Vraag & Antwoord

Beveiliging & privacy

Hijack this log - pc doet raar

16 antwoorden
  • Beste allemaal, Ik heb op een link geklikt :oops: waarna er allemaal rare dingen gebeurde met mijn PC. Bij het opstarten wordt de windows firewall uitgeschakeld, de bitdefender antivirus software uitgeschakeld en de internetconnectie moet ik iedere keer manueel activeren dmv "repair network". Zou iemand mijn hijack log kunnen bekijken om te zien of daar iets tussen staat dat al deze miserie veroorzaakt. Bedankt voor jullie hulp! Logfile of HijackThis v1.99.1 Scan saved at 19:12:35, on 6-11-2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\SYSTEM32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\System32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Windows Defender\MsMpEng.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Sygate\SPF\smc.exe C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\SYSTEM32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe C:\Program Files\Picasa2\PicasaMediaDetector.exe C:\Program Files\Microsoft Hardware\Keyboard\type32.exe C:\Program Files\JawsSystems\Jaws PDF Creator\PDFClient.exe C:\Program Files\ScanSoft\OmniPagePro12.0\Opware12.exe C:\Program Files\Common Files\Symantec Shared\ccApp.exe C:\Program Files\Norton Ghost\Agent\GhostTray.exe C:\PROGRA~1\softwin\BITDEF~1\bdmcon.exe C:\PROGRA~1\softwin\BITDEF~1\bdnagent.exe C:\progra~1\softwin\bitdef~1\bdswitch.exe C:\WINDOWS\Mixer.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe C:\Program Files\Windows Defender\MSASCui.exe C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE C:\Program Files\Executive Software\Diskeeper\DkService.exe C:\WINDOWS\System32\GEARSec.exe C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE C:\Program Files\Norton Ghost\Agent\VProSvc.exe C:\Program Files\OO Software\CleverCache\ooccag.exe C:\WINDOWS\system32\PDFCreatorMessages.exe C:\WINDOWS\System32\tcpsvcs.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe C:\Program Files\Common Files\Softwin\BitDefender Communicator\xcommsvr.exe C:\WINDOWS\system32\fxssvc.exe C:\Program Files\Common Files\Softwin\BitDefender Update Service\livesrv.exe C:\Program Files\Common Files\Softwin\BitDefender Scan Server\bdss.exe C:\Program Files\Softwin\BitDefender9\vsserv.exe C:\WINDOWS\system32\wuauclt.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Internet Explorer\iexplore.exe C:\PROGRA~1\MICROS~2\OFFICE11\OUTLOOK.EXE C:\Documents and Settings\Jan Billekens\Desktop\hijackthis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.be/ R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Surfing on internet together with Jan R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O4 - HKLM\..\Run: [OpwareSE2] "C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe" O4 - HKLM\..\Run: [SmcService] C:\PROGRA~1\Sygate\SPF\smc.exe -startgui O4 - HKLM\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe O4 - HKLM\..\Run: [IntelliType] "C:\Program Files\Microsoft Hardware\Keyboard\type32.exe" O4 - HKLM\..\Run: [PDFCreatorClient] C:\Program Files\JawsSystems\Jaws PDF Creator\PDFClient.exe O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [Opware12] "C:\Program Files\ScanSoft\OmniPagePro12.0\Opware12.exe" O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [Norton Ghost 10.0] "C:\Program Files\Norton Ghost\Agent\GhostTray.exe" O4 - HKLM\..\Run: [BDMCon] c:\PROGRA~1\softwin\BITDEF~1\bdmcon.exe O4 - HKLM\..\Run: [BDNewsAgent] "C:\PROGRA~1\softwin\BITDEF~1\bdnagent.exe" O4 - HKLM\..\Run: [BDSwitchAgent] "c:\progra~1\softwin\bitdef~1\bdswitch.exe" O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup O4 - HKLM\..\Run: [PaperPort PTD] C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe O4 - HKLM\..\Run: [IndexSearch] C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide O4 - HKLM\..\Run: [ooccctrl.exe] C:\Program Files\OO Software\CleverCache\ooccctrl.exe /tasktray O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - HKCU\..\Run: [ccleaner] "C:\Program Files\CCleaner\ccleaner.exe" /AUTO O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE" O4 - HKCU\..\Run: [OM_Monitor] C:\Program Files\OLYMPUS\OLYMPUS Master\Monitor.exe -NoStart O4 - Global Startup: Adobe Reader Snelle start.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: Toevoegen aan Mobiele favorieten - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll O9 - Extra 'Tools' menuitem: Toevoegen aan Mobiele favorieten... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.5) - http://eu-housecall.trendmicro-europe.com/housecall/applet/html/native/x86/win32/activex/hcImpl.cab O16 - DPF: {238F6F83-B8B4-11CF-8771-00A024541EE3} (Citrix ICA Client) - https://secure.securex.be/Citrix/ICAWEB/en/ica32/wficac.cab O16 - DPF: {31B7EB4E-8B4B-11D1-A789-00A0CC6651A8} - O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} - http://download.mcafee.com/molbin/shared/mcinsctl/4,0,0,101/mcinsctl.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - O16 - DPF: {6E5A37BF-FD42-463A-877C-4EB7002E68AE} - O16 - DPF: {B1953AD6-C50E-11D3-B020-00A0C9251384} (O2C-Player (ELECO Software GmbH)) - O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} - http://download.mcafee.com/molbin/shared/mcgdmgr/1,0,0,26/mcgdmgr.cab O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing) O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\System32\Ati2evxx.exe O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Common Files\Softwin\BitDefender Scan Server\bdss.exe" /service (file missing) O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe O23 - Service: Diskeeper - Executive Software International, Inc. - C:\Program Files\Executive Software\Diskeeper\DkService.exe O23 - Service: GEARSecurity - GEAR Software - C:\WINDOWS\System32\GEARSec.exe O23 - Service: BitDefender Desktop Update Service (LIVESRV) - Unknown owner - C:\Program Files\Common Files\Softwin\BitDefender Update Service\livesrv.exe" /service (file missing) O23 - Service: Norton Ghost - Symantec Corporation - C:\Program Files\Norton Ghost\Agent\VProSvc.exe O23 - Service: O&O CleverCache Agent (OOCleverCacheAgent) - O&O Software GmbH - C:\Program Files\OO Software\CleverCache\ooccag.exe O23 - Service: PDFCreatorMessages - Global Graphics Software Ltd - C:\WINDOWS\system32\PDFCreatorMessages.exe O23 - Service: Sygate Personal Firewall Pro (SmcService) - Sygate Technologies, Inc. - C:\Program Files\Sygate\SPF\smc.exe O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\PROGRA~1\COMMON~1\SONYSH~1\AVLib\Sptisrv.exe O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe O23 - Service: BitDefender Virus Shield (VSSERV) - Unknown owner - C:\Program Files\Softwin\BitDefender9\vsserv.exe" /service (file missing) O23 - Service: BitDefender Communicator (XCOMM) - Unknown owner - C:\Program Files\Common Files\Softwin\BitDefender Communicator\xcommsvr.exe" /service (file missing)
  • Start de fix via deze link [url=http://forum.computertotaal.nl/phpBB2/viewtopic.php?t=167155]klik hierop deze link kan je vertrouwen, absoluut veilig, installeert alleen maar rommel meer niet[/url] Start HJT opnieuw en doe een systemscan only vink onderstaande regels aan sluit alle vensters behalve hjt en klik op fix checked. [b:0f6d564f4f]O16 - DPF: {6E5A37BF-FD42-463A-877C-4EB7002E68AE} – O16 - DPF: {B1953AD6-C50E-11D3-B020-00A0C9251384} (O2C-Player (ELECO Software GmbH)) –[/b:0f6d564f4f] Nu zonder gekheid. Download en installeer [url=http://www.ewido.net/en/download/][b:0f6d564f4f]AVG Anti-Spyware[/b:0f6d564f4f][/url].[list:0f6d564f4f] Na de installatie, open AVG Anti-Spyware: * onder "[b:0f6d564f4f]Status[/b:0f6d564f4f]", klik op [b:0f6d564f4f]Change state[/b:0f6d564f4f] naast "Resident shield". (wijzig van active naar [b:0f6d564f4f]inactive[/b:0f6d564f4f]!) * onder "[b:0f6d564f4f]Update[/b:0f6d564f4f]", klik op de [b:0f6d564f4f]Start update[/b:0f6d564f4f] knop. * onder "[b:0f6d564f4f]Scanner[/b:0f6d564f4f]", tab "Settings":[list:0f6d564f4f]- onder "How to act?", klik op "[u:0f6d564f4f]Recommended actions[/u:0f6d564f4f]" en selecteer [b:0f6d564f4f]Quarantine[/b:0f6d564f4f]. ([b:0f6d564f4f]ZEER BELANGRIJK![/b:0f6d564f4f]) * onder "Reports", selecteer [b:0f6d564f4f]Automatically generate report after every scan[/b:0f6d564f4f] en [u:0f6d564f4f]verwijder[/u:0f6d564f4f] het vinkje bij [b:0f6d564f4f]Only if threats were found[/b:0f6d564f4f][/list:u:0f6d564f4f] Sluit AVG Anti-Spyware. Laat het [b:0f6d564f4f]nog niet[/b:0f6d564f4f] scannen.[/list:u:0f6d564f4f] Start op in [url=http://www.hijackthis.nl/veiligemodus.html]veilige modus[/url] Start [b:0f6d564f4f]AVG Anti-Spyware[/b:0f6d564f4f].[list:0f6d564f4f]* Klik op [b:0f6d564f4f]Scan[/b:0f6d564f4f] en kies [b:0f6d564f4f]Complete System Scan[/b:0f6d564f4f]. Na de scan; volg onderstaande instructies : [color=blue:0f6d564f4f]BELANGRIJK : Klik niet op de "Save Scan Report" knop vooraleer je de "Apply all Actions" knop hebt aangeklikt ![/color:0f6d564f4f] * Draag er zorg voor dat [b:0f6d564f4f]Set all elements to[/b:0f6d564f4f]: op [b:0f6d564f4f]Quarantine[/b:0f6d564f4f] staat [color=blue:0f6d564f4f](1)[/color:0f6d564f4f], zoniet klik op de link en kies [b:0f6d564f4f]Quarantine[/b:0f6d564f4f] in de popup menu.[color=blue:0f6d564f4f] (2)[/color:0f6d564f4f] (Dit geldt niet voor cookies, deze worden onveranderlijk gedelete !) * Onderaan het venster klik op de [b:0f6d564f4f]Apply all Actions[/b:0f6d564f4f] knop. [color=blue:0f6d564f4f](3)[/color:0f6d564f4f] [img:0f6d564f4f]http://home.scarlet.be/~topalex/ewidoscan.jpg[/img:0f6d564f4f] * Wanneer je de melding krijgt 'All actions have been applied', klik je onderaan op de knop [b:0f6d564f4f]Save Report[/b:0f6d564f4f]. * Klik in het menu bovenaan op [b:0f6d564f4f]Reports[/b:0f6d564f4f]. Kopieer het rapport van de scan en plaats dat hier in je volgende bericht.[/list:u:0f6d564f4f] Succes
  • Beste JuisterrBedankt voor je antwoord. Ik heb gedaan wat je zei, en hieronder vind je het log: --------------------------------------------------------- AVG Anti-Spyware - Scan Report --------------------------------------------------------- + Created at: 21:37:50 6-11-2006 + Scan result: C:\Documents and Settings\Jan Billekens\Cookies\jan billekens@heavycom.122.2o7[1].txt -> TrackingCookie.2o7 : Cleaned. C:\Documents and Settings\Jan Billekens\Cookies\jan billekens@adbrite[2].txt -> TrackingCookie.Adbrite : Cleaned. C:\Documents and Settings\Jan Billekens\Cookies\jan billekens@stat.onestat[2].txt -> TrackingCookie.Onestat : Cleaned. C:\Documents and Settings\Jan Billekens\Cookies\jan billekens@yadro[2].txt -> TrackingCookie.Yadro : Cleaned. ::Report end
  • Niet op de link geklikt? :D :wink: Mag ik ook nog een nieuw HJT logje van je ter controle. :roll:
  • Beste Juisterr Hier is het log: Logfile of HijackThis v1.99.1 Scan saved at 22:05:50, on 6-11-2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\SYSTEM32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\System32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Windows Defender\MsMpEng.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Sygate\SPF\smc.exe C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\SYSTEM32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe C:\Program Files\Picasa2\PicasaMediaDetector.exe C:\Program Files\Microsoft Hardware\Keyboard\type32.exe C:\Program Files\JawsSystems\Jaws PDF Creator\PDFClient.exe C:\Program Files\ScanSoft\OmniPagePro12.0\Opware12.exe C:\Program Files\Common Files\Symantec Shared\ccApp.exe C:\Program Files\Norton Ghost\Agent\GhostTray.exe C:\PROGRA~1\softwin\BITDEF~1\bdnagent.exe C:\PROGRA~1\softwin\BITDEF~1\bdswitch.exe C:\WINDOWS\Mixer.exe C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe C:\Program Files\Windows Defender\MSASCui.exe C:\Program Files\OO Software\CleverCache\ooccctrl.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe C:\Program Files\Executive Software\Diskeeper\DkService.exe C:\WINDOWS\System32\GEARSec.exe C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE C:\Program Files\Norton Ghost\Agent\VProSvc.exe C:\Program Files\OO Software\CleverCache\ooccag.exe C:\WINDOWS\system32\PDFCreatorMessages.exe C:\WINDOWS\System32\tcpsvcs.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe C:\Program Files\Common Files\Softwin\BitDefender Communicator\xcommsvr.exe C:\WINDOWS\system32\fxssvc.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Shareaza\Shareaza.exe C:\Program Files\Internet Explorer\iexplore.exe C:\PROGRA~1\MICROS~2\OFFICE11\OUTLOOK.EXE C:\Program Files\Common Files\Softwin\BitDefender Update Service\livesrv.exe C:\Program Files\Common Files\Softwin\BitDefender Scan Server\bdss.exe C:\Program Files\Softwin\BitDefender9\vsserv.exe c:\progra~1\softwin\bitdef~1\bdmcon.exe c:\progra~1\softwin\bitdef~1\bdlite.exe C:\Documents and Settings\Jan Billekens\Desktop\hijackthis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.be/ R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Surfing on internet together with Jan R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O4 - HKLM\..\Run: [OpwareSE2] "C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe" O4 - HKLM\..\Run: [SmcService] C:\PROGRA~1\Sygate\SPF\smc.exe -startgui O4 - HKLM\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe O4 - HKLM\..\Run: [IntelliType] "C:\Program Files\Microsoft Hardware\Keyboard\type32.exe" O4 - HKLM\..\Run: [PDFCreatorClient] C:\Program Files\JawsSystems\Jaws PDF Creator\PDFClient.exe O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [Opware12] "C:\Program Files\ScanSoft\OmniPagePro12.0\Opware12.exe" O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [Norton Ghost 10.0] "C:\Program Files\Norton Ghost\Agent\GhostTray.exe" O4 - HKLM\..\Run: [BDMCon] c:\PROGRA~1\softwin\BITDEF~1\bdmcon.exe O4 - HKLM\..\Run: [BDNewsAgent] "c:\progra~1\softwin\bitdef~1\bdnagent.exe" O4 - HKLM\..\Run: [BDSwitchAgent] "c:\progra~1\softwin\bitdef~1\bdswitch.exe" O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup O4 - HKLM\..\Run: [PaperPort PTD] C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe O4 - HKLM\..\Run: [IndexSearch] C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide O4 - HKLM\..\Run: [ooccctrl.exe] C:\Program Files\OO Software\CleverCache\ooccctrl.exe /tasktray O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - HKCU\..\Run: [ccleaner] "C:\Program Files\CCleaner\ccleaner.exe" /AUTO O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE" O4 - HKCU\..\Run: [OM_Monitor] C:\Program Files\OLYMPUS\OLYMPUS Master\Monitor.exe -NoStart O4 - Global Startup: Adobe Reader Snelle start.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: Toevoegen aan Mobiele favorieten - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll O9 - Extra 'Tools' menuitem: Toevoegen aan Mobiele favorieten... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.5) - http://eu-housecall.trendmicro-europe.com/housecall/applet/html/native/x86/win32/activex/hcImpl.cab O16 - DPF: {238F6F83-B8B4-11CF-8771-00A024541EE3} (Citrix ICA Client) - https://secure.securex.be/Citrix/ICAWEB/en/ica32/wficac.cab O16 - DPF: {31B7EB4E-8B4B-11D1-A789-00A0CC6651A8} - O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} - http://download.mcafee.com/molbin/shared/mcinsctl/4,0,0,101/mcinsctl.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - O16 - DPF: {6E5A37BF-FD42-463A-877C-4EB7002E68AE} - O16 - DPF: {B1953AD6-C50E-11D3-B020-00A0C9251384} - O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} - O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing) O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\System32\Ati2evxx.exe O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Common Files\Softwin\BitDefender Scan Server\bdss.exe" /service (file missing) O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe O23 - Service: Diskeeper - Executive Software International, Inc. - C:\Program Files\Executive Software\Diskeeper\DkService.exe O23 - Service: GEARSecurity - GEAR Software - C:\WINDOWS\System32\GEARSec.exe O23 - Service: BitDefender Desktop Update Service (LIVESRV) - Unknown owner - C:\Program Files\Common Files\Softwin\BitDefender Update Service\livesrv.exe" /service (file missing) O23 - Service: Norton Ghost - Symantec Corporation - C:\Program Files\Norton Ghost\Agent\VProSvc.exe O23 - Service: O&O CleverCache Agent (OOCleverCacheAgent) - O&O Software GmbH - C:\Program Files\OO Software\CleverCache\ooccag.exe O23 - Service: PDFCreatorMessages - Global Graphics Software Ltd - C:\WINDOWS\system32\PDFCreatorMessages.exe O23 - Service: Sygate Personal Firewall Pro (SmcService) - Sygate Technologies, Inc. - C:\Program Files\Sygate\SPF\smc.exe O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\PROGRA~1\COMMON~1\SONYSH~1\AVLib\Sptisrv.exe O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe O23 - Service: BitDefender Virus Shield (VSSERV) - Unknown owner - C:\Program Files\Softwin\BitDefender9\vsserv.exe" /service (file missing) O23 - Service: BitDefender Communicator (XCOMM) - Unknown owner - C:\Program Files\Common Files\Softwin\BitDefender Communicator\xcommsvr.exe" /service (file missing) Enne, die link verwijst inderdaad naar rommel :wink: : zal me leren om zomaar op onbekende linken te klikken. :-?
  • start HJT opnieuw en doe een systemscan only, vink onderstaande regels aan en klik op fix checked. [b:d6f2753a4c]O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - O16 - DPF: {6E5A37BF-FD42-463A-877C-4EB7002E68AE} - O16 - DPF: {B1953AD6-C50E-11D3-B020-00A0C9251384} - O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} -[/b:d6f2753a4c] Start opnieuw op en maak een nieuw HJT logje. Hoe is het met de problemen. :D
  • Gedaan Hier is de hijack log: Logfile of HijackThis v1.99.1 Scan saved at 8:27:58, on 7-11-2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\SYSTEM32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\System32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Windows Defender\MsMpEng.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Sygate\SPF\smc.exe C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\SYSTEM32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe C:\Program Files\Picasa2\PicasaMediaDetector.exe C:\Program Files\Microsoft Hardware\Keyboard\type32.exe C:\Program Files\JawsSystems\Jaws PDF Creator\PDFClient.exe C:\Program Files\ScanSoft\OmniPagePro12.0\Opware12.exe C:\Program Files\Common Files\Symantec Shared\ccApp.exe C:\Program Files\Norton Ghost\Agent\GhostTray.exe C:\PROGRA~1\softwin\BITDEF~1\bdmcon.exe C:\progra~1\softwin\bitdef~1\bdnagent.exe C:\progra~1\softwin\bitdef~1\bdswitch.exe C:\WINDOWS\Mixer.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe C:\Program Files\Windows Defender\MSASCui.exe C:\Program Files\OO Software\CleverCache\ooccctrl.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe C:\Program Files\Executive Software\Diskeeper\DkService.exe C:\WINDOWS\System32\GEARSec.exe C:\Program Files\Norton Ghost\Agent\VProSvc.exe C:\Program Files\OO Software\CleverCache\ooccag.exe C:\WINDOWS\system32\PDFCreatorMessages.exe C:\WINDOWS\System32\tcpsvcs.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe C:\Program Files\Common Files\Softwin\BitDefender Communicator\xcommsvr.exe C:\Program Files\Common Files\Softwin\BitDefender Scan Server\bdss.exe C:\WINDOWS\system32\fxssvc.exe C:\Program Files\Common Files\Softwin\BitDefender Update Service\livesrv.exe C:\Program Files\Softwin\BitDefender9\vsserv.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE C:\Documents and Settings\Jan Billekens\Desktop\hijackthis\HijackThis.exe C:\Program Files\Internet Explorer\iexplore.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.be/ R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Surfing on internet together with Jan R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O4 - HKLM\..\Run: [OpwareSE2] "C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe" O4 - HKLM\..\Run: [SmcService] C:\PROGRA~1\Sygate\SPF\smc.exe -startgui O4 - HKLM\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe O4 - HKLM\..\Run: [IntelliType] "C:\Program Files\Microsoft Hardware\Keyboard\type32.exe" O4 - HKLM\..\Run: [PDFCreatorClient] C:\Program Files\JawsSystems\Jaws PDF Creator\PDFClient.exe O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [Opware12] "C:\Program Files\ScanSoft\OmniPagePro12.0\Opware12.exe" O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [Norton Ghost 10.0] "C:\Program Files\Norton Ghost\Agent\GhostTray.exe" O4 - HKLM\..\Run: [BDMCon] c:\PROGRA~1\softwin\BITDEF~1\bdmcon.exe O4 - HKLM\..\Run: [BDNewsAgent] "C:\PROGRA~1\softwin\BITDEF~1\bdnagent.exe" O4 - HKLM\..\Run: [BDSwitchAgent] "c:\progra~1\softwin\bitdef~1\bdswitch.exe" O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup O4 - HKLM\..\Run: [PaperPort PTD] C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe O4 - HKLM\..\Run: [IndexSearch] C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide O4 - HKLM\..\Run: [ooccctrl.exe] C:\Program Files\OO Software\CleverCache\ooccctrl.exe /tasktray O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - HKCU\..\Run: [ccleaner] "C:\Program Files\CCleaner\ccleaner.exe" /AUTO O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE" O4 - HKCU\..\Run: [OM_Monitor] C:\Program Files\OLYMPUS\OLYMPUS Master\Monitor.exe -NoStart O4 - Global Startup: Adobe Reader Snelle start.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: Toevoegen aan Mobiele favorieten - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll O9 - Extra 'Tools' menuitem: Toevoegen aan Mobiele favorieten... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.5) - http://eu-housecall.trendmicro-europe.com/housecall/applet/html/native/x86/win32/activex/hcImpl.cab O16 - DPF: {238F6F83-B8B4-11CF-8771-00A024541EE3} (Citrix ICA Client) - https://secure.securex.be/Citrix/ICAWEB/en/ica32/wficac.cab O16 - DPF: {31B7EB4E-8B4B-11D1-A789-00A0CC6651A8} - O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} - http://download.mcafee.com/molbin/shared/mcinsctl/4,0,0,101/mcinsctl.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - O16 - DPF: {6E5A37BF-FD42-463A-877C-4EB7002E68AE} - O16 - DPF: {B1953AD6-C50E-11D3-B020-00A0C9251384} - O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} - O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing) O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\System32\Ati2evxx.exe O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Common Files\Softwin\BitDefender Scan Server\bdss.exe" /service (file missing) O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe O23 - Service: Diskeeper - Executive Software International, Inc. - C:\Program Files\Executive Software\Diskeeper\DkService.exe O23 - Service: GEARSecurity - GEAR Software - C:\WINDOWS\System32\GEARSec.exe O23 - Service: BitDefender Desktop Update Service (LIVESRV) - Unknown owner - C:\Program Files\Common Files\Softwin\BitDefender Update Service\livesrv.exe" /service (file missing) O23 - Service: Norton Ghost - Symantec Corporation - C:\Program Files\Norton Ghost\Agent\VProSvc.exe O23 - Service: O&O CleverCache Agent (OOCleverCacheAgent) - O&O Software GmbH - C:\Program Files\OO Software\CleverCache\ooccag.exe O23 - Service: PDFCreatorMessages - Global Graphics Software Ltd - C:\WINDOWS\system32\PDFCreatorMessages.exe O23 - Service: Sygate Personal Firewall Pro (SmcService) - Sygate Technologies, Inc. - C:\Program Files\Sygate\SPF\smc.exe O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\PROGRA~1\COMMON~1\SONYSH~1\AVLib\Sptisrv.exe O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe O23 - Service: BitDefender Virus Shield (VSSERV) - Unknown owner - C:\Program Files\Softwin\BitDefender9\vsserv.exe" /service (file missing) O23 - Service: BitDefender Communicator (XCOMM) - Unknown owner - C:\Program Files\Common Files\Softwin\BitDefender Communicator\xcommsvr.exe" /service (file missing)
  • Download [url=http://www.ccleaner.com/]Ccleaner[/url] update hem en doe een scan (aan de linkerkant staan icoons, eerst die met het stoffertje doen, laat hem scannen en doe daarna opschonen, twee keer opschonen) Daaronder staat een icoon met problemen, klik die aan en doe een scan, klik op fouten reparen (indien fouten aanwezig) en maak een backupmapje op je pc. Leeg je temp-mappen ( [color=blue:adaa4d87fe]NB de mappen leegmaken, niet verwijderen[/color:adaa4d87fe] !): C:\Documents and Settings\<Gebruikersnaam>\Local Settings\ [b:adaa4d87fe]Temp [/b:adaa4d87fe] C:\Documents and Settings\gebruikersnaam\Local Settings\[b:adaa4d87fe]Temporary [/b:adaa4d87fe][b:adaa4d87fe]Internet Files[/b:adaa4d87fe] C:\Documents and Settings\gebruikersnaam\Local Settings\[b:adaa4d87fe]Temporary [/b:adaa4d87fe][b:adaa4d87fe]Internet Files\content.ie5[/b:adaa4d87fe] Als deze map niet wordt weergegeven, ga dan naar de map temporary internet files en type er [b:adaa4d87fe]\content.ie5[/b:adaa4d87fe] achter in de adresbalk en klik enter. C:\Windows\[b:adaa4d87fe]Temp[/b:adaa4d87fe] hoe is het met de problemen?
  • Bedankt Juisterr, Alles uitgevoerd. Het probleem met opstarten blijft nog steeds: - Microsoft firewall schakelt zich eerst uit en later aan. - Lan maakt geen verbinding met internet gateway. Ik moet dit manueel via repair zelf doen. - Bitdefender schakelt zich in het begin zelf uit en pas later weer in Heb je een idee? [/img]
  • Ga naar Configuratiescherm - Internetopties - tabblad Programma’s. Klik op de knop 'Webinstellingen herstellen'. Ga naar Configuratiescherm - Internet-opties - tabblad Beveiliging - klik op 'Standaardniveau' en 'ok'. Ga naar Configuratiescherm - Internet-opties - Privacy en zet de schuifregelaar voor de instellingen met betrekking tot het toestaan van Cookies op 'Normaal'. Probeer onderstaande tooltjes eens: Download dit bestand, iefix.exe http://www.hitmanpro.nl/iefix.exe Dubbelklik op iefix.exe en voer het programma uit. Probeer ook deze IEFIX eens: http://windowsxp.mvps.org/IEFIX.htm Mogelijk wordt gevraagd om je Windows installatieCD. Herstart je PC en kijk of er verbetering is
  • Ik heb na veel twijfelen toch maar op de link geklikt :wink: MHet het uitvoeren van de door jou vermelde taken heb ik de pc weer opnieuw opgestart, maar de problemen blijven zich voordoen. Windowsdefender geeft steeds een melding voor "Sockspy.dll" en "MpCmdrun.exe". Heeft dat er iets mee te maken? :-?
  • O20 TypeAppInit_DLLs NamePath/Filesockspy.dllStatus L DescriptionBitDefender Pro http://www.castlecops.com/o20list-55.html << veilig http://www.liutilities.com/products/wintaskspro/processlibrary/mpcmdrun/ << veilig http://www.processlibrary.com/directory/files/mpcmdrun/ << veilig nee dat is het niet, wellicht zit het ergens in de quarantine box van je virusscanner, leeg die boxen. Ff zoeken Download [url=http://download.bleepingcomputer.com/sUBs/combofix.exe][b:d9e3c520e9]Combofix[/b:d9e3c520e9][/url] naar je Bureaublad.[list:d9e3c520e9] Dubbelklik [b:d9e3c520e9]Combofix.exe[/b:d9e3c520e9] Volg de instructies, aanvaard de disclaimer door "y" of "Y" te typen. Tijdens het runnen van de fix, [b:d9e3c520e9]NIET[/b:d9e3c520e9] in het venster klikken, want dit zal je pc doen vasthangen.[/list:u:d9e3c520e9] Wanneer de fix voltooid is en na herstart, zal de log [b:d9e3c520e9]combofix.txt[/b:d9e3c520e9] openen. [i:d9e3c520e9]Plaats deze log in je volgende post samen met een nieuw HijackThis log.[/i:d9e3c520e9] NOTA: Indien je virusscanner reageert met een melding van een scriptuitvoering, mag je dit negeren. Plaats een nieuw Logje van HJT aub.
  • Deze keer wordt het een lange, met de twee logjes. Daar gaan we: :P COMBOFIX Jan Billekens - 06-11-07 20:30:33,32 Service Pack 2 ComboFix 06.10.19 - Running from: "C:\Documents and Settings\Jan Billekens\Desktop" ((((((((((((((((((((((((((((((( Files Created from 2006-10-07 to 2006-11-07 )))))))))))))))))))))))))))))))))) 2006-11-07 20:29 352,264 --a------ C:\U.exe 2006-11-06 20:33 3,968 --a------ C:\WINDOWS\system32\drivers\AvgAsCln.sys 2006-11-05 20:35 34,308 --a------ C:\WINDOWS\system32\bassmod.dll 2006-10-25 18:00 108,544 --------- C:\WINDOWS\system32\pxcpyi64.exe 2006-10-25 18:00 103,936 --------- C:\WINDOWS\system32\pxinsi64.exe 2006-10-25 18:00 10,752 --------- C:\WINDOWS\system32\pxwma.dll 2006-10-21 16:57 18,944 --a------ C:\WINDOWS\system32\simptcp.dll 2006-10-21 16:10 302,592 --a------ C:\WINDOWS\unin0413.exe (((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))) 2006-11-07 19:27 -------- d-------- C:\Program Files\Internet Explorer 2006-11-07 09:08 -------- d-------- C:\Documents and Settings\Jan Billekens\Application Data\Canon 2006-11-06 20:33 -------- d-------- C:\Program Files\Grisoft 2006-11-05 19:35 -------- d-------- C:\Documents and Settings\Jan Billekens\Application Data\Skype 2006-11-04 12:05 -------- d-------- C:\Program Files\Lavasoft 2006-11-04 10:52 -------- d-------- C:\Program Files\Windows Defender 2006-11-03 17:37 -------- d---s---- C:\Documents and Settings\Jan Billekens\Application Data\Microsoft 2006-11-02 20:59 -------- d-------- C:\Documents and Settings\Jan Billekens\Application Data\OfficeUpdate12 2006-11-02 20:40 -------- d-------- C:\Program Files\Common Files\Microsoft Shared 2006-11-02 18:28 -------- d-------- C:\Program Files\Open Workbench 2006-10-28 11:14 -------- d-------- C:\Program Files\Pegasys Inc 2006-10-28 11:01 -------- d--h----- C:\Program Files\InstallShield Installation Information 2006-10-25 19:06 -------- d-------- C:\Documents and Settings\Jan Billekens\Application Data\Pegasys Inc 2006-10-22 13:46 -------- d-------- C:\Program Files\DebugMode 2006-10-21 19:37 -------- d-------- C:\Documents and Settings\Jan Billekens\Application Data\Sun 2006-10-21 18:54 -------- d-------- C:\Program Files\Common Files\Java 2006-10-21 18:54 -------- d-------- C:\Program Files\Common Files 2006-10-20 14:15 -------- d-------- C:\Program Files\Windows Installer Clean Up 2006-10-20 14:15 -------- d-------- C:\Program Files\MSECACHE 2006-10-14 11:24 -------- d-------- C:\Program Files\MSXML 4.0 2006-10-12 06:42 -------- d-------- C:\Documents and Settings\Jan Billekens\Application Data\ICAClient 2006-10-07 15:23 -------- d-------- C:\Program Files\Family Matters 97 2006-09-30 09:18 524288 --a------ C:\WINDOWS\opuc.dll 2006-09-30 09:01 -------- d-------- C:\Documents and Settings\Jan Billekens\Application Data\CursorArts 2006-09-30 08:40 -------- d-------- C:\Program Files\RADVideo 2006-09-21 17:42 -------- d-------- C:\Program Files\Spector Photo Software 2006-09-17 18:46 -------- d-------- C:\Program Files\Sunbelt Software 2006-09-13 06:01 1084416 --a------ C:\WINDOWS\system32\msxml3.dll 2006-09-12 16:51 1245184 --a------ C:\WINDOWS\system32\msxml4.dll 2006-09-10 20:44 -------- d-------- C:\Documents and Settings\Jan Billekens\Application Data\ZipGenius 2006-08-25 16:45 617472 --a------ C:\WINDOWS\system32\comctl32.dll 2006-08-21 13:21 16896 --a------ C:\WINDOWS\system32\fltlib.dll 2006-08-21 10:14 23040 --a------ C:\WINDOWS\system32\fltmc.exe 2006-08-16 12:58 100352 --a------ C:\WINDOWS\system32\6to4svc.dll 2006-08-03 16:35 599 --a------ C:\Program Files\INSTALL.LOG (((((((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))) *Note* empty entries are not shown [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run] "ctfmon.exe"="C:\\WINDOWS\\system32\\ctfmon.exe" "SpybotSD TeaTimer"="C:\\Program Files\\Spybot - Search & Destroy\\TeaTimer.exe" "ccleaner"="\"C:\\Program Files\\CCleaner\\ccleaner.exe\" /AUTO" "H/PC Connection Agent"="\"C:\\Program Files\\Microsoft ActiveSync\\WCESCOMM.EXE\"" "OM_Monitor"="C:\\Program Files\\OLYMPUS\\OLYMPUS Master\\Monitor.exe -NoStart" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run] "OpwareSE2"="\"C:\\Program Files\\ScanSoft\\OmniPageSE2.0\\OpwareSE2.exe\"" "SmcService"="C:\\PROGRA~1\\Sygate\\SPF\\smc.exe -startgui" "Picasa Media Detector"="C:\\Program Files\\Picasa2\\PicasaMediaDetector.exe" "IntelliType"="\"C:\\Program Files\\Microsoft Hardware\\Keyboard\\type32.exe\"" "PDFCreatorClient"="C:\\Program Files\\JawsSystems\\Jaws PDF Creator\\PDFClient.exe" "NeroCheck"="C:\\WINDOWS\\system32\\NeroCheck.exe" "Opware12"="\"C:\\Program Files\\ScanSoft\\OmniPagePro12.0\\Opware12.exe\"" "ccApp"="\"C:\\Program Files\\Common Files\\Symantec Shared\\ccApp.exe\"" "Norton Ghost 10.0"="\"C:\\Program Files\\Norton Ghost\\Agent\\GhostTray.exe\"" "BDMCon"="c:\\PROGRA~1\\softwin\\BITDEF~1\\bdmcon.exe" "BDNewsAgent"="\"c:\\progra~1\\softwin\\bitdef~1\\bdnagent.exe\"" "BDSwitchAgent"="\"c:\\progra~1\\softwin\\bitdef~1\\bdswitch.exe\"" "C-Media Mixer"="Mixer.exe /startup" "PaperPort PTD"="C:\\Program Files\\ScanSoft\\PaperPort\\pptd40nt.exe" "IndexSearch"="C:\\Program Files\\ScanSoft\\PaperPort\\IndexSearch.exe" "QuickTime Task"="\"C:\\Program Files\\QuickTime\\qttask.exe\" -atboottime" "Windows Defender"="\"C:\\Program Files\\Windows Defender\\MSASCui.exe\" -hide" "!AVG Anti-Spyware"="\"C:\\Program Files\\Grisoft\\AVG Anti-Spyware 7.5\\avgas.exe\" /minimized" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\IMAIL] "Installed"="1" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MAPI] "Installed"="1" "NoChange"="1" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MSFS] "Installed"="1" [HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components] "DeskHtmlVersion"=dword:00000110 "DeskHtmlMinorVersion"=dword:00000005 "Settings"=dword:00000001 "GeneralFlags"=dword:00000001 [HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components\0] "Source"="About:Home" "SubscribedURL"="About:Home" "FriendlyName"="My Current Home Page" "Flags"=dword:00000002 "Position"=hex:2c,00,00,00,00,01,00,00,00,00,00,00,00,04,00,00,e2,03,00,00,00,\ 00,00,00,01,00,00,00,01,00,00,00,01,00,00,00,00,00,00,00,00,00,00,00 "CurrentState"=hex:04,00,00,40 "OriginalStateInfo"=hex:18,00,00,00,ff,ff,00,00,ff,ff,00,00,ff,ff,ff,ff,ff,ff,\ ff,ff,04,00,00,00 "RestoredStateInfo"=hex:18,00,00,00,d2,03,00,00,23,00,00,00,1c,01,00,00,27,01,\ 00,00,01,00,00,00 [HKEY_USERS\.default\software\microsoft\windows\currentversion\run] "CTFMON.EXE"="C:\\WINDOWS\\System32\\CTFMON.EXE" [HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\run] "CTFMON.EXE"="C:\\WINDOWS\\System32\\CTFMON.EXE" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\sharedtaskscheduler] "{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Browseui preloader" "{8C7461EF-2B13-11d2-BE35-3078302C2030}"="Component Categories cache daemon" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shellexecutehooks] "{AEB6717E-7E19-11d0-97EE-00C04FD91972}"="" "{091EB208-39DD-417D-A5DD-7E2C2D8FB9CB}"="Microsoft AntiMalware ShellExecuteHook" "{57B86673-276A-48B2-BAE7-C6DBB3020EB8}"="AVG Anti-Spyware 7.5" [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer] "NoDriveTypeAutoRun"=dword:00000091 "NoActiveDesktop"=dword:00000000 "NoSaveSettings"=dword:00000000 "ClassicShell"=dword:00000000 "NoThemesTab"=dword:00000000 "ForceActiveDesktopOn"=dword:00000000 [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer\Run] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "dontdisplaylastusername"=dword:00000000 "legalnoticecaption"="" "legalnoticetext"="" "shutdownwithoutlogon"=dword:00000001 "undockwithoutlogon"=dword:00000001 "DisableTaskMgr"=dword:00000000 [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer] "NoActiveDesktopChanges"=dword:00000000 "NoCDBurning"=dword:00000000 [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer\Run] [HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer] "NoDriveTypeAutoRun"=hex:91,00,00,00 "CDRAutoRun"=dword:00000000 [HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\policies\explorer] "NoDriveTypeAutoRun"=hex:91,00,00,00 "CDRAutoRun"=dword:00000000 [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shellserviceobjectdelayload] "PostBootReminder"="{7849596a-48ea-486e-8937-a2a3009f31a9}" "CDBurn"="{fbeb8a05-beee-4442-804e-409d6c4515e9}" "WebCheck"="{E6FB5E20-DE35-11CF-9C87-00AA005127ED}" "SysTray"="{35CEC8A3-2BE6-11D2-8773-92E220524153}" [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders] "SecurityProviders"="msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll" Contents of the 'Scheduled Tasks' folder C:\WINDOWS\tasks\MP Scheduled Scan.job Completion time: 06-11-07 20:31:12.29 C:\ComboFix.txt ... 06-11-07 20:31 HIJACK Logfile of HijackThis v1.99.1 Scan saved at 20:33:05, on 7-11-2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\SYSTEM32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\System32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Windows Defender\MsMpEng.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Sygate\SPF\smc.exe C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\SYSTEM32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe C:\Program Files\Picasa2\PicasaMediaDetector.exe C:\Program Files\Microsoft Hardware\Keyboard\type32.exe C:\Program Files\JawsSystems\Jaws PDF Creator\PDFClient.exe C:\Program Files\ScanSoft\OmniPagePro12.0\Opware12.exe C:\Program Files\Common Files\Symantec Shared\ccApp.exe C:\Program Files\Norton Ghost\Agent\GhostTray.exe C:\PROGRA~1\softwin\BITDEF~1\bdnagent.exe C:\progra~1\softwin\bitdef~1\bdswitch.exe C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\Mixer.exe C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe C:\Program Files\Windows Defender\MSASCui.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe C:\Program Files\Executive Software\Diskeeper\DkService.exe C:\WINDOWS\System32\GEARSec.exe C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE C:\Program Files\Norton Ghost\Agent\VProSvc.exe C:\WINDOWS\system32\PDFCreatorMessages.exe C:\WINDOWS\System32\tcpsvcs.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe C:\Program Files\Common Files\Softwin\BitDefender Communicator\xcommsvr.exe C:\WINDOWS\system32\fxssvc.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Internet Explorer\iexplore.exe C:\PROGRA~1\MICROS~2\OFFICE11\OUTLOOK.EXE C:\Program Files\Shareaza\Shareaza.exe C:\Program Files\Common Files\Softwin\BitDefender Update Service\livesrv.exe C:\Program Files\Common Files\Softwin\BitDefender Scan Server\bdss.exe C:\Program Files\Softwin\BitDefender9\vsserv.exe c:\progra~1\softwin\bitdef~1\bdmcon.exe C:\Documents and Settings\Jan Billekens\Desktop\hijackthis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.be/ R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O4 - HKLM\..\Run: [OpwareSE2] "C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe" O4 - HKLM\..\Run: [SmcService] C:\PROGRA~1\Sygate\SPF\smc.exe -startgui O4 - HKLM\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe O4 - HKLM\..\Run: [IntelliType] "C:\Program Files\Microsoft Hardware\Keyboard\type32.exe" O4 - HKLM\..\Run: [PDFCreatorClient] C:\Program Files\JawsSystems\Jaws PDF Creator\PDFClient.exe O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [Opware12] "C:\Program Files\ScanSoft\OmniPagePro12.0\Opware12.exe" O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [Norton Ghost 10.0] "C:\Program Files\Norton Ghost\Agent\GhostTray.exe" O4 - HKLM\..\Run: [BDMCon] c:\PROGRA~1\softwin\BITDEF~1\bdmcon.exe O4 - HKLM\..\Run: [BDNewsAgent] "c:\progra~1\softwin\bitdef~1\bdnagent.exe" O4 - HKLM\..\Run: [BDSwitchAgent] "c:\progra~1\softwin\bitdef~1\bdswitch.exe" O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup O4 - HKLM\..\Run: [PaperPort PTD] C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe O4 - HKLM\..\Run: [IndexSearch] C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - HKCU\..\Run: [ccleaner] "C:\Program Files\CCleaner\ccleaner.exe" /AUTO O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE" O4 - HKCU\..\Run: [OM_Monitor] C:\Program Files\OLYMPUS\OLYMPUS Master\Monitor.exe -NoStart O4 - Global Startup: Adobe Reader Snelle start.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O9 - Extra button: Toevoegen aan Mobiele favorieten - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll O9 - Extra 'Tools' menuitem: Toevoegen aan Mobiele favorieten... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {31B7EB4E-8B4B-11D1-A789-00A0CC6651A8} - O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} - http://download.mcafee.com/molbin/shared/mcinsctl/4,0,0,101/mcinsctl.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - O16 - DPF: {6E5A37BF-FD42-463A-877C-4EB7002E68AE} - O16 - DPF: {B1953AD6-C50E-11D3-B020-00A0C9251384} - O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} - O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing) O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\System32\Ati2evxx.exe O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Common Files\Softwin\BitDefender Scan Server\bdss.exe" /service (file missing) O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe O23 - Service: Diskeeper - Executive Software International, Inc. - C:\Program Files\Executive Software\Diskeeper\DkService.exe O23 - Service: GEARSecurity - GEAR Software - C:\WINDOWS\System32\GEARSec.exe O23 - Service: BitDefender Desktop Update Service (LIVESRV) - Unknown owner - C:\Program Files\Common Files\Softwin\BitDefender Update Service\livesrv.exe" /service (file missing) O23 - Service: Norton Ghost - Symantec Corporation - C:\Program Files\Norton Ghost\Agent\VProSvc.exe O23 - Service: PDFCreatorMessages - Global Graphics Software Ltd - C:\WINDOWS\system32\PDFCreatorMessages.exe O23 - Service: Sygate Personal Firewall Pro (SmcService) - Sygate Technologies, Inc. - C:\Program Files\Sygate\SPF\smc.exe O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\PROGRA~1\COMMON~1\SONYSH~1\AVLib\Sptisrv.exe O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe O23 - Service: BitDefender Virus Shield (VSSERV) - Unknown owner - C:\Program Files\Softwin\BitDefender9\vsserv.exe" /service (file missing) O23 - Service: BitDefender Communicator (XCOMM) - Unknown owner - C:\Program Files\Common Files\Softwin\BitDefender Communicator\xcommsvr.exe" /service (file missing)
  • valt best mee hoor, ik ben wel wat gewend, Download [url=http://www.downloads.subratam.org/KillBox.exe][color=blue:3787542e0a][b:3787542e0a]KillBox![/b:3787542e0a][/color:3787542e0a][/url] naar je bureaublad. [b:3787542e0a]Selecteer[/b:3787542e0a] de onderstaande, vetgedrukte regels, door de linker muisknop ingedrukt te houden en van links boven naar rechts beneden te bewegen (het veld wordt blauw): [list:3787542e0a][b:3787542e0a]2006-11-07 20:29 352,264 --a------ C:\U.exe 2006-10-21 16:10 302,592 --a------ C:\WINDOWS\unin0413.exe[/b:3787542e0a][/list:u:3787542e0a] Klik met je rechtermuisknop in het blauwe veld en vervolgens op kopieeren [*] Start KillBox! door te dubbelklikken op het killbox icoontje [*] Open [b:3787542e0a]options[/b:3787542e0a] in het killbox menu en selecteer [b:3787542e0a]auto parse[/b:3787542e0a] [*] Open [b:3787542e0a]file[/b:3787542e0a] in het killboxmenu bovenaan en kies: [b:3787542e0a]Paste from clipboard[/b:3787542e0a] [*] [i:3787542e0a]Het vetgedrukte, dat je hebt geselecteerd en gekopiëerd, zal nu verschijnen in het veld bij Full Path of File to Delete. (Controleer dit eventueel door te klikken op het pijltje naast dat veld) Files die niet (meer) bestaan worden door killbox niet weergegeven[/i:3787542e0a] [*] kies de optie ('s) [b:3787542e0a]Delete on reboot[/b:3787542e0a] en [b:3787542e0a]unregister dll's before deleting.[/b:3787542e0a] [*] Klik op de knop [b:3787542e0a]All files[/b:3787542e0a]. [*] Klik op de rode cirkel met het wit kruisje erin. [*] Killbox! zal zeggen dat deze bestanden zullen verwijderd worden on reboot.. Klik YES [*] Wanneer Killbox! vraagt om nu te rebooten, klik je op YES. [*] [i:3787542e0a]Als je volgende boodschap krijgt: PendingFileRenameOperations Registry Data has been Removed by External Process! dan zal je handmatig moeten herstarten.[/i:3787542e0a][/list] Killbox zal nu je PC herstarten Verwijder na de herstart de map [b:3787542e0a]C:\!Killbox[/b:3787542e0a] Leeg daarna de prullenbak hoe is het nu met deklachten.
  • :D Bedankt Juisterr, de problemen zijn nu helemaal opgelost ! :D
  • Jippieeeeeeee een tevreden klant dat zien we graag. hier nog wat tips, http://www.jawwi.nl/tips/beveiligen.html

Beantwoord deze vraag

Weet jij het antwoord op deze vraag? Registreer of meld je aan met je account

Dit is een gearchiveerde pagina. Antwoorden is niet meer mogelijk.