.1331 [GMT 2:00]
            Gestart vanuit: C:\Users\Daan\Desktop\ComboFix.exe
            * Nieuw herstelpunt werd aangemaakt
            .

            (((((((((((((((((((( Bestanden Gemaakt van 2008-03-24 to 2008-04-24 ))))))))))))))))))))))))))))))
            .

            Geen nieuwe bestanden aangemaakt in deze periode

            .
            ((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
            .
            2008-04-24 18:24 12,978 ----a-w C:\Users\Daan\AppData\Roaming\nvModes.dat
            2008-04-24 17:51 --------- d-----w C:\Users\Daan\AppData\Roaming\Malwarebytes
            2008-04-24 17:51 --------- d-----w C:\ProgramData\Malwarebytes
            2008-04-24 17:51 --------- d-----w C:\Program Files\Malwarebytes' Anti-Malware
            2008-04-22 20:10 --------- d-----w C:\Program Files\Windows Mail
            2008-04-22 18:29 --------- d-----w C:\ProgramData\Lavasoft
            2008-04-22 18:28 --------- d-----w C:\Users\Daan\AppData\Roaming\AVG7
            2008-04-22 18:28 --------- d-----w C:\Program Files\Lavasoft
            2008-04-22 18:28 --------- d-----w C:\Program Files\Common Files\Wise Installation Wizard
            2008-04-22 18:18 --------- d-----w C:\Program Files\Microsoft CAPICOM 2.1.0.2
            2008-04-22 11:55 --------- d-----w C:\Program Files\Trend Micro
            2008-04-22 11:46 --------- d-----w C:\ProgramData\avg7
            2008-04-22 10:44 --------- d-----w C:\Program Files\MSN Messenger
            2008-04-21 18:53 --------- d-----w C:\Program Files\MessengerDiscovery
            2008-04-21 18:30 --------- d-----w C:\Program Files\Windows Live
            2008-04-21 18:29 --------- dcsh--w C:\Program Files\Common Files\WindowsLiveInstaller
            2008-04-21 18:29 --------- d-----w C:\ProgramData\WLInstaller
            2008-04-16 18:46 --------- d-----w C:\Program Files\iPod Access for Windows
            2008-04-15 18:29 --------- d-----w C:\Users\Daan\AppData\Roaming\dvdcss
            2008-04-06 20:38 --------- d-----w C:\Users\Daan\AppData\Roaming\uTorrent
            2008-03-17 21:49 --------- d-----w C:\Users\Daan\AppData\Roaming\LimeWire
            2008-03-17 20:49 --------- d-----w C:\Program Files\Phun
            2008-03-17 13:41 --------- d-----w C:\Program Files\Java
            2008-03-14 12:53 53,768 ----a-w C:\Windows\system32\drivers\avgwfp.sys
            2008-03-03 20:16 --------- d-----w C:\Program Files\National Instruments
            2008-02-29 04:16 2,027,008 ----a-w C:\Windows\System32\win32k.sys
            2008-02-25 13:39 --------- d-----w C:\Program Files\Google
            2008-02-24 22:18 --------- d-----w C:\Program Files\Red Kawa
            2008-02-24 22:18 --------- d-----w C:\Program Files\AviSynth 2.5
            2008-02-24 22:04 --------- d-----w C:\Program Files\WinAVI Video Converter
            2008-02-24 21:53 --------- d-----w C:\Users\Daan\AppData\Roaming\Packard Bell
            2008-02-21 04:43 826,368 ----a-w C:\Windows\System32\wininet.dll
            2008-02-21 04:43 56,320 ----a-w C:\Windows\System32\iesetup.dll
            2008-02-21 04:43 52,736 ----a-w C:\Windows\AppPatch\iebrshim.dll
            2008-02-21 04:43 296,448 ----a-w C:\Windows\System32\gdi32.dll
            2008-02-21 04:43 26,624 ----a-w C:\Windows\System32\ieUnatt.exe
            2008-02-14 17:25 194,560 ----a-w C:\Windows\System32\WebClnt.dll
            2008-02-14 17:21 3,504,696 ----a-w C:\Windows\System32\ntkrnlpa.exe
            2008-02-14 17:21 3,470,392 ----a-w C:\Windows\System32\ntoskrnl.exe
            2008-02-14 17:21 24,064 ----a-w C:\Windows\System32\netcfg.exe
            2008-02-14 17:21 22,016 ----a-w C:\Windows\System32\netiougc.exe
            2008-02-14 17:21 167,424 ----a-w C:\Windows\System32\tcpipcfg.dll
            2008-02-14 17:20 537,600 ----a-w C:\Windows\AppPatch\AcLayers.dll
            2008-02-14 17:20 449,536 ----a-w C:\Windows\AppPatch\AcSpecfc.dll
            2008-02-14 17:20 4,247,552 ----a-w C:\Windows\System32\GameUXLegacyGDFs.dll
            2008-02-14 17:20 2,560 ----a-w C:\Windows\AppPatch\AcRes.dll
            2008-02-14 17:20 2,144,256 ----a-w C:\Windows\AppPatch\AcGenral.dll
            2008-02-14 17:20 173,056 ----a-w C:\Windows\AppPatch\AcXtrnal.dll
            2008-02-14 17:20 1,686,528 ----a-w C:\Windows\System32\gameux.dll
            2007-12-31 16:16 22,328 ----a-w C:\Users\Daan\AppData\Roaming\PnkBstrK.sys
            2007-09-14 21:10 174 --sha-w C:\Program Files\desktop.ini
            2004-03-15 16:51 114,688 ----a-w C:\Program Files\internet explorer\plugins\LV71ActiveXControl.dll
            2003-05-01 08:36 114,688 ----a-w C:\Program Files\internet explorer\plugins\LV7ActiveXControl.dll
            2005-10-12 15:04 131,072 ----a-w C:\Program Files\internet explorer\plugins\LV80ActiveXControl.dll
            2007-07-24 14:00 32,768 --sha-w C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\MSHist0 12007072420070725\index.dat
            .

            ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
            .
            .
            REGEDIT4
            *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

            [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
            "ehTray.exe"="C:\Windows\ehome\ehTray.exe" [2006-11-02 14:35 125440]

            [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
            "Windows Defender"="C:\Program Files\Windows Defender\MSASCui.exe" [2007-07-24 16:23 1006264]
            "JMB36X IDE Setup"="C:\Windows\RaidTool\xInsIDE.exe" [2007-03-20 23:36 36864]
            "IAAnotif"="C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe" [2007-03-21 13:00 174872]
            "SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [2007-03-24 00:40 857648]
            "NvSvc"="C:\Windows\system32\nvsvc.dll" [2007-04-05 04:41 86016]
            "NvCplDaemon"="C:\Windows\system32\NvCpl.dll" [2007-04-05 04:41 8429568]
            "NvMediaCenter"="C:\Windows\system32\NvMcTray.dll" [2007-04-05 04:41 81920]
            "RoxWatchTray"="C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe" [2007-01-11 11:40 232184]
            "AVG7_CC"="C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe" [2008-04-22 12:45 579584]
            "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [2008-02-22 05:25 144784]
            "OrderReminder"="C:\Program Files\Hewlett-Packard\OrderReminder\OrderReminder.exe" [2006-01-30 18:00 98304]
            "QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [2007-06-29 07:24 286720]
            "iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2007-09-26 15:42 267064]
            "Adobe Photo Downloader"="C:\Program Files\Adobe\Adobe Photoshop Lightroom 1.2\apdproxy.exe" [2007-08-30 07:32 61440]
            "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 23:16 39792]
            "niDevMon"="C:\Program Files\National Instruments\NI-DAQ\HWConfig\nidevmon.exe" [2005-10-06 12:49 263168]

            [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
            "AVG7_Run"="C:\PROGRA~1\Grisoft\AVGFRE~1\avgw.exe" [2007-10-23 15:50 219136]

            [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
            "msacm.divxa32"= msaud32_divx.acm

            [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Picasa Media Detector]
            --a------ 2007-02-21 03:18 366400 C:\Program Files\Picasa2\PicasaMediaDetector.exe

            [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SmpcSys]
            --a------ 2006-10-23 16:49 1092152 C:\Program Files\Packard Bell\SetUpMyPC\SmpSys.exe

            [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\toolbar_eula_launcher]
            --a------ 2007-02-20 18:20 28672 C:\Program Files\Packard Bell\GOOGLE_EULA\EULALauncher.exe

            [HKEY_LOCAL_MACHINE\software\microsoft\security center]
            "UacDisableNotify"=dword:00000001
            "InternetSettingsDisableNotify"=dword:00000001
            "AutoUpdateDisableNotify"=dword:00000001

            [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
            "DisableMonitoring"=dword:00000001

            [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
            "DisableMonitoring"=dword:00000001

            [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
            "DisableMonitoring"=dword:00000001

            [HKLM\~\services\sharedaccess\parameters\firewallpolicy\DomainProfile]
            "EnableFirewall"= 0 (0x0)

            [HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
            "{A73FD919-5BE5-4FB6-BACA-7492434082CD}"= UDP:C:\Program Files\Skype\Phone\Skype.exe:Skype
            "{BB5F6AC5-B5F0-49C1-90D0-6848B5D90D16}"= TCP:C:\Program Files\Skype\Phone\Skype.exe:Skype
            "{D7464C40-A999-4D6C-A879-6983610AFF38}"= C:\Program Files\MSN Messenger\livecall.exe:Windows Live Messenger 8.1 (Phone)
            "{06F07FC0-A460-4239-AFDF-C51DA4152F5A}"= UDP:C:\Program Files\Grisoft\AVG Free\avginet.exe:avginet.exe
            "{62216EE7-3223-4937-92A3-D7A04F432AEC}"= TCP:C:\Program Files\Grisoft\AVG Free\avginet.exe:avginet.exe
            "{0F1C52FB-B4DD-4D59-BB41-BE201224470C}"= UDP:C:\Program Files\Grisoft\AVG Free\avgamsvr.exe:avgamsvr.exe
            "{C0F8BFCD-59FB-43B4-B149-D8CBBA5D0C01}"= TCP:C:\Program Files\Grisoft\AVG Free\avgamsvr.exe:avgamsvr.exe
            "{6C15A232-BE6D-4BD6-83F9-D92C8C22D0C6}"= UDP:C:\Program Files\Grisoft\AVG Free\avgcc.exe:avgcc.exe
            "{B309A019-AB17-4B62-8EE6-A312AD6757E2}"= TCP:C:\Program Files\Grisoft\AVG Free\avgcc.exe:avgcc.exe
            "{2A6253C0-A29A-4DD3-9936-38A0CC77405C}"= UDP:C:\Program Files\Grisoft\AVG Free\avgemc.exe:avgemc.exe
            "{656DE770-D79E-401A-B4F8-6029053955A0}"= TCP:C:\Program Files\Grisoft\AVG Free\avgemc.exe:avgemc.exe
            "{1DB1A518-6D85-49BE-AAA7-E07B58EEEEBC}"= UDP:C:\Program Files\uTorrent\uTorrent.exe:µTorrent
            "{38280C84-733C-4BA3-8537-F51A16A0F2B3}"= TCP:C:\Program Files\uTorrent\uTorrent.exe:µTorrent
            "TCP Query User{758B7009-D488-4843-94C0-1ACA5CC3ED9F}C:\\users\\daan\\program files\\utorrent\\utorrent.exe"= UDP:C:\users\daan\program files\utorrent\utorrent.exe:utorrent.exe
            "UDP Query User{62B3F8BE-E07B-4366-90E8-281CBFF3D224}C:\\users\\daan\\program files\\utorrent\\utorrent.exe"= TCP:C:\users\daan\program files\utorrent\utorrent.exe:utorrent.exe
            "TCP Query User{C1086286-13EE-464F-BC38-F89FF7C4D289}C:\\program files\\mozilla firefox\\firefox.exe"= UDP:C:\program files\mozilla firefox\firefox.exe:Firefox
            "UDP Query User{22F4F598-65D6-4413-8A3A-2C3E0E0D5B01}C:\\program files\\mozilla firefox\\firefox.exe"= TCP:C:\program files\mozilla firefox\firefox.exe:Firefox
            "TCP Query User{59DFA043-7E45-4F3B-A49E-E277DE3D75B6}C:\\program files\\limewire\\limewire.exe"= UDP:C:\program files\limewire\limewire.exe:LimeWire
            "UDP Query User{F5F5A64A-5A15-425D-8B14-52BCCDB292B5}C:\\program files\\limewire\\limewire.exe"= TCP:C:\program files\limewire\limewire.exe:LimeWire
            "{9FD2DE55-838C-42EA-8702-B11346759750}"= UDP:C:\Program Files\iTunes\iTunes.exe:iTunes
            "{66C0ED0D-16BF-41DC-826B-0F21BB7395B9}"= TCP:C:\Program Files\iTunes\iTunes.exe:iTunes
            "TCP Query User{E940573F-90F6-4BC7-A86A-9487278E3201}C:\\program files\\itunes\\itunes.exe"= UDP:C:\program files\itunes\itunes.exe:iTunes
            "UDP Query User{5566C020-1E99-4C49-8D9A-298233E0B4BF}C:\\program files\\itunes\\itunes.exe"= TCP:C:\program files\itunes\itunes.exe:iTunes
            "TCP Query User{20CBB0A7-DC0B-4BEC-8D2E-2384D0A367C6}C:\\program files\\games-masters.com\\cabal online (europe)\\launcher\\update\\estdnheadless.exe"= UDP:C:\program files\games-masters.com\cabal online (europe)\launcher\update\estdnheadless.exe:EST! download engine
            "UDP Query User{4763A871-E589-4244-9B79-072E630BC2BB}C:\\program files\\games-masters.com\\cabal online (europe)\\launcher\\update\\estdnheadless.exe"= TCP:C:\program files\games-masters.com\cabal online (europe)\launcher\update\estdnheadless.exe:EST! download engine
            "{A8789E69-F9F4-4C86-AD97-2DBDADFA5EFC}"= UDP:C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe:BlueSoleil
            "{B6B7B576-4EDB-461C-BCF7-BE686B2AED2D}"= TCP:C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe:BlueSoleil
            "{73D6597F-1801-44A7-B3B2-C13D9C534181}"= UDP:C:\Windows\System32\PnkBstrA.exe:PnkBstrA
            "{5FD29CD6-276A-4F32-83C4-33B23E9F4A1F}"= TCP:C:\Windows\System32\PnkBstrA.exe:PnkBstrA
            "{B3EECC72-CA91-4D64-8113-835ECB39AB4E}"= UDP:C:\Windows\System32\PnkBstrB.exe:PnkBstrB
            "{9D722F8E-909B-423D-818F-F4D99D7BB112}"= TCP:C:\Windows\System32\PnkBstrB.exe:PnkBstrB
            "{23DF492A-531D-4D88-ABA3-9F267C4FF9E4}"= UDP:C:\Program Files\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe:Call of Duty(R) 4 - Modern Warfare(TM)
            "{AD4BC105-C156-4A45-B5DB-46B855BDD8F6}"= TCP:C:\Program Files\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe:Call of Duty(R) 4 - Modern Warfare(TM)
            "TCP Query User{F908EC58-F4A1-45F8-A9C1-8410740EF098}C:\\program files\\activision\\call of duty 4 - modern warfare\\iw3mp.exe"= UDP:C:\program files\activision\call of duty 4 - modern warfare\iw3mp.exe:iw3mp
            "UDP Query User{119DD50F-39D0-4AB9-AB4A-76358301CAB5}C:\\program files\\activision\\call of duty 4 - modern warfare\\iw3mp.exe"= TCP:C:\program files\activision\call of duty 4 - modern warfare\iw3mp.exe:iw3mp
            "TCP Query User{5504D03A-C9F6-4D6E-9480-006A9CA64EE9}C:\\users\\daan\\program files\\utorrent\\utorrent.exe"= UDP:C:\users\daan\program files\utorrent\utorrent.exe:utorrent.exe
            "UDP Query User{094D940D-EC64-4BD8-A0F8-79EF6B195F69}C:\\users\\daan\\program files\\utorrent\\utorrent.exe"= TCP:C:\users\daan\program files\utorrent\utorrent.exe:utorrent.exe
            "TCP Query User{645DC218-EE0C-440E-88E3-88F948BAFC07}C:\\program files\\maple 11\\jre\\bin\\maple.exe"= UDP:C:\program files\maple 11\jre\bin\maple.exe:Maple 11
            "UDP Query User{7E823AAA-29F8-463B-8F36-F4BC6C1EF99D}C:\\program files\\maple 11\\jre\\bin\\maple.exe"= TCP:C:\program files\maple 11\jre\bin\maple.exe:Maple 11
            "TCP Query User{F933F6C0-FD1F-4D2C-B150-3BEBDAFF9E84}C:\\program files\\maple 11\\jre\\bin\\java.exe"= UDP:C:\program files\maple 11\jre\bin\java.exe:Java(TM) 2 Platform Standard Edition binary
            "UDP Query User{A7CC37DB-434C-4C23-AB0B-5DD851ADD47E}C:\\program files\\maple 11\\jre\\bin\\java.exe"= TCP:C:\program files\maple 11\jre\bin\java.exe:Java(TM) 2 Platform Standard Edition binary
            "TCP Query User{BCA3D3CA-27B2-4A67-B46B-EBA09783E9A3}C:\\program files\\maple 11\\jre\\bin\\maple.exe"= UDP:C:\program files\maple 11\jre\bin\maple.exe:Maple 11
            "UDP Query User{0CFCA1E5-1A77-4A35-81EF-BF9D16A85DF4}C:\\program files\\maple 11\\jre\\bin\\maple.exe"= TCP:C:\program files\maple 11\jre\bin\maple.exe:Maple 11
            "TCP Query User{7442D586-C024-4954-9702-0A1DE83403A3}C:\\program files\\limewire\\limewire.exe"= UDP:C:\program files\limewire\limewire.exe:LimeWire
            "UDP Query User{4DEE0DC2-49CA-42F9-B35D-05A36471C97E}C:\\program files\\limewire\\limewire.exe"= TCP:C:\program files\limewire\limewire.exe:LimeWire
            "TCP Query User{A00C255D-C01B-4844-8D7D-9DEB74590678}C:\\program files\\national instruments\\labview 7.1\\labview.exe"= UDP:C:\program files\national instruments\labview 7.1\labview.exe:LabVIEW 7.1 Development System
            "UDP Query User{CD0ECB33-1282-4FE2-B1F2-47C53B5DAA0B}C:\\program files\\national instruments\\labview 7.1\\labview.exe"= TCP:C:\program files\national instruments\labview 7.1\labview.exe:LabVIEW 7.1 Development System
            "{05666575-922E-4286-BE63-A79DFB2823F2}"= C:\Program Files\MSN Messenger\livecall.exe:Windows Live Messenger 8.1 (Phone)

            [HKLM\~\services\sharedaccess\parameters\firewallpolicy\PublicProfile]
            "EnableFirewall"= 0 (0x0)

            [HKLM\~\services\sharedaccess\parameters\firewallpolicy\RestrictedServices\Static\System]
            "DFSR-1"= RPort=5722|UDP:%SystemRoot%\system32\svchost.exe|Svc=DFSR:Allow inbound TCP traffic|

            R0 NIPALK;NIPALK;C:\Windows\system32\drivers\nipalk.sys [2005-09-22 22:12]
            R2 cvintdrv;cvintdrv;C:\Windows\system32\drivers\cvintdrv.sys [2004-07-26 11:00]
            R2 gpib420;GPIB Analyzer;C:\Windows\system32\drivers\gpib420.sys [2005-07-18 02:45]
            R2 GpibPrtK;Gpib Port;C:\Windows\system32\drivers\gpibprtk.sys [2005-07-18 02:25]
            R2 lvalarmk;lvalarmk;C:\Windows\system32\drivers\lvalarmk.dll [2005-07-27 09:58]
            R2 mxssvr;NI Configuration Manager;"C:\Program Files\National Instruments\MAX\nimxs.exe" [2005-10-03 23:52]
            R2 nidimk;nidimk;C:\Windows\system32\drivers\nidimk.dll [2005-09-28 22:14]
            R2 nidmxfk;nidmxfk;C:\Windows\system32\drivers\nidmxfk.dll [2005-10-13 08:27]
            R2 niemrk;niemrk;C:\Windows\system32\drivers\niemrk.dll [2005-10-07 01:19]
            R2 nifslk;nifslk;C:\Windows\system32\drivers\nifslk.dll [2005-10-06 12:32]
            R2 nimxpk;nimxpk;C:\Windows\system32\drivers\nimxpk.dll [2005-10-06 13:31]
            R2 nipxirmk;nipxirmk;C:\Windows\system32\drivers\nipxirmk.dll [2005-09-21 12:30]
            R2 niswdk;niswdk;C:\Windows\system32\drivers\niswdk.dll [2005-10-08 02:08]
            R2 NITaggerService;National Instruments Variable Engine;"C:\Program Files\National Instruments\Shared\Tagger\tagsrv.exe" [2005-10-11 16:13]
            R2 usb6xxxk;usb6xxxk;C:\Windows\system32\drivers\usb6xxxk.dll [2005-10-07 01:06]
            R3 AvgWFP;AVG7 Firewall Driver x86;C:\Windows\system32\Drivers\avgwfp.sys [2008-03-14 14:53]
            R3 itecir;ITECIR Infrared Receiver;C:\Windows\system32\DRIVERS\itecir.sys [2007-01-08 13:38]
            R3 nicdrk;nicdrk;C:\Windows\system32\drivers\nicdrk.dll [2005-10-06 12:56]
            R3 nimdbgk;nimdbgk;C:\Windows\system32\drivers\nimdbgk.dll [2005-09-28 21:07]
            R3 nimru2k;nimru2k;C:\Windows\system32\drivers\nimru2k.dll [2005-09-28 22:54]
            R3 nimsdrk;nimsdrk;C:\Windows\system32\drivers\nimsdrk.dll [2005-10-06 13:19]
            R3 nimstsk;nimstsk;C:\Windows\system32\drivers\nimstsk.dll [2005-10-06 13:25]
            R3 nimxdfk;nimxdfk;C:\Windows\system32\drivers\nimxdfk.dll [2005-09-28 21:52]
            R3 niorbk;niorbk;C:\Windows\system32\drivers\niorbk.dll [2005-10-06 17:22]
            R3 niscdk;niscdk;C:\Windows\system32\drivers\niscdk.dll [2005-10-06 13:07]
            R3 yukonwlh;NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\system32\DRIVERS\yk60x86.sys [2007-01-09 10:00]
            S3 nidsark;nidsark;C:\Windows\system32\drivers\nidsark.dll [2005-10-06 13:14]
            S3 niesrk;niesrk;C:\Windows\system32\drivers\niesrk.dll [2005-10-07 01:19]
            S3 nimslk;nimslk;C:\Windows\system32\drivers\nimslk.dll [2005-10-06 02:00]
            S3 nimsrlk;nimsrlk;C:\Windows\system32\drivers\nimsrlk.dll [2005-10-06 02:00]
            S3 nisdigk;nisdigk;C:\Windows\system32\drivers\nisdigk.dll [2005-10-07 01:06]
            S3 nisftk;nisftk;C:\Windows\system32\drivers\nisftk.dll [2005-10-06 12:48]
            S3 nispdk;nispdk;C:\Windows\system32\drivers\nispdk.dll [2005-10-06 13:07]
            S3 nissrk;nissrk;C:\Windows\system32\drivers\nissrk.dll [2005-10-07 01:20]
            S3 nistc2k;nistc2k;C:\Windows\system32\drivers\nistc2k.dll [2005-10-06 13:03]
            S3 nistcrk;nistcrk;C:\Windows\system32\drivers\nistcrk.dll [2005-10-10 21:07]
            S3 nitiork;nitiork;C:\Windows\system32\drivers\nitiork.dll [2005-10-07 01:54]
            S3 NiViFWK;NI-VISA FireWire Driver;C:\Windows\system32\drivers\NiViFWK.sys [2005-10-12 18:13]
            S3 NiViPciK;NI-VISA PCI Driver;C:\Windows\system32\drivers\NiViPciK.sys [2005-10-12 18:04]
            S3 NiViPxiK;NI-VISA PXI Driver;C:\Windows\system32\drivers\NiViPxiK.sys [2005-10-12 18:04]
            S3 niwfrk;niwfrk;C:\Windows\system32\drivers\niwfrk.dll [2005-10-07 01:20]
            S3 nixsrk;nixsrk;C:\Windows\system32\drivers\nixsrk.dll [2005-10-07 01:20]

            *Newly Created Service* - CATCHME
            .
            Inhoud van de 'Gedeelde Taken' map
            "2008-03-21 19:00:00 C:\Windows\Tasks\Norton Internet Security - Volledige systeemscan - Daan.job"
            - C:\PROGRA~1\NORTON~1\NORTON~1\Navw32.exeB/TASK:
            "2008-04-24 18:30:00 C:\Windows\Tasks\Uitgebreide garantie.job"
            - C:\Program Files\Packard Bell\SetupmyPC\PBCarNot.exe
            .
            **************************************************************************

            catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
            Rootkit scan 2008-04-24 20:43:43
            Windows 6.0.6000 NTFS

            scannen van verborgen processen ...

            scannen van verborgen autostart items ...

            scannen van verborgen bestanden ...

            Scan succesvol afgerond
            verborgen bestanden: 0

            **************************************************************************
            .
            Voltooingstijd: 2008-04-24 20:44:24
            ComboFix-quarantined-files.txt 2008-04-24 18:44:18

            Kan het bericht voor berichtnummer 0x2379 niet vinden in berichtenbestand voor Application.
            Kan het bericht voor berichtnummer 0x2379 niet vinden in berichtenbestand voor Application.

            231 --- E O F --- 2008-04-22 18:18:58

            En ook nog het gevraagde HijackThis logje:

            Logfile of Trend Micro HijackThis v2.0.2
            Scan saved at 20:46:31, on 24/04/2008
            Platform: Windows Vista (WinNT 6.00.1904)
            MSIE: Internet Explorer v7.00 (7.00.6000.16643)
            Boot mode: Normal

            Running processes:
            C:\Windows\system32\Dwm.exe
            C:\Windows\system32\taskeng.exe
            C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
            C:\Windows\system32\wbem\unsecapp.exe
            C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
            C:\Windows\System32\rundll32.exe
            C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe
            C:\Windows\System32\rundll32.exe
            C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
            C:\Program Files\Hewlett-Packard\OrderReminder\OrderReminder.exe
            C:\Program Files\iTunes\iTunesHelper.exe
            C:\Program Files\Adobe\Adobe Photoshop Lightroom 1.2\apdproxy.exe
            C:\Program Files\National Instruments\NI-DAQ\HWConfig\nidevmon.exe
            C:\Windows\ehome\ehtray.exe
            C:\Windows\ehome\ehmsas.exe
            C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSHelpRunner.exe
            C:\Windows\system32\conime.exe
            C:\Windows\Explorer.exe
            C:\Windows\system32\notepad.exe
            C:\Program Files\Grisoft\AVG Free\avgcc.exe
            C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

            R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.demorgen.be/?wt.bron=ipodnano
            R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
            R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
            R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
            R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
            O1 - Hosts: ::1 localhost
            O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
            O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
            O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
            O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Google\Google_BAE\BAE.dll
            O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
            O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
            O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe
            O4 - HKLM\..\Run: [IAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"
            O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
            O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
            O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
            O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
            O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe"
            O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
            O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
            O4 - HKLM\..\Run: [OrderReminder] C:\Program Files\Hewlett-Packard\OrderReminder\OrderReminder.exe
            O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
            O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
            O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Adobe Photoshop Lightroom 1.2\apdproxy.exe"
            O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
            O4 - HKLM\..\Run: [niDevMon] C:\Program Files\National Instruments\NI-DAQ\HWConfig\nidevmon.exe
            O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
            O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
            O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
            O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVGFRE~1\avgw.exe /RUNONCE (User 'LOCAL SERVICE')
            O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
            O4 - HKUS\S-1-5-18\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVGFRE~1\avgw.exe /RUNONCE (User 'SYSTEEM')
            O4 - HKUS\.DEFAULT\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVGFRE~1\avgw.exe /RUNONCE (User 'Default user')
            O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
            O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
            O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
            O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
            O13 - Gopher Prefix:
            O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
            O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
            O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
            O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
            O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
            O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
            O23 - Service: AVG7 Resident Shield Service (AvgCoreSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgrssvc.exe
            O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
            O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
            O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
            O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
            O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
            O23 - Service: Lookout Citadel Server (LkCitadelServer) - National Instruments, Inc. - C:\Windows\system32\lkcitdl.exe
            O23 - Service: National Instruments PSP Server Locator (lkClassAds) - National Instruments, Inc. - C:\Windows\system32\lkads.exe
            O23 - Service: National Instruments Time Synchronization (lkTimeSync) - National Instruments, Inc. - C:\Windows\system32\lktsrv.exe
            O23 - Service: NI Configuration Manager (mxssvr) - National Instruments Corporation - C:\Program Files\National Instruments\MAX\nimxs.exe
            O23 - Service: nidevldu - National Instruments Corporation - C:\Windows\system32\nipalsm.exe
            O23 - Service: National Instruments Domain Service (NIDomainService) - National Instruments, Inc. - C:\Program Files\National Instruments\Shared\Security\nidmsrv.exe
            O23 - Service: NILM License Manager (NILM License manager) - Macrovision Corporation - C:\Program Files\National Instruments\Shared\License Manager\Bin\lmgrd.exe
            O23 - Service: nipxirmu - National Instruments Corporation - C:\Windows\system32\nipalsm.exe
            O23 - Service: NI Service Locator (niSvcLoc) - National Instruments Corp. - C:\Windows\system32\nisvcloc.exe
            O23 - Service: National Instruments Variable Engine (NITaggerService) - National Instruments, Inc. - C:\Program Files\National Instruments\Shared\Tagger\tagsrv.exe
            O23 - Service: Planner voor Automatische LiveUpdate - Unknown owner - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe (file missing)
            O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
            O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
            O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
            O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
            O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe (file missing)

            --
            End of file - 8735 bytes

            Is hier nog iets speciaal uit op te maken? Of ziet dit er goed uit?

            Nogmaals bedankt voor de hulp en de duidelijke instructies ,
            Ytero
            • Citaat

            Comment

            • #7
              Open een kladblok bestand en kopieer onderstaande vetgedrukte tekst in dat kladblokbestand:
              cd..
              cd..
              sc delete ALUSchedulerSvc.exe
              sc delete symlcsvc.exe


              Sla het op op je bureaublad als sc.bat met als type "alle bestanden"
              Dubbelklik sc.bat.

              Herstart je pc.


              Nog problemen ?

              Windows 10 opstarten in Veilige Modus
              • Citaat

              Comment

              • #8
                Heb gedaan zoals aangegeven. En er zijn ondertussen geen merkbare problemen meer.
                Bedankt voor de (snelle) reacties,
                Ytero
                • Citaat

                Comment

                • #9
                  Je mag alle gebruikte tools en aangemaakte mappen terug verwijderen.

                  Verwijder ComboFix via Start > Uitvoeren, kopiëer en plak Combofix /U
                  Klik op OK of toets Enter.
                  Dit verwijdert zowel ComboFix, als je oude systeemherstelpunten (met eventuele restanten van malware), en maakt een nieuw systeemherstelpunt aan.



                  Ik zet de tread op opgelost

                  Windows 10 opstarten in Veilige Modus
                  • Citaat

                  Comment

                  Vorige template Volgende
                  Sorry, you are not authorized to view this page
                  Working...
                  X