Archief - msn virus help mij

Het archief is een bevroren moment uit een vorige versie van dit forum, met andere regels en andere bazen. Deze posts weerspiegelen op geen enkele manier onze huidige ideeën, waarden of wereldbeelden en zijn op sommige plaatsen gecensureerd wegens ontoelaatbaar. Veel zijn in een andere tijdsgeest gemaakt, al dan niet ironisch - zoals in het ironische subforum Off-Topic - en zouden op dit moment niet meer gepost (mogen) worden. Toch bieden we dit archief nog graag aan als informatiedatabank en naslagwerk. Lees er hier meer over of start een gesprek met anderen.

ayahel

Legacy Member
s_vi_x7Faex7Ex7Ex7Fesdwx21x7Bx7Cfx7Eqx7Dx7F
[CS]v4|4A1E6E7600002DA9-A020834000000CB|4A1E6E76[CE]
2o7.net/
2147484672
2871041792
30374298
1261480384
30007171
*
MUID
bd63d6ae4cef4d0581a7dfb2956ff715
atdmt.com/
2147484672
804126720
30153930
1836447680
30007170
*
AA002
1243458776-7002126/1244668389
atdmt.com/
2147484672
92553216
30153729
3948836720
30007055
*
eyeblaster
BWVal=&BWDate=&debuglevel=&FLV=10.022&RES=0&WMPV=11
bs.serving-sys.com/
1024
4152782848
32108237
795942576
30007194
*
id
22690f56050000a3||t=1243459129|et=730|cs=j5fnpfyg
doubleclick.net/
2147484672
2878374528
30153907
3062009424
30007056
*
pluto2
888916896546
fastclick.net/
2147484672
3227135488
30154022
3404130384
30007171
*
lyc
AQAAAAEAAIAAD2Y7AADVKAAAKCoAACkqAAA=
fastclick.net/
2147484672
3227135488
30154022
3404230384
30007171
*
pluto
888916896546
fastclick.net/
2147484672
3227135488
30154022
3404280384
30007171
*
ACOOKIE
C8ctADgxLjE2NC4xNDIuNDMtODg2NTEwNzg0LjMwMDA0NzcxAAAAAAAAAAABAAAACgAAAHZuHkp2bh5KAQAAABMAAAB2bh5Kdm4eSgAAAAA-
m.webtrends.com/
2147484672
117595904
30741426
1265930384
30007171
*
s_vi
[CS]v1|4A1E6CE800006F8A-A2C0C18000000FA[CE]
msnportal.112.2o7.net/
2147484672
3186009088
30374297
1583597680
30007170
*
NETID01
huEzDFXL-goAAAAxUEcA
revsci.net/
2147484672
2866329344
32356786
1455730384
30007171
*
NETSEGS_K05540
f4243758ddc93c62&K05540&0&4a435dde&0&&4a1e0208&f77d07c6852630f3052351313b65c557
revsci.net/
2147484672
733840128
30012807
1289578496
30007174
*
rsi_cls_1000000
pUM1JkOnOBIQlU2E/vzeG10JHevjDyOGZmPHC0x6TFTsAq8knntED/oeYkvVwAIFG0gt1cKqg+bIfUeL6nPH5QAxzw4AtLxcfPe/Q35XxIsRqNWmQZmAKKj6Js39LPM4oRhbzKjMFMU3fsc79xbSeHR9at6AbUyKnGNCXb/VHq0d8y7uaZEisJWa8eTx0O3iawmtr98+fuE4ZefM+bT0DilqRKAPXie3lJgZ/tDFWVVJVDP0qRf2tAM8oDnvQ22IQbsjhKLp/0KzGVOMt6LZQ7akVO2+IqHUK0EpD5u0Boje5FsEju5CjQP1K/eQ5jhvRLmNfGkFim+F+1SJloA/a/oRROnKdPeLCAqwGe6F1fxUuS2/J6UwJ1nKeAFBeNWJz2oHErrcCCNUkpymet1uCOBitmPrchwJk9H/JfzJYEDnllVqezKxECpsOG60cu9SedMpqu1GdT4SkDgRS/c2drtOh3VR0xjeIXwDB6S7szFLlDfaexJiKVHDRxbmcIGeNbNfN93en6jwAfzugM5Kfun5YXzhgGCYpy5oKCVfSULXtkazZZU9nuTLQVzzXEgeQ55NZLaPFRTzzUsPGmpFXDVh1A==
revsci.net/
2147484672
2925942400
30080600
4193678496
30007174
*
rsi_segs_1000000
pUPDROROmfuIUoJyvOzCVgy/pjEkjhdzYx4wYfYjr0QZgJEHJs08tRf8WcUuLrQAFxcySqgqYlFtLYIVF5M27L8vfkJ4Gp6xHJ499Q3xgzN7mvSReyNFexNyYe4DoFu6YbgJfOqYQ2n4UA233atfvSUP3hbJVQ==
revsci.net/
2147484672
2925942400
30080600
4193928496
30007174
*
A2
63HB6R8C06v50000yEGajr
serving-sys.com/
1024
4152782848
32108237
795812576
30007194
*
B2
3kAR0yEGajr
serving-sys.com/
1024
4152782848
32108237
795842576
30007194
*
C3
0iH5yEGajr0000001_
serving-sys.com/
1024
4152782848
32108237
795872576
30007194
*
D3
0iH503fXyEGajr
serving-sys.com/
1024
4152782848
32108237
795902576
30007194
*
E2
06v5yEGajr
serving-sys.com/
1024
4152782848
32108237
795932576
30007194
*
U
c2d86e87-34d6-4097-ad88-035a4b95607a
serving-sys.com/
2147484672
4152782848
32108237
1593447680
30007170
*
rth
2-kkcpgk-7tf~9g~1-
trafficmp.com/
2147484672
1825876992
30080598
4033363088
30007172
*

ik heb ook msn virus en nu kan ik geen msn meer afhalen ik heb gedaan wat ge zei maar het lukt mij niet hopelijk helpt ge mij verder dank u:)

ayahel

Legacy Member
kan niemand mij helpen ik heb alles gedaan wat er stond kon combofix niet doen heb dit gevonden en gestuurd is er iets fout ben nieuw ken er ook niet veel van heb hulp nodig please zit zonder msn

ayahel

Legacy Member
Logfile created: 28/05/2009 15:49:45
Lavasoft Ad-Aware version: 8.0.5
Extended engine version: 8.1
User performing scan: elyesa

*********************** Definitions database information ***********************
Lavasoft definition file: 148.38
Extended engine definition file: 8.1

******************************** Scan results: *********************************
Scan profile name: Vol. scan (ID: full)
Objects scanned: 153847
Objects detected: 6


Type Detected
==========================
Processes.......: 0
Registry entries: 1
Hostfile entries: 0
Files...........: 1
Folders.........: 0
LSPs............: 0
Cookies.........: 4
Browser hijacks.: 0
MRU objects.....: 0



Removed items:
Description: *2o7* Family Name: Cookies Clean status: Success Item ID: 408943 Family ID: 0
Description: *metriweb* Family Name: Cookies Clean status: Success Item ID: 408990 Family ID: 0
Description: *statcounter* Family Name: Cookies Clean status: Success Item ID: 409185 Family ID: 0
Description: *wunderloop* Family Name: Cookies Clean status: Success Item ID: 599639 Family ID: 0

Quarantined items:
Description: C:\Program Files\Acer GameZone\Backspin Billiards\Backspin.exe Family Name: Win32.TrojanDownloader.Agent Clean status: Success Item ID: 553374 Family ID: 1001
Description: HKU:S-1-5-21-290604711-6333423-4074240972-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced:Hidden Family Name: Win32.TrojanDownloader.Agent Clean status: Success Item ID: 414374 Family ID: 1001

Scan and cleaning complete: Finished correctly after 3750 seconds

*********************************** Settings ***********************************

Scan profile:
ID: full, enabled:1, value: Vol. scan
ID: scancriticalareas, enabled:1, value: true
ID: scanrunningapps, enabled:1, value: true
ID: scanregistry, enabled:1, value: true
ID: scanlsp, enabled:1, value: true
ID: scanads, enabled:1, value: true
ID: scanhostsfile, enabled:1, value: true
ID: scanmru, enabled:1, value: true
ID: scanbrowserhijacks, enabled:1, value: true
ID: scantrackingcookies, enabled:1, value: true
ID: closebrowsers, enabled:1, value: false
ID: folderstoscan, enabled:1, value: C:\,D:\
ID: scanrootkits, enabled:1, value: true
ID: usespywareheuristics, enabled:1, value: true
ID: extendedengine, enabled:0, value: true
ID: useheuristics, enabled:0, value: true
ID: heuristicslevel, enabled:0, value: mild, domain: medium,mild,strict
ID: filescanningoptions, enabled:1
ID: archives, enabled:1, value: true
ID: onlyexecutables, enabled:1, value: false
ID: skiplargerthan, enabled:1, value: 20480

Scan global:
ID: global, enabled:1
ID: addtocontextmenu, enabled:1, value: true
ID: playsoundoninfection, enabled:1, value: false
ID: soundfile, enabled:0, value: *to be filled in automatically*\alert.wav

Scheduled scan settings:
<Empty>

Update settings:
ID: updates, enabled:1
ID: launchthreatworksafterscan, enabled:1, value: normal, domain: normal,off,silently
ID: displaystatus, enabled:1, value: false
ID: deffiles, enabled:1, value: downloadandinstall, domain: dontcheck,downloadandinstall
ID: autodetectproxy, enabled:1, value: false
ID: useautoconfigscript, enabled:1, value: false
ID: autoconfigurl, enabled:0, value:
ID: useproxy, enabled:1, value: false
ID: proxyserver, enabled:0, value:
ID: softwareupdates, enabled:1, value: downloadandinstall, domain: dontcheck,downloadandinstall
ID: licenseandinfo, enabled:1, value: downloadandinstall, domain: dontcheck,downloadandinstall
ID: schedules, enabled:1, value: true
ID: updatedaily, enabled:1, value: Daily
ID: time, enabled:1, value: Thu May 28 13:29:00 2009
ID: frequency, enabled:1, value: daily, domain: daily,monthly,once,systemstart,weekly
ID: weekdays, enabled:1
ID: monday, enabled:1, value: false
ID: tuesday, enabled:1, value: false
ID: wednesday, enabled:1, value: false
ID: thursday, enabled:1, value: false
ID: friday, enabled:1, value: false
ID: saturday, enabled:1, value: false
ID: sunday, enabled:1, value: false
ID: monthly, enabled:1, value: 1, minvalue: 1, maxvalue: 31
ID: scanprofile, enabled:1, value:
ID: auto_deal_with_infections, enabled:1, value: false
ID: updateweekly, enabled:1, value: Weekly
ID: time, enabled:1, value: Thu May 28 13:29:00 2009
ID: frequency, enabled:1, value: weekly, domain: daily,monthly,once,systemstart,weekly
ID: weekdays, enabled:1
ID: monday, enabled:1, value: true
ID: tuesday, enabled:1, value: false
ID: wednesday, enabled:1, value: false
ID: thursday, enabled:1, value: true
ID: friday, enabled:1, value: false
ID: saturday, enabled:1, value: false
ID: sunday, enabled:1, value: false
ID: monthly, enabled:1, value: 1, minvalue: 1, maxvalue: 31
ID: scanprofile, enabled:1, value:
ID: auto_deal_with_infections, enabled:1, value: false

Appearance settings:
ID: appearance, enabled:1
ID: skin, enabled:1, value: default.egl, reglocation: HKEY_LOCAL_MACHINE\SOFTWARE\Lavasoft\Ad-Aware\Resource
ID: showtrayicon, enabled:1, value: true
ID: language, enabled:1, value: nl, reglocation: HKEY_LOCAL_MACHINE\SOFTWARE\Lavasoft\Ad-Aware\Language

Realtime protection settings:
ID: realtime, enabled:1
ID: processprotection, enabled:1, value: true
ID: registryprotection, enabled:0, value: true
ID: networkprotection, enabled:0, value: true
ID: loadatstartup, enabled:1, value: true
ID: usespywareheuristics, enabled:0, value: true
ID: extendedengine, enabled:0, value: true
ID: useheuristics, enabled:0, value: true
ID: heuristicslevel, enabled:0, value: strict, domain: medium,mild,strict
ID: infomessages, enabled:1, value: onlyimportant, domain: display,dontnotify,onlyimportant


****************************** System information ******************************
Computer name: PC_VAN_ELYESA
Processor name: Intel(R) Pentium(R) Dual CPU T3200 @ 2.00GHz
Processor identifier: x86 Family 6 Model 15 Stepping 13
Raw info: processorarchitecture 0, processortype 586, processorlevel 6, processor revision 3853, number of processors 2
Physical memory available: 1827676160 bytes
Physical memory total: 3145859072 bytes
Virtual memory available: 1998856192 bytes
Virtual memory total: 2147352576 bytes
Memory load: 41%
Microsoft Windows Vista Home Premium Edition, 32-bit Service Pack 1 (build 6001)
Windows startup mode:

Running processes:
PID: 560 name: C:\Windows\System32\smss.exe owner: SYSTEEM domain: NT AUTHORITY
PID: 628 name: C:\Windows\System32\csrss.exe owner: SYSTEEM domain: NT AUTHORITY
PID: 672 name: C:\Windows\System32\wininit.exe owner: SYSTEEM domain: NT AUTHORITY
PID: 684 name: C:\Windows\System32\csrss.exe owner: SYSTEEM domain: NT AUTHORITY
PID: 728 name: C:\Windows\System32\services.exe owner: SYSTEEM domain: NT AUTHORITY
PID: 748 name: C:\Windows\System32\lsass.exe owner: SYSTEEM domain: NT AUTHORITY
PID: 756 name: C:\Windows\System32\lsm.exe owner: SYSTEEM domain: NT AUTHORITY
PID: 804 name: C:\Windows\System32\winlogon.exe owner: SYSTEEM domain: NT AUTHORITY
PID: 972 name: C:\Windows\System32\svchost.exe owner: SYSTEEM domain: NT AUTHORITY
PID: 1088 name: C:\Windows\System32\svchost.exe owner: NETWORK SERVICE domain: NT AUTHORITY
PID: 1136 name: C:\Windows\System32\svchost.exe owner: SYSTEEM domain: NT AUTHORITY
PID: 1220 name: C:\Windows\System32\svchost.exe owner: LOCAL SERVICE domain: NT AUTHORITY
PID: 1248 name: C:\Windows\System32\svchost.exe owner: SYSTEEM domain: NT AUTHORITY
PID: 1260 name: C:\Windows\System32\svchost.exe owner: SYSTEEM domain: NT AUTHORITY
PID: 1416 name: C:\Windows\System32\SLsvc.exe owner: NETWORK SERVICE domain: NT AUTHORITY
PID: 1460 name: C:\Windows\System32\svchost.exe owner: LOCAL SERVICE domain: NT AUTHORITY
PID: 1616 name: C:\Windows\System32\svchost.exe owner: NETWORK SERVICE domain: NT AUTHORITY
PID: 1728 name: C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe owner: SYSTEEM domain: NT AUTHORITY
PID: 1848 name: C:\Windows\System32\spoolsv.exe owner: SYSTEEM domain: NT AUTHORITY
PID: 1876 name: C:\Windows\System32\svchost.exe owner: LOCAL SERVICE domain: NT AUTHORITY
PID: 336 name: C:\Windows\System32\agrsmsvc.exe owner: SYSTEEM domain: NT AUTHORITY
PID: 400 name: C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe owner: SYSTEEM domain: NT AUTHORITY
PID: 476 name: C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe owner: SYSTEEM domain: NT AUTHORITY
PID: 568 name: C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe owner: SYSTEEM domain: NT AUTHORITY
PID: 620 name: C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe owner: SYSTEEM domain: NT AUTHORITY
PID: 1216 name: C:\Program Files\Acer\Empowering Technology\Service\ETService.exe owner: SYSTEEM domain: NT AUTHORITY
PID: 1716 name: C:\Program Files\AVG\AVG8\avgrsx.exe owner: SYSTEEM domain: NT AUTHORITY
PID: 1888 name: C:\PROGRA~1\AVG\AVG8\avgnsx.exe owner: SYSTEEM domain: NT AUTHORITY
PID: 2156 name: C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe owner: SYSTEEM domain: NT AUTHORITY
PID: 2172 name: C:\Program Files\Google\Update\GoogleUpdate.exe owner: SYSTEEM domain: NT AUTHORITY
PID: 2248 name: C:\Program Files\Common Files\LightScribe\LSSrvc.exe owner: SYSTEEM domain: NT AUTHORITY
PID: 2292 name: C:\ACER\Mobility Center\MobilityService.exe owner: SYSTEEM domain: NT AUTHORITY
PID: 2396 name: C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe owner: SYSTEEM domain: NT AUTHORITY
PID: 2660 name: C:\Windows\System32\taskeng.exe owner: SYSTEEM domain: NT AUTHORITY
PID: 2684 name: C:\Windows\System32\dwm.exe owner: elyesa domain: PC_van_elyesa
PID: 2700 name: C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe owner: SYSTEEM domain: NT AUTHORITY
PID: 2724 name: C:\Windows\System32\svchost.exe owner: NETWORK SERVICE domain: NT AUTHORITY
PID: 2772 name: C:\Program Files\Cyberlink\Shared files\RichVideo.exe owner: SYSTEEM domain: NT AUTHORITY
PID: 2792 name: C:\Windows\System32\svchost.exe owner: LOCAL SERVICE domain: NT AUTHORITY
PID: 2824 name: C:\Windows\explorer.exe owner: elyesa domain: PC_van_elyesa
PID: 2932 name: C:\Windows\System32\svchost.exe owner: SYSTEEM domain: NT AUTHORITY
PID: 2964 name: C:\Windows\System32\SearchIndexer.exe owner: SYSTEEM domain: NT AUTHORITY
PID: 3244 name: C:\Windows\System32\taskeng.exe owner: elyesa domain: PC_van_elyesa
PID: 3364 name: C:\PROGRA~1\AVG\AVG8\avgemc.exe owner: SYSTEEM domain: NT AUTHORITY
PID: 3420 name: C:\Windows\System32\wbem\WmiPrvSE.exe owner: SYSTEEM domain: NT AUTHORITY
PID: 3552 name: C:\Program Files\Java\jre6\bin\jusched.exe owner: elyesa domain: PC_van_elyesa
PID: 3732 name: C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe owner: elyesa domain: PC_van_elyesa
PID: 3808 name: C:\Program Files\AVG\AVG8\avgtray.exe owner: elyesa domain: PC_van_elyesa
PID: 3816 name: C:\Windows\ehome\ehtray.exe owner: elyesa domain: PC_van_elyesa
PID: 3824 name: C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe owner: elyesa domain: PC_van_elyesa
PID: 3860 name: C:\Program Files\Windows Media Player\wmpnscfg.exe owner: elyesa domain: PC_van_elyesa
PID: 3868 name: C:\Windows\ehome\ehmsas.exe owner: elyesa domain: PC_van_elyesa
PID: 3904 name: C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE owner: elyesa domain: PC_van_elyesa
PID: 2232 name: C:\Program Files\AVG\AVG8\avgcsrvx.exe owner: SYSTEEM domain: NT AUTHORITY
PID: 2236 name: C:\Program Files\Windows Media Player\wmpnetwk.exe owner: NETWORK SERVICE domain: NT AUTHORITY
PID: 2864 name: C:\Windows\System32\wbem\unsecapp.exe owner: SYSTEEM domain: NT AUTHORITY
PID: 1488 name: C:\Windows\System32\wbem\unsecapp.exe owner: SYSTEEM domain: NT AUTHORITY
PID: 3668 name: C:\Windows\System32\wbem\unsecapp.exe owner: elyesa domain: PC_van_elyesa
PID: 1752 name: C:\Program Files\Internet Explorer\ieuser.exe owner: elyesa domain: PC_van_elyesa
PID: 5392 name: C:\Windows\System32\conime.exe owner: elyesa domain: PC_van_elyesa
PID: 5496 name: C:\Windows\System32\conime.exe owner: elyesa domain: PC_van_elyesa
PID: 4320 name: C:\Windows\System32\conime.exe owner: elyesa domain: PC_van_elyesa
PID: 4336 name: C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe owner: SYSTEEM domain: NT AUTHORITY
PID: 3848 name: C:\Windows\System32\msiexec.exe owner: SYSTEEM domain: NT AUTHORITY
PID: 4168 name: C:\Program Files\AVG\AVG8\avgui.exe owner: elyesa domain: PC_van_elyesa
PID: 5372 name: C:\Program Files\Internet Explorer\iexplore.exe owner: elyesa domain: PC_van_elyesa
PID: 6592 name: C:\Program Files\Google\Google Toolbar\GoogleToolbarUser.exe owner: elyesa domain: PC_van_elyesa
PID: 7084 name: C:\Windows\System32\Macromed\Flash\FlashUtil10b.exe owner: elyesa domain: PC_van_elyesa
PID: 2524 name: C:\Program Files\AVG\AVG8\avgscanx.exe owner: elyesa domain: PC_van_elyesa
PID: 7164 name: C:\Program Files\AVG\AVG8\avgcsrvx.exe owner: elyesa domain: PC_van_elyesa
PID: 7936 name: C:\Program Files\Lavasoft\Ad-Aware\Ad-Aware.exe owner: elyesa domain: PC_van_elyesa

Startup items:
Name: eRecoveryService
Name: BvtUtility
imagepath: C:\Program Files\BvT Grup\BvT Live Tv\BvtUtility.exe
Name: SunJavaUpdateSched
imagepath: "C:\Program Files\Java\jre6\bin\jusched.exe"
Name: Skytel
imagepath: Skytel.exe
Name: QuickTime Task
imagepath: "C:\Program Files\QuickTime\QTTask.exe" -atboottime
Name: Ad-Watch
imagepath: C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
Name: AVG8_TRAY
imagepath: C:\PROGRA~1\AVG\AVG8\avgtray.exe
Name: WebCheck
imagepath: {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
Name: msnmsgr
imagepath: "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
Name: {8C7461EF-2B13-11d2-BE35-3078302C2030}
imagepath: Component Categories cache daemon
Name:
imagepath: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini

Bootexecute items:
Name:
imagepath: autocheck autochk *

Running services:
Name: AeLookupSvc
displayname: Application Experience
Name: AgereModemAudio
displayname: Agere Modem Call Progress Audio
Name: Appinfo
displayname: Application Information
Name: AudioEndpointBuilder
displayname: Windows Audio Endpoint Builder
Name: Audiosrv
displayname: Windows Audio
Name: avg8emc
displayname: AVG Free8 E-mail Scanner
Name: avg8wd
displayname: AVG Free8 WatchDog
Name: BFE
displayname: Base Filtering Engine
Name: BITS
displayname: Background Intelligent Transfer Service
Name: Browser
displayname: Computer Browser
Name: BUNAgentSvc
displayname: NTI Backup Now 5 Agent Service
Name: CLHNService
displayname: CLHNService
Name: CryptSvc
displayname: Cryptographic Services
Name: DcomLaunch
displayname: DCOM Server Process Launcher
Name: Dhcp
displayname: DHCP Client
Name: Dnscache
displayname: DNS Client
Name: DPS
displayname: Diagnostic Policy Service
Name: EapHost
displayname: Extensible Authentication Protocol
Name: eDataSecurity Service
displayname: eDataSecurity Service
Name: EMDMgmt
displayname: ReadyBoost
Name: ETService
displayname: Empowering Technology Service
Name: Eventlog
displayname: Windows Event Log
Name: EventSystem
displayname: COM+ Event System
Name: fdPHost
displayname: Function Discovery Provider Host
Name: FDResPub
displayname: Function Discovery Resource Publication
Name: gpsvc
displayname: Group Policy Client
Name: IAANTMON
displayname: Intel(R) Matrix Storage Event Monitor
Name: idsvc
displayname: Windows CardSpace
Name: IKEEXT
displayname: IKE and AuthIP IPsec Keying Modules
Name: iphlpsvc
displayname: IP Helper
Name: KeyIso
displayname: CNG Key Isolation
Name: KtmRm
displayname: KtmRm for Distributed Transaction Coordinator
Name: LanmanServer
displayname: Server
Name: LanmanWorkstation
displayname: Workstation
Name: Lavasoft Ad-Aware Service
displayname: Lavasoft Ad-Aware Service
Name: LightScribeService
displayname: LightScribeService Direct Disc Labeling Service
Name: lmhosts
displayname: TCP/IP NetBIOS Helper
Name: MMCSS
displayname: Multimedia Class Scheduler
Name: MobilityService
displayname: MobilityService
Name: MpsSvc
displayname: Windows Firewall
Name: msiserver
displayname: Windows Installer
Name: Netman
displayname: Network Connections
Name: netprofm
displayname: Network List-service
Name: NlaSvc
displayname: Network Location Awareness
Name: nsi
displayname: Network Store Interface-service
Name: NTIBackupSvc
displayname: NTI Backup Now 5 Backup Service
Name: NTISchedulerSvc
displayname: NTI Backup Now 5 Scheduler Service
Name: PcaSvc
displayname: Program Compatibility Assistant-service
Name: PlugPlay
displayname: Plug and Play
Name: PolicyAgent
displayname: IPsec Policy Agent
Name: ProfSvc
displayname: User Profile-service
Name: RasMan
displayname: Remote Access Connection Manager
Name: RichVideo
displayname: Cyberlink RichVideo Service(CRVS)
Name: RpcSs
displayname: Remote Procedure Call (RPC)
Name: SamSs
displayname: Security Accounts Manager
Name: Schedule
displayname: Task Scheduler
Name: seclogon
displayname: Secondary Logon
Name: SENS
displayname: System Event Notification-service
Name: ShellHWDetection
displayname: Shell Hardware Detection
Name: slsvc
displayname: Software Licensing
Name: Spooler
displayname: Print Spooler
Name: SSDPSRV
displayname: SSDP Discovery
Name: SstpSvc
displayname: SSTP-service (Secure Socket Tunneling Protocol)
Name: stisvc
displayname: WIA (Windows Image Acquisition)
Name: SysMain
displayname: Superfetch
Name: TabletInputService
displayname: Tablet PC Input-service
Name: TapiSrv
displayname: Telephony
Name: TermService
displayname: Terminal Services
Name: Themes
displayname: Themes
Name: TrkWks
displayname: Distributed Link Tracking Client
Name: upnphost
displayname: UPnP Device Host
Name: UxSms
displayname: Desktop Window Manager Session Manager
Name: W32Time
displayname: Windows Time
Name: WdiSystemHost
displayname: Diagnostic System Host
Name: WebClient
displayname: WebClient
Name: WerSvc
displayname: Windows Error Reporting-service
Name: WinDefend
displayname: Windows Defender
Name: WinHttpAutoProxySvc
displayname: WinHTTP Web Proxy Auto-Discovery-service
Name: Winmgmt
displayname: Windows Management Instrumentation
Name: Wlansvc
displayname: WLAN Auto Config
Name: WMPNetworkSvc
displayname: Windows Media Player Network Sharing-service
Name: WPDBusEnum
displayname: Portable Device Enumerator-service
Name: wscsvc
displayname: Security Center
Name: WSearch
displayname: Windows Search
Name: wuauserv
displayname: Windows Update
Name: wudfsvc
displayname: Windows Driver Foundation - User-mode Driver Framework

ayahel

Legacy Member
C:\Users\elyesa\AppData\Roaming\Microsoft\Windows\Cookies\Low\elyesa@fastclick[2].txt:\fastclick.net.94ca190b;"Found Tracking cookie.Fastclick";"Moved to Virus Vault"
C:\Users\elyesa\AppData\Roaming\Microsoft\Windows\Cookies\Low\elyesa@fastclick[2].txt:\fastclick.net.c38980e4;"Found Tracking cookie.Fastclick";"Moved to Virus Vault"
C:\Users\elyesa\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][2].txt;"Found Tracking cookie.Webtrends";"Moved to Virus Vault"
C:\Users\elyesa\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][2].txt:\m.webtrends.com.b4ca7df0;"Found Tracking cookie.Webtrends";"Moved to Virus Vault"
C:\Users\elyesa\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][1].txt;"Found Tracking cookie.2o7";"Moved to Virus Vault"
C:\Users\elyesa\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][1].txt:\msnportal.112.2o7.net.7225be6f;"Found Tracking cookie.2o7";"Moved to Virus Vault"
C:\Users\elyesa\AppData\Roaming\Microsoft\Windows\Cookies\Low\elyesa@revsci[2].txt;"Found Tracking cookie.Revsci";"Moved to Virus Vault"
C:\Users\elyesa\AppData\Roaming\Microsoft\Windows\Cookies\Low\elyesa@revsci[2].txt:\revsci.net.2df99d79;"Found Tracking cookie.Revsci";"Moved to Virus Vault"
C:\Users\elyesa\AppData\Roaming\Microsoft\Windows\Cookies\Low\elyesa@revsci[2].txt:\revsci.net.44927ec;"Found Tracking cookie.Revsci";"Moved to Virus Vault"
C:\Users\elyesa\AppData\Roaming\Microsoft\Windows\Cookies\Low\elyesa@revsci[2].txt:\revsci.net.55564293;"Found Tracking cookie.Revsci";"Moved to Virus Vault"
C:\Users\elyesa\AppData\Roaming\Microsoft\Windows\Cookies\Low\elyesa@revsci[2].txt:\revsci.net.e9dbeb91;"Found Tracking cookie.Revsci";"Moved to Virus Vault"
C:\Users\elyesa\AppData\Roaming\Microsoft\Windows\Cookies\Low\elyesa@serving-sys[1].txt;"Found Tracking cookie.Serving-sys";"Moved to Virus Vault"
C:\Users\elyesa\AppData\Roaming\Microsoft\Windows\Cookies\Low\elyesa@serving-sys[1].txt:\serving-sys.com.255d6f2f;"Found Tracking cookie.Serving-sys";"Moved to Virus Vault"
C:\Users\elyesa\AppData\Roaming\Microsoft\Windows\Cookies\Low\elyesa@serving-sys[1].txt:\serving-sys.com.400f83f;"Found Tracking cookie.Serving-sys";"Moved to Virus Vault"
C:\Users\elyesa\AppData\Roaming\Microsoft\Windows\Cookies\Low\elyesa@serving-sys[1].txt:\serving-sys.com.4b416ef8;"Found Tracking cookie.Serving-sys";"Moved to Virus Vault"
C:\Users\elyesa\AppData\Roaming\Microsoft\Windows\Cookies\Low\elyesa@serving-sys[1].txt:\serving-sys.com.606c3d3b;"Found Tracking cookie.Serving-sys";"Moved to Virus Vault"
C:\Users\elyesa\AppData\Roaming\Microsoft\Windows\Cookies\Low\elyesa@serving-sys[1].txt:\serving-sys.com.6a1cf9e8;"Found Tracking cookie.Serving-sys";"Moved to Virus Vault"
C:\Users\elyesa\AppData\Roaming\Microsoft\Windows\Cookies\Low\elyesa@serving-sys[1].txt:\serving-sys.com.c9034af6;"Found Tracking cookie.Serving-sys";"Moved to Virus Vault"
C:\Users\elyesa\AppData\Roaming\Microsoft\Windows\Cookies\Low\elyesa@trafficmp[2].txt;"Found Tracking cookie.Trafficmp";"Moved to Virus Vault"
C:\Users\elyesa\AppData\Roaming\Microsoft\Windows\Cookies\Low\elyesa@trafficmp[2].txt:\trafficmp.com.a00e30b4;"Found Tracking cookie.Trafficmp";"Moved to Virus Vault"

Jurgenv1

Legacy Member
Post eens een hijackthis logje hier, uitleg staat bij de sticky's. :)

ayahel

Legacy Member
ik hoop dat dit is wat ge bedoeld????






Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:45:49, on 30/05/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18226)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
C:\Program Files\AVG\AVG8\avgtray.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
C:\Windows\ehome\ehmsas.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Internet Explorer\ieuser.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Google\Google Toolbar\GoogleToolbarUser.exe
C:\Windows\system32\Macromed\Flash\FlashUtil10b.exe
C:\Users\elyesa\AppData\Local\Temp\Temp1_HiJackThis[1].zip\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Zita portaal | Nieuws | Entertainment | Lifestyle | Fun | Business
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = SafeSearch | Protect your Internet searches against spyware, viruses, phishing scams, and identity theft
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = iGoogle Redirect
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Live Search
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Live Search
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Zita portaal | Nieuws | Entertainment | Lifestyle | Fun | Business
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Telenet Internet
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = http://pac.telenet.be:8080
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: ShowBarObj Class - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\ActiveToolBand.dll
O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O4 - HKLM\..\Run: [BvtUtility] C:\Program Files\BvT Grup\BvT Live Tv\BvtUtility.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Skytel] Skytel.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [Ad-Watch] C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-18\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (User 'SYSTEEM')
O4 - HKUS\.DEFAULT\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (User 'Default user')
O4 - Startup: OneNote 2007 Schermopname en Snel starten.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O8 - Extra context menu item: Add to Windows &Live Favorites - Sign In
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O16 - DPF: {3441B8F3-CFB6-4240-9099-1B3F88428FE9} (ChatLoader Control) - http://download.voice7.net/chatloader.cab
O16 - DPF: {34635AA6-B593-4F06-9EDD-5FF60FC13310} (Speaky Chat) - http://download.speakyweb.com/speakyldr.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://wwwimages.adobe.com/www.adobe.com/products/acrobat/nos/gp.cab
O16 - DPF: {E55FD215-A32E-43FE-A777-A7E8F165F557} (Flatcast Viewer 5.0) - http://80.237.209.20/objects/NpFv501.dll
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL,avgrsstx.dll
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe
O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: NTI Backup Now 5 Agent Service (BUNAgentSvc) - NewTech Infosystems, Inc. - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe
O23 - Service: CLHNService - Unknown owner - C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe
O23 - Service: eDataSecurity Service - Egis Incorporated - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe
O23 - Service: Empowering Technology Service (ETService) - Unknown owner - C:\Program Files\Acer\Empowering Technology\Service\ETService.exe
O23 - Service: getPlus(R) Helper - NOS Microsystems Ltd. - C:\Program Files\NOS\bin\getPlus_HelperSvc.exe
O23 - Service: Google Desktop Manager 5.7.808.7150 (GoogleDesktopManager-080708-050100) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Updateservice (gupdate1c98df71e73f460) (gupdate1c98df71e73f460) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exe
O23 - Service: NTI Backup Now 5 Backup Service (NTIBackupSvc) - NewTech InfoSystems, Inc. - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
O23 - Service: NTI Backup Now 5 Scheduler Service (NTISchedulerSvc) - Unknown owner - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\Cyberlink\Shared files\RichVideo.exe
O23 - Service: SupportSoft RemoteAssist - SupportSoft, Inc. - C:\Program Files\Common Files\Supportsoft\bin\ssrc.exe

--
End of file - 9414 bytes

Jurgenv1

Legacy Member
* Download Malwarebytes' Anti-Malware via hier of hier.

Dubbelklik mbam-setup.exe om het programma te installeren.
  • Zorg ervoor dat er een vinkje geplaatst is voor Update Malwarebytes' Anti-Malware en Launch Malwarebytes' Anti-Malware, Klik daarna op "finish".
  • Indien een update gevonden werd, zal het die downloaden en de laatste versie installeren.
  • Wanneer het programma volledig up to date is, selecteer "Perform Quick Scan", daarna klik Scan.
  • Het scannen kan een tijdje duren, dus wees geduldig.
  • Wanneer de scan voltooid is, klik OK, daarna "Show Results" om de resultaten te zien.
  • Zorg ervoor dat daar alles aangevinkt is, daarna klik: Remove Selected.
  • Na het verwijderen zal een log openen en zal er gevraagd worden om de computer opnieuw op te starten. (Zie extra nota onderaan)
  • De log wordt automatisch bewaard door MBAM die je kan zien door de "Logs" tab te klikken in MBAM.
  • Kopieer en plak de resultaten van de log in je volgend antwoord, samen met een nieuw HijackThislog.
Extra Nota:
Indien MBAM moeilijkheden heeft met het verwijderen van bepaalde bestanden zal het enkele meldingen geven waar je OK moet klikken. Daarna zal het vragen om de Computer opnieuw op te starten... dus sta toe dat MBAM de computer opnieuw opstart.

ayahel

Legacy Member
Malwarebytes' Anti-Malware 1.37
Database versie: 2196
Windows 6.0.6001 Service Pack 1

30/05/2009 21:33:02
mbam-log-2009-05-30 (21-33-02).txt

Scan type: Snelle Scan
Objecten gescand: 71427
Verstreken tijd: 8 minute(s), 12 second(s)

Geheugenprocessen geïnfecteerd: 0
Geheugenmodulen geïnfecteerd: 0
Registersleutels geïnfecteerd: 0
Registerwaarden geïnfecteerd: 0
Registerdata bestanden geïnfecteerd: 0
Mappen geïnfecteerd: 0
Bestanden geïnfecteerd: 0

Geheugenprocessen geïnfecteerd:
(Geen kwaadaardige items gevonden)

Geheugenmodulen geïnfecteerd:
(Geen kwaadaardige items gevonden)

Registersleutels geïnfecteerd:
(Geen kwaadaardige items gevonden)

Registerwaarden geïnfecteerd:
(Geen kwaadaardige items gevonden)

Registerdata bestanden geïnfecteerd:
(Geen kwaadaardige items gevonden)

Mappen geïnfecteerd:
(Geen kwaadaardige items gevonden)

Bestanden geïnfecteerd:
(Geen kwaadaardige items gevonden)


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:57:37, on 30/05/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18226)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
C:\Program Files\AVG\AVG8\avgtray.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\PLFSetI.exe
C:\Program Files\Acer Arcade Deluxe\PlayMovie\PMVService.exe
C:\Windows\System32\igfxpers.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Launch Manager\QtZgAcer.EXE
C:\Windows\System32\igfxtray.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Windows\System32\hkcmd.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe
C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe
C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe
C:\Windows\system32\igfxext.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Windows\system32\conime.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\windows defender\MSASCui.exe
C:\Program Files\Internet Explorer\ieuser.exe
C:\Program Files\Windows Live Toolbar\msn_sl.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Zita portaal | Nieuws | Entertainment | Lifestyle | Fun | Business
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = SafeSearch | Protect your Internet searches against spyware, viruses, phishing scams, and identity theft
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Zita portaal | Nieuws | Entertainment | Lifestyle | Fun | Business
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Live Search
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Live Search
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Zita portaal | Nieuws | Entertainment | Lifestyle | Fun | Business
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Telenet Internet
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = http://pac.telenet.be:8080
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: ShowBarObj Class - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\ActiveToolBand.dll
O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [BvtUtility] C:\Program Files\BvT Grup\BvT Live Tv\BvtUtility.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [Ad-Watch] C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [ProductReg] "C:\Program Files\Acer\WR_PopUp\ProductReg.exe"
O4 - HKLM\..\Run: [PLFSetI] C:\Windows\PLFSetI.exe
O4 - HKLM\..\Run: [PlayMovie] "C:\Program Files\Acer Arcade Deluxe\PlayMovie\PMVService.exe"
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\QtZgAcer.EXE
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [ePower_DMC] C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe
O4 - HKLM\..\Run: [CLMLServer] "C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe"
O4 - HKLM\..\Run: [BkupTray] "C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe"
O4 - HKLM\..\Run: [ArcadeDeluxeAgent] "C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (User 'SYSTEEM')
O4 - HKUS\.DEFAULT\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (User 'Default user')
O4 - Startup: OneNote 2007 Schermopname en Snel starten.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O8 - Extra context menu item: Add to Windows &Live Favorites - Sign In
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O16 - DPF: {3441B8F3-CFB6-4240-9099-1B3F88428FE9} (ChatLoader Control) - http://download.voice7.net/chatloader.cab
O16 - DPF: {34635AA6-B593-4F06-9EDD-5FF60FC13310} (Speaky Chat) - http://download.speakyweb.com/speakyldr.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://wwwimages.adobe.com/www.adobe.com/products/acrobat/nos/gp.cab
O16 - DPF: {E55FD215-A32E-43FE-A777-A7E8F165F557} (Flatcast Viewer 5.0) - http://80.237.209.20/objects/NpFv501.dll
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL,avgrsstx.dll
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe
O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: NTI Backup Now 5 Agent Service (BUNAgentSvc) - NewTech Infosystems, Inc. - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe
O23 - Service: CLHNService - Unknown owner - C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe
O23 - Service: eDataSecurity Service - Egis Incorporated - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe
O23 - Service: Empowering Technology Service (ETService) - Unknown owner - C:\Program Files\Acer\Empowering Technology\Service\ETService.exe
O23 - Service: getPlus(R) Helper - NOS Microsystems Ltd. - C:\Program Files\NOS\bin\getPlus_HelperSvc.exe
O23 - Service: Google Desktop Manager 5.7.808.7150 (GoogleDesktopManager-080708-050100) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Updateservice (gupdate1c98df71e73f460) (gupdate1c98df71e73f460) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exe
O23 - Service: NTI Backup Now 5 Backup Service (NTIBackupSvc) - NewTech InfoSystems, Inc. - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
O23 - Service: NTI Backup Now 5 Scheduler Service (NTISchedulerSvc) - Unknown owner - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\Cyberlink\Shared files\RichVideo.exe
O23 - Service: SupportSoft RemoteAssist - SupportSoft, Inc. - C:\Program Files\Common Files\Supportsoft\bin\ssrc.exe

--
End of file - 12205 bytes


ik kan geen msn instaleren op het einde van het instal stop het er is een HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsNT\Currentversion\Drivers32 niet openen ofzoiets + installatieprogramma. hr:0x80070643

als ik combofix wil opene dan laad die maar komt plots windows media player tevoorschijn en combfix gaat dan opeens weg ik heb het zelfs in veilig modes gepr maar geen succes

vriendelijke groetjes :)

ayahel

Legacy Member
en nu kan ik ook niets luisteren op internet allee toch als ik op youtube muziek wil luisteren is er geen geluid wrm weet ik niet

alvast bedankt groetjes:)

ayahel

Legacy Member
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:57:37, on 30/05/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18226)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
C:\Program Files\AVG\AVG8\avgtray.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\PLFSetI.exe
C:\Program Files\Acer Arcade Deluxe\PlayMovie\PMVService.exe
C:\Windows\System32\igfxpers.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Launch Manager\QtZgAcer.EXE
C:\Windows\System32\igfxtray.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Windows\System32\hkcmd.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe
C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe
C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe
C:\Windows\system32\igfxext.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Windows\system32\conime.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\windows defender\MSASCui.exe
C:\Program Files\Internet Explorer\ieuser.exe
C:\Program Files\Windows Live Toolbar\msn_sl.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Zita portaal | Nieuws | Entertainment | Lifestyle | Fun | Business
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = SafeSearch | Protect your Internet searches against spyware, viruses, phishing scams, and identity theft
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Zita portaal | Nieuws | Entertainment | Lifestyle | Fun | Business
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Zita portaal | Nieuws | Entertainment | Lifestyle | Fun | Business
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Telenet Internet
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = http://pac.telenet.be:8080
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: ShowBarObj Class - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\ActiveToolBand.dll
O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [BvtUtility] C:\Program Files\BvT Grup\BvT Live Tv\BvtUtility.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [Ad-Watch] C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [ProductReg] "C:\Program Files\Acer\WR_PopUp\ProductReg.exe"
O4 - HKLM\..\Run: [PLFSetI] C:\Windows\PLFSetI.exe
O4 - HKLM\..\Run: [PlayMovie] "C:\Program Files\Acer Arcade Deluxe\PlayMovie\PMVService.exe"
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\QtZgAcer.EXE
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [ePower_DMC] C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe
O4 - HKLM\..\Run: [CLMLServer] "C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe"
O4 - HKLM\..\Run: [BkupTray] "C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe"
O4 - HKLM\..\Run: [ArcadeDeluxeAgent] "C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (User 'SYSTEEM')
O4 - HKUS\.DEFAULT\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (User 'Default user')
O4 - Startup: OneNote 2007 Schermopname en Snel starten.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O8 - Extra context menu item: Add to Windows &Live Favorites - Sign In
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O16 - DPF: {3441B8F3-CFB6-4240-9099-1B3F88428FE9} (ChatLoader Control) - http://download.voice7.net/chatloader.cab
O16 - DPF: {34635AA6-B593-4F06-9EDD-5FF60FC13310} (Speaky Chat) - http://download.speakyweb.com/speakyldr.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://wwwimages.adobe.com/www.adobe.com/products/acrobat/nos/gp.cab
O16 - DPF: {E55FD215-A32E-43FE-A777-A7E8F165F557} (Flatcast Viewer 5.0) - http://80.237.209.20/objects/NpFv501.dll
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL,avgrsstx.dll
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe
O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: NTI Backup Now 5 Agent Service (BUNAgentSvc) - NewTech Infosystems, Inc. - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe
O23 - Service: CLHNService - Unknown owner - C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe
O23 - Service: eDataSecurity Service - Egis Incorporated - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe
O23 - Service: Empowering Technology Service (ETService) - Unknown owner - C:\Program Files\Acer\Empowering Technology\Service\ETService.exe
O23 - Service: getPlus(R) Helper - NOS Microsystems Ltd. - C:\Program Files\NOS\bin\getPlus_HelperSvc.exe
O23 - Service: Google Desktop Manager 5.7.808.7150 (GoogleDesktopManager-080708-050100) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Updateservice (gupdate1c98df71e73f460) (gupdate1c98df71e73f460) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exe
O23 - Service: NTI Backup Now 5 Backup Service (NTIBackupSvc) - NewTech InfoSystems, Inc. - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
O23 - Service: NTI Backup Now 5 Scheduler Service (NTISchedulerSvc) - Unknown owner - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\Cyberlink\Shared files\RichVideo.exe
O23 - Service: SupportSoft RemoteAssist - SupportSoft, Inc. - C:\Program Files\Common Files\Supportsoft\bin\ssrc.exe

--
End of file - 12205 bytes


ik kan geen msn instaleren op het einde van het instal stop het er is een HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsNT\Cu rrentversion\Drivers32 niet openen ofzoiets + installatieprogramma. hr:0x80070643

plaese help mij zit al dagen zonder msn:(

alvast bedankt:)

ayahel

Legacy Member
Logfile created: 3/06/2009 20:6:24
Lavasoft Ad-Aware version: 8.0.5
Extended engine version: 8.1
User performing scan: elyesa

*********************** Definitions database information ***********************
Lavasoft definition file: 148.44
Extended engine definition file: 8.1

******************************** Scan results: *********************************
Scan profile name: Slim. scan (ID: smart)
Objects scanned: 35835
Objects detected: 24


Type Detected
==========================
Processes.......: 0
Registry entries: 0
Hostfile entries: 0
Files...........: 0
Folders.........: 0
LSPs............: 0
Cookies.........: 24
Browser hijacks.: 0
MRU objects.....: 0



Removed items:
Description: *doubleclick* Family Name: Cookies Clean status: Success Item ID: 408875 Family ID: 0
Description: *.adtoma* Family Name: Cookies Clean status: Success Item ID: 409297 Family ID: 0
Description: *ad.yieldmanager* Family Name: Cookies Clean status: Success Item ID: 409172 Family ID: 0
Description: *apmebf* Family Name: Cookies Clean status: Success Item ID: 409163 Family ID: 0
Description: *atdmt* Family Name: Cookies Clean status: Success Item ID: 408910 Family ID: 0
Description: *casalemedia* Family Name: Cookies Clean status: Success Item ID: 409152 Family ID: 0
Description: *clickbank* Family Name: Cookies Clean status: Success Item ID: 408890 Family ID: 0
Description: *doubleclick* Family Name: Cookies Clean status: Success Item ID: 408875 Family ID: 0
Description: *fastclick* Family Name: Cookies Clean status: Success Item ID: 408869 Family ID: 0
Description: *kontera* Family Name: Cookies Clean status: Success Item ID: 409363 Family ID: 0
Description: *webtrends* Family Name: Cookies Clean status: Success Item ID: 599640 Family ID: 0
Description: *metriweb* Family Name: Cookies Clean status: Success Item ID: 408990 Family ID: 0
Description: *statcounter* Family Name: Cookies Clean status: Success Item ID: 409185 Family ID: 0
Description: *tribalfusion* Family Name: Cookies Clean status: Success Item ID: 408785 Family ID: 0
Description: *webads* Family Name: Cookies Clean status: Success Item ID: 408780 Family ID: 0
Description: *wunderloop* Family Name: Cookies Clean status: Success Item ID: 599639 Family ID: 0
Description: *adserv* Family Name: Cookies Clean status: Success Item ID: 408921 Family ID: 0
Description: *doubleclick* Family Name: Cookies Clean status: Success Item ID: 408875 Family ID: 0
Description: *metriweb* Family Name: Cookies Clean status: Success Item ID: 408990 Family ID: 0
Description: *.webmasterplan* Family Name: Cookies Clean status: Success Item ID: 409180 Family ID: 0
Description: *fastclick* Family Name: Cookies Clean status: Success Item ID: 408869 Family ID: 0
Description: *adultfriendfinder* Family Name: Cookies Clean status: Success Item ID: 409164 Family ID: 0
Description: *tradedoubler* Family Name: Cookies Clean status: Success Item ID: 408964 Family ID: 0
Description: *doubleclick* Family Name: Cookies Clean status: Success Item ID: 408875 Family ID: 0

Scan and cleaning complete: Finished correctly after 113 seconds

*********************************** Settings ***********************************

Scan profile:
ID: smart, enabled:1, value: Slim. scan
ID: scancriticalareas, enabled:1, value: true
ID: scanrunningapps, enabled:1, value: true
ID: scanregistry, enabled:1, value: true
ID: scanlsp, enabled:1, value: true
ID: scanads, enabled:1, value: false
ID: scanhostsfile, enabled:1, value: false
ID: scanmru, enabled:1, value: false
ID: scanbrowserhijacks, enabled:1, value: true
ID: scantrackingcookies, enabled:1, value: true
ID: closebrowsers, enabled:1, value: false
ID: folderstoscan, enabled:1, value:
ID: scanrootkits, enabled:1, value: true
ID: usespywareheuristics, enabled:1, value: true
ID: extendedengine, enabled:0, value: true
ID: useheuristics, enabled:0, value: true
ID: heuristicslevel, enabled:0, value: mild, domain: medium,mild,strict
ID: filescanningoptions, enabled:1
ID: archives, enabled:1, value: false
ID: onlyexecutables, enabled:1, value: true
ID: skiplargerthan, enabled:1, value: 20480

Scan global:
ID: global, enabled:1
ID: addtocontextmenu, enabled:1, value: true
ID: playsoundoninfection, enabled:1, value: false
ID: soundfile, enabled:0, value: *to be filled in automatically*\alert.wav

Scheduled scan settings:
<Empty>

Update settings:
ID: updates, enabled:1
ID: launchthreatworksafterscan, enabled:1, value: normal, domain: normal,off,silently
ID: displaystatus, enabled:1, value: false
ID: deffiles, enabled:1, value: downloadandinstall, domain: dontcheck,downloadandinstall
ID: autodetectproxy, enabled:1, value: false
ID: useautoconfigscript, enabled:1, value: false
ID: autoconfigurl, enabled:0, value:
ID: useproxy, enabled:1, value: false
ID: proxyserver, enabled:0, value:
ID: softwareupdates, enabled:1, value: downloadandinstall, domain: dontcheck,downloadandinstall
ID: licenseandinfo, enabled:1, value: downloadandinstall, domain: dontcheck,downloadandinstall
ID: schedules, enabled:1, value: true
ID: updatedaily, enabled:1, value: Daily
ID: time, enabled:1, value: Thu May 28 13:29:00 2009
ID: frequency, enabled:1, value: daily, domain: daily,monthly,once,systemstart,weekly
ID: weekdays, enabled:1
ID: monday, enabled:1, value: false
ID: tuesday, enabled:1, value: false
ID: wednesday, enabled:1, value: false
ID: thursday, enabled:1, value: false
ID: friday, enabled:1, value: false
ID: saturday, enabled:1, value: false
ID: sunday, enabled:1, value: false
ID: monthly, enabled:1, value: 1, minvalue: 1, maxvalue: 31
ID: scanprofile, enabled:1, value:
ID: auto_deal_with_infections, enabled:1, value: false
ID: updateweekly, enabled:1, value: Weekly
ID: time, enabled:1, value: Thu May 28 13:29:00 2009
ID: frequency, enabled:1, value: weekly, domain: daily,monthly,once,systemstart,weekly
ID: weekdays, enabled:1
ID: monday, enabled:1, value: true
ID: tuesday, enabled:1, value: false
ID: wednesday, enabled:1, value: false
ID: thursday, enabled:1, value: true
ID: friday, enabled:1, value: false
ID: saturday, enabled:1, value: false
ID: sunday, enabled:1, value: false
ID: monthly, enabled:1, value: 1, minvalue: 1, maxvalue: 31
ID: scanprofile, enabled:1, value:
ID: auto_deal_with_infections, enabled:1, value: false

Appearance settings:
ID: appearance, enabled:1
ID: skin, enabled:1, value: default.egl, reglocation: HKEY_LOCAL_MACHINE\SOFTWARE\Lavasoft\Ad-Aware\Resource
ID: showtrayicon, enabled:1, value: true
ID: language, enabled:1, value: nl, reglocation: HKEY_LOCAL_MACHINE\SOFTWARE\Lavasoft\Ad-Aware\Language

Realtime protection settings:
ID: realtime, enabled:1
ID: processprotection, enabled:1, value: true
ID: registryprotection, enabled:0, value: false
ID: networkprotection, enabled:0, value: false
ID: loadatstartup, enabled:1, value: true
ID: usespywareheuristics, enabled:0, value: true
ID: extendedengine, enabled:0, value: false
ID: useheuristics, enabled:0, value: false
ID: heuristicslevel, enabled:0, value: mild, domain: medium,mild,strict
ID: infomessages, enabled:1, value: onlyimportant, domain: display,dontnotify,onlyimportant


****************************** System information ******************************
Computer name: PC_VAN_ELYESA
Processor name: Intel(R) Pentium(R) Dual CPU T3200 @ 2.00GHz
Processor identifier: x86 Family 6 Model 15 Stepping 13
Raw info: processorarchitecture 0, processortype 586, processorlevel 6, processor revision 3853, number of processors 2
Physical memory available: 1978986496 bytes
Physical memory total: 3145859072 bytes
Virtual memory available: 1968996352 bytes
Virtual memory total: 2147352576 bytes
Memory load: 37%
Microsoft Windows Vista Home Premium Edition, 32-bit Service Pack 1 (build 6001)
Windows startup mode:

Running processes:
PID: 564 name: C:\Windows\System32\smss.exe owner: SYSTEEM domain: NT AUTHORITY
PID: 636 name: C:\Windows\System32\csrss.exe owner: SYSTEEM domain: NT AUTHORITY
PID: 676 name: C:\Windows\System32\wininit.exe owner: SYSTEEM domain: NT AUTHORITY
PID: 688 name: C:\Windows\System32\csrss.exe owner: SYSTEEM domain: NT AUTHORITY
PID: 732 name: C:\Windows\System32\services.exe owner: SYSTEEM domain: NT AUTHORITY
PID: 744 name: C:\Windows\System32\lsass.exe owner: SYSTEEM domain: NT AUTHORITY
PID: 752 name: C:\Windows\System32\lsm.exe owner: SYSTEEM domain: NT AUTHORITY
PID: 840 name: C:\Windows\System32\winlogon.exe owner: SYSTEEM domain: NT AUTHORITY
PID: 992 name: C:\Windows\System32\svchost.exe owner: SYSTEEM domain: NT AUTHORITY
PID: 1056 name: C:\Windows\System32\svchost.exe owner: NETWORK SERVICE domain: NT AUTHORITY
PID: 1104 name: C:\Windows\System32\svchost.exe owner: SYSTEEM domain: NT AUTHORITY
PID: 1192 name: C:\Windows\System32\svchost.exe owner: LOCAL SERVICE domain: NT AUTHORITY
PID: 1220 name: C:\Windows\System32\svchost.exe owner: SYSTEEM domain: NT AUTHORITY
PID: 1252 name: C:\Windows\System32\svchost.exe owner: SYSTEEM domain: NT AUTHORITY
PID: 1388 name: C:\Windows\System32\svchost.exe owner: SYSTEEM domain: NT AUTHORITY
PID: 1408 name: C:\Windows\System32\SLsvc.exe owner: NETWORK SERVICE domain: NT AUTHORITY
PID: 1440 name: C:\Windows\System32\svchost.exe owner: LOCAL SERVICE domain: NT AUTHORITY
PID: 1604 name: C:\Windows\System32\svchost.exe owner: NETWORK SERVICE domain: NT AUTHORITY
PID: 1836 name: C:\Windows\System32\spoolsv.exe owner: SYSTEEM domain: NT AUTHORITY
PID: 1864 name: C:\Windows\System32\svchost.exe owner: LOCAL SERVICE domain: NT AUTHORITY
PID: 2044 name: C:\Windows\System32\agrsmsvc.exe owner: SYSTEEM domain: NT AUTHORITY
PID: 392 name: C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe owner: SYSTEEM domain: NT AUTHORITY
PID: 376 name: C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe owner: SYSTEEM domain: NT AUTHORITY
PID: 480 name: C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe owner: SYSTEEM domain: NT AUTHORITY
PID: 580 name: C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe owner: SYSTEEM domain: NT AUTHORITY
PID: 672 name: C:\Program Files\AVG\AVG8\avgrsx.exe owner: SYSTEEM domain: NT AUTHORITY
PID: 724 name: C:\Program Files\Acer\Empowering Technology\Service\ETService.exe owner: SYSTEEM domain: NT AUTHORITY
PID: 980 name: C:\PROGRA~1\AVG\AVG8\avgnsx.exe owner: SYSTEEM domain: NT AUTHORITY
PID: 2104 name: C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe owner: SYSTEEM domain: NT AUTHORITY
PID: 2116 name: C:\Program Files\Google\Update\GoogleUpdate.exe owner: SYSTEEM domain: NT AUTHORITY
PID: 2224 name: C:\Program Files\Common Files\LightScribe\LSSrvc.exe owner: SYSTEEM domain: NT AUTHORITY
PID: 2312 name: C:\ACER\Mobility Center\MobilityService.exe owner: SYSTEEM domain: NT AUTHORITY
PID: 2372 name: C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe owner: SYSTEEM domain: NT AUTHORITY
PID: 2468 name: C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe owner: SYSTEEM domain: NT AUTHORITY
PID: 2500 name: C:\Windows\System32\svchost.exe owner: NETWORK SERVICE domain: NT AUTHORITY
PID: 2524 name: C:\Program Files\Cyberlink\Shared files\RichVideo.exe owner: SYSTEEM domain: NT AUTHORITY
PID: 2560 name: C:\Windows\System32\svchost.exe owner: LOCAL SERVICE domain: NT AUTHORITY
PID: 2632 name: C:\Windows\System32\svchost.exe owner: SYSTEEM domain: NT AUTHORITY
PID: 2692 name: C:\Windows\System32\SearchIndexer.exe owner: SYSTEEM domain: NT AUTHORITY
PID: 2756 name: C:\PROGRA~1\AVG\AVG8\avgemc.exe owner: SYSTEEM domain: NT AUTHORITY
PID: 3028 name: C:\Program Files\AVG\AVG8\avgcsrvx.exe owner: SYSTEEM domain: NT AUTHORITY
PID: 3192 name: C:\Windows\System32\wbem\WmiPrvSE.exe owner: SYSTEEM domain: NT AUTHORITY
PID: 3284 name: C:\Windows\System32\wbem\unsecapp.exe owner: SYSTEEM domain: NT AUTHORITY
PID: 3972 name: C:\Windows\System32\taskeng.exe owner: SYSTEEM domain: NT AUTHORITY
PID: 1892 name: C:\Windows\System32\taskeng.exe owner: elyesa domain: PC_van_elyesa
PID: 3524 name: C:\Windows\System32\dwm.exe owner: elyesa domain: PC_van_elyesa
PID: 3592 name: C:\Windows\explorer.exe owner: elyesa domain: PC_van_elyesa
PID: 728 name: C:\Program Files\Windows Media Player\wmpnetwk.exe owner: NETWORK SERVICE domain: NT AUTHORITY
PID: 4084 name: C:\Program Files\Java\jre6\bin\jusched.exe owner: elyesa domain: PC_van_elyesa
PID: 3812 name: C:\Program Files\Synaptics\SynTP\SynTPEnh.exe owner: elyesa domain: PC_van_elyesa
PID: 3460 name: C:\Windows\PLFSetI.exe owner: elyesa domain: PC_van_elyesa
PID: 2428 name: C:\Program Files\Acer Arcade Deluxe\PlayMovie\PMVService.exe owner: elyesa domain: PC_van_elyesa
PID: 3956 name: C:\Windows\System32\igfxpers.exe owner: elyesa domain: PC_van_elyesa
PID: 4036 name: C:\Windows\System32\igfxsrvc.exe owner: elyesa domain: PC_van_elyesa
PID: 2868 name: C:\Windows\System32\igfxtray.exe owner: elyesa domain: PC_van_elyesa
PID: 3876 name: C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe owner: elyesa domain: PC_van_elyesa
PID: 3908 name: C:\Windows\System32\hkcmd.exe owner: elyesa domain: PC_van_elyesa
PID: 2956 name: C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe owner: elyesa domain: PC_van_elyesa
PID: 616 name: C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe owner: elyesa domain: PC_van_elyesa
PID: 1248 name: C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe owner: elyesa domain: PC_van_elyesa
PID: 1300 name: C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe owner: elyesa domain: PC_van_elyesa
PID: 1316 name: C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe owner: elyesa domain: PC_van_elyesa
PID: 3320 name: C:\Program Files\Windows Media Player\wmpnscfg.exe owner: elyesa domain: PC_van_elyesa
PID: 1560 name: C:\Windows\RtHDVCpl.exe owner: elyesa domain: PC_van_elyesa
PID: 3008 name: C:\Windows\System32\wbem\unsecapp.exe owner: elyesa domain: PC_van_elyesa
PID: 2416 name: C:\Windows\ehome\ehtray.exe owner: elyesa domain: PC_van_elyesa
PID: 3488 name: C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe owner: elyesa domain: PC_van_elyesa
PID: 4176 name: C:\Windows\ehome\ehmsas.exe owner: elyesa domain: PC_van_elyesa
PID: 4440 name: C:\Users\elyesa\AppData\Local\Temp\RtkBtMnt.exe owner: elyesa domain: PC_van_elyesa
PID: 5356 name: C:\Program Files\Synaptics\SynTP\SynTPHelper.exe owner: elyesa domain: PC_van_elyesa
PID: 4924 name: C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe owner: SYSTEEM domain: NT AUTHORITY
PID: 4688 name: C:\Windows\System32\wbem\unsecapp.exe owner: SYSTEEM domain: NT AUTHORITY
PID: 4892 name: C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe owner: elyesa domain: PC_van_elyesa
PID: 5684 name: C:\Program Files\Lavasoft\Ad-Aware\Ad-Aware.exe owner: elyesa domain: PC_van_elyesa

Startup items:
Name: msnmsgr
imagepath: "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
Name: {8C7461EF-2B13-11d2-BE35-3078302C2030}
imagepath: Component Categories cache daemon
Name: WebCheck
imagepath: {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
Name: eRecoveryService
Name: BvtUtility
imagepath: C:\Program Files\BvT Grup\BvT Live Tv\BvtUtility.exe
Name: SunJavaUpdateSched
imagepath: "C:\Program Files\Java\jre6\bin\jusched.exe"
Name: QuickTime Task
imagepath: "C:\Program Files\QuickTime\QTTask.exe" -atboottime
Name: Ad-Watch
imagepath: C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
Name: AVG8_TRAY
imagepath: C:\PROGRA~1\AVG\AVG8\avgtray.exe
Name: Windows Defender
imagepath: %ProgramFiles%\Windows Defender\MSASCui.exe -hide
Name: SynTPEnh
imagepath: C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
Name: ProductReg
imagepath: "C:\Program Files\Acer\WR_PopUp\ProductReg.exe"
Name: PLFSetI
imagepath: C:\Windows\PLFSetI.exe
Name: PlayMovie
imagepath: "C:\Program Files\Acer Arcade Deluxe\PlayMovie\PMVService.exe"
Name: Persistence
imagepath: C:\Windows\system32\igfxpers.exe
Name: LManager
imagepath: C:\PROGRA~1\LAUNCH~1\QtZgAcer.EXE
Name: IgfxTray
imagepath: C:\Windows\system32\igfxtray.exe
Name: IAAnotif
imagepath: C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
Name: HotKeysCmds
imagepath: C:\Windows\system32\hkcmd.exe
Name: Google Desktop Search
imagepath: "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
Name: ePower_DMC
imagepath: C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe
Name: eDataSecurity Loader
imagepath: C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe
Name: CLMLServer
imagepath: "C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe"
Name: BkupTray
imagepath: "C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe"
Name: ArcadeDeluxeAgent
imagepath: "C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe"
Name: RtHDVCpl
imagepath: RtHDVCpl.exe
Name: Skytel
imagepath: Skytel.exe
Name:
imagepath: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini

Bootexecute items:
Name:
imagepath: autocheck autochk *
Name:
imagepath: lsdelete

Running services:
Name: AeLookupSvc
displayname: Application Experience
Name: AgereModemAudio
displayname: Agere Modem Call Progress Audio
Name: Appinfo
displayname: Application Information
Name: AudioEndpointBuilder
displayname: Windows Audio Endpoint Builder
Name: Audiosrv
displayname: Windows Audio
Name: avg8emc
displayname: AVG Free8 E-mail Scanner
Name: avg8wd
displayname: AVG Free8 WatchDog
Name: BFE
displayname: Base Filtering Engine
Name: BITS
displayname: Background Intelligent Transfer Service
Name: Browser
displayname: Computer Browser
Name: BUNAgentSvc
displayname: NTI Backup Now 5 Agent Service
Name: CLHNService
displayname: CLHNService
Name: CryptSvc
displayname: Cryptographic Services
Name: DcomLaunch
displayname: DCOM Server Process Launcher
Name: Dhcp
displayname: DHCP Client
Name: Dnscache
displayname: DNS Client
Name: DPS
displayname: Diagnostic Policy Service
Name: EapHost
displayname: Extensible Authentication Protocol
Name: eDataSecurity Service
displayname: eDataSecurity Service
Name: EMDMgmt
displayname: ReadyBoost
Name: ETService
displayname: Empowering Technology Service
Name: Eventlog
displayname: Windows Event Log
Name: EventSystem
displayname: COM+ Event System
Name: fdPHost
displayname: Function Discovery Provider Host
Name: FDResPub
displayname: Function Discovery Resource Publication
Name: gpsvc
displayname: Group Policy Client
Name: IAANTMON
displayname: Intel(R) Matrix Storage Event Monitor
Name: IKEEXT
displayname: IKE and AuthIP IPsec Keying Modules
Name: iphlpsvc
displayname: IP Helper
Name: KeyIso
displayname: CNG Key Isolation
Name: KtmRm
displayname: KtmRm for Distributed Transaction Coordinator
Name: LanmanServer
displayname: Server
Name: LanmanWorkstation
displayname: Workstation
Name: Lavasoft Ad-Aware Service
displayname: Lavasoft Ad-Aware Service
Name: LightScribeService
displayname: LightScribeService Direct Disc Labeling Service
Name: lmhosts
displayname: TCP/IP NetBIOS Helper
Name: MMCSS
displayname: Multimedia Class Scheduler
Name: MobilityService
displayname: MobilityService
Name: MpsSvc
displayname: Windows Firewall
Name: Netman
displayname: Network Connections
Name: netprofm
displayname: Network List-service
Name: NlaSvc
displayname: Network Location Awareness
Name: nsi
displayname: Network Store Interface-service
Name: NTIBackupSvc
displayname: NTI Backup Now 5 Backup Service
Name: NTISchedulerSvc
displayname: NTI Backup Now 5 Scheduler Service
Name: PcaSvc
displayname: Program Compatibility Assistant-service
Name: PlugPlay
displayname: Plug and Play
Name: PolicyAgent
displayname: IPsec Policy Agent
Name: ProfSvc
displayname: User Profile-service
Name: RasMan
displayname: Remote Access Connection Manager
Name: RichVideo
displayname: Cyberlink RichVideo Service(CRVS)
Name: RpcSs
displayname: Remote Procedure Call (RPC)
Name: SamSs
displayname: Security Accounts Manager
Name: Schedule
displayname: Task Scheduler
Name: seclogon
displayname: Secondary Logon
Name: SENS
displayname: System Event Notification-service
Name: ShellHWDetection
displayname: Shell Hardware Detection
Name: slsvc
displayname: Software Licensing
Name: Spooler
displayname: Print Spooler
Name: SSDPSRV
displayname: SSDP Discovery
Name: SstpSvc
displayname: SSTP-service (Secure Socket Tunneling Protocol)
Name: stisvc
displayname: WIA (Windows Image Acquisition)
Name: SysMain
displayname: Superfetch
Name: TabletInputService
displayname: Tablet PC Input-service
Name: TapiSrv
displayname: Telephony
Name: TermService
displayname: Terminal Services
Name: Themes
displayname: Themes
Name: TrkWks
displayname: Distributed Link Tracking Client
Name: upnphost
displayname: UPnP Device Host
Name: UxSms
displayname: Desktop Window Manager Session Manager
Name: W32Time
displayname: Windows Time
Name: WdiSystemHost
displayname: Diagnostic System Host
Name: WebClient
displayname: WebClient
Name: WerSvc
displayname: Windows Error Reporting-service
Name: WinDefend
displayname: Windows Defender
Name: WinHttpAutoProxySvc
displayname: WinHTTP Web Proxy Auto-Discovery-service
Name: Winmgmt
displayname: Windows Management Instrumentation
Name: Wlansvc
displayname: WLAN Auto Config
Name: WMPNetworkSvc
displayname: Windows Media Player Network Sharing-service
Name: WPDBusEnum
displayname: Portable Device Enumerator-service
Name: wscsvc
displayname: Security Center
Name: WSearch
displayname: Windows Search
Name: wuauserv
displayname: Windows Update
Name: wudfsvc
displayname: Windows Driver Foundation - User-mode Driver Framework

de bovenste is hjt en dit is ad aware ben het vergete bij te zette


sorry alvast en weeral bedankt:)

ayahel

Legacy Member
hoe doe ik dat??? wat meer uitleg zal mij helpen hoe en waar ik moet doen

sorry ken er niet veel van

alvast bedankt:)

Jurgenv1

Legacy Member
Heb je geen cd-rom van je moederbord waar al je drivers op staan? :)

ayahel

Legacy Member
windows vista

ik heb mijn laptop helemaal geformateerd alles is terug normaal behalve als ik die msn open dat ik nog steeds die berichten krijg ik klik er niet op ma hoe doe ik die weg die komen van mij ik krijg mijn berichten dus die virus iedereen die online is ook wat moet ik doen om daar vanaf te komen?
ik heb mijn pc niet echt geformateerd gewoon alles terug gedaan hoe ik het had gekocht door alt F10 te drukken bij het opstarten want cd had ik niet meegekregen die geven ze niet meer als je een pc koopt ik had het gevraagd aan de verkoopster:( dus heb ik het maar zo gedaan:)

alvast bedankt

ps...ik heb ook geen virusscanners ofzo op mijn laptop welke raad ge mij aan nu ik toch de hele pc heb geformateerd?????

:))

Jurgenv1

Legacy Member
Het zou best zijn om je account op msn te sluiten en een nieuwe te openen... Let wel, je moet hem effectief sluiten zodat alles gewist kan worden, anders blijft hij lekker door zenden naar iedereen. :)
Het archief is een bevroren moment uit een vorige versie van dit forum, met andere regels en andere bazen. Deze posts weerspiegelen op geen enkele manier onze huidige ideeën, waarden of wereldbeelden en zijn op sommige plaatsen gecensureerd wegens ontoelaatbaar. Veel zijn in een andere tijdsgeest gemaakt, al dan niet ironisch - zoals in het ironische subforum Off-Topic - en zouden op dit moment niet meer gepost (mogen) worden. Toch bieden we dit archief nog graag aan als informatiedatabank en naslagwerk. Lees er hier meer over of start een gesprek met anderen.
Terug
Bovenaan