Vraag & Antwoord

Beveiliging & privacy

Advertentie-overlast

12 antwoorden
  • Sinds pak weg een week word ik geplaagd door een zondvloed aan advertenties. Ik meen te hebben gelezen dat dit een heersende ziekte is, maar daar stond niet bij hoe je ervan afkomt. Ik gebruik altijd Firefox, mar die rommel komt allemaal via Internet Explorer (7), dat ook nog op de machine staat. In het adresvak staat de url adserver.com. Geen idee hoe ik eraan kom, maar graag hulp bij een oplossing.
  • Probeer eens een spyware scanner te draaien. Je kunt de één van de onderstaande scanners (of beide) eens proberen: [url=http://www.safer-networking.org/nl/download/index.html]Spybot[/url] [url=http://www.lavasoft.com/]Ad-Aware[/url] Succes
  • Mocht Spybot en AdAware geen redding brengen (wat waarschijnlijk ook niet het geval zal zijn), moet je overstappen naar de volgende optie : het aanmaken van een log met HiJackThis en dat hier plaatsen op het forum. Dan kan de infectie dieper bekeken worden.
  • Inderdaad, Ad-Aware en Spybot gaven geen resultaat. Dus heb ik m'n hoop gevestigd op iemand die er meer verstand van heeft dan ik. Hierbij dus het logbestad van HiJack This. Tenminste, als ik zou weten hoe dat log hierin te krijgen, want dat is blijkbaar nog niet zo eenvoudig.[/quote]
  • Lukt het niet met "kopïeren" van het log en via "plakken" dit log hier in een bericht te kleven ?
  • Kennelijk ben ik daar een beetje te dom voor, maar het wil me niet lukken, want hierboven in de bovenste balk onder Efit is de optie Paste uitgegrauwd. Het zal dus waarschijnlijk op een andere manier moeten.
  • En dat Efit moet natuurlijk worden gelezen als Edit. Ik heb dus een engelstalige windows, zoals ik al sinds m'n eerste huiscomputer in 1975 engelstalige software gebruik.
  • http://forum.computertotaal.nl/phpBB2/viewtopic.php?t=115358 Lees dit eventjes door, over hoe je een Hijackthis log maakt. Vervolgens kun je deze op het forum plakken door het volgende te doen: Ga naar je Hijackthislog die in een kladblok venster is geopent. Klik er éénmalig op, nu is hij actief. Selecteer de hele tekst, door de sneltoetsen ctrl-A te gebruiken. Kopieer deze tekst vervolgens, door ctrl-C te gebruiken. Nu kun je hem op het forum plakken met ctrl-V. Succes!
  • Kijk, dat was een goeie hint! Hier is dus het HiJack-log: Logfile of HijackThis v1.99.1 Scan saved at 12:59:21, on 24-8-2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16512) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Ahead\InCD\InCDsrv.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe D:\Program Files\Ashampoo\Ashampoo Magical Defrag 2\bin\aDefragService.exe C:\Program Files\Ahead\InCD\InCD.exe C:\Program Files\Microsoft Hardware\Mouse\point32.exe C:\Program Files\Microsoft Hardware\Keyboard\type32.exe C:\WINDOWS\system32\VTTimer.exe C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe C:\Program Files\Analog Devices\SoundMAX\Smax4.exe C:\Program Files\VIA\RAID\raid_tool.exe C:\Program Files\Thomson SpeedTouch\SpeedTouch 121g Wireless USB Monitor\PRISMSVR.EXE C:\Program Files\Creative\Shared Files\CAMTRAY.EXE C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe C:\Program Files\SiteAdvisor\6066\SiteAdv.exe C:\Program Files\Common Files\LightScribe\LSSrvc.exe C:\Program Files\Common Files\McAfee\HackerWatch\HWAPI.exe D:\Program Files\Ashampoo\Ashampoo Magical Defrag 2\bin\defragTaskBar.exe C:\Program Files\HP\HP Software Update\HPWuSchd2.exe C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe C:\Program Files\HP\hpcoretech\hpcmpmgr.exe c:\program files\common files\mcafee\mna\mcnasvc.exe C:\Program Files\SPAMfighter\SFAgent.exe C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe C:\PROGRA~1\McAfee\MSC\mcpromgr.exe D:\Program Files\Ashampoo\Ashampoo Magical Defrag 2\bin\defragActivityMonitor.exe D:\Program Files\Winamp\winampa.exe c:\PROGRA~1\COMMON~1\mcafee\redirsvc\redirsvc.exe C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE C:\Program Files\McAfee\MPF\MPFSrv.exe C:\Program Files\Common Files\Real\Update_OB\realsched.exe D:\Program Files\Atomic Clock Sync\Atomic.exe C:\WINDOWS\system32\tcpsvcs.exe D:\PROGRA~1\3BSOFT~1\WINDOW~2\Windows Clean-Up Pro.uzy C:\Program Files\SiteAdvisor\6066\SAService.exe D:\Program Files\3B Software\Ad Blocker Pro\Ad Blocker Pro.uzy C:\Program Files\AIM6\aim6.exe D:\Program Files\BitTorrent\bittorrent.exe C:\PROGRA~1\mcafee.com\agent\mcagent.exe C:\WINDOWS\System32\snmp.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Thomson SpeedTouch\SpeedTouch 121g Wireless USB Monitor\st121g.exe D:\Program Files\OpenOffice.org 2.2\program\soffice.exe D:\Program Files\OpenOffice.org 2.2\program\soffice.BIN C:\Program Files\Outlook Express\msimn.exe C:\PROGRA~1\COMMON~1\McAfee\EmProxy\emproxy.exe D:\Program Files\RealPlay.exe C:\Program Files\AIM6\aolsoftware.exe C:\WINDOWS\explorer.exe D:\Program Files\RealPlay.exe C:\WINDOWS\system32\wuauclt.exe C:\PROGRA~1\MOZILL~1\FIREFOX.EXE D:\Documenten en settings\Pieter.SP2PC1\Desktop\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.pczapper.tv/intro/xnl/ R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:54545 O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - D:\Program Files\rpbrowserrecordplugin.dll O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - D:\Program Files\BitComet\tools\BitCometBHO_1.1.7.4.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll O3 - Toolbar: McAfee SiteAdvisor - {0BF43445-2F28-4351-9252-17FE6E806AA0} - C:\Program Files\SiteAdvisor\6066\SiteAdv.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe O4 - HKLM\..\Run: [POINTER] point32.exe O4 - HKLM\..\Run: [IntelliType] "C:\Program Files\Microsoft Hardware\Keyboard\type32.exe" O4 - HKLM\..\Run: [DXDllRegExe] C:\WINDOWS\system32\dxdllreg.exe O4 - HKLM\..\Run: [VTTimer] VTTimer.exe O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe O4 - HKLM\..\Run: [SoundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray O4 - HKLM\..\Run: [RaidTool] C:\Program Files\VIA\RAID\raid_tool.exe O4 - HKLM\..\Run: [PRISMSVR.EXE] "C:\Program Files\Thomson SpeedTouch\SpeedTouch 121g Wireless USB Monitor\PRISMSVR.EXE" /APPLY O4 - HKLM\..\Run: [Creative WebCam Tray] C:\Program Files\Creative\Shared Files\CAMTRAY.EXE O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe" O4 - HKLM\..\Run: [SiteAdvisor] C:\Program Files\SiteAdvisor\6066\SiteAdv.exe O4 - HKLM\..\Run: [DefragTaskBar] "D:\Program Files\Ashampoo\Ashampoo Magical Defrag 2\bin\defragTaskBar.exe" O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe" O4 - HKLM\..\Run: [SPAMfighter Agent] "C:\Program Files\SPAMfighter\SFAgent.exe" update delay 60 O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe" O4 - HKLM\..\Run: [WinampAgent] D:\Program Files\Winamp\winampa.exe O4 - HKLM\..\Run: [Support audio cool poll] D:\Documenten en settings\All Users\Application Data\INTERNET SPAM SUPPORT AUDIO\Beep math.exe O4 - HKLM\..\Run: [Windows Clean-Up Pro] D:\PROGRA~1\3BSOFT~1\WINDOW~2\WINDOWS CLEAN-UP PRO.Exe O4 - HKLM\..\Run: [Ad Blocker Pro] "D:\Program Files\3B Software\Ad Blocker Pro\Ad Blocker Pro.exe" -minimized O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [Atomic.exe] D:\Program Files\Atomic Clock Sync\Atomic.exe O4 - HKCU\..\Run: [Aim6] "C:\Program Files\AIM6\aim6.exe" /d locale=en-US ee://aol/imApp O4 - HKCU\..\Run: [BitTorrent] "D:\Program Files\BitTorrent\bittorrent.exe" --force_start_minimized O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [SP2 Connection Patcher] "C:\Program Files\SP2 Connection Patcher\SP2ConnPatcher.exe" -n=200 O4 - HKCU\..\Run: [soap way] D:\DOCUME~1\PIETER~1.SP2\APPLIC~1\INSIDE~1\Defaultexitplan.exe O4 - Startup: OpenOffice.org 2.2 .lnk = D:\Program Files\OpenOffice.org 2.2\program\quickstart.exe O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe O4 - Global Startup: Adobe Reader Synchronizer.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O4 - Global Startup: SpeedTouch 121g Wireless USB Monitor.lnk = C:\Program Files\Thomson SpeedTouch\SpeedTouch 121g Wireless USB Monitor\st121g.exe O8 - Extra context menu item: &D&ownload &with BitComet - res://D:\Program Files\BitComet\BitComet.exe/AddLink.htm O8 - Extra context menu item: &D&ownload all video with BitComet - res://D:\Program Files\BitComet\BitComet.exe/AddVideo.htm O8 - Extra context menu item: &D&ownload all with BitComet - res://D:\Program Files\BitComet\BitComet.exe/AddAllLink.htm O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll O9 - Extra button: BitComet Search - {461CC20B-FB6E-4f16-8FE8-C29359DB100E} - D:\Program Files\BitComet\tools\BitCometBHO_1.1.7.4.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra button: MyCom - {4610E429-A609-46E2-A228-06F7A79D7CB2} - http://www.mycom.nl (file missing) (HKCU) O11 - Options group: [INTERNATIONAL] International* O18 - Protocol: siteadvisor - {3A5DC592-7723-4EAA-9EE6-AF4222BCF879} - C:\Program Files\SiteAdvisor\6066\SiteAdv.dll O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe O23 - Service: AshampooDefragService - - D:\Program Files\Ashampoo\Ashampoo Magical Defrag 2\bin\aDefragService.exe O23 - Service: McAfee E-mail Proxy (Emproxy) - McAfee, Inc. - C:\PROGRA~1\COMMON~1\McAfee\EmProxy\emproxy.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: McAfee HackerWatch Service - McAfee, Inc. - C:\Program Files\Common Files\McAfee\HackerWatch\HWAPI.exe O23 - Service: McAfee Update Manager (mcmispupdmgr) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcupdmgr.exe O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\program files\common files\mcafee\mna\mcnasvc.exe O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe O23 - Service: McAfee Protection Manager (mcpromgr) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcpromgr.exe O23 - Service: McAfee Redirector Service (McRedirector) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\redirsvc\redirsvc.exe O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: SiteAdvisor Service - McAfee, Inc. - C:\Program Files\SiteAdvisor\6066\SAService.exe O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
  • Hoi OAP, Je hebt last van een lop infectie, dit komt doordat je MSN Plus [b:f8c8728197]met[/b:f8c8728197] sponsers hebt geinstalleerd. Start Hijackthis, kies voor [i:f8c8728197]'Do a system scan only'[/i:f8c8728197] en vink onderstaande regels aan: [b:f8c8728197] R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = O4 - HKLM\..\Run: [Support audio cool poll] D:\Documenten en settings\All Users\Application Data\INTERNET SPAM SUPPORT AUDIO\Beep math.exe O4 - HKCU\..\Run: [soap way] D:\DOCUME~1\PIETER~1.SP2\APPLIC~1\INSIDE~1\Defaultexitplan.exe [/b:f8c8728197] Sluit nu [u:f8c8728197]alle[/u:f8c8728197] openstaande vensters, behalve Hijackthis en klik op [b:f8c8728197]Fix Checked[/b:f8c8728197]. Download [url=http://home.hetnet.nl/~stefsmeenk/deljob]Deljob.exe[/url] ([url=http://members.lycos.nl/deljob/]mirror[/url]) naar je [b:f8c8728197]Bureaublad[/b:f8c8728197]. Indien je virusscanner de download van deljob.exe blokkeert, schakel dan tijdelijk je virusscanner uit of download de zip-versie [url=http://members.lycos.nl/deljob/deljob.zip]deljob.zip[/url] en pak deze uit naar je Bureaublad. Dubbelklik op [b:f8c8728197]Deljob.exe[/b:f8c8728197]. Een logje([u:f8c8728197]logit.txt[/u:f8c8728197]) zal openen, het bestandje kan je ook terugvinden op je Bureaublad. Post de inhoud van [b:f8c8728197]logit.txt[/b:f8c8728197] in je volgende bericht tesamen met een nieuw gemaakt Hijackthis logje. Succes! Pim
  • eerst de nieuwe hijacklog: Logfile of HijackThis v1.99.1 Scan saved at 17:38:24, on 26-8-2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16512) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Ahead\InCD\InCDsrv.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe D:\Program Files\Ashampoo\Ashampoo Magical Defrag 2\bin\aDefragService.exe C:\Program Files\Common Files\LightScribe\LSSrvc.exe C:\Program Files\Common Files\McAfee\HackerWatch\HWAPI.exe C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe C:\Program Files\Ahead\InCD\InCD.exe C:\Program Files\Microsoft Hardware\Mouse\point32.exe C:\Program Files\Microsoft Hardware\Keyboard\type32.exe c:\program files\common files\mcafee\mna\mcnasvc.exe C:\WINDOWS\system32\VTTimer.exe C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe C:\Program Files\Analog Devices\SoundMAX\Smax4.exe C:\Program Files\VIA\RAID\raid_tool.exe C:\Program Files\Thomson SpeedTouch\SpeedTouch 121g Wireless USB Monitor\PRISMSVR.EXE C:\Program Files\Creative\Shared Files\CAMTRAY.EXE C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe C:\Program Files\SiteAdvisor\6066\SiteAdv.exe C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe D:\Program Files\Ashampoo\Ashampoo Magical Defrag 2\bin\defragTaskBar.exe C:\Program Files\HP\HP Software Update\HPWuSchd2.exe C:\PROGRA~1\McAfee\MSC\mcpromgr.exe C:\Program Files\HP\hpcoretech\hpcmpmgr.exe C:\Program Files\SPAMfighter\SFAgent.exe c:\PROGRA~1\COMMON~1\mcafee\redirsvc\redirsvc.exe C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe D:\Program Files\Winamp\winampa.exe D:\Program Files\Ashampoo\Ashampoo Magical Defrag 2\bin\defragActivityMonitor.exe C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE C:\Program Files\McAfee\MPF\MPFSrv.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\WINDOWS\system32\tcpsvcs.exe C:\Program Files\SiteAdvisor\6066\SAService.exe C:\WINDOWS\System32\snmp.exe C:\Program Files\Common Files\Real\Update_OB\realsched.exe C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe C:\WINDOWS\system32\svchost.exe D:\PROGRA~1\3BSOFT~1\WINDOW~2\Windows Clean-Up Pro.uzy D:\Program Files\Atomic Clock Sync\Atomic.exe D:\Program Files\3B Software\Ad Blocker Pro\Ad Blocker Pro.uzy C:\Program Files\AIM6\aim6.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\PROGRA~1\mcafee.com\agent\mcagent.exe D:\Program Files\BitTorrent\bittorrent.exe C:\Program Files\AIM6\aolsoftware.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Thomson SpeedTouch\SpeedTouch 121g Wireless USB Monitor\st121g.exe D:\Program Files\OpenOffice.org 2.2\program\soffice.exe D:\Program Files\OpenOffice.org 2.2\program\soffice.BIN D:\Program Files\RealPlay.exe C:\PROGRA~1\COMMON~1\McAfee\EmProxy\emproxy.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\WINDOWS\system32\NOTEPAD.EXE C:\WINDOWS\system32\wuauclt.exe D:\Documenten en settings\Pieter.SP2PC1\Desktop\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.pczapper.tv/intro/xnl/ R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:54545 O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - D:\Program Files\rpbrowserrecordplugin.dll O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - D:\Program Files\BitComet\tools\BitCometBHO_1.1.7.4.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll O3 - Toolbar: McAfee SiteAdvisor - {0BF43445-2F28-4351-9252-17FE6E806AA0} - C:\Program Files\SiteAdvisor\6066\SiteAdv.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe O4 - HKLM\..\Run: [POINTER] point32.exe O4 - HKLM\..\Run: [IntelliType] "C:\Program Files\Microsoft Hardware\Keyboard\type32.exe" O4 - HKLM\..\Run: [DXDllRegExe] C:\WINDOWS\system32\dxdllreg.exe O4 - HKLM\..\Run: [VTTimer] VTTimer.exe O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe O4 - HKLM\..\Run: [SoundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray O4 - HKLM\..\Run: [RaidTool] C:\Program Files\VIA\RAID\raid_tool.exe O4 - HKLM\..\Run: [PRISMSVR.EXE] "C:\Program Files\Thomson SpeedTouch\SpeedTouch 121g Wireless USB Monitor\PRISMSVR.EXE" /APPLY O4 - HKLM\..\Run: [Creative WebCam Tray] C:\Program Files\Creative\Shared Files\CAMTRAY.EXE O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe" O4 - HKLM\..\Run: [SiteAdvisor] C:\Program Files\SiteAdvisor\6066\SiteAdv.exe O4 - HKLM\..\Run: [DefragTaskBar] "D:\Program Files\Ashampoo\Ashampoo Magical Defrag 2\bin\defragTaskBar.exe" O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe" O4 - HKLM\..\Run: [SPAMfighter Agent] "C:\Program Files\SPAMfighter\SFAgent.exe" update delay 60 O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe" O4 - HKLM\..\Run: [WinampAgent] D:\Program Files\Winamp\winampa.exe O4 - HKLM\..\Run: [Windows Clean-Up Pro] D:\PROGRA~1\3BSOFT~1\WINDOW~2\WINDOWS CLEAN-UP PRO.Exe O4 - HKLM\..\Run: [Ad Blocker Pro] "D:\Program Files\3B Software\Ad Blocker Pro\Ad Blocker Pro.exe" -minimized O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [Atomic.exe] D:\Program Files\Atomic Clock Sync\Atomic.exe O4 - HKCU\..\Run: [Aim6] "C:\Program Files\AIM6\aim6.exe" /d locale=en-US ee://aol/imApp O4 - HKCU\..\Run: [BitTorrent] "D:\Program Files\BitTorrent\bittorrent.exe" --force_start_minimized O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [SP2 Connection Patcher] "C:\Program Files\SP2 Connection Patcher\SP2ConnPatcher.exe" -n=200 O4 - Startup: OpenOffice.org 2.2 .lnk = D:\Program Files\OpenOffice.org 2.2\program\quickstart.exe O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe O4 - Global Startup: Adobe Reader Synchronizer.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O4 - Global Startup: SpeedTouch 121g Wireless USB Monitor.lnk = C:\Program Files\Thomson SpeedTouch\SpeedTouch 121g Wireless USB Monitor\st121g.exe O8 - Extra context menu item: &D&ownload &with BitComet - res://D:\Program Files\BitComet\BitComet.exe/AddLink.htm O8 - Extra context menu item: &D&ownload all video with BitComet - res://D:\Program Files\BitComet\BitComet.exe/AddVideo.htm O8 - Extra context menu item: &D&ownload all with BitComet - res://D:\Program Files\BitComet\BitComet.exe/AddAllLink.htm O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll O9 - Extra button: BitComet Search - {461CC20B-FB6E-4f16-8FE8-C29359DB100E} - D:\Program Files\BitComet\tools\BitCometBHO_1.1.7.4.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra button: MyCom - {4610E429-A609-46E2-A228-06F7A79D7CB2} - http://www.mycom.nl (file missing) (HKCU) O11 - Options group: [INTERNATIONAL] International* O18 - Protocol: siteadvisor - {3A5DC592-7723-4EAA-9EE6-AF4222BCF879} - C:\Program Files\SiteAdvisor\6066\SiteAdv.dll O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe O23 - Service: AshampooDefragService - - D:\Program Files\Ashampoo\Ashampoo Magical Defrag 2\bin\aDefragService.exe O23 - Service: McAfee E-mail Proxy (Emproxy) - McAfee, Inc. - C:\PROGRA~1\COMMON~1\McAfee\EmProxy\emproxy.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: McAfee HackerWatch Service - McAfee, Inc. - C:\Program Files\Common Files\McAfee\HackerWatch\HWAPI.exe O23 - Service: McAfee Update Manager (mcmispupdmgr) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcupdmgr.exe O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\program files\common files\mcafee\mna\mcnasvc.exe O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe O23 - Service: McAfee Protection Manager (mcpromgr) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcpromgr.exe O23 - Service: McAfee Redirector Service (McRedirector) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\redirsvc\redirsvc.exe O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: SiteAdvisor Service - McAfee, Inc. - C:\Program Files\SiteAdvisor\6066\SAService.exe O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe en vervolgens het deljoblog: -------------------------------------------------------- File(s) moved to C:\deljob AA0F2A0090DCA694.job -------------------------------------------------------- Files remaining after cleaning McDefragTask.job McQcTask.job -------------------------------------------------------- App data folders Volume in drive D is Data Volume Serial Number is 3CE6-702B Directory of D:\Documenten en settings\Pieter.SP2PC1\Application Data 23-08-2007 16:56 <DIR> . 23-08-2007 16:56 <DIR> .. 01-07-2007 17:40 <DIR> acccore 18-07-2007 13:59 <DIR> Adobe 16-08-2007 19:38 <DIR> Ashampoo 26-08-2007 01:08 <DIR> BITTOR~1 BitTorrent 01-07-2007 16:50 <DIR> Creative 06-08-2007 23:47 <DIR> Google 02-07-2007 15:56 <DIR> Help 01-07-2007 18:35 <DIR> HP 01-07-2007 16:49 <DIR> IDENTI~1 Identities 06-08-2007 16:51 <DIR> INSIDE~1 Insidelist 07-07-2007 19:39 <DIR> Lavasoft 02-07-2007 02:00 <DIR> LEADER~1 Leadertech 25-08-2007 13:29 <DIR> LimeWire 01-07-2007 17:40 <DIR> MACROM~1 Macromedia 05-07-2007 19:20 <DIR> MICROS~1 Microsoft 14-08-2007 20:33 <DIR> Mozilla 26-08-2007 10:48 <DIR> OPENOF~1.ORG OpenOffice.org2 16-08-2007 21:23 <DIR> Real 07-07-2007 22:50 <DIR> Sammsoft 23-08-2007 16:56 <DIR> SecuROM 21-08-2007 09:20 <DIR> SITEAD~1 SiteAdvisor 01-07-2007 19:39 <DIR> SPAMFI~1 SPAMfighter 05-07-2007 18:02 <DIR> Sun 14-08-2007 19:38 <DIR> THUNDE~1 Thunderbird 18-08-2007 02:14 <DIR> uTorrent 01-07-2007 17:33 <DIR> VanDale 09-08-2007 16:50 <DIR> vlc 0 File(s) 0 bytes 29 Dir(s) 31.812.923.392 bytes free Volume in drive D is Data Volume Serial Number is 3CE6-702B Directory of D:\Documenten en settings\All Users\Application Data 06-08-2007 16:51 <DIR> . 06-08-2007 16:51 <DIR> .. 06-08-2007 23:49 <DIR> Adobe 01-07-2007 16:38 <DIR> AOL 01-07-2007 16:38 <DIR> AOLDOW~1 AOL Downloads 01-07-2007 16:38 <DIR> AOLOCP~1 AOL OCP 01-07-2007 16:38 <DIR> APPLEC~1 Apple Computer 01-07-2007 16:38 <DIR> ashampoo 01-07-2007 16:38 <DIR> CYBERL~1 CyberLink 21-08-2007 16:53 <DIR> FREEDE~1 Free dent poll internet 01-07-2007 16:38 <DIR> Google 01-07-2007 16:39 <DIR> HP 06-08-2007 16:51 <DIR> INTERN~1 INTERNET SPAM SUPPORT AUDIO 08-06-2007 18:39 <DIR> Lavasoft 01-07-2007 16:38 <DIR> McAfee 01-07-2007 16:38 <DIR> McAfee.com 07-07-2007 19:39 <DIR> MICROS~1 Microsoft 01-07-2007 16:38 <DIR> MICROS~2 Microsoft Corporation 30-08-2006 17:47 <DIR> Prism 01-07-2007 16:38 <DIR> QUESTS~1 Quest Software 01-07-2007 16:38 <DIR> SBSI 01-07-2007 16:38 <DIR> SITEAD~1 SiteAdvisor 15-08-2007 01:12 <DIR> SPYBOT~1 Spybot - Search & Destroy 01-07-2007 16:38 <DIR> TEMP 01-07-2007 16:38 <DIR> VIEWPO~1 Viewpoint 01-07-2007 16:38 <DIR> WINDOW~1 Windows Genuine Advantage 0 File(s) 0 bytes 26 Dir(s) 31.812.923.392 bytes free --------------------------------------------------------
  • Kennelijk had ik alle ruimte voor een posting gebruikt. Bedankt en ik hoop er het beste van!

Beantwoord deze vraag

Weet jij het antwoord op deze vraag? Registreer of meld je aan met je account

Dit is een gearchiveerde pagina. Antwoorden is niet meer mogelijk.