Vraag & Antwoord

Beveiliging & privacy

Problemen computer hijackthis log

12 antwoorden
  • Geachte Al een tijdje ben ik aan het romellen ;) en niks werkt (hitman pro veiligemodus) Mijn hardeschijf maakt veel geluid ook tijdens het niks doen. Zonder dat de processor belast is is die heel erg traag? Ik heb trouwens ook last van een redirect ck.maxifiles.com. Misschien dat jullie het probleem weten? AMD 2600 1,5 gig intern 2 hardeschijven Hijacklog bestand: Logfile of HijackThis v1.99.1 Scan saved at 12:50:08, on 13-6-2001 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16441) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\csrss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\system32\cisvc.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE C:\Program Files\Eset\nod32krn.exe C:\Program Files\Norton Ghost\Agent\VProSvc.exe C:\WINDOWS\system32\cidaemon.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\HPZipm12.exe C:\Program Files\Iomega\REV System Software\RevUDF.exe C:\Program Files\CyberLink\Shared files\RichVideo.exe C:\WINDOWS\system32\locator.exe C:\Program Files\Spyware Doctor\svcntaux.exe C:\Program Files\Spyware Doctor\swdsvc.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe C:\WINDOWS\system32\dllhost.exe C:\WINDOWS\system32\ZoneLabs\vsmon.exe C:\WINDOWS\System32\vssvc.exe C:\WINDOWS\system32\drivers\WDelMgr20.exe C:\WINDOWS\system32\wbem\wmiapsrv.exe C:\Program Files\NETGEAR\SC101 Manager Utility\ZeteraService.exe C:\WINDOWS\system32\dllhost.exe C:\WINDOWS\system32\msdtc.exe C:\WINDOWS\system32\wscntfy.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Iomega\REV System Software\imiconxp.exe C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\Program Files\Spyware Doctor\SDTrayApp.exe D:\MIJN DOCUMENTEN\2 DYLAN WEMPE PRIVE 6 JUNI 04\Appart\2 BACK-UP BELANGRIJK\Hot Keyboard Pro D = 200GB\HotKeyb.exe C:\Program Files\Microsoft ActiveSync\wcescomm.exe C:\Program Files\Iomega\Automatic Backup Pro\LiveSystem.exe C:\PROGRA~1\MI3AA1~1\rapimgr.exe C:\Program Files\Fast Launcher\fl.exe C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe C:\Program Files\TuneUp Utilities 2006\MemOptimizer.exe C:\Program Files\PC Connectivity Solution\ServiceLayer.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\PC Connectivity Solution\NclBTHandler.exe C:\PROGRA~1\Belkin\BLUETO~1\BTSTAC~1.EXE C:\PROGRA~1\INTERN~1\iexplore.exe C:\Program Files\GetRight\GETRIGHT.EXE D:\Bureaublad\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.lycos.nl/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe O2 - BHO: SnagIt Toolbar Loader - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\SnagIt 8\SnagItBHO.dll O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: bho2gr Class - {31FF080D-12A3-439A-A2EF-4BA95A3148E8} - C:\Program Files\GetRight\xx2gr.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: (no name) - {705DC4FC-EECF-437B-887A-240DF7D0E6F3} - (no file) O2 - BHO: (no name) - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: (no name) - {92A444D2-F945-4dd9-89A1-896A6C2D8D22} - C:\WINDOWS\system32\pxcmbqlq.dll O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll O2 - BHO: (no name) - {BDBC7B1E-C143-4F01-8DCD-8EA291BE2953} - C:\WINDOWS\system32\whtrhaul.dll O3 - Toolbar: SnagIt - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\SnagIt 8\SnagItIEAddin.dll O3 - Toolbar: &RoboForm - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll O3 - Toolbar: 1-Click Answers - {7754C418-F62E-44aa-B169-E719E718BCFD} - C:\PROGRA~1\1-CLIC~1\IEToolbar\AnswersToolbarU.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O4 - HKLM\..\Run: [Iomega ImIconXP] C:\Program Files\Iomega\REV System Software\imiconxp.exe O4 - HKLM\..\Run: [Tweak UI] RUNDLL32.EXE TWEAKUI.CPL,TweakMeUp O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [SDTray] "C:\Program Files\Spyware Doctor\SDTrayApp.exe" O4 - HKCU\..\Run: [Hot Keyboard] D:\MIJN DOCUMENTEN\2 DYLAN WEMPE PRIVE 6 JUNI 04\Appart\2 BACK-UP BELANGRIJK\Hot Keyboard Pro D = 200GB\HotKeyb.exe -minimized O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe" O4 - HKCU\..\Run: [Iomega Automatic Backup Pro] "C:\Program Files\Iomega\Automatic Backup Pro\LiveSystem.exe" -s O4 - HKCU\..\Run: [FastLauncher] C:\Program Files\Fast Launcher\fl.exe O4 - HKCU\..\Run: [RoboForm] "C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe" O4 - HKCU\..\Run: [TuneUp MemOptimizer] "C:\Program Files\TuneUp Utilities 2006\MemOptimizer.exe" autostart O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O8 - Extra context menu item: Answers... - file://C:\Program Files\1-Click Answers\Html\atiemenu.htm O8 - Extra context menu item: Append to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Assign &hot key - D:\MIJN DOCUMENTEN\2 DYLAN WEMPE PRIVE 6 JUNI 04\Appart\2 BACK-UP BELANGRIJK\Hot Keyboard Pro D = 200GB\IEScript.htm O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Download with GetRight - C:\Program Files\GetRight\GRdownload.htm O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: Formulieren opslaan - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html O8 - Extra context menu item: Invul Formulieren - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html O8 - Extra context menu item: Menu aanpassen - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html O8 - Extra context menu item: Open with GetRight Browser - C:\Program Files\GetRight\GRbrowse.htm O8 - Extra context menu item: RoboForm Werkbalk - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html O8 - Extra context menu item: Sothink SWF Catcher - C:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm O8 - Extra context menu item: Verzenden naar &Bluetooth - C:\Program Files\Belkin\Bluetooth Software\btsendto_ie_ctx.htm O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\WINDOWS\system32\shdocvw.dll O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll O9 - Extra 'Tools' menuitem: Mobiele favorieten maken - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll O9 - Extra button: Formulier Invullen - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html O9 - Extra 'Tools' menuitem: Invul Formulieren - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html O9 - Extra button: Opslaan - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html O9 - Extra 'Tools' menuitem: Formulieren opslaan - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html O9 - Extra button: RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html O9 - Extra 'Tools' menuitem: RoboForm Werkbalk - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Belkin\Bluetooth Software\btsendto_ie.htm O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Belkin\Bluetooth Software\btsendto_ie.htm O9 - Extra button: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm O9 - Extra 'Tools' menuitem: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O10 - Unknown file in Winsock LSP: c:\program files\bonjour\mdnsnsp.dll O11 - Options group: [INTERNATIONAL] International* O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O17 - HKLM\System\CCS\Services\Tcpip\..\{45D19BBA-7502-47BC-AF36-48F114CD8F25}: NameServer = 192.168.0.1,192.168.1.1 O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O20 - Winlogon Notify: mllmn - C:\WINDOWS\system32\mllmn.dll (file missing) O20 - Winlogon Notify: ssqpomn - ssqpomn.dll (file missing) O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O20 - Winlogon Notify: WRNotifier - C:\WINDOWS\SYSTEM32\WRLogonNTF.dll O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing) O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing) O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe O23 - Service: Norton Ghost - Symantec Corporation - C:\Program Files\Norton Ghost\Agent\VProSvc.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: RevUDFService - Iomega Corp - C:\Program Files\Iomega\REV System Software\RevUDF.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - %ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini (file missing) O23 - Service: Spyware Doctor Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\svcntaux.exe O23 - Service: Spyware Doctor Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\swdsvc.exe O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe O23 - Service: Webroot Spy Sweeper Engine (svcWRSSSDK) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe O23 - Service: TuneUp WinStyler Theme Service (TUWinStylerThemeSvc) - TuneUp Software GmbH - C:\Program Files\TuneUp Utilities 2006\WinStylerThemeSvc.exe O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs Inc. - C:\WINDOWS\system32\ZoneLabs\vsmon.exe O23 - Service: WDelMgr20 - Unknown owner - C:\WINDOWS\system32\drivers\WDelMgr20.exe O23 - Service: Zetera - Zetera Corporation - C:\Program Files\NETGEAR\SC101 Manager Utility\ZeteraService.exe Alvast vriendelijk bedankt en hoop dat jullie raad weten. Vriendelijke groeten Dylan Wempe
  • Verander eerst even je eerste zin aub, je hebt dus lopen "rommelen"en niet k***en. Installeer hijackthis.exe bijv. in C:\Program Files\[b:f7ce51626d]Hijackthis[/b:f7ce51626d] Dit in verband met de backups die dit programma maakt. Download [url=http://download.bleepingcomputer.com/sUBs/ComboFix.exe][b:f7ce51626d]Combofix[/b:f7ce51626d][/url] naar je Bureaublad.[list:f7ce51626d] Dubbelklik op [b:f7ce51626d]Combofix.exe[/b:f7ce51626d] Volg de instructies, aanvaard de disclaimer door [b:f7ce51626d]1[/b:f7ce51626d] (continue) te typen. Tijdens het runnen van de fix, [b:f7ce51626d]NIET[/b:f7ce51626d] in het venster klikken, want dit zal je pc doen vasthangen.[/list:u:f7ce51626d] Wanneer de fix voltooid is en na herstart, zal de log [b:f7ce51626d]combofix.txt[/b:f7ce51626d] openen. [i:f7ce51626d]Plaats deze log in je volgende post samen met een nieuw HijackThis log.[/i:f7ce51626d] NOTA: Indien je virusscanner reageert met een melding van een scriptuitvoering, mag je dit negeren. Start Hijackthis op en kies voor 'Do a system scan only' Selecteer alleen de items die hieronder zijn genoemd: [b:f7ce51626d] R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = O2 - BHO: (no name) - {705DC4FC-EECF-437B-887A-240DF7D0E6F3} - (no file) O2 - BHO: (no name) - {92A444D2-F945-4dd9-89A1-896A6C2D8D22} - C:\WINDOWS\system32\pxcmbqlq.dll O2 - BHO: (no name) - {BDBC7B1E-C143-4F01-8DCD-8EA291BE2953} - C:\WINDOWS\system32\whtrhaul.dll O20 - Winlogon Notify: mllmn - C:\WINDOWS\system32\mllmn.dll (file missing) O20 - Winlogon Notify: ssqpomn - ssqpomn.dll (file missing) [/b:f7ce51626d] Sluit alle vensters behalve Hijackthis Klik op 'Fix checked' om de items te verwijderen. Open de verkenner ("Mijn Computer") en kies [b:f7ce51626d]Extra[/b:f7ce51626d] -> [b:f7ce51626d]Mapopties...[/b:f7ce51626d] Controleer onder [b:f7ce51626d]Weergave[/b:f7ce51626d] de volgende instellingen: Uitzetten: Beveiligde besturingssysteembestanden verbergen (aanbevolen) Uitzetten: Extensies voor bekende bestandstypen verbergen Selecteer: De inhoud van systeemmappen weergeven (alleen bij XP) Selecteer: Verborgen bestanden en mappen weergeven Verwijder de volgende bestanden: C:\WINDOWS\system32\[b:f7ce51626d]pxcmbqlq.dll[/b:f7ce51626d] C:\WINDOWS\system32\[b:f7ce51626d]whtrhaul.dll[/b:f7ce51626d] [b:f7ce51626d][color=blue:f7ce51626d]Je Java software is verouderd.[/color:f7ce51626d][/b:f7ce51626d] oudere versies hebben lekken die malware de kans geeft om zich te installeren op je systeem. [b:f7ce51626d]Doe eerst deze stappen om Java te de-installeren en de nieuwere versie te installeren:[/b:f7ce51626d][list:f7ce51626d] Download [url=http://java.sun.com/javase/downloads/index.jsp][b:f7ce51626d][color=blue:f7ce51626d]Java Runtime Environment (JRE) 6.1[/color:f7ce51626d][/b:f7ce51626d][/url]. [*:f7ce51626d]Scroll omlaag naar : "[i:f7ce51626d]Java Runtime Environment (JRE) 6u1[/i:f7ce51626d]". [*:f7ce51626d]Klik op de "[b:f7ce51626d]Download[/b:f7ce51626d]" knop aan de rechterkant. [*:f7ce51626d]Vink aan: "[b:f7ce51626d][i:f7ce51626d]Accept[/b:f7ce51626d] License Agreement[/i:f7ce51626d]". [*:f7ce51626d]De pagina zal herladen. [*:f7ce51626d]Klik op de link om [i:f7ce51626d]Windows [b:f7ce51626d]Offline[/b:f7ce51626d] Installation[/i:f7ce51626d] te downloaden met Meerdere-talen, en bewaar het naar je Bureaublad. [*:f7ce51626d]Sluit alle programma's die eventueel open zijn - Zeker je web browser! [*:f7ce51626d]Ga dan naar [b:f7ce51626d]Start[/b:f7ce51626d] > [b:f7ce51626d]Configuratiescherm[/b:f7ce51626d] > [b:f7ce51626d]Software[/b:f7ce51626d] en verwijder alle oudere versies van Java uit de Softwarelijst. [*:f7ce51626d]Vink alles aan met Java Runtime Environment (JRE of J2SE) in de naam. [*:f7ce51626d]Klik dan op [b:f7ce51626d]Verwijderen[/b:f7ce51626d] of op de [b:f7ce51626d]Wijzig/Verwijder[/b:f7ce51626d] knop. [*:f7ce51626d]Herhaal dit tot alle oudere versies verdwenen zijn. [*:f7ce51626d]Na het verwijderen van alle oudere versies, [b:f7ce51626d]herstart[/b:f7ce51626d] je pc. [*:f7ce51626d]Dubbelklik vervolgens op [b:f7ce51626d]jre-6u1-windows-i586-p.exe[/b:f7ce51626d] op je Bureaublad om de nieuwste versie van Java te installeren. [/list:u:f7ce51626d] start opnieuw op en plaats de uitslag van combofix en een nieuw HJT logje.
  • Geachte had eerst combofix gedaan en toen moest ik herstarten en heb hem daarna nog een keer gedraaid omdat ik het log bestand niet kon vinden hoop niet dat het veel uitmaakt. Ps in mijn ogen gaf die niks byzonders aan :D Resultaat Combofix: (geeft nu meer aan voorheen maar 2 zinnen:D) ComboFix 07-06-13.3 - J:\ComboFix.exe "Dylan AMD" - 2007-06-13 18:41:01 - Service Pack 2 NTFS ((((((((((((((((((((((((( Files Created from 2007-05-13 to 2007-06-13 ))))))))))))))))))))))))))))))) 2007-06-13 18:34 <DIR> dr-h----- C:\DOCUME~1\Dylan\Onlangs geopend 2007-06-13 17:30 49,152 --a------ C:\WINDOWS\nircmd.exe 2007-06-12 10:36 <DIR> d-------- C:\Program Files\CoffeeCup Software 2007-06-11 23:10 626,688 --a------ C:\WINDOWS\system32\msvcr80.dll 2007-06-11 17:24 <DIR> d-------- C:\Program Files\uMenu 2007-06-11 16:05 <DIR> d-------- C:\Program Files\Windows Live 2007-06-07 01:48 <DIR> d-------- C:\Adobe After Effects CS3 Professional.Crack.MKDEV.TEAM 2007-06-07 01:45 <DIR> d-------- C:\Adobe_Dreamweaver_CS3 2007-06-07 01:38 <DIR> d-------- C:\Adobe_Premiere_Pro_CS3_Full_Version_with_Crack 2007-06-06 19:44 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Yahoo! Companion 2007-06-05 22:58 <DIR> d-------- C:\Program Files\Common Files\Control Panels 2007-06-05 22:47 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\ALM 2007-06-05 21:17 <DIR> d-------- C:\Program Files\Bonjour 2007-06-05 19:49 14,868 --a------ C:\WINDOWS\system32\ddvgjwcn.exe 2007-06-05 14:54 <DIR> d-------- C:\1 FONTS 2007-06-05 13:25 <DIR> d-------- C:\Program Files\Duplicate Cleaner 2007-06-05 10:34 <DIR> d-------- C:\Adobe CS3 Master Collection (4 DVD) 2007-06-05 09:22 <DIR> d-------- C:\ADOBE.CS3.MASTER.COLLECTION-MAGNiTUDE 2007-06-05 08:06 2,580 --a------ C:\WINDOWS\system32\ooowmbmx.exe 2007-06-04 15:18 9,344 --a------ C:\WINDOWS\system32\drivers\NSDriver.sys 2007-06-04 15:17 8,320 --a------ C:\WINDOWS\system32\drivers\AWRTRD.sys 2007-06-04 15:14 6,272 --a------ C:\WINDOWS\system32\drivers\AWRTPD.sys 2007-06-04 14:49 <DIR> d-------- C:\Program Files\QuickTime 2007-06-04 14:48 <DIR> d-------- C:\Program Files\Apple Software Update 2007-06-04 14:47 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer 2007-06-04 13:49 2,580 --a------ C:\WINDOWS\system32\xidfpjpf.exe 2007-06-02 19:23 2,580 --a------ C:\WINDOWS\system32\usdwdjkn.exe 2007-06-02 03:09 <DIR> d-------- C:\Adobe Premiere Plug Inns 2007-06-02 03:08 <DIR> d-------- C:\Nero 7 Flac Plugin 2007-06-02 01:00 <DIR> d--hs---- C:\WINDOWS\ftpcache 2007-06-02 01:00 <DIR> d-------- C:\DOCUME~1\Dylan\APPLIC~1\Blumentals 2007-06-01 18:30 <DIR> d-------- C:\Lynda.com.Photoshop.CS3.One-on-One.The.Essentials.DVD-ViH 2007-06-01 18:25 <DIR> d-------- C:\Krezip-Plug_It_In-2007-DOH 2007-05-27 12:45 30,208 --a------ C:\Program Files\HDHacker.exe 2007-05-26 18:30 <DIR> d-------- C:\DOCUME~1\Dylan\APPLIC~1\ExecutiveSoftware 2007-05-26 17:17 <DIR> d-------- C:\Program Files\Rar Repair Tool 2007-05-26 17:10 <DIR> d-------- C:\Program Files\ElcomSoft 2007-05-26 17:04 <DIR> d-------- C:\Program Files\DataDoctorRecovery 2007-05-26 16:26 <DIR> d-------- C:\Downloads 2007-05-26 16:12 <DIR> d-------- C:\Program Files\NTFS Undelete 2007-05-26 15:17 <DIR> d--hs---- C:\RecoveryBin 2007-05-26 15:16 <DIR> d-------- C:\Program Files\Executive Software 2007-05-25 16:32 <DIR> d-------- C:\Program Files\FDRLab (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) 2007-06-11 14:05:14 -------- d-----w C:\Program Files\Messenger Plus! Live 2007-06-07 11:31:20 82,192 ----a-w C:\WINDOWS\system32\perfc013.dat 2007-06-07 11:31:20 468,568 ----a-w C:\WINDOWS\system32\perfh013.dat 2007-06-07 11:26:27 -------- d-----w C:\Program Files\WS_FTP Pro 2007-05-04 16:21:27 -------- d-----w C:\Program Files\Passware 2007-04-29 13:05:21 -------- d-----w C:\Program Files\MagicISO 2007-04-27 16:39:12 -------- d-----w C:\Program Files\3D Rij-simulator 2007-04-27 10:45:37 -------- d-----w C:\Program Files\Quintessential Player 2007-04-22 15:29:39 -------- d-----w C:\DOCUME~1\Dylan\APPLIC~1\Extensis 2007-04-21 20:53:03 152,833 ----a-w C:\WINDOWS\system32\drivers\dump_wmimmc.sys 2007-04-21 20:49:38 -------- d-----w C:\Program Files\Flyff 2007-04-18 16:15:26 2,854,400 ----a-w C:\WINDOWS\system32\msi.dll 2007-04-17 14:42:35 -------- d-----w C:\Program Files\Fast Launcher 2007-04-17 14:42:35 -------- d-----w C:\DOCUME~1\Dylan\APPLIC~1\DvaSoft 2007-04-17 14:08:20 -------- d-----w C:\Program Files\Extensis 2007-04-17 13:43:36 -------- d-----w C:\Program Files\DC++ 2007-04-17 12:53:47 385,390 ----a-w C:\DOCUME~1\Dylan\APPLIC~1\com.markzware.FC5.FontDBWtSys 2007-04-17 12:43:46 65,536 ---ha-w C:\DOCUME~1\Dylan\APPLIC~1\noBevelButton.DLL 2007-04-17 12:43:46 33,792 ---ha-w C:\DOCUME~1\Dylan\APPLIC~1\PLUtil.DLL 2007-04-17 12:43:45 88,576 ---ha-w C:\DOCUME~1\Dylan\APPLIC~1\rbap550.dll 2007-04-17 12:43:45 7,320,576 ---ha-w C:\DOCUME~1\Dylan\APPLIC~1\Mkz1REALA.dll 2007-04-17 12:43:45 57,344 ---ha-w C:\DOCUME~1\Dylan\APPLIC~1\groundControl.DLL 2007-04-17 12:43:45 28,160 ---ha-w C:\DOCUME~1\Dylan\APPLIC~1\fcPlacard.DLL 2007-04-17 12:42:17 -------- d-----w C:\Program Files\FlightCheck Professional 5.80 2007-04-16 20:47:36 33,624 ----a-w C:\WINDOWS\system32\wups.dll 2007-04-16 20:45:54 1,710,936 ----a-w C:\WINDOWS\system32\wuaueng.dll 2007-04-16 20:45:48 549,720 ----a-w C:\WINDOWS\system32\wuapi.dll 2007-04-16 20:45:42 325,976 ----a-w C:\WINDOWS\system32\wucltui.dll 2007-04-16 20:45:36 203,096 ----a-w C:\WINDOWS\system32\wuweb.dll 2007-04-16 20:45:28 92,504 ----a-w C:\WINDOWS\system32\cdm.dll 2007-04-16 20:45:20 53,080 ----a-w C:\WINDOWS\system32\wuauclt.exe 2007-04-16 20:45:20 43,352 ----a-w C:\WINDOWS\system32\wups2.dll 2007-04-13 13:19:52 7,680 ----a-w C:\WINDOWS\system32\lsdelete.exe 2007-03-27 08:49:29 298,104 ----a-w C:\WINDOWS\system32\imon.dll 2007-03-17 13:45:54 293,376 ----a-w C:\WINDOWS\system32\winsrv.dll ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) *Note* empty entries & legit default entries are not shown [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects] {00C6482D-C502-44C8-8409-FCE54AD9C208}=C:\Program Files\TechSmith\SnagIt 8\SnagItBHO.dll [2006-11-08 00:51] {02478D38-C3F9-4EFB-9B51-7695ECA05670}=C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2005-12-07 16:06] {31FF080D-12A3-439A-A2EF-4BA95A3148E8}=C:\Program Files\GetRight\xx2gr.dll [2006-09-11 18:37] {724d43a9-0d85-11d4-9908-00400523e39a}=C:\Program Files\Siber Systems\AI RoboForm\roboform.dll [2006-12-22 17:29] {761497BB-D6F0-462C-B6EB-D4DAF1D92D43}=C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll [2007-03-14 03:43] {9030D464-4C02-4ABF-8ECC-5164760863C6}=C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2006-07-07 13:29] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Iomega ImIconXP"="C:\Program Files\Iomega\REV System Software\imiconxp.exe" [2004-05-03 11:42] "Tweak UI"="TWEAKUI.CPL" [2000-06-18 15:03 C:\WINDOWS\system32\TWEAKUI.CPL] "PCSuiteTrayApplication"="C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe" [2006-11-08 14:27] "avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2007-01-15 19:28] "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe" [2007-03-14 03:43] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Hot Keyboard"="D:\MIJN DOCUMENTEN\2 DYLAN WEMPE PRIVE 6 JUNI 04\Appart\2 BACK-UP BELANGRIJK\Hot Keyboard Pro D = 200GB\HotKeyb.exe" [2008-01-23 21:46] "H/PC Connection Agent"="C:\Program Files\Microsoft ActiveSync\wcescomm.exe" [2005-11-15 22:50] "Iomega Automatic Backup Pro"="C:\Program Files\Iomega\Automatic Backup Pro\LiveSystem.exe" [2004-06-10 16:58] "FastLauncher"="C:\Program Files\Fast Launcher\fl.exe" [2002-11-14 10:15] "RoboForm"="C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe" [2006-12-22 17:29] "TuneUp MemOptimizer"="C:\Program Files\TuneUp Utilities 2006\MemOptimizer.exe" [2005-09-21 23:34] "msnmsgr"="C:\Program Files\MSN Messenger\msnmsgr.exe" [2006-07-29 20:34] "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 14:00] [HKEY_USERS\.default\software\microsoft\windows\currentversion\run] "msnmsgr"="C:\Program Files\MSN Messenger\msnmsgr.exe" /background "PcSync"=C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer] "LinkResolveIgnoreLinkInfo"=0 (0x0) "NoResolveSearch"=1 (0x1) [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer] "LinkResolveIgnoreLinkInfo"=0 (0x0) "MaxRecentDocs"=10 (0xa) "NoRecentDocsHistory"=1 (0x1) "NoUserNameInStartMenu"=1 (0x1) "StartMenuLogOff"=1 (0x1) [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\minimal\aawservice] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Adobe Acrobat Speed Launcher.lnk] path=C:\Documents and Settings\All Users\Menu Start\Programma's\Opstarten\Adobe Acrobat Speed Launcher.lnk backup=C:\WINDOWS\pss\Adobe Acrobat Speed Launcher.lnkCommon Startup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Adobe Acrobat Synchronizer.lnk] path=C:\Documents and Settings\All Users\Menu Start\Programma's\Opstarten\Adobe Acrobat Synchronizer.lnk backup=C:\WINDOWS\pss\Adobe Acrobat Synchronizer.lnkCommon Startup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^DCPlusPlus.lnk] path=C:\Documents and Settings\All Users\Menu Start\Programma's\Opstarten\DCPlusPlus.lnk backup=C:\WINDOWS\pss\DCPlusPlus.lnkStartup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Suitcase 11.0.lnk] path=C:\Documents and Settings\All Users\Menu Start\Programma's\Opstarten\Suitcase 11.0.lnk backup=C:\WINDOWS\pss\Suitcase 11.0.lnkStartup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Undelete 4 Professional Edition Registration.lnk] path=C:\Documents and Settings\All Users\Menu Start\Programma's\Opstarten\Undelete 4 Professional Edition Registration.lnk backup=C:\WINDOWS\pss\Undelete 4 Professional Edition Registration.lnkStartup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acrobat Assistant 8.0] "C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Version Cue CS2] "C:\Program Files\Adobe\Adobe Version Cue CS2\ControlPanel\VersionCueCS2Tray.exe" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ApachInc] rundll32.exe "C:\WINDOWS\system32\dhoqomtd.dll",realset [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CloneCDElbyCDFL] "C:\Program Files\Elaborate Bytes\CloneCD\ElbyCheck.exe" /L ElbyCDFL [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CmUsbSound] RunDll32 cmcnfgu.cpl,CMICtrlWnd [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Genuine] rundll32.exe "C:\WINDOWS\system32\owdprkqt.dll",realset [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Hitman Pro Expiration Helper] "C:\Program Files\Hitman Pro\xphelper.exe" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\j6271431] rundll32 C:\WINDOWS\system32\j6271431.dll sook [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD\Language\Language.exe" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Norton Ghost 10.0] "C:\Program Files\Norton Ghost\Agent\GhostTray.exe" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz] nwiz.exe /install [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PVR Agent] C:\Program Files\ZOLID Multimedia\PVR Plus\TVR\Scheduled.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Shareaza] "H:\Z Program Files\Shareaza\Shareaza.exe" -tray [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SmartSync Pro] "C:\Program Files\SmartSync Pro\SmartSync.exe" /Logon [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SSBkgdUpdate] C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe -Embedding -boot [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Ulead AutoDetector v2] C:\Program Files\Common Files\Ulead Systems\AutoDetector\monitor.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services] "Adobe Version Cue CS2"=2 (0x2) "Adobe LM Service"=3 (0x3) "usnsvc"=2 (0x2) "NBService"=3 (0x3) "Avg7UpdSvc"=2 (0x2) "Avg7Alrt"=2 (0x2) "aspnet_state"=3 (0x3) "AppMgmt"=3 (0x3) "ALG"=3 (0x3) [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] Usnsvc usnsvc bthsvcs BthServ Contents of the 'Scheduled Tasks' folder 2007-05-25 15:15:00 C:\WINDOWS\tasks\1-Click Maintenance.job 2007-06-04 13:01:00 C:\WINDOWS\tasks\AppleSoftwareUpdate.job 2007-04-20 01:00:00 C:\WINDOWS\tasks\ParetoLogic Anti-Spyware.job 2001-06-08 16:29:45 C:\WINDOWS\tasks\SmartDefrag.job ************************************************************************** catchme 0.3.721 W2K/XP/Vista - userland rootkit detector by Gmer, http://www.gmer.net Rootkit scan 2007-06-13 18:48:29 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden autostart entries ... HKCU\Software\Microsoft\Windows\CurrentVersion\Run Iomega Automatic Backup Pro = "C:\Program Files\Iomega\Automatic Backup Pro\LiveSystem.exe" -s????????????????????????????????????????????????????????????????? scanning hidden files ... disk error: C:\WINDOWS\ please note that you need administrator rights to perform deep scan ************************************************************************** [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\BTHPORT\Parameters\Services\{00001000-0000-1000-8000-00805f9b34fb}] [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\BTHPORT\Parameters\Services\{00001115-0000-1000-8000-00805f9b34fb}] Completion time: 2007-06-13 18:49:43 C:\ComboFix-quarantined-files.txt ... 2007-06-13 18:49 C:\ComboFix2.txt ... 2007-06-13 17:52 --- E O F --- Logfile of HijackThis v1.99.1 Scan saved at 18:38, on 2007-06-13 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16441) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Iomega\REV System Software\imiconxp.exe C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe D:\MIJN DOCUMENTEN\2 DYLAN WEMPE PRIVE 6 JUNI 04\Appart\2 BACK-UP BELANGRIJK\Hot Keyboard Pro D = 200GB\HotKeyb.exe C:\Program Files\Microsoft ActiveSync\wcescomm.exe C:\Program Files\Iomega\Automatic Backup Pro\LiveSystem.exe C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe C:\Program Files\Fast Launcher\fl.exe C:\PROGRA~1\MI3AA1~1\rapimgr.exe C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe C:\Program Files\TuneUp Utilities 2006\MemOptimizer.exe C:\Program Files\MSN Messenger\msnmsgr.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE C:\WINDOWS\system32\msiexec.exe C:\Program Files\Eset\nod32krn.exe C:\Program Files\Norton Ghost\Agent\VProSvc.exe C:\WINDOWS\system32\nvsvc32.exe C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE C:\WINDOWS\system32\HPZipm12.exe C:\Program Files\Iomega\REV System Software\RevUDF.exe C:\Program Files\CyberLink\Shared files\RichVideo.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\dllhost.exe C:\WINDOWS\system32\ZoneLabs\vsmon.exe C:\WINDOWS\System32\vssvc.exe C:\WINDOWS\system32\drivers\WDelMgr20.exe C:\WINDOWS\system32\wbem\wmiapsrv.exe C:\Program Files\NETGEAR\SC101 Manager Utility\ZeteraService.exe C:\Program Files\PC Connectivity Solution\ServiceLayer.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\WINDOWS\system32\dllhost.exe C:\Program Files\PC Connectivity Solution\NclBTHandler.exe C:\WINDOWS\system32\wuauclt.exe C:\WINDOWS\system32\wscntfy.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\GetRight\GETRIGHT.EXE D:\Bureaublad\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.lycos.nl/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen O2 - BHO: SnagIt Toolbar Loader - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\SnagIt 8\SnagItBHO.dll O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: bho2gr Class - {31FF080D-12A3-439A-A2EF-4BA95A3148E8} - C:\Program Files\GetRight\xx2gr.dll O2 - BHO: (no name) - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll O3 - Toolbar: SnagIt - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\SnagIt 8\SnagItIEAddin.dll O3 - Toolbar: &RoboForm - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll O3 - Toolbar: 1-Click Answers - {7754C418-F62E-44aa-B169-E719E718BCFD} - C:\PROGRA~1\1-CLIC~1\IEToolbar\AnswersToolbarU.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O4 - HKLM\..\Run: [Iomega ImIconXP] C:\Program Files\Iomega\REV System Software\imiconxp.exe O4 - HKLM\..\Run: [Tweak UI] RUNDLL32.EXE TWEAKUI.CPL,TweakMeUp O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe" O4 - HKCU\..\Run: [Hot Keyboard] D:\MIJN DOCUMENTEN\2 DYLAN WEMPE PRIVE 6 JUNI 04\Appart\2 BACK-UP BELANGRIJK\Hot Keyboard Pro D = 200GB\HotKeyb.exe -minimized O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe" O4 - HKCU\..\Run: [Iomega Automatic Backup Pro] "C:\Program Files\Iomega\Automatic Backup Pro\LiveSystem.exe" -s O4 - HKCU\..\Run: [FastLauncher] C:\Program Files\Fast Launcher\fl.exe O4 - HKCU\..\Run: [RoboForm] "C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe" O4 - HKCU\..\Run: [TuneUp MemOptimizer] "C:\Program Files\TuneUp Utilities 2006\MemOptimizer.exe" autostart O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O8 - Extra context menu item: Answers... - file://C:\Program Files\1-Click Answers\Html\atiemenu.htm O8 - Extra context menu item: Append to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Assign &hot key - D:\MIJN DOCUMENTEN\2 DYLAN WEMPE PRIVE 6 JUNI 04\Appart\2 BACK-UP BELANGRIJK\Hot Keyboard Pro D = 200GB\IEScript.htm O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Download with GetRight - C:\Program Files\GetRight\GRdownload.htm O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: Formulieren opslaan - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html O8 - Extra context menu item: Invul Formulieren - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html O8 - Extra context menu item: Menu aanpassen - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html O8 - Extra context menu item: Open with GetRight Browser - C:\Program Files\GetRight\GRbrowse.htm O8 - Extra context menu item: RoboForm Werkbalk - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html O8 - Extra context menu item: Sothink SWF Catcher - C:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm O8 - Extra context menu item: Verzenden naar &Bluetooth - C:\Program Files\Belkin\Bluetooth Software\btsendto_ie_ctx.htm O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\WINDOWS\system32\shdocvw.dll O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll O9 - Extra 'Tools' menuitem: Mobiele favorieten maken - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll O9 - Extra button: Formulier Invullen - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html O9 - Extra 'Tools' menuitem: Invul Formulieren - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html O9 - Extra button: Opslaan - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html O9 - Extra 'Tools' menuitem: Formulieren opslaan - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html O9 - Extra button: RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html O9 - Extra 'Tools' menuitem: RoboForm Werkbalk - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Belkin\Bluetooth Software\btsendto_ie.htm O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Belkin\Bluetooth Software\btsendto_ie.htm O9 - Extra button: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm O9 - Extra 'Tools' menuitem: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O10 - Unknown file in Winsock LSP: c:\program files\bonjour\mdnsnsp.dll O11 - Options group: [INTERNATIONAL] International* O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O17 - HKLM\System\CCS\Services\Tcpip\..\{45D19BBA-7502-47BC-AF36-48F114CD8F25}: NameServer = 192.168.0.1,192.168.1.1 O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O20 - Winlogon Notify: WRNotifier - WRLogonNTF.dll (file missing) O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing) O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing) O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe O23 - Service: Norton Ghost - Symantec Corporation - C:\Program Files\Norton Ghost\Agent\VProSvc.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: RevUDFService - Iomega Corp - C:\Program Files\Iomega\REV System Software\RevUDF.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - %ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini (file missing) O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe O23 - Service: TuneUp WinStyler Theme Service (TUWinStylerThemeSvc) - TuneUp Software GmbH - C:\Program Files\TuneUp Utilities 2006\WinStylerThemeSvc.exe O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs Inc. - C:\WINDOWS\system32\ZoneLabs\vsmon.exe O23 - Service: WDelMgr20 - Unknown owner - C:\WINDOWS\system32\drivers\WDelMgr20.exe O23 - Service: Zetera - Zetera Corporation - C:\Program Files\NETGEAR\SC101 Manager Utility\ZeteraService.exe Hij loopt al iets sneller en helemaal met internet explorer :D alvast bedankt
  • [quote:979f28b2be]romellen ?[/quote:979f28b2be] Toch bedankt. Verwijder Hitmanpro even die kan de fix tegen houden bvd. Download [url=http://download.bleepingcomputer.com/oldtimer/OTMoveIt.exe][color=#CC0000:979f28b2be][b:979f28b2be]OTMoveIt.exe[/b:979f28b2be][/color:979f28b2be][/url] en plaats het op je bureaublad:[list:979f28b2be]Start OTMoveIt door dubbel te klikken op [b:979f28b2be]OTMoveIt.exe[/b:979f28b2be] [*:979f28b2be]Kopiëer (selecteren en druk Ctrl-C) de onderstaande, vetgedrukte tekst: [b:979f28b2be]C:\WINDOWS\system32\ddvgjwcn.exe C:\WINDOWS\system32\xidfpjpf.exe C:\WINDOWS\system32\usdwdjkn.exe C:\WINDOWS\system32\ooowmbmx.exe C:\WINDOWS\system32\dhoqomtd.dll C:\WINDOWS\system32\owdprkqt.dll C:\WINDOWS\system32\j6271431.dll [/b:979f28b2be] [*:979f28b2be]Plak de gekopiëerde tekst (druk Ctrl-V) in het "Paste List of Files/Folders to be moved" venster. [*:979f28b2be]Klik daarna op de [color=red:979f28b2be]rode[/color:979f28b2be] knop [b:979f28b2be]MoveIt[/b:979f28b2be] onderaan. [*:979f28b2be]Wanneer voltooid zal het een log aanmaken (********_******.log -- de * staat voor datum en tijd) in de volgende map: C:\_OTMoveIt\MovedFiles. [*:979f28b2be]Post de inhoud daarvan in je volgende bericht. [/list:u:979f28b2be] run nogmaals de combofix en plaats de uitslag ervan samen met de uitslag van Otmoveit en en nieuw HJT logje. Vertel gelijk hoe het nu gaat. Juisterr
  • [b:20f1338da0]Otmovid [/b:20f1338da0](kon niet de opgegeven log vinden ook niet met zoeken naar .log of naar movedfiles) Dus heb het resultaat gepakt uit de kader der naast. Ook de move it knop zit nu boven aan. Misschien een nieuwere versie. C:\WINDOWS\system32\ddvgjwcn.exe moved successfully. C:\WINDOWS\system32\xidfpjpf.exe moved successfully. C:\WINDOWS\system32\usdwdjkn.exe moved successfully. C:\WINDOWS\system32\ooowmbmx.exe moved successfully. DllUnregisterServer procedure not found in C:\WINDOWS\system32\dhoqomtd.dll C:\WINDOWS\system32\dhoqomtd.dll NOT unregistered. C:\WINDOWS\system32\dhoqomtd.dll moved successfully. File/Folder C:\WINDOWS\system32\owdprkqt.dll not found. File/Folder C:\WINDOWS\system32\j6271431.dll not found. [b:20f1338da0]Hijackthis[/b:20f1338da0] Logfile of HijackThis v1.99.1 Scan saved at 0:15:36, on 14-6-2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16441) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Iomega\REV System Software\imiconxp.exe C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe D:\MIJN DOCUMENTEN\2 DYLAN WEMPE PRIVE 6 JUNI 04\Appart\2 BACK-UP BELANGRIJK\Hot Keyboard Pro D = 200GB\HotKeyb.exe C:\Program Files\Microsoft ActiveSync\wcescomm.exe C:\Program Files\Iomega\Automatic Backup Pro\LiveSystem.exe C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe C:\Program Files\Fast Launcher\fl.exe C:\PROGRA~1\MI3AA1~1\rapimgr.exe C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe C:\Program Files\TuneUp Utilities 2006\MemOptimizer.exe C:\Program Files\MSN Messenger\msnmsgr.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE C:\Program Files\Norton Ghost\Agent\VProSvc.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\HPZipm12.exe C:\Program Files\Iomega\REV System Software\RevUDF.exe C:\Program Files\CyberLink\Shared files\RichVideo.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\dllhost.exe C:\WINDOWS\system32\ZoneLabs\vsmon.exe C:\WINDOWS\System32\vssvc.exe C:\WINDOWS\system32\drivers\WDelMgr20.exe C:\WINDOWS\system32\wbem\wmiapsrv.exe C:\Program Files\NETGEAR\SC101 Manager Utility\ZeteraService.exe C:\Program Files\PC Connectivity Solution\ServiceLayer.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\WINDOWS\system32\dllhost.exe C:\Program Files\PC Connectivity Solution\NclBTHandler.exe C:\WINDOWS\system32\wscntfy.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\GetRight\GETRIGHT.EXE C:\WINDOWS\explorer.exe C:\WINDOWS\system32\rundll32.exe C:\Program Files\Eset\nod32krn.exe D:\Bureaublad\OTMoveIt.exe D:\Bureaublad\OTMoveIt.exe D:\Bureaublad\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.lycos.nl/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen O2 - BHO: SnagIt Toolbar Loader - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\SnagIt 8\SnagItBHO.dll O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: bho2gr Class - {31FF080D-12A3-439A-A2EF-4BA95A3148E8} - C:\Program Files\GetRight\xx2gr.dll O2 - BHO: (no name) - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll O3 - Toolbar: SnagIt - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\SnagIt 8\SnagItIEAddin.dll O3 - Toolbar: &RoboForm - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll O3 - Toolbar: 1-Click Answers - {7754C418-F62E-44aa-B169-E719E718BCFD} - C:\PROGRA~1\1-CLIC~1\IEToolbar\AnswersToolbarU.dll O4 - HKLM\..\Run: [Iomega ImIconXP] C:\Program Files\Iomega\REV System Software\imiconxp.exe O4 - HKLM\..\Run: [Tweak UI] RUNDLL32.EXE TWEAKUI.CPL,TweakMeUp O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe" O4 - HKCU\..\Run: [Hot Keyboard] D:\MIJN DOCUMENTEN\2 DYLAN WEMPE PRIVE 6 JUNI 04\Appart\2 BACK-UP BELANGRIJK\Hot Keyboard Pro D = 200GB\HotKeyb.exe -minimized O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe" O4 - HKCU\..\Run: [Iomega Automatic Backup Pro] "C:\Program Files\Iomega\Automatic Backup Pro\LiveSystem.exe" -s O4 - HKCU\..\Run: [FastLauncher] C:\Program Files\Fast Launcher\fl.exe O4 - HKCU\..\Run: [RoboForm] "C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe" O4 - HKCU\..\Run: [TuneUp MemOptimizer] "C:\Program Files\TuneUp Utilities 2006\MemOptimizer.exe" autostart O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O8 - Extra context menu item: Answers... - file://C:\Program Files\1-Click Answers\Html\atiemenu.htm O8 - Extra context menu item: Append to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Assign &hot key - D:\MIJN DOCUMENTEN\2 DYLAN WEMPE PRIVE 6 JUNI 04\Appart\2 BACK-UP BELANGRIJK\Hot Keyboard Pro D = 200GB\IEScript.htm O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Download with GetRight - C:\Program Files\GetRight\GRdownload.htm O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: Formulieren opslaan - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html O8 - Extra context menu item: Invul Formulieren - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html O8 - Extra context menu item: Menu aanpassen - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html O8 - Extra context menu item: Open with GetRight Browser - C:\Program Files\GetRight\GRbrowse.htm O8 - Extra context menu item: RoboForm Werkbalk - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html O8 - Extra context menu item: Sothink SWF Catcher - C:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm O8 - Extra context menu item: Verzenden naar &Bluetooth - C:\Program Files\Belkin\Bluetooth Software\btsendto_ie_ctx.htm O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\WINDOWS\system32\shdocvw.dll O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll O9 - Extra 'Tools' menuitem: Mobiele favorieten maken - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll O9 - Extra button: Formulier Invullen - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html O9 - Extra 'Tools' menuitem: Invul Formulieren - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html O9 - Extra button: Opslaan - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html O9 - Extra 'Tools' menuitem: Formulieren opslaan - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html O9 - Extra button: RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html O9 - Extra 'Tools' menuitem: RoboForm Werkbalk - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Belkin\Bluetooth Software\btsendto_ie.htm O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Belkin\Bluetooth Software\btsendto_ie.htm O9 - Extra button: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm O9 - Extra 'Tools' menuitem: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O10 - Unknown file in Winsock LSP: c:\program files\bonjour\mdnsnsp.dll O11 - Options group: [INTERNATIONAL] International* O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O17 - HKLM\System\CCS\Services\Tcpip\..\{45D19BBA-7502-47BC-AF36-48F114CD8F25}: NameServer = 192.168.0.1,192.168.1.1 O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O20 - Winlogon Notify: WRNotifier - WRLogonNTF.dll (file missing) O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing) O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing) O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: Norton Ghost - Symantec Corporation - C:\Program Files\Norton Ghost\Agent\VProSvc.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: RevUDFService - Iomega Corp - C:\Program Files\Iomega\REV System Software\RevUDF.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - %ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini (file missing) O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe O23 - Service: TuneUp WinStyler Theme Service (TUWinStylerThemeSvc) - TuneUp Software GmbH - C:\Program Files\TuneUp Utilities 2006\WinStylerThemeSvc.exe O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs Inc. - C:\WINDOWS\system32\ZoneLabs\vsmon.exe O23 - Service: WDelMgr20 - Unknown owner - C:\WINDOWS\system32\drivers\WDelMgr20.exe O23 - Service: Zetera - Zetera Corporation - C:\Program Files\NETGEAR\SC101 Manager Utility\ZeteraService.exe Created on 06/14/2007 00:06:41 [b:20f1338da0]Combofix[/b:20f1338da0] ComboFix 07-06-13.3 - D:\Bureaublad\ComboFix.exe "Dylan AMD" - 2007-06-14 0:19:35 - Service Pack 2 NTFS ((((((((((((((((((((((((( Files Created from 2007-05-13 to 2007-06-13 ))))))))))))))))))))))))))))))) 2007-06-13 18:34 <DIR> dr-h----- C:\DOCUME~1\Dylan\Onlangs geopend 2007-06-13 17:30 49,152 --a------ C:\WINDOWS\nircmd.exe 2007-06-12 10:36 <DIR> d-------- C:\Program Files\CoffeeCup Software 2007-06-11 23:10 626,688 --a------ C:\WINDOWS\system32\msvcr80.dll 2007-06-11 17:24 <DIR> d-------- C:\Program Files\uMenu 2007-06-11 16:05 <DIR> d-------- C:\Program Files\Windows Live 2007-06-07 01:48 <DIR> d-------- C:\Adobe After Effects CS3 Professional.Crack.MKDEV.TEAM 2007-06-07 01:45 <DIR> d-------- C:\Adobe_Dreamweaver_CS3 2007-06-07 01:38 <DIR> d-------- C:\Adobe_Premiere_Pro_CS3_Full_Version_with_Crack 2007-06-05 22:58 <DIR> d-------- C:\Program Files\Common Files\Control Panels 2007-06-05 22:47 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\ALM 2007-06-05 21:17 <DIR> d-------- C:\Program Files\Bonjour 2007-06-05 14:54 <DIR> d-------- C:\1 FONTS 2007-06-05 13:25 <DIR> d-------- C:\Program Files\Duplicate Cleaner 2007-06-05 10:34 <DIR> d-------- C:\Adobe CS3 Master Collection (4 DVD) 2007-06-05 09:22 <DIR> d-------- C:\ADOBE.CS3.MASTER.COLLECTION-MAGNiTUDE 2007-06-04 15:18 9,344 --a------ C:\WINDOWS\system32\drivers\NSDriver.sys 2007-06-04 15:17 8,320 --a------ C:\WINDOWS\system32\drivers\AWRTRD.sys 2007-06-04 15:14 6,272 --a------ C:\WINDOWS\system32\drivers\AWRTPD.sys 2007-06-04 14:49 <DIR> d-------- C:\Program Files\QuickTime 2007-06-04 14:48 <DIR> d-------- C:\Program Files\Apple Software Update 2007-06-04 14:47 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer 2007-06-02 03:09 <DIR> d-------- C:\Adobe Premiere Plug Inns 2007-06-02 03:08 <DIR> d-------- C:\Nero 7 Flac Plugin 2007-06-02 01:00 <DIR> d--hs---- C:\WINDOWS\ftpcache 2007-06-02 01:00 <DIR> d-------- C:\DOCUME~1\Dylan\APPLIC~1\Blumentals 2007-06-01 18:30 <DIR> d-------- C:\Lynda.com.Photoshop.CS3.One-on-One.The.Essentials.DVD-ViH 2007-06-01 18:25 <DIR> d-------- C:\Krezip-Plug_It_In-2007-DOH 2007-05-27 12:45 30,208 --a------ C:\Program Files\HDHacker.exe 2007-05-26 18:30 <DIR> d-------- C:\DOCUME~1\Dylan\APPLIC~1\ExecutiveSoftware 2007-05-26 17:17 <DIR> d-------- C:\Program Files\Rar Repair Tool 2007-05-26 17:10 <DIR> d-------- C:\Program Files\ElcomSoft 2007-05-26 17:04 <DIR> d-------- C:\Program Files\DataDoctorRecovery 2007-05-26 16:26 <DIR> d-------- C:\Downloads 2007-05-26 16:12 <DIR> d-------- C:\Program Files\NTFS Undelete 2007-05-26 15:17 <DIR> d--hs---- C:\RecoveryBin 2007-05-26 15:16 <DIR> d-------- C:\Program Files\Executive Software 2007-05-25 16:32 <DIR> d-------- C:\Program Files\FDRLab (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) 2007-06-13 22:00:02 -------- d-----w C:\Program Files\GetRight 2007-06-11 14:05:14 -------- d-----w C:\Program Files\Messenger Plus! Live 2007-06-07 11:31:20 82,192 ----a-w C:\WINDOWS\system32\perfc013.dat 2007-06-07 11:31:20 468,568 ----a-w C:\WINDOWS\system32\perfh013.dat 2007-06-07 11:26:27 -------- d-----w C:\Program Files\WS_FTP Pro 2007-05-04 16:21:27 -------- d-----w C:\Program Files\Passware 2007-04-29 13:05:21 -------- d-----w C:\Program Files\MagicISO 2007-04-27 16:39:12 -------- d-----w C:\Program Files\3D Rij-simulator 2007-04-27 10:45:37 -------- d-----w C:\Program Files\Quintessential Player 2007-04-22 15:29:39 -------- d-----w C:\DOCUME~1\Dylan\APPLIC~1\Extensis 2007-04-21 20:53:03 152,833 ----a-w C:\WINDOWS\system32\drivers\dump_wmimmc.sys 2007-04-21 20:49:38 -------- d-----w C:\Program Files\Flyff 2007-04-18 16:15:26 2,854,400 ----a-w C:\WINDOWS\system32\msi.dll 2007-04-17 14:42:35 -------- d-----w C:\Program Files\Fast Launcher 2007-04-17 14:42:35 -------- d-----w C:\DOCUME~1\Dylan\APPLIC~1\DvaSoft 2007-04-17 14:08:20 -------- d-----w C:\Program Files\Extensis 2007-04-17 13:43:36 -------- d-----w C:\Program Files\DC++ 2007-04-17 12:53:47 385,390 ----a-w C:\DOCUME~1\Dylan\APPLIC~1\com.markzware.FC5.FontDBWtSys 2007-04-17 12:43:46 65,536 ---ha-w C:\DOCUME~1\Dylan\APPLIC~1\noBevelButton.DLL 2007-04-17 12:43:46 33,792 ---ha-w C:\DOCUME~1\Dylan\APPLIC~1\PLUtil.DLL 2007-04-17 12:43:45 88,576 ---ha-w C:\DOCUME~1\Dylan\APPLIC~1\rbap550.dll 2007-04-17 12:43:45 7,320,576 ---ha-w C:\DOCUME~1\Dylan\APPLIC~1\Mkz1REALA.dll 2007-04-17 12:43:45 57,344 ---ha-w C:\DOCUME~1\Dylan\APPLIC~1\groundControl.DLL 2007-04-17 12:43:45 28,160 ---ha-w C:\DOCUME~1\Dylan\APPLIC~1\fcPlacard.DLL 2007-04-17 12:42:17 -------- d-----w C:\Program Files\FlightCheck Professional 5.80 2007-04-16 20:47:36 33,624 ----a-w C:\WINDOWS\system32\wups.dll 2007-04-16 20:45:54 1,710,936 ----a-w C:\WINDOWS\system32\wuaueng.dll 2007-04-16 20:45:48 549,720 ----a-w C:\WINDOWS\system32\wuapi.dll 2007-04-16 20:45:42 325,976 ----a-w C:\WINDOWS\system32\wucltui.dll 2007-04-16 20:45:36 203,096 ----a-w C:\WINDOWS\system32\wuweb.dll 2007-04-16 20:45:28 92,504 ----a-w C:\WINDOWS\system32\cdm.dll 2007-04-16 20:45:20 53,080 ----a-w C:\WINDOWS\system32\wuauclt.exe 2007-04-16 20:45:20 43,352 ----a-w C:\WINDOWS\system32\wups2.dll 2007-04-13 13:19:52 7,680 ----a-w C:\WINDOWS\system32\lsdelete.exe 2007-03-27 08:49:29 298,104 ----a-w C:\WINDOWS\system32\imon.dll 2007-03-17 13:45:54 293,376 ----a-w C:\WINDOWS\system32\winsrv.dll ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) *Note* empty entries & legit default entries are not shown [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects] {00C6482D-C502-44C8-8409-FCE54AD9C208}=C:\Program Files\TechSmith\SnagIt 8\SnagItBHO.dll [2006-11-08 00:51] {31FF080D-12A3-439A-A2EF-4BA95A3148E8}=C:\Program Files\GetRight\xx2gr.dll [2006-09-11 18:37] {724d43a9-0d85-11d4-9908-00400523e39a}=C:\Program Files\Siber Systems\AI RoboForm\roboform.dll [2006-12-22 17:29] {761497BB-D6F0-462C-B6EB-D4DAF1D92D43}=C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll [2007-03-14 03:43] {9030D464-4C02-4ABF-8ECC-5164760863C6}=C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2006-07-07 13:29] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Iomega ImIconXP"="C:\Program Files\Iomega\REV System Software\imiconxp.exe" [2004-05-03 11:42] "Tweak UI"="TWEAKUI.CPL" [2000-06-18 15:03 C:\WINDOWS\system32\TWEAKUI.CPL] "PCSuiteTrayApplication"="C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe" [2006-11-08 14:27] "avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2007-01-15 19:28] "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe" [2007-03-14 03:43] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Hot Keyboard"="D:\MIJN DOCUMENTEN\2 DYLAN WEMPE PRIVE 6 JUNI 04\Appart\2 BACK-UP BELANGRIJK\Hot Keyboard Pro D = 200GB\HotKeyb.exe" [2008-01-23 21:46] "H/PC Connection Agent"="C:\Program Files\Microsoft ActiveSync\wcescomm.exe" [2005-11-15 22:50] "Iomega Automatic Backup Pro"="C:\Program Files\Iomega\Automatic Backup Pro\LiveSystem.exe" [2004-06-10 16:58] "FastLauncher"="C:\Program Files\Fast Launcher\fl.exe" [2002-11-14 10:15] "RoboForm"="C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe" [2006-12-22 17:29] "TuneUp MemOptimizer"="C:\Program Files\TuneUp Utilities 2006\MemOptimizer.exe" [2005-09-21 23:34] "msnmsgr"="C:\Program Files\MSN Messenger\msnmsgr.exe" [2006-07-29 20:34] "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 14:00] [HKEY_USERS\.default\software\microsoft\windows\currentversion\run] "msnmsgr"="C:\Program Files\MSN Messenger\msnmsgr.exe" /background "PcSync"=C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer] "LinkResolveIgnoreLinkInfo"=0 (0x0) "NoResolveSearch"=1 (0x1) [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer] "LinkResolveIgnoreLinkInfo"=0 (0x0) "MaxRecentDocs"=10 (0xa) "NoRecentDocsHistory"=1 (0x1) "NoUserNameInStartMenu"=1 (0x1) "StartMenuLogOff"=1 (0x1) [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\minimal\aawservice] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Adobe Acrobat Speed Launcher.lnk] path=C:\Documents and Settings\All Users\Menu Start\Programma's\Opstarten\Adobe Acrobat Speed Launcher.lnk backup=C:\WINDOWS\pss\Adobe Acrobat Speed Launcher.lnkCommon Startup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Adobe Acrobat Synchronizer.lnk] path=C:\Documents and Settings\All Users\Menu Start\Programma's\Opstarten\Adobe Acrobat Synchronizer.lnk backup=C:\WINDOWS\pss\Adobe Acrobat Synchronizer.lnkCommon Startup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^DCPlusPlus.lnk] path=C:\Documents and Settings\All Users\Menu Start\Programma's\Opstarten\DCPlusPlus.lnk backup=C:\WINDOWS\pss\DCPlusPlus.lnkStartup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Suitcase 11.0.lnk] path=C:\Documents and Settings\All Users\Menu Start\Programma's\Opstarten\Suitcase 11.0.lnk backup=C:\WINDOWS\pss\Suitcase 11.0.lnkStartup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Undelete 4 Professional Edition Registration.lnk] path=C:\Documents and Settings\All Users\Menu Start\Programma's\Opstarten\Undelete 4 Professional Edition Registration.lnk backup=C:\WINDOWS\pss\Undelete 4 Professional Edition Registration.lnkStartup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acrobat Assistant 8.0] "C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Version Cue CS2] "C:\Program Files\Adobe\Adobe Version Cue CS2\ControlPanel\VersionCueCS2Tray.exe" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ApachInc] rundll32.exe "C:\WINDOWS\system32\dhoqomtd.dll",realset [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CloneCDElbyCDFL] "C:\Program Files\Elaborate Bytes\CloneCD\ElbyCheck.exe" /L ElbyCDFL [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CmUsbSound] RunDll32 cmcnfgu.cpl,CMICtrlWnd [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Genuine] rundll32.exe "C:\WINDOWS\system32\owdprkqt.dll",realset [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Hitman Pro Expiration Helper] "C:\Program Files\Hitman Pro\xphelper.exe" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\j6271431] rundll32 C:\WINDOWS\system32\j6271431.dll sook [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD\Language\Language.exe" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Norton Ghost 10.0] "C:\Program Files\Norton Ghost\Agent\GhostTray.exe" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz] nwiz.exe /install [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PVR Agent] C:\Program Files\ZOLID Multimedia\PVR Plus\TVR\Scheduled.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Shareaza] "H:\Z Program Files\Shareaza\Shareaza.exe" -tray [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SmartSync Pro] "C:\Program Files\SmartSync Pro\SmartSync.exe" /Logon [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SSBkgdUpdate] C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe -Embedding -boot [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Ulead AutoDetector v2] C:\Program Files\Common Files\Ulead Systems\AutoDetector\monitor.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services] "Adobe Version Cue CS2"=2 (0x2) "Adobe LM Service"=3 (0x3) "usnsvc"=2 (0x2) "NBService"=3 (0x3) "Avg7UpdSvc"=2 (0x2) "Avg7Alrt"=2 (0x2) "aspnet_state"=3 (0x3) "AppMgmt"=3 (0x3) "ALG"=3 (0x3) [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] Usnsvc usnsvc bthsvcs BthServ Contents of the 'Scheduled Tasks' folder 2007-05-25 15:15:00 C:\WINDOWS\tasks\1-Click Maintenance.job 2007-06-04 13:01:00 C:\WINDOWS\tasks\AppleSoftwareUpdate.job 2007-04-20 01:00:00 C:\WINDOWS\tasks\ParetoLogic Anti-Spyware.job 2001-06-08 16:29:45 C:\WINDOWS\tasks\SmartDefrag.job ************************************************************************** catchme 0.3.721 W2K/XP/Vista - userland rootkit detector by Gmer, http://www.gmer.net Rootkit scan 2007-06-14 00:25:54 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden autostart entries ... HKCU\Software\Microsoft\Windows\CurrentVersion\Run Iomega Automatic Backup Pro = "C:\Program Files\Iomega\Automatic Backup Pro\LiveSystem.exe" -s????????????????????????????????????????????????????????????????? scanning hidden files ... disk error: C:\WINDOWS\ please note that you need administrator rights to perform deep scan ************************************************************************** [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\BTHPORT\Parameters\Services\{00001000-0000-1000-8000-00805f9b34fb}] [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\BTHPORT\Parameters\Services\{00001115-0000-1000-8000-00805f9b34fb}] Completion time: 2007-06-14 0:27:14 C:\ComboFix-quarantined-files.txt ... 2007-06-14 00:26 C:\ComboFix2.txt ... 2007-06-13 18:49 C:\ComboFix3.txt ... 2007-06-13 17:52 --- E O F --- Groeten Dylan
  • [b:58a37a2e3c]Hoe loopt mijn computer[/b:58a37a2e3c] denk wel redelijk al doet die wel moeilijk bij het opstarten er zit zeg maar een moment tussen dat ik het gevoel heb dat die blijft hangen. Verder geratel :D weg joepie. niet echt het gevoel dat die problemen geeft. Maar jij bent de kenner :lol:
  • wil je deze tool nog even runnen aub. Download [b:2c8df170d5][url=http://secured2k.home.comcast.net/tools/VirtumundoBeGone.exe]VirtumundoBegone[/url][/b:2c8df170d5], sla dit op op je bureaublad. Dubbelklik op [b:2c8df170d5]VirtumundoBeGone.exe[/b:2c8df170d5] en volg de aanwijzingen. Schrik niet als je een blauw scherm met een foutmelding te zien krijgt - dit is normaal. Als de fix klaar is, start je de pc opnieuw op. Plaats de inhoud van het logbestand [b:2c8df170d5]VBG.TXT[/b:2c8df170d5], dat nu op je bureaublad staat, hier in je volgende bericht.
  • Computer kan nu niet meer op internet explorer? hij doet het wel op opera. Is het anders een slim advies om alles er af te pleuren en alles overnieuw te formateren? Verder doet die het prima. Dit gaf Virtumundo aan. [06/14/2001, 14:26:37] - VirtumundoBeGone v1.5 ( "J:\VirtumundoBeGone.exe" ) [06/14/2001, 14:26:39] - Detected System Information: [06/14/2001, 14:26:39] - Windows Version: 5.1.2600, Service Pack 2 [06/14/2001, 14:26:39] - Current Username: Dylan AMD (Admin) [06/14/2001, 14:26:39] - Windows is in NORMAL mode. [06/14/2001, 14:26:39] - Searching for Browser Helper Objects: [06/14/2001, 14:26:40] - BHO 1: {00C6482D-C502-44C8-8409-FCE54AD9C208} (SnagIt Toolbar Loader) [06/14/2001, 14:26:40] - BHO 2: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} (Adobe PDF Reader Link Helper) [06/14/2001, 14:26:40] - BHO 3: {31FF080D-12A3-439A-A2EF-4BA95A3148E8} (bho2gr Class) [06/14/2001, 14:26:40] - BHO 4: {724d43a9-0d85-11d4-9908-00400523e39a} () [06/14/2001, 14:26:40] - WARNING: BHO has no default name. Checking for Winlogon reference. [06/14/2001, 14:26:40] - Checking for HKLM\...\Winlogon\Notify\roboform [06/14/2001, 14:26:40] - Key not found: HKLM\...\Winlogon\Notify\roboform, continuing. [06/14/2001, 14:26:40] - BHO 5: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} (SSVHelper Class) [06/14/2001, 14:26:40] - BHO 6: {9030D464-4C02-4ABF-8ECC-5164760863C6} (Windows Live Sign-in Helper) [06/14/2001, 14:26:40] - BHO 7: {AE7CD045-E861-484f-8273-0445EE161910} (Adobe PDF Conversion Toolbar Helper) [06/14/2001, 14:26:40] - Finished Searching Browser Helper Objects [06/14/2001, 14:26:40] - Finishing up... [06/14/2001, 14:26:40] - Nothing found! Exiting...
  • Met formateren ben je ongetwijfeld sneller klaar, persoonlijk houd ik niet van formateren maar wie ben ik. Ik snap niet dat je niet meer op internet kan, die tool kan die instelling niet verwijderd hebben. Kan je nog een logje neerzetten of geef je het op?
  • Heb nu een groter probleem! Gister tijdens msn een keiharde vastloper zelfs me muis bewoog niet meer, tijdens gewoon normaal msn gebruik. Had daarvoor wel een snijplotter geinstalleerd en had al 1x eerder zo een rare vastloper gehad na het repareren samen wilde het gaan posten maar heb nu een groter probleem. hij start niet meer op zelfs niet mijn bios, krijg ook niks te zien op mijn monitor? kabels gecheckd, bat gereset, hd's los gekoppeld, videokaart vervangen. Meteen als ik hem aanzet gaat mijn HD schijf ledje branden en gaat na een tijdje weer uit? Wat kan ik doen? Dacht eerst misschien mijn videokaart kapot wel heel raar dacht ik.
  • Dat klinkt niet best, de problemen die je daar beschrijft wijzen wel naar hardware faillure. Helaas kan ik je daar niet mee helpen. Misschien op de hardware afdeling op computer totaal?
  • In iedergeval al bedankt voor je hulp. Heb nu een nieuw moederbord gekocht maar weet niet zeker of het daar aan ligt misschien is mijn processor wel kapot zo van het 1 op het ander? Krijg niet eens de bios te zien. Vriendelijke groeten Dylan Wempe

Beantwoord deze vraag

Weet jij het antwoord op deze vraag? Registreer of meld je aan met je account

Dit is een gearchiveerde pagina. Antwoorden is niet meer mogelijk.