Vraag & Antwoord

Beveiliging & privacy

hijackthis logje omdat......

16 antwoorden
  • Hallo allemaal, Sommige pagina's op internet laden heel langzaam o.a. dit form, het form van tiscali en zo zijn er nog een paar. Alle scans op virus, maleware, enz.heb ik al gedaan. Zit te twijfelen om win.xp er opnieuw op te zetten, maar dacht misschien wil iemand mijn logje even bekijken. Als daar niets uit komt ga ik win. xp er eens fris opzetten en kijken of dit helpt. temp enz is ook al leeg flush dns ook. dus ben benieuwd. Al vast heel veel dank. groetjes Hans. Logfile of HijackThis v1.99.1 Scan saved at 13:35, on 06-09-16 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.5700.0006) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\CTSvcCDA.EXE C:\Program Files\Eset\nod32krn.exe C:\WINDOWS\system32\oodag.exe C:\WINDOWS\System32\snmp.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\ZoneLabs\vsmon.exe C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe C:\WINDOWS\system32\MsPMSPSv.exe C:\WINDOWS\System32\wbem\wmiapsrv.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe C:\Program Files\Winamp\winampa.exe C:\Program Files\TomTom HOME\TomTomHOME.exe C:\Program Files\Eset\nod32kui.exe C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb08.exe C:\Program Files\Creative\SBAudigy2\Surround Mixer\CTSysVol.exe C:\WINDOWS\CTHELPER.EXE C:\WINDOWS\system32\rundll32.exe C:\Program Files\TGTSoft\StyleXP\StyleXP.exe C:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE C:\Program Files\IE New Window Maximizer\iemaximizer.exe C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Logitech\SetPoint\SetPoint.exe C:\Program Files\NetMeter\NetMeter.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\3M\PSNLite\PsnLite.exe C:\Program Files\Common Files\Logitech\KhalShared\KHALMNPR.EXE C:\PROGRA~1\3M\PSNLite\PSNGive.exe C:\Program Files\Yahoo!\WidgetEngine\YahooWidgetEngine.exe C:\PROGRA~1\INCRED~1\bin\IMApp.exe C:\Program Files\Webshots\WebshotsTray.exe C:\Program Files\Yahoo!\WidgetEngine\YahooWidgetEngine.exe C:\Program Files\Yahoo!\WidgetEngine\YahooWidgetEngine.exe C:\Program Files\NU.nl Nieuwslezer\nunwslzr.exe C:\Program Files\Yahoo!\WidgetEngine\YahooWidgetEngine.exe C:\Program Files\ATI Technologies\ATI.ACE\cli.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\MSN Messenger\msnmsgr.exe C:\Documents and Settings\HR\Bureaublad\Nieuwe map\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.nl/0SENLNL/SAOS02 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.startpagina.nl/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=54729 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=55245&clcid={SUB_CLCID} R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen O2 - BHO: SpywareGuard Download Protection - {4A368E80-174F-4872-96B5-0B27DDD11DB2} - C:\Program Files\SpywareGuard\dlprotect.dll O2 - BHO: OpinionBar IE monitor - {6607C683-AE7C-11D4-ACD7-0050DAC291A2} - C:\PROGRA~1\OPINIO~1\MYIEMO~1.DLL O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: CoTGT_BHO Class - {C333CF63-767F-4831-94AC-E683D962C63C} - C:\Program Files\TGTSoft\StyleXP\TGT_BHO.dll O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe" O4 - HKLM\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME\TomTomHOME.exe" -s O4 - HKLM\..\Run: [SpySweeper] "C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe" /startintray O4 - HKLM\..\Run: [Ptipbmf] "rundll32.exe" ptipbmf.dll,SetWriteCacheMode O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb08.exe O4 - HKLM\..\Run: [CTSysVol] "C:\Program Files\Creative\SBAudigy2\Surround Mixer\CTSysVol.exe" O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] "rundll32.exe" bthprops.cpl,,BluetoothAuthenticationAgent O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\RunOnce: [c_usdir] cmd /C "rmdir /Q C:\WINDOWS\system32\Macromed\Download" O4 - HKLM\..\RunOnce: [b_usexe] cmd /C "del C:\WINDOWS\system32\Macromed\Download\Download.exe" O4 - HKLM\..\RunOnce: [a_usdll] cmd /C "del C:\WINDOWS\system32\Macromed\Download\Download.dll" O4 - HKCU\..\Run: [STYLEXP] "C:\Program Files\TGTSoft\StyleXP\StyleXP.exe" -Hide O4 - HKCU\..\Run: [IE New Window Maximizer] "C:\Program Files\IE New Window Maximizer\iemaximizer.exe" O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [IncrediMail] "C:\Program Files\IncrediMail\bin\IncMail.exe" /c O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - Startup: E-mail.lnk = ? O4 - Startup: Webshots.lnk = C:\Program Files\Webshots\WebshotsTray.exe O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe O4 - Global Startup: NetMeter.lnk = C:\Program Files\NetMeter\NetMeter.exe O4 - Global Startup: NU.nl Nieuwslezer.lnk = C:\Program Files\NU.nl Nieuwslezer\nunwslzr.exe O4 - Global Startup: Post-it® Software Notes Lite.lnk = C:\Program Files\3M\PSNLite\PsnLite.exe O4 - Global Startup: SpywareGuard.lnk = C:\Program Files\SpywareGuard\sgmain.exe O4 - Global Startup: Yahoo! Widget Engine (2).lnk = C:\Program Files\Yahoo!\WidgetEngine\YahooWidgetEngine.exe O9 - Extra button: (no name) - AutorunsDisabled - (no file) O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O11 - Options group: [INTERNATIONAL] International* O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} (Creative Software AutoUpdate) - http://www.creative.com/su/ocx/15026/CTSUEng.cab O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://www.creative.com/su/ocx/15026/CTPID.cab O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O20 - Winlogon Notify: WRNotifier - C:\WINDOWS\SYSTEM32\WRLogonNTF.dll O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTSvcCDA.EXE O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - c:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe O23 - Service: O&O Defrag - O&O Software GmbH - C:\WINDOWS\system32\oodag.exe O23 - Service: StyleXPService - Unknown owner - C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe O23 - Service: TuneUp WinStyler Theme Service (TUWinStylerThemeSvc) - TuneUp Software GmbH - C:\Program Files\TuneUp Utilities 2006\WinStylerThemeSvc.exe O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe O23 - Service: Webroot Spy Sweeper Engine (WebrootSpySweeperService) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
  • Download [url=http://download.bleepingcomputer.com/sUBs/combofix.exe][b:62a4c3bf09]Combofix[/b:62a4c3bf09][/url] naar je Bureaublad.[list:62a4c3bf09] Dubbelklik [b:62a4c3bf09]Combofix.exe[/b:62a4c3bf09] Volg de instructies, aanvaard de disclaimer door "y" of "Y" te typen. Tijdens het runnen van de fix, [b:62a4c3bf09]NIET[/b:62a4c3bf09] in het venster klikken, want dit zal je pc doen vasthangen.[/list:u:62a4c3bf09] Wanneer de fix voltooid is en na herstart, zal de log [b:62a4c3bf09]combofix.txt[/b:62a4c3bf09] openen. [i:62a4c3bf09]Plaats deze log in je volgende post samen met een nieuw HijackThis log.[/i:62a4c3bf09] NOTA: Indien je virusscanner reageert met een melding van een scriptuitvoering, mag je dit negeren.
  • Hallo, Bedankt voor je reactie, heb combofix gedownload, maar als ik klik op instaleren krijg ik net een blauw scherm te zien en op het moment dat daar letters in komen floept het hele scherm weg. dus kan hem niet draaien. Heb virusscanner en alle andere progjes wat op de achtergrond draaid al uit gezet, maar helaas. Heeft het nu op dit ook te draien in de veilige modus? of heeft dit geen zin of kan het helemaal niet.
  • HR - 06-09-16 23:05:59.60 Service Pack 2 ComboFix 06.09.14 - Running from: C:\Documents and Settings\HR\Bureaublad ((((((((((((((((((((((((((((((( Files Created from 2006-08-16 to 2006-09-16 )))))))))))))))))))))))))))))))))) 2006-09-16 17:57 94,208 --a------ C:\WINDOWS\DEVREG.DLL 2006-09-16 17:57 24,576 --a------ C:\WINDOWS\system32\CTHELPER.EXE 2006-09-16 17:57 20,480 --a------ C:\WINDOWS\system32\ENSDEF.EXE 2006-09-16 17:57 155,648 --a------ C:\WINDOWS\system32\OPENAL32.DLL 2006-09-16 14:16 181,760 --a------ C:\WINDOWS\system32\AM-Install.exe 2006-09-09 16:22 121,856 --------- C:\WINDOWS\system32\xmllite.dll 2006-08-24 22:20 520,192 --------- C:\WINDOWS\system32\ati2sgag.exe 2006-08-23 00:31 50,688 --------- C:\WINDOWS\system32\msfeedsbs.dll 2006-08-23 00:31 5,906,432 --------- C:\WINDOWS\system32\ieframe.dll 2006-08-23 00:31 457,728 --------- C:\WINDOWS\system32\msfeeds.dll 2006-08-23 00:31 175,616 --------- C:\WINDOWS\system32\ieui.dll 2006-08-23 00:18 206,336 --------- C:\WINDOWS\system32\WinFXDocObj.exe 2006-08-23 00:13 11,776 --a------ C:\WINDOWS\system32\ieudinit.exe 2006-08-23 00:11 12,288 --------- C:\WINDOWS\system32\msfeedssync.exe 2006-08-23 00:10 61,440 --------- C:\WINDOWS\system32\icardie.dll 2006-08-23 00:09 262,656 --------- C:\WINDOWS\system32\iertutil.dll 2006-08-22 23:36 380,928 --------- C:\WINDOWS\system32\ieapfltr.dll (((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))) 2006-09-16 14:52 -------- d-------- C:\Program Files\Ad Muncher 2006-09-15 10:02 -------- d-------- C:\Program Files\TomTom HOME 2006-09-14 23:32 -------- d-------- C:\Program Files\Foxit Software 2006-09-12 21:59 -------- d-------- C:\Program Files\Google 2006-09-12 20:43 -------- d-------- C:\Program Files\OfficeUpdate11 2006-09-11 22:47 -------- d-------- C:\Program Files\MSN Messenger 2006-09-11 22:40 -------- d---s---- C:\Documents and Settings\HR\Application Data\Microsoft 2006-09-11 22:25 -------- d-------- C:\Program Files\Windows Live Safety Center 2006-09-10 22:48 -------- d-------- C:\Program Files\SpywareBlaster 2006-09-10 22:47 -------- d-------- C:\Program Files\SpywareGuard 2006-09-10 22:03 -------- d--h----- C:\Program Files\InstallShield Installation Information 2006-09-09 16:48 -------- d--h----- C:\Program Files\Uninstall Information 2006-09-09 16:25 -------- d-------- C:\Program Files\Internet Explorer 2006-09-08 21:01 -------- d-------- C:\Program Files\IncrediMail 2006-09-05 22:40 -------- d-------- C:\Program Files\Avant Browser 2006-09-05 22:40 -------- d-------- C:\Program Files\ASUS 2006-09-05 22:39 -------- d-------- C:\Documents and Settings\HR\Application Data\Avant Browser 2006-08-27 16:33 -------- d-------- C:\Program Files\Simpli Software 2006-08-26 23:13 -------- d-------- C:\Program Files\Webshots 2006-08-25 00:07 -------- d-------- C:\Program Files\Gabest 2006-08-24 22:19 -------- d-------- C:\Program Files\ATI Technologies 2006-08-24 19:34 -------- d-------- C:\Program Files\Winamp 2006-08-23 00:31 413696 --a------ C:\WINDOWS\system32\vbscript.dll 2006-08-23 00:31 225792 --a------ C:\WINDOWS\system32\webcheck.dll 2006-08-23 00:31 152064 --a------ C:\WINDOWS\system32\msls31.dll 2006-08-23 00:18 78336 --a------ C:\WINDOWS\system32\ieencode.dll 2006-08-23 00:17 40448 --a------ C:\WINDOWS\system32\licmgr10.dll 2006-08-23 00:17 105472 --a------ C:\WINDOWS\system32\url.dll 2006-08-23 00:17 100352 --a------ C:\WINDOWS\system32\occache.dll 2006-08-23 00:16 16896 --a------ C:\WINDOWS\system32\corpol.dll 2006-08-23 00:14 378368 --a------ C:\WINDOWS\system32\iedkcs32.dll 2006-08-23 00:14 229376 --a------ C:\WINDOWS\system32\ieaksie.dll 2006-08-23 00:13 71680 --a------ C:\WINDOWS\system32\admparse.dll 2006-08-23 00:13 55296 --a------ C:\WINDOWS\system32\iesetup.dll 2006-08-23 00:13 54784 --a------ C:\WINDOWS\system32\ie4uinit.exe 2006-08-23 00:13 43008 --a------ C:\WINDOWS\system32\iernonce.dll 2006-08-23 00:13 152064 --a------ C:\WINDOWS\system32\ieakeng.dll 2006-08-23 00:13 122880 --a------ C:\WINDOWS\system32\advpack.dll 2006-08-23 00:10 35328 --a------ C:\WINDOWS\system32\imgutil.dll 2006-08-23 00:07 45568 --a------ C:\WINDOWS\system32\mshta.exe 2006-08-22 23:37 48128 --a------ C:\WINDOWS\system32\mshtmler.dll 2006-08-22 23:30 161792 --a------ C:\WINDOWS\system32\ieakui.dll 2006-08-21 14:28 16896 --a------ C:\WINDOWS\system32\fltlib.dll 2006-08-21 11:14 23040 --a------ C:\WINDOWS\system32\fltmc.exe 2006-08-21 11:14 128896 --------- C:\WINDOWS\system32\drivers\fltmgr.sys 2006-08-15 18:03 -------- d-------- C:\Documents and Settings\HR\Application Data\InstallShield 2006-08-13 22:19 -------- d-------- C:\Program Files\Shareaza 2006-08-13 19:16 -------- d-------- C:\Program Files\Kruidvat Fotoservice 2006-08-10 19:46 22752 --a------ C:\WINDOWS\system32\spupdsvc.exe 2006-08-06 14:00 -------- d-------- C:\Documents and Settings\HR\Application Data\ATI 2006-08-05 11:58 -------- d-------- C:\Program Files\OpinionBar 2006-08-03 19:33 15360 --a------ C:\WINDOWS\system32\drivers\sshrmd.sys 2006-08-03 19:33 14848 --a------ C:\WINDOWS\system32\drivers\sskbfd.sys 2006-08-03 19:33 13824 --a------ C:\WINDOWS\system32\drivers\SSFS0509.sys 2006-08-03 19:33 117248 --a------ C:\WINDOWS\system32\drivers\ssidrv.sys 2006-08-03 00:12 307200 --a------ C:\WINDOWS\system32\atiiiexx.dll 2006-08-03 00:08 258048 --a------ C:\WINDOWS\system32\ati2dvag.dll 2006-08-03 00:07 1681920 --a------ C:\WINDOWS\system32\drivers\ati2mtag.sys 2006-08-03 00:02 86016 --a------ C:\WINDOWS\system32\ati2evxx.dll 2006-08-03 00:02 77824 --a------ C:\WINDOWS\system32\Oemdspif.dll 2006-08-03 00:02 41984 --a------ C:\WINDOWS\system32\ati2edxx.dll 2006-08-03 00:02 26112 --a------ C:\WINDOWS\system32\Ati2mdxx.exe 2006-08-03 00:02 114688 --a------ C:\WINDOWS\system32\atipdlxx.dll 2006-08-03 00:01 401408 --a------ C:\WINDOWS\system32\ati2evxx.exe 2006-08-03 00:00 53248 --a------ C:\WINDOWS\system32\ATIDDC.DLL 2006-08-02 23:55 2373088 --a------ C:\WINDOWS\system32\ati3duag.dll 2006-08-02 23:51 2354720 --a------ C:\WINDOWS\system32\ativvaxx.dll 2006-08-02 23:49 6684672 --a------ C:\WINDOWS\system32\atioglx1.dll 2006-08-02 23:45 5136384 --a------ C:\WINDOWS\system32\atioglxx.dll 2006-08-02 23:41 208896 --a------ C:\WINDOWS\system32\atikvmag.dll 2006-08-02 23:40 303104 --a------ C:\WINDOWS\system32\ATIDEMGR.dll 2006-08-02 23:40 17408 --a------ C:\WINDOWS\system32\atitvo32.dll 2006-08-02 23:35 286720 --a------ C:\WINDOWS\system32\ati2cqag.dll 2006-07-29 19:32 48936 --a------ C:\WINDOWS\system32\sirenacm.dll 2006-07-27 15:26 679424 --a------ C:\WINDOWS\system32\inetcomm.dll 2006-07-24 20:04 -------- d-------- C:\Program Files\World of Warcraft 2006-07-24 19:56 125264 --a------ C:\Documents and Settings\HR\Application Data\Cosmos Prefs 2006-07-21 10:29 72704 --a------ C:\WINDOWS\system32\hlink.dll 2006-07-17 21:25 -------- d-------- C:\Program Files\Microsoft Games 2006-06-30 00:13 53248 --a------ C:\WINDOWS\system32\KemXML.dll 2006-06-30 00:13 155648 --a------ C:\WINDOWS\system32\kemutb.dll 2006-06-30 00:13 110592 --a------ C:\WINDOWS\system32\KemWnd.dll 2006-06-30 00:12 126976 --a------ C:\WINDOWS\system32\KemUtil.dll 2006-06-29 08:05 26112 --------- C:\WINDOWS\system32\idndl.dll 2006-06-29 08:05 23552 --------- C:\WINDOWS\system32\normaliz.dll 2006-06-28 17:59 24576 --------- C:\WINDOWS\system32\nlsdl.dll 2006-06-22 07:17 69120 --a------ C:\WINDOWS\system32\ciodm.dll 2006-06-22 07:17 1440768 --a------ C:\WINDOWS\system32\query.dll (((((((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))) *Note* empty entries are not shown [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "STYLEXP"="\"C:\\Program Files\\TGTSoft\\StyleXP\\StyleXP.exe\" -Hide" "IE New Window Maximizer"="\"C:\\Program Files\\IE New Window Maximizer\\iemaximizer.exe\"" "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="\"C:\\Program Files\\Common Files\\Ahead\\lib\\NMBgMonitor.exe\"" "msnmsgr"="\"C:\\Program Files\\MSN Messenger\\msnmsgr.exe\" /background" "IncrediMail"="\"C:\\Program Files\\IncrediMail\\bin\\IncMail.exe\" /c" "ctfmon.exe"="C:\\WINDOWS\\system32\\ctfmon.exe" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\AutorunsDisabled] "MSMSGS"="\"C:\\Program Files\\Messenger\\msmsgs.exe\" /background" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Zone Labs Client"="\"C:\\Program Files\\Zone Labs\\ZoneAlarm\\zlclient.exe\"" "WinampAgent"="\"C:\\Program Files\\Winamp\\winampa.exe\"" "TomTomHOME.exe"="\"C:\\Program Files\\TomTom HOME\\TomTomHOME.exe\" -s" "SpySweeper"="\"C:\\Program Files\\Webroot\\Spy Sweeper\\SpySweeperUI.exe\" /startintray" "Ptipbmf"="\"rundll32.exe\" ptipbmf.dll,SetWriteCacheMode" "nod32kui"="\"C:\\Program Files\\Eset\\nod32kui.exe\" /WAITSERVICE" "Logitech Hardware Abstraction Layer"="KHALMNPR.EXE" "HPDJ Taskbar Utility"="C:\\WINDOWS\\system32\\spool\\drivers\\w32x86\\3\\hpztsb08.exe" "CTSysVol"="\"C:\\Program Files\\Creative\\SBAudigy2\\Surround Mixer\\CTSysVol.exe\"" "CTHelper"="CTHELPER.EXE" "BluetoothAuthenticationAgent"="\"rundll32.exe\" bthprops.cpl,,BluetoothAuthenticationAgent" "ATICCC"="\"C:\\Program Files\\ATI Technologies\\ATI.ACE\\CLIStart.exe\"" "QuickTime Task"="\"C:\\Program Files\\QuickTime\\qttask.exe\" -atboottime" "Ad Muncher"="\"C:\\Program Files\\Ad Muncher\\AdMunch.exe\" /bt" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\AutorunsDisabled] "HP Software Update"="C:\\Program Files\\Hewlett-Packard\\HP Software Update\\HPWuSchd.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\IMAIL] "Installed"="1" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\MAPI] "NoChange"="1" "Installed"="1" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\MSFS] "Installed"="1" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Runonce] "c_usdir"="cmd /C \"rmdir /Q C:\\WINDOWS\\system32\\Macromed\\Download\"" "b_usexe"="cmd /C \"del C:\\WINDOWS\\system32\\Macromed\\Download\\Download.exe\"" "a_usdll"="cmd /C \"del C:\\WINDOWS\\system32\\Macromed\\Download\\Download.dll\"" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Desktop\Components] "DeskHtmlVersion"=dword:00000110 "DeskHtmlMinorVersion"=dword:00000005 "Settings"=dword:00000001 "GeneralFlags"=dword:00000000 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Desktop\Components\0] "Source"="About:Home" "SubscribedURL"="About:Home" "FriendlyName"="Mijn huidige introductiepagina" "Flags"=dword:00000002 "Position"=hex:2c,00,00,00,00,01,00,00,00,00,00,00,00,04,00,00,00,04,00,00,00,\ 00,00,00,01,00,00,00,01,00,00,00,01,00,00,00,00,00,00,00,00,00,00,00 "CurrentState"=dword:40000004 "OriginalStateInfo"=hex:18,00,00,00,00,01,00,00,00,00,00,00,00,04,00,00,00,04,\ 00,00,04,00,00,40 "RestoredStateInfo"=hex:18,00,00,00,00,01,00,00,00,00,00,00,00,04,00,00,00,04,\ 00,00,01,00,00,00 [HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\\WINDOWS\\System32\\CTFMON.EXE" [HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\\WINDOWS\\System32\\CTFMON.EXE" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\shellexecutehooks] "{AEB6717E-7E19-11d0-97EE-00C04FD91972}"="" "{81559C35-8464-49F7-BB0E-07A383BEF910}"="SpywareGuard" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer] "NoDriveTypeAutoRun"=dword:00000091 "NoLogoff"=dword:00000000 "ClearRecentDocsOnExit"=hex:01,00,00,00 "NoUserNameInStartMenu"=hex:01,00,00,00 "NoBandCustomize"=dword:00000000 "NoMovingBands"=dword:00000000 "NoCloseDragDropBands"=dword:00000000 "NoSetTaskbar"=dword:00000000 "NoToolbarsOnTaskbar"=dword:00000000 "NoSaveSettings"=dword:00000000 "NoActiveDesktop"=dword:00000000 "ClassicShell"=dword:00000000 "NoTrayItemsDisplay"=dword:00000000 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer\Run] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] "dontdisplaylastusername"=dword:00000000 "legalnoticecaption"="" "legalnoticetext"="" "shutdownwithoutlogon"=dword:00000001 "undockwithoutlogon"=dword:00000001 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer] "NoFileAssociate"=dword:00000000 "LinkResolveIgnoreLinkInfo"=dword:00000000 "NoResolveSearch"=dword:00000001 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer\run] [HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer] "NoDriveTypeAutoRun"=dword:00000091 [HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer] "NoDriveTypeAutoRun"=dword:00000091 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] "PostBootReminder"="{7849596a-48ea-486e-8937-a2a3009f31a9}" "CDBurn"="{fbeb8a05-beee-4442-804e-409d6c4515e9}" "WebCheck"="{E6FB5E20-DE35-11CF-9C87-00AA005127ED}" "SysTray"="{35CEC8A3-2BE6-11D2-8773-92E220524153}" "UPnPMonitor"="{e57ce738-33e8-4c51-8354-bb4de9d215d1}" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run-] "MSMSGS"="\"C:\\Program Files\\Messenger\\msmsgs.exe\" /background" "CTFMON.EXE"="C:\\WINDOWS\\system32\\ctfmon.exe" "TuneUp MemOptimizer"="\"C:\\Program Files\\TuneUp Utilities 2006\\MemOptimizer.exe\" autostart" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run-] "TkBellExe"="\"C:\\Program Files\\Common Files\\Real\\Update_OB\\realsched.exe\" -osboot" "UpdReg"="C:\\WINDOWS\\UpdReg.EXE" "ATICCC"="\"C:\\Program Files\\ATI Technologies\\ATI.ACE\\cli.exe\" runtime -Delay" "NeroFilterCheck"="C:\\WINDOWS\\system32\\NeroCheck.exe" "QuickTime Task"="\"C:\\Program Files\\QuickTime\\qttask.exe\" -atboottime" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupreg] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="" "hkey"="HKLM" "command"="" "inimapping"="0" HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders securityproviders REG_SZ msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\minimal\WebrootSpySweeperService Contents of the 'Scheduled Tasks' folder C:\WINDOWS\tasks\1-Click Maintenance.job Completion time: 06-09-16 23:07:20.56 ComboFix.txt Hijackthis 2E Logfile of HijackThis v1.99.1 Scan saved at 23:08, on 06-09-16 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.5700.0006) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe C:\Program Files\Winamp\winampa.exe C:\Program Files\TomTom HOME\TomTomHOME.exe C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe C:\Program Files\Eset\nod32kui.exe C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb08.exe C:\Program Files\Creative\SBAudigy2\Surround Mixer\CTSysVol.exe C:\WINDOWS\system32\CTHELPER.EXE C:\WINDOWS\system32\rundll32.exe C:\Program Files\Ad Muncher\AdMunch.exe C:\Program Files\TGTSoft\StyleXP\StyleXP.exe C:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE C:\Program Files\IE New Window Maximizer\iemaximizer.exe C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe C:\Program Files\MSN Messenger\msnmsgr.exe C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\system32\CTSvcCDA.EXE C:\Program Files\Logitech\SetPoint\SetPoint.exe C:\Program Files\Eset\nod32krn.exe C:\WINDOWS\system32\oodag.exe C:\Program Files\NetMeter\NetMeter.exe C:\WINDOWS\System32\snmp.exe C:\Program Files\3M\PSNLite\PsnLite.exe C:\Program Files\SpywareGuard\sgmain.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\ZoneLabs\vsmon.exe C:\Program Files\Yahoo!\WidgetEngine\YahooWidgetEngine.exe C:\PROGRA~1\3M\PSNLite\PSNGive.exe C:\Program Files\Webshots\WebshotsTray.exe C:\PROGRA~1\INCRED~1\bin\IMApp.exe C:\Program Files\SpywareGuard\sgbhp.exe C:\Program Files\Common Files\Logitech\KhalShared\KHALMNPR.EXE C:\Program Files\Yahoo!\WidgetEngine\YahooWidgetEngine.exe C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe C:\WINDOWS\system32\MsPMSPSv.exe C:\WINDOWS\System32\wbem\wmiapsrv.exe C:\Program Files\Yahoo!\WidgetEngine\YahooWidgetEngine.exe C:\Program Files\Yahoo!\WidgetEngine\YahooWidgetEngine.exe C:\Program Files\Webroot\Spy Sweeper\SSU.EXE C:\Program Files\NU.nl Nieuwslezer\nunwslzr.exe C:\Program Files\ATI Technologies\ATI.ACE\cli.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Documents and Settings\HR\Bureaublad\Nieuwe map\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.nl/0SENLNL/SAOS02 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.startpagina.nl/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=54729 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=55245&clcid={SUB_CLCID} R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen O2 - BHO: SpywareGuard Download Protection - {4A368E80-174F-4872-96B5-0B27DDD11DB2} - C:\Program Files\SpywareGuard\dlprotect.dll O2 - BHO: OpinionBar IE monitor - {6607C683-AE7C-11D4-ACD7-0050DAC291A2} - C:\PROGRA~1\OPINIO~1\MYIEMO~1.DLL O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: CoTGT_BHO Class - {C333CF63-767F-4831-94AC-E683D962C63C} - C:\Program Files\TGTSoft\StyleXP\TGT_BHO.dll O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe" O4 - HKLM\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME\TomTomHOME.exe" -s O4 - HKLM\..\Run: [SpySweeper] "C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe" /startintray O4 - HKLM\..\Run: [Ptipbmf] "rundll32.exe" ptipbmf.dll,SetWriteCacheMode O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb08.exe O4 - HKLM\..\Run: [CTSysVol] "C:\Program Files\Creative\SBAudigy2\Surround Mixer\CTSysVol.exe" O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] "rundll32.exe" bthprops.cpl,,BluetoothAuthenticationAgent O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [Ad Muncher] "C:\Program Files\Ad Muncher\AdMunch.exe" /bt O4 - HKLM\..\RunOnce: [c_usdir] cmd /C "rmdir /Q C:\WINDOWS\system32\Macromed\Download" O4 - HKLM\..\RunOnce: [b_usexe] cmd /C "del C:\WINDOWS\system32\Macromed\Download\Download.exe" O4 - HKLM\..\RunOnce: [a_usdll] cmd /C "del C:\WINDOWS\system32\Macromed\Download\Download.dll" O4 - HKCU\..\Run: [STYLEXP] "C:\Program Files\TGTSoft\StyleXP\StyleXP.exe" -Hide O4 - HKCU\..\Run: [IE New Window Maximizer] "C:\Program Files\IE New Window Maximizer\iemaximizer.exe" O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [IncrediMail] "C:\Program Files\IncrediMail\bin\IncMail.exe" /c O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - Startup: E-mail.lnk = ? O4 - Startup: Webshots.lnk = C:\Program Files\Webshots\WebshotsTray.exe O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe O4 - Global Startup: NetMeter.lnk = C:\Program Files\NetMeter\NetMeter.exe O4 - Global Startup: NU.nl Nieuwslezer.lnk = C:\Program Files\NU.nl Nieuwslezer\nunwslzr.exe O4 - Global Startup: Post-it® Software Notes Lite.lnk = C:\Program Files\3M\PSNLite\PsnLite.exe O4 - Global Startup: SpywareGuard.lnk = C:\Program Files\SpywareGuard\sgmain.exe O4 - Global Startup: Yahoo! Widget Engine (2).lnk = C:\Program Files\Yahoo!\WidgetEngine\YahooWidgetEngine.exe O9 - Extra button: (no name) - AutorunsDisabled - (no file) O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O11 - Options group: [INTERNATIONAL] International* O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} (Creative Software AutoUpdate) - http://www.creative.com/su/ocx/15026/CTSUEng.cab O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://www.creative.com/su/ocx/15026/CTPID.cab O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O20 - Winlogon Notify: WRNotifier - C:\WINDOWS\SYSTEM32\WRLogonNTF.dll O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTSvcCDA.EXE O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - c:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe O23 - Service: O&O Defrag - O&O Software GmbH - C:\WINDOWS\system32\oodag.exe O23 - Service: StyleXPService - Unknown owner - C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe O23 - Service: TuneUp WinStyler Theme Service (TUWinStylerThemeSvc) - TuneUp Software GmbH - C:\Program Files\TuneUp Utilities 2006\WinStylerThemeSvc.exe O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe O23 - Service: Webroot Spy Sweeper Engine (WebrootSpySweeperService) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe dan toch een log, hoop dat je hier iets mee kunt
  • Probeer deze eens aub. Download [url=http://www.atribune.org/ccount/click.php?id=4][b:5759f0a9e8][color=red:5759f0a9e8]VundoFix.exe[/color:5759f0a9e8][/b:5759f0a9e8][/url] naar je bureaublad.[list:5759f0a9e8] [*:5759f0a9e8]Dubbelklik [b:5759f0a9e8]VundoFix.exe[/b:5759f0a9e8] om het te starten. [*:5759f0a9e8]Zet een vinkje naast: [b:5759f0a9e8]Run VundoFix as a task.[/b:5759f0a9e8] [*:5759f0a9e8]Je zal een melding krijgen dat Vundofix zal sluiten en daarna terug openen. Klik [b:5759f0a9e8]OK[/b:5759f0a9e8] [*:5759f0a9e8]Wanneer VundoFix opnieuw opent, klik de [b:5759f0a9e8]Scan for Vundo[/b:5759f0a9e8] knop. [*:5759f0a9e8]Eenmaal gedaan met scannen, klik de [b:5759f0a9e8]Remove Vundo[/b:5759f0a9e8] knop. [*:5759f0a9e8]Je zal een melding krijgen of je de bestanden wilt laten verwijderen, klik [b:5759f0a9e8]YES[/b:5759f0a9e8] [*:5759f0a9e8]Nadat je Yes hebt geklikt, zullen de icoontjes op je bureaublad verdwijnen tijdens het verwijderen van Vundo. [*:5759f0a9e8]Wanneer voltooid zal je de melding krijgen dat het je PC zal afsluiten, klik [b:5759f0a9e8]OK[/b:5759f0a9e8]. [*:5759f0a9e8]Start je pc terug opnieuw op. [*:5759f0a9e8]Post de inhoud van [b:5759f0a9e8]C:\vundofix.txt[/b:5759f0a9e8] en een nieuwe hijackthislog in je volgende post. [/list:u:5759f0a9e8] Note: Het is mogelijk dat vundofix een bestand gevonden heeft dat niet kon verwijderd worden. In dit geval zal VundoFix na het heropstarten van je pc nog eens opstarten. Dan moet je de instructies van hierboven nog eens uitvoeren vanaf: "Click the [b:5759f0a9e8]Scan for Vundo[/b:5759f0a9e8]."
  • Heb vundofix gedownload, versie v1.6.5, moet zeggen ik had 2 knoppen en kon nergens vinkje zetten. heb dus scan for vundo gedaan en heeft niets gevonden, vandaar ook geen log's erbij gedaan. nogmaals had twee knoppen scan en remove.
  • Mag ik nog een nieuw HJT logje van je en vertel gelijk of je problemen al minder zijn.
  • Hier is hij weer, het laden van de pagina's gaat soms goed dan weer zeer traag. Als ik naar de home page van tiscali ga ( www.tiscali.nl ) dan heb ik de site normaal, klik ik daar op diensten/form/internet dan gaat dat weer zeer traag. Als ik naar de home page ga van computertotaal heb ik soms alleen de blauwe achtergrond soms komt hij als ik 2 of 3 keer de page vernieuw wel, soms komt hij ook als ik zeker 20 sec ( ja soms ook langer ) wacht. Dit maar even ter info. hierbij een nieuwe hijack log. Alleen doen als je zin en tijd heb hoor, ik heb er ook geen haast mee. als je er geen zin meer in heb gewoon even zeggen even goede vrienden. Groetjes Hans Logfile of HijackThis v1.99.1 Scan saved at 17:45, on 06-09-18 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.5700.0006) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe C:\Program Files\Winamp\winampa.exe C:\Program Files\TomTom HOME\TomTomHOME.exe C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe C:\Program Files\Eset\nod32kui.exe C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb08.exe C:\Program Files\Creative\SBAudigy2\Surround Mixer\CTSysVol.exe C:\WINDOWS\system32\CTHELPER.EXE C:\WINDOWS\system32\rundll32.exe C:\Program Files\Ad Muncher\AdMunch.exe C:\Program Files\TGTSoft\StyleXP\StyleXP.exe C:\Program Files\IE New Window Maximizer\iemaximizer.exe C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe C:\Program Files\MSN Messenger\msnmsgr.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Logitech\SetPoint\SetPoint.exe C:\Program Files\NetMeter\NetMeter.exe C:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE C:\Program Files\3M\PSNLite\PsnLite.exe C:\Program Files\SpywareGuard\sgmain.exe C:\Program Files\Yahoo!\WidgetEngine\YahooWidgetEngine.exe C:\Program Files\Common Files\Logitech\KhalShared\KHALMNPR.EXE C:\Program Files\Webshots\WebshotsTray.exe C:\PROGRA~1\3M\PSNLite\PSNGive.exe C:\PROGRA~1\INCRED~1\bin\IMApp.exe C:\Program Files\SpywareGuard\sgbhp.exe C:\Program Files\Yahoo!\WidgetEngine\YahooWidgetEngine.exe C:\Program Files\Yahoo!\WidgetEngine\YahooWidgetEngine.exe C:\Program Files\Yahoo!\WidgetEngine\YahooWidgetEngine.exe C:\WINDOWS\system32\CTSvcCDA.EXE C:\Program Files\Eset\nod32krn.exe C:\WINDOWS\system32\oodag.exe C:\WINDOWS\System32\snmp.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\ZoneLabs\vsmon.exe C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe C:\WINDOWS\system32\MsPMSPSv.exe C:\WINDOWS\System32\wbem\wmiapsrv.exe C:\Program Files\Webroot\Spy Sweeper\SSU.EXE C:\Program Files\NU.nl Nieuwslezer\nunwslzr.exe C:\Program Files\ATI Technologies\ATI.ACE\cli.exe C:\Documents and Settings\HR\Bureaublad\Nieuwe map\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.nl/0SENLNL/SAOS02 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.startpagina.nl/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=54729 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=55245&clcid={SUB_CLCID} R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen O2 - BHO: SpywareGuard Download Protection - {4A368E80-174F-4872-96B5-0B27DDD11DB2} - C:\Program Files\SpywareGuard\dlprotect.dll O2 - BHO: OpinionBar IE monitor - {6607C683-AE7C-11D4-ACD7-0050DAC291A2} - C:\PROGRA~1\OPINIO~1\MYIEMO~1.DLL O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: CoTGT_BHO Class - {C333CF63-767F-4831-94AC-E683D962C63C} - C:\Program Files\TGTSoft\StyleXP\TGT_BHO.dll O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe" O4 - HKLM\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME\TomTomHOME.exe" -s O4 - HKLM\..\Run: [SpySweeper] "C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe" /startintray O4 - HKLM\..\Run: [Ptipbmf] "rundll32.exe" ptipbmf.dll,SetWriteCacheMode O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb08.exe O4 - HKLM\..\Run: [CTSysVol] "C:\Program Files\Creative\SBAudigy2\Surround Mixer\CTSysVol.exe" O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] "rundll32.exe" bthprops.cpl,,BluetoothAuthenticationAgent O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [Ad Muncher] "C:\Program Files\Ad Muncher\AdMunch.exe" /bt O4 - HKLM\..\RunOnce: [c_usdir] cmd /C "rmdir /Q C:\WINDOWS\system32\Macromed\Download" O4 - HKLM\..\RunOnce: [b_usexe] cmd /C "del C:\WINDOWS\system32\Macromed\Download\Download.exe" O4 - HKLM\..\RunOnce: [a_usdll] cmd /C "del C:\WINDOWS\system32\Macromed\Download\Download.dll" O4 - HKCU\..\Run: [STYLEXP] "C:\Program Files\TGTSoft\StyleXP\StyleXP.exe" -Hide O4 - HKCU\..\Run: [IE New Window Maximizer] "C:\Program Files\IE New Window Maximizer\iemaximizer.exe" O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [IncrediMail] "C:\Program Files\IncrediMail\bin\IncMail.exe" /c O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - Startup: E-mail.lnk = ? O4 - Startup: Webshots.lnk = C:\Program Files\Webshots\WebshotsTray.exe O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe O4 - Global Startup: NetMeter.lnk = C:\Program Files\NetMeter\NetMeter.exe O4 - Global Startup: NU.nl Nieuwslezer.lnk = C:\Program Files\NU.nl Nieuwslezer\nunwslzr.exe O4 - Global Startup: Post-it® Software Notes Lite.lnk = C:\Program Files\3M\PSNLite\PsnLite.exe O4 - Global Startup: SpywareGuard.lnk = C:\Program Files\SpywareGuard\sgmain.exe O4 - Global Startup: Yahoo! Widget Engine (2).lnk = C:\Program Files\Yahoo!\WidgetEngine\YahooWidgetEngine.exe O9 - Extra button: (no name) - AutorunsDisabled - (no file) O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O11 - Options group: [INTERNATIONAL] International* O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} (Creative Software AutoUpdate) - http://www.creative.com/su/ocx/15026/CTSUEng.cab O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://www.creative.com/su/ocx/15026/CTPID.cab O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O20 - Winlogon Notify: WRNotifier - C:\WINDOWS\SYSTEM32\WRLogonNTF.dll O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTSvcCDA.EXE O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - c:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe O23 - Service: O&O Defrag - O&O Software GmbH - C:\WINDOWS\system32\oodag.exe O23 - Service: StyleXPService - Unknown owner - C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe O23 - Service: TuneUp WinStyler Theme Service (TUWinStylerThemeSvc) - TuneUp Software GmbH - C:\Program Files\TuneUp Utilities 2006\WinStylerThemeSvc.exe O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe O23 - Service: Webroot Spy Sweeper Engine (WebrootSpySweeperService) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
  • Nee hoor wat ik begin maak ik af , ik heb geduld zat. Ik ga zo snel als kan even kijken voor je. hoop info dus kan even duren.
  • Hallo weer, -Zorg dat de verborgen bestanden en systeembestanden worden weergegeven. (klik hier ( http://users.telenet.be/marcvn/spyware/1117602.htm ) voor hulp) Start HJT opnieuw en doe een systemscan only vink onderstaande regels aan sluit alle vensters behalve die van HJT en klik op fix checked. [b:b8a56a50af]O2 - BHO: OpinionBar IE monitor - {6607C683-AE7C-11D4-ACD7-0050DAC291A2} - C:\PROGRA~1\OPINIO~1\MYIEMO~1.DLL O4 - HKLM\..\RunOnce: [c_usdir] cmd /C "rmdir /Q C:\WINDOWS\system32\Macromed\Download" O4 - HKLM\..\RunOnce: [b_usexe] cmd /C "del C:\WINDOWS\system32\Macromed\Download\Download.exe"[/b:b8a56a50af] Download [url=http://www.atribune.org/ccount/click.php?id=1][b:b8a56a50af]ATF cleaner[/b:b8a56a50af][/url] (by Atribune) Dubbelklik op ATF cleaner om het programma te starten. Op het tabblad "Main", plaats je een vinkje bij [b:b8a56a50af]Select All[/b:b8a56a50af]. Klik op de knop [b:b8a56a50af]Empty Selected[/b:b8a56a50af]. Gebruik je ook Firefox als browser: Klik op tabblad "Firefox", plaats een vinkje bij [b:b8a56a50af]Select All[/b:b8a56a50af]. Wil je de door Firefox opgeslagen wachtwoorden behouden, dan klik je in het venster dat verschijnt op "No". (dit verwijdert het vinkje bij "Firefox saved passwords") Klik op de knop [b:b8a56a50af]Empty Selected[/b:b8a56a50af]. Gebruik je ook Opera als browser: Klik op tabblad "Opera", plaats een vinkje bij [b:b8a56a50af]Select All[/b:b8a56a50af]. Wil je de door Opera opgeslagen wachtwoorden behouden, dan klik je in het venster dat verschijnt op "No". Klik op de knop [b:b8a56a50af]Empty Selected[/b:b8a56a50af]. Ga naar het tabblad "Main" en klik op de knop [b:b8a56a50af]Exit[/b:b8a56a50af] om het programma af te sluiten. Start opnieuw op en plaats een nieuw logje aub. Juisterr
  • opinionbar heb ik toch nog even laten staan, dit omdat mijn vrouw dit nodig heeft. Wel heb ik zoiets van als we alles hebben gehad en het probleem blijft bestaan doe ik dit als nog. Atf cleaner had ik al, heb hem wel nu net even gedraait en hierbij de nieuwe hij log.
  • [quote:818f3c6bb7="Hans1"]opinionbar heb ik toch nog even laten staan, dit omdat mijn vrouw dit nodig heeft. Wel heb ik zoiets van als we alles hebben gehad en het probleem blijft bestaan doe ik dit als nog. Atf cleaner had ik al, heb hem wel nu net even gedraait en hierbij de nieuwe hij log.[/quote:818f3c6bb7] tja :-? http://www.softwaretipsandtricks.com/browser_helper_objects/366-Myiemonitordll.html
  • Ik heb het gelezen, misschien vannavond nog, anders morgen gaat hij eraf. Daarna zal ik nog even hij.logje neer zetten. alvast bedankt voor je tijd en inspanning tot nu toe. GR.Hans
  • Hallo, ietsje later maar hij is er af hierbij het logje Groetjes Hans p.s.het lijkt al beter te gaan moet het wel even in de gaten houden, dit omdat het soms goed gaat en dan weer niet. Logfile of HijackThis v1.99.1 Scan saved at 23:50, on 06-09-21 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.5700.0006) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe C:\Program Files\Winamp\winampa.exe C:\Program Files\TomTom HOME\TomTomHOME.exe C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe C:\Program Files\Eset\nod32kui.exe C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb08.exe C:\Program Files\Creative\SBAudigy2\Surround Mixer\CTSysVol.exe C:\WINDOWS\system32\CTHELPER.EXE C:\WINDOWS\system32\rundll32.exe C:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE C:\WINDOWS\system32\CTSvcCDA.EXE C:\Program Files\TGTSoft\StyleXP\StyleXP.exe C:\Program Files\IE New Window Maximizer\iemaximizer.exe C:\Program Files\Eset\nod32krn.exe C:\WINDOWS\system32\oodag.exe C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe C:\Program Files\MSN Messenger\msnmsgr.exe C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\System32\snmp.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Logitech\SetPoint\SetPoint.exe C:\Program Files\NetMeter\NetMeter.exe C:\PROGRA~1\INCRED~1\bin\IMApp.exe C:\Program Files\Common Files\Logitech\KhalShared\KHALMNPR.EXE C:\WINDOWS\system32\ZoneLabs\vsmon.exe C:\Program Files\3M\PSNLite\PsnLite.exe C:\Program Files\SpywareGuard\sgmain.exe C:\Program Files\Yahoo!\WidgetEngine\YahooWidgetEngine.exe C:\PROGRA~1\3M\PSNLite\PSNGive.exe C:\Program Files\Webshots\WebshotsTray.exe C:\Program Files\SpywareGuard\sgbhp.exe C:\Program Files\Yahoo!\WidgetEngine\YahooWidgetEngine.exe C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe C:\Program Files\Yahoo!\WidgetEngine\YahooWidgetEngine.exe C:\Program Files\Yahoo!\WidgetEngine\YahooWidgetEngine.exe C:\WINDOWS\system32\MsPMSPSv.exe C:\WINDOWS\System32\wbem\wmiapsrv.exe C:\Program Files\Webroot\Spy Sweeper\SSU.EXE C:\Program Files\NU.nl Nieuwslezer\nunwslzr.exe C:\Program Files\ATI Technologies\ATI.ACE\cli.exe C:\WINDOWS\system32\wuauclt.exe C:\Documents and Settings\HR\Bureaublad\Nieuwe map\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.nl/0SENLNL/SAOS02 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.startpagina.nl/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=54729 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=55245&clcid={SUB_CLCID} R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen O2 - BHO: SpywareGuard Download Protection - {4A368E80-174F-4872-96B5-0B27DDD11DB2} - C:\Program Files\SpywareGuard\dlprotect.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: CoTGT_BHO Class - {C333CF63-767F-4831-94AC-E683D962C63C} - C:\Program Files\TGTSoft\StyleXP\TGT_BHO.dll O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe" O4 - HKLM\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME\TomTomHOME.exe" -s O4 - HKLM\..\Run: [SpySweeper] "C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe" /startintray O4 - HKLM\..\Run: [Ptipbmf] "rundll32.exe" ptipbmf.dll,SetWriteCacheMode O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb08.exe O4 - HKLM\..\Run: [CTSysVol] "C:\Program Files\Creative\SBAudigy2\Surround Mixer\CTSysVol.exe" O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] "rundll32.exe" bthprops.cpl,,BluetoothAuthenticationAgent O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [Ad Muncher] "C:\Program Files\Ad Muncher\AdMunch.exe" /bt O4 - HKLM\..\RunOnce: [c_usdir] cmd /C "rmdir /Q C:\WINDOWS\system32\Macromed\Download" O4 - HKLM\..\RunOnce: [b_usexe] cmd /C "del C:\WINDOWS\system32\Macromed\Download\Download.exe" O4 - HKLM\..\RunOnce: [a_usdll] cmd /C "del C:\WINDOWS\system32\Macromed\Download\Download.dll" O4 - HKCU\..\Run: [STYLEXP] "C:\Program Files\TGTSoft\StyleXP\StyleXP.exe" -Hide O4 - HKCU\..\Run: [IE New Window Maximizer] "C:\Program Files\IE New Window Maximizer\iemaximizer.exe" O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [IncrediMail] "C:\Program Files\IncrediMail\bin\IncMail.exe" /c O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - Startup: E-mail.lnk = ? O4 - Startup: Webshots.lnk = C:\Program Files\Webshots\WebshotsTray.exe O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe O4 - Global Startup: NetMeter.lnk = C:\Program Files\NetMeter\NetMeter.exe O4 - Global Startup: NU.nl Nieuwslezer.lnk = C:\Program Files\NU.nl Nieuwslezer\nunwslzr.exe O4 - Global Startup: Post-it® Software Notes Lite.lnk = C:\Program Files\3M\PSNLite\PsnLite.exe O4 - Global Startup: SpywareGuard.lnk = C:\Program Files\SpywareGuard\sgmain.exe O4 - Global Startup: Yahoo! Widget Engine (2).lnk = C:\Program Files\Yahoo!\WidgetEngine\YahooWidgetEngine.exe O9 - Extra button: (no name) - AutorunsDisabled - (no file) O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O11 - Options group: [INTERNATIONAL] International* O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} (Creative Software AutoUpdate) - http://www.creative.com/su/ocx/15026/CTSUEng.cab O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://www.creative.com/su/ocx/15026/CTPID.cab O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O20 - Winlogon Notify: WRNotifier - C:\WINDOWS\SYSTEM32\WRLogonNTF.dll O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTSvcCDA.EXE O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - c:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe O23 - Service: O&O Defrag - O&O Software GmbH - C:\WINDOWS\system32\oodag.exe O23 - Service: StyleXPService - Unknown owner - C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe O23 - Service: TuneUp WinStyler Theme Service (TUWinStylerThemeSvc) - TuneUp Software GmbH - C:\Program Files\TuneUp Utilities 2006\WinStylerThemeSvc.exe O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe O23 - Service: Webroot Spy Sweeper Engine (WebrootSpySweeperService) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
  • Echt ernstige dingen zie ik niet meer Hans. Misschien zou je het geheugen een beetje moeten verhogen, dat scheelt vaak een hoop. Als je bv een geheugenbankje van 512 hebt kan je er een extra bij doen.
  • Nogmaals bedankt, we laten het zo het werkt nog steeds. Het geheugen laat ik maar zitten, dat is al 2 GB en wel meer dan genoeg :wink: groetjes Hans.

Beantwoord deze vraag

Weet jij het antwoord op deze vraag? Registreer of meld je aan met je account

Dit is een gearchiveerde pagina. Antwoorden is niet meer mogelijk.