Op deze website gebruiken we cookies om content en advertenties te personaliseren, om functies voor social media te bieden en om ons websiteverkeer te analyseren. Ook delen we informatie over uw gebruik van onze site met onze partners voor social media, adverteren en analyse. Deze partners kunnen deze gegevens combineren met andere informatie die u aan ze heeft verstrekt of die ze hebben verzameld op basis van uw gebruik van hun services. Meer informatie.

Akkoord

Vraag & Antwoord

Beveiliging & privacy

MSN Gehackt, Google Linkt naar Sexsite"zoekers"

None
11 antwoorden
  • hoi ik ben laatst gehackt via mijn MSN en als ik via google zoek dan komen de resultaten wel goed tot dat ik er op eentje klik….
    dan redirect die mij naar zo'n site waarop ook zoekresultaten staan maar dan voor 18+
    en aangezien ik 13 ben is dit niet zo heel fijn…
    hierbij ook nog een HJT log:

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 13:32:41, on 2-2-2008
    Platform: Windows XP (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 (6.00.2600.0000)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\csrss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Panda Software\Panda Internet Security 2007\pavsrv51.exe
    C:\Program Files\Panda Software\Panda Internet Security 2007\AVENGINE.EXE
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Panda Software\Panda Internet Security 2007\TPSrv.exe
    C:\Program Files\Ahead\InCD\InCDsrv.exe
    C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    c:\program files\panda software\panda internet security 2007\firewall\PNMSRV.EXE
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\System32\alg.exe
    C:\WINDOWS\System32\cisvc.exe
    C:\WINDOWS\System32\CTsvcCDA.EXE
    C:\Program Files\DriveCrypt\DcrServ.exe
    C:\xampp\filezillaftp\filezillaserver.exe
    C:\Program Files\Common Files\LightScribe\LSSrvc.exe
    C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
    C:\xampp\mysql\bin\mysqld-nt.exe
    C:\WINDOWS\System32
    vsvc32.exe
    C:\Program Files\Panda Software\Panda Internet Security 2007\PavFnSvr.exe
    C:\Program Files\Common Files\Panda Software\PavShld\pavprsrv.exe
    C:\Program Files\Panda Software\Panda Internet Security 2007\AntiSpam\pskmssvc.exe
    C:\Program Files\Panda Software\Panda Internet Security 2007\PsImSvc.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\System32\Tablet.exe
    C:\WINDOWS\System32\wdfmgr.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Panda Software\Panda Internet Security 2007\apvxdwin.exe
    C:\WINDOWS\System32\Rundll32.exe
    C:\Program Files\Creative\SBAudigy\Surround Mixer\CTSysVol.exe
    C:\Program Files\Thrustmaster\Thrustmapper\TMTMTSR.exe
    C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
    C:\WINDOWS\System32\RUNDLL32.EXE
    C:\WINDOWS\System32\ctfmon.exe
    C:\WINDOWS\system32\WTablet\TabUserW.exe
    C:\Program Files\Stickies\stickies.exe
    C:\Program Files\Panda Software\Panda Internet Security 2007\SRVLOAD.EXE
    C:\WINDOWS\System32\cidaemon.exe
    C:\WINDOWS\System32\WISPTIS.EXE
    C:\Program Files\SpeedFan\speedfan.exe
    C:\Program Files\MSN Messenger\msnmsgr.exe
    C:\Program Files\MSN Messenger\usnsvc.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
    C:\WINDOWS\System32\wbem\wmiprvse.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi
    edir.dll?prd=ie&ar=iesearch
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi
    edir.dll?prd=ie&pver=6&ar=msnhome
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft.com/isapi
    edir.dll?prd=ie&pver=6&ar=msnhome
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com/isapi
    edir.dll?prd=ie&ar=iesearch
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi
    edir.dll?prd=ie&ar=iesearch
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi
    edir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [P17Helper] Rundll32 P17.dll,P17Helper
    O4 - HKLM\..\Run: [CTSysVol] C:\Program Files\Creative\SBAudigy\Surround Mixer\CTSysVol.exe

    O4 - HKLM\..\Run: [ThrustTSR] C:\Program Files\Thrustmaster\Thrustmapper\TMTMTSR.exe
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [SW20] C:\WINDOWS\System32\sw20.exe
    O4 - HKLM\..\Run: [SW24] C:\WINDOWS\System32\sw24.exe
    O4 - HKLM\..\Run: [DXM6Patch_981116] C:\WINDOWS\p_981116.exe /Q:A
    O4 - HKLM\..\Run: [REGSHAVE] C:\Program Files\REGSHAVE\REGSHAVE.EXE /AUTORUN
    O4 - HKLM\..\Run: [APVXDWIN] "C:\Program Files\Panda Software\Panda Internet Security 2007\APVXDWIN.EXE" /s
    O4 - HKLM\..\Run: [SCANINICIO] "C:\Program Files\Panda Software\Panda Internet Security 2007\Inicio.exe"
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
    O4 - HKLM\..\Run: [Synchronization Manager] %SystemRoot%\system32\mobsync.exe /logon
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
    O4 - HKCU\..\Run: [STYLEXP] C:\Program Files\TGTSoft\StyleXP\StyleXP.exe -Hide
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [EVEREST AutoStart] C:\Documents and Settings\Rémon\Bureaublad
    ieuw\everest\everest.exe
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Lokale service')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Netwerkservice')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
    O4 - Startup: CPUFSB.lnk = C:\Program Files\CPUFSB\CPUFSB.exe
    O4 - Startup: Stickies.lnk = C:\Program Files\Stickies\stickies.exe
    O4 - Startup: WinMySQLadmin.lnk = C:\xampp\mysql\bin\winmysqladmin.exe
    O4 - Global Startup: TabUserW.exe.lnk = C:\WINDOWS\system32\WTablet\TabUserW.exe
    O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
    O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
    O16 - DPF: {1A4DA620-6217-11CF-BE62-0080C72EDD2D} (MarqueeCtl Object) - file://E:\scripts\vbscript\marquee.ocx
    O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w2/pr02
    esources/MSNPUpld.cab
    O16 - DPF: {59CCB4A0-727D-11CF-AC36-00AA00A47DD2} (Timer Object) - file://E:\scripts\vbscript\ietimer.ocx
    O16 - DPF: {99B42120-6EC7-11CF-A6C7-00AA00A47DD2} (Label Object) - file://E:\scripts\vbscript\ielabel.ocx
    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload.adobe.com/pub/shockwave/cabs/flash/swflash.cab
    O17 - HKLM\System\CCS\Services\Tcpip\..\{5EC61CD7-1FF7-4A9A-BE91-4AE3B8D30E6D}: NameServer = 85.255.115.101,85.255.112.68
    O17 - HKLM\System\CCS\Services\Tcpip\..\{CA6CFD08-9158-4123-A22E-66E030F70A58}: NameServer = 85.255.115.101,85.255.112.68
    O17 - HKLM\System\CCS\Services\Tcpip\..\{CE502F09-9A56-4037-8365-26E1B2EB57A7}: NameServer = 85.255.115.101,85.255.112.68
    O17 - HKLM\System\CCS\Services\Tcpip\..\{EB59754B-6FE7-4767-91F1-191843A51328}: NameServer = 85.255.115.101,85.255.112.68
    O17 - HKLM\System\CS2\Services\Tcpip\Parameters: NameServer = 85.255.115.101 85.255.112.68
    O17 - HKLM\System\CS2\Services\Tcpip\..\{5EC61CD7-1FF7-4A9A-BE91-4AE3B8D30E6D}: NameServer = 85.255.115.101,85.255.112.68
    O17 - HKLM\System\CS3\Services\Tcpip\Parameters: NameServer = 85.255.115.101 85.255.112.68
    O17 - HKLM\System\CS3\Services\Tcpip\..\{5EC61CD7-1FF7-4A9A-BE91-4AE3B8D30E6D}: NameServer = 85.255.115.101,85.255.112.68
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 85.255.115.101 85.255.112.68
    O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
    O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.EXE
    O23 - Service: DriveCrypt Service (DriveCryptService) - Unknown owner - C:\Program Files\DriveCrypt\DcrServ.exe
    O23 - Service: FileZilla Server FTP server (FileZilla Server) - FileZilla Project - C:\xampp\filezillaftp\filezillaserver.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
    O23 - Service: InCD Helper (read only) (InCDsrvR) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
    O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Unknown owner - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
    O23 - Service: mysql - Unknown owner - C:\xampp\mysql\bin\mysqld-nt.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32
    vsvc32.exe
    O23 - Service: Panda Function Service (PAVFNSVR) - Panda Software International - C:\Program Files\Panda Software\Panda Internet Security 2007\PavFnSvr.exe
    O23 - Service: Panda Process Protection Service (PavPrSrv) - Panda Software - C:\Program Files\Common Files\Panda Software\PavShld\pavprsrv.exe
    O23 - Service: Panda anti-virus service (PAVSRV) - Panda Software International - C:\Program Files\Panda Software\Panda Internet Security 2007\pavsrv51.exe
    O23 - Service: Panda Antispam Engine (pmshellsrv) - Panda Software International - C:\Program Files\Panda Software\Panda Internet Security 2007\AntiSpam\pskmssvc.exe
    O23 - Service: Panda Network Manager (PNMSRV) - Panda Software International - c:\program files\panda software\panda internet security 2007\firewall\PNMSRV.EXE
    O23 - Service: Panda IManager Service (PSIMSVC) - Panda Software - C:\Program Files\Panda Software\Panda Internet Security 2007\PsImSvc.exe
    O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - C:\Program Files\WinPcap\rpcapd.exe
    O23 - Service: StyleXPService - Unknown owner - C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
    O23 - Service: TabletService - Wacom Technology, Corp. - C:\WINDOWS\System32\Tablet.exe
    O23 - Service: Panda TPSrv (TPSrv) - Panda Software - C:\Program Files\Panda Software\Panda Internet Security 2007\TPSrv.exe
    O23 - Service: TuneUp WinStyler Theme Service (TUWinStylerThemeSvc) - TuneUp Software GmbH - C:\Program Files\TuneUp Utilities 2006\WinStylerThemeSvc.exe
    O23 - Service: XAMPP Service (XAMPP) - Unknown owner - C:\xampp\service.exe
    O24 - Desktop Component 1: Computer!Totaal :: Bekijk onderwerp - Standaard systeem benodigdheden voor server(info inside) - http://forum.computertotaal.nl/phpBB2/viewtopic.php?t=185019


    End of file - 11629 bytes










  • Ai, hier valt wat te fixen !


    Start Hijackthis op en kies voor 'Do a system scan only'
    Selecteer alleen de items die hieronder zijn genoemd:

    [b:69deb5bb2b]
    O17 - HKLM\System\CCS\Services\Tcpip\..\{5EC61CD7-1FF7-4A9A-BE91-4AE3B8D30E6D}: NameServer = 85.255.115.101,85.255.112.68
    O17 - HKLM\System\CCS\Services\Tcpip\..\{CA6CFD08-9158-4123-A22E-66E030F70A58}: NameServer = 85.255.115.101,85.255.112.68
    O17 - HKLM\System\CCS\Services\Tcpip\..\{CE502F09-9A56-4037-8365-26E1B2EB57A7}: NameServer = 85.255.115.101,85.255.112.68
    O17 - HKLM\System\CCS\Services\Tcpip\..\{EB59754B-6FE7-4767-91F1-191843A51328}: NameServer = 85.255.115.101,85.255.112.68
    O17 - HKLM\System\CS2\Services\Tcpip\Parameters: NameServer = 85.255.115.101 85.255.112.68
    O17 - HKLM\System\CS2\Services\Tcpip\..\{5EC61CD7-1FF7-4A9A-BE91-4AE3B8D30E6D}: NameServer = 85.255.115.101,85.255.112.68
    O17 - HKLM\System\CS3\Services\Tcpip\Parameters: NameServer = 85.255.115.101 85.255.112.68
    O17 - HKLM\System\CS3\Services\Tcpip\..\{5EC61CD7-1FF7-4A9A-BE91-4AE3B8D30E6D}: NameServer = 85.255.115.101,85.255.112.68
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 85.255.115.101 85.255.112.68 [/b:69deb5bb2b]

    Sluit alle vensters behalve Hijackthis
    Klik op 'Fix checked' om de items te verwijderen.

    Deze IP adressen behoren tot een domain in de Ukraine ! Geen zuivere koffie !!

    Ripe info:

    % Information related to '85.255.112.0 - 85.255.127.255'

    inetnum: 85.255.112.0 - 85.255.127.255
    netname: UkrTeleGroup
    descr: UkrTeleGroup Ltd.
    admin-c: UA481-RIPE
    tech-c: UA481-RIPE
    country: UA
    org: ORG-UL25-RIPE
    status: ASSIGNED PI "status:" definitions
    mnt-by: RIPE-NCC-HM-PI-MNT
    mnt-lower: RIPE-NCC-HM-PI-MNT
    mnt-by: UKRTELE-MNT
    mnt-routes: UKRTELE-MNT
    mnt-domains: UKRTELE-MNT
    source: RIPE # Filtered

    organisation: ORG-UL25-RIPE
    org-name: UkrTeleGroup Ltd.
    org-type: LIR
    address: UkrTeleGroup Ltd.
    Mechnikova 58/5
    65029 Odessa
    Ukraine
    phone: +380487311011
    fax-no: +380487502499
    mnt-ref: UKRTELE-MNT
    mnt-ref: RIPE-NCC-HM-MNT
    mnt-by: RIPE-NCC-HM-MNT
    source: RIPE # Filtered

    person: Andrew Sotov
    address: Mechnikova 58/5 65029 Odessa
    abuse-mailbox: abuse@ukrtelegroup.com.ua
    phone: +380631508855
    nic-hdl: UA481-RIPE
    source: RIPE # Filtered

    —-
  • Tweaky dit is een klassieke wareout infectie :P
  • [b:8c72b2f7a4]animaster[/b:8c72b2f7a4]


    [i:8c72b2f7a4]Print de onderstaande instructies uit omdat je de computer tijdens het fixen moet herstarten.
    (kopieer de tekst naar bijv. Word en print dit uit)[/i:8c72b2f7a4]

    Download
  • maar wat is er nou precies gebeurt??
  • Nou je bent dus besmet met de wareout infectie en als je de fix die ik je net aanbood niet doet gaat het niet weg.

    Dus volg de stappen aub, en meld je terug met de uitslag en een nieuw HJT logje. Vraag eventueel hulp van iemand met meer verstand van een pc.


    DNS-hijackers

    DNS-servers worden gebruikt om de naam van een website te vertalen naar het IP-adres.
    Indien deze servers gewijzigd worden door malware, dan worden er foutieve DNS-servers gebruikt. Het gevolg hiervan is dat men wordt doorverwezen naar foutieve websites.

    Voorbeelden zijn o.m. WareOut en UnspyPc.
  • ok heb de HJT Fixes gedaan hiervan logje:

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 23:37:09, on 3-2-2008
    Platform: Windows XP (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 (6.00.2600.0000)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\csrss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Panda Software\Panda Internet Security 2007\pavsrv51.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Panda Software\Panda Internet Security 2007\TPSrv.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    c:\program files\panda software\panda internet security 2007\firewall\PNMSRV.EXE
    C:\Program Files\Panda Software\Panda Internet Security 2007\PavFnSvr.exe
    C:\Program Files\Common Files\Panda Software\PavShld\pavprsrv.exe
    C:\Program Files\Panda Software\Panda Internet Security 2007\AntiSpam\pskmssvc.exe
    C:\Program Files\Panda Software\Panda Internet Security 2007\PsImSvc.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Panda Software\Panda Internet Security 2007\SRVLOAD.EXE
    C:\Program Files\Panda Software\Panda Internet Security 2007\AVENGINE.EXE
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
    C:\Program Files\Kiryssoft\KCPUCooler\KCPUCooler.exe
    C:\Program Files\Technitium\TMACv4.7\TMAC.EXE
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
    C:\WINDOWS\System32\wbem\wmiprvse.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi
    edir.dll?prd=ie&ar=iesearch
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi
    edir.dll?prd=ie&pver=6&ar=msnhome
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft.com/isapi
    edir.dll?prd=ie&pver=6&ar=msnhome
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com/isapi
    edir.dll?prd=ie&ar=iesearch
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi
    edir.dll?prd=ie&ar=iesearch
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi
    edir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [P17Helper] Rundll32 P17.dll,P17Helper
    O4 - HKLM\..\Run: [CTSysVol] C:\Program Files\Creative\SBAudigy\Surround Mixer\CTSysVol.exe

    O4 - HKLM\..\Run: [ThrustTSR] C:\Program Files\Thrustmaster\Thrustmapper\TMTMTSR.exe
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [SW20] C:\WINDOWS\System32\sw20.exe
    O4 - HKLM\..\Run: [SW24] C:\WINDOWS\System32\sw24.exe
    O4 - HKLM\..\Run: [REGSHAVE] C:\Program Files\REGSHAVE\REGSHAVE.EXE /AUTORUN
    O4 - HKLM\..\Run: [APVXDWIN] "C:\Program Files\Panda Software\Panda Internet Security 2007\APVXDWIN.EXE" /s
    O4 - HKLM\..\Run: [SCANINICIO] "C:\Program Files\Panda Software\Panda Internet Security 2007\Inicio.exe"
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
    O4 - HKLM\..\Run: [Synchronization Manager] %SystemRoot%\system32\mobsync.exe /logon
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
    O4 - HKCU\..\Run: [STYLEXP] C:\Program Files\TGTSoft\StyleXP\StyleXP.exe -Hide
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [EVEREST AutoStart] C:\Documents and Settings\Rémon\Bureaublad
    ieuw\everest\everest.exe
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Lokale service')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Netwerkservice')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
    O4 - Startup: CPUFSB.lnk = C:\Program Files\CPUFSB\CPUFSB.exe
    O4 - Startup: Stickies.lnk = C:\Program Files\Stickies\stickies.exe
    O4 - Startup: WinMySQLadmin.lnk = C:\xampp\mysql\bin\winmysqladmin.exe
    O4 - Global Startup: TabUserW.exe.lnk = C:\WINDOWS\system32\WTablet\TabUserW.exe
    O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
    O16 - DPF: {1A4DA620-6217-11CF-BE62-0080C72EDD2D} (MarqueeCtl Object) - file://E:\scripts\vbscript\marquee.ocx
    O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w2/pr02
    esources/MSNPUpld.cab
    O16 - DPF: {59CCB4A0-727D-11CF-AC36-00AA00A47DD2} (Timer Object) - file://E:\scripts\vbscript\ietimer.ocx
    O16 - DPF: {99B42120-6EC7-11CF-A6C7-00AA00A47DD2} (Label Object) - file://E:\scripts\vbscript\ielabel.ocx
    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload.adobe.com/pub/shockwave/cabs/flash/swflash.cab
    O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
    O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.EXE
    O23 - Service: DriveCrypt Service (DriveCryptService) - Unknown owner - C:\Program Files\DriveCrypt\DcrServ.exe
    O23 - Service: FileZilla Server FTP server (FileZilla Server) - FileZilla Project - C:\xampp\filezillaftp\filezillaserver.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
    O23 - Service: InCD Helper (read only) (InCDsrvR) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
    O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Unknown owner - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
    O23 - Service: mysql - Unknown owner - C:\xampp\mysql\bin\mysqld-nt.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32
    vsvc32.exe
    O23 - Service: Panda Function Service (PAVFNSVR) - Panda Software International - C:\Program Files\Panda Software\Panda Internet Security 2007\PavFnSvr.exe
    O23 - Service: Panda Process Protection Service (PavPrSrv) - Panda Software - C:\Program Files\Common Files\Panda Software\PavShld\pavprsrv.exe
    O23 - Service: Panda anti-virus service (PAVSRV) - Panda Software International - C:\Program Files\Panda Software\Panda Internet Security 2007\pavsrv51.exe
    O23 - Service: Panda Antispam Engine (pmshellsrv) - Panda Software International - C:\Program Files\Panda Software\Panda Internet Security 2007\AntiSpam\pskmssvc.exe
    O23 - Service: Panda Network Manager (PNMSRV) - Panda Software International - c:\program files\panda software\panda internet security 2007\firewall\PNMSRV.EXE
    O23 - Service: Panda IManager Service (PSIMSVC) - Panda Software - C:\Program Files\Panda Software\Panda Internet Security 2007\PsImSvc.exe
    O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - C:\Program Files\WinPcap\rpcapd.exe
    O23 - Service: StyleXPService - Unknown owner - C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
    O23 - Service: TabletService - Wacom Technology, Corp. - C:\WINDOWS\System32\Tablet.exe
    O23 - Service: Panda TPSrv (TPSrv) - Panda Software - C:\Program Files\Panda Software\Panda Internet Security 2007\TPSrv.exe
    O23 - Service: TuneUp WinStyler Theme Service (TUWinStylerThemeSvc) - TuneUp Software GmbH - C:\Program Files\TuneUp Utilities 2006\WinStylerThemeSvc.exe
    O23 - Service: XAMPP Service (XAMPP) - Unknown owner - C:\xampp\service.exe
    O24 - Desktop Component 1: Computer!Totaal :: Bekijk onderwerp - Standaard systeem benodigdheden voor server(info inside) - http://forum.computertotaal.nl/phpBB2/viewtopic.php?t=185019


    End of file - 9306 bytes

    nu dat wareout dingetje nog doen









  • ok zoals beloofd WareOut log dinges.
    mijn computer bleef tijdens het opnieuw opstarten hangen…

    Username "R‚mon" - 03-02-2008 23:39:31 [Fixwareout edited 9/01/2007]

    ~~~~~ Prerun check
    HKLM\SOFTWARE\~\Winlogon\ "System"="kddsx.exe"

    HKEY_LOCAL_MACHINE\system\currentcontrolset\services\tcpip\parameters\interfaces\{5EC61CD7-1FF7-4A9A-BE91-4AE3B8D30E6D}
    "DhcpNameServer"="85.255.115.101,85.255.112.68" <Value cleared.
    HKEY_LOCAL_MACHINE\system\currentcontrolset\services\tcpip\parameters\interfaces\{C1380341-2B98-4374-8947-4A6933B1C863}
    "DhcpNameServer"="85.255.115.101,85.255.112.68" <Value cleared.
    HKEY_LOCAL_MACHINE\system\currentcontrolset\services\tcpip\parameters\interfaces\{CA6CFD08-9158-4123-A22E-66E030F70A58}
    "DhcpNameServer"="85.255.115.101,85.255.112.68" <Value cleared.
    HKEY_LOCAL_MACHINE\system\currentcontrolset\services\tcpip\parameters\interfaces\{CE502F09-9A56-4037-8365-26E1B2EB57A7}
    "DhcpNameServer"="85.255.115.101,85.255.112.68" <Value cleared.
    HKEY_LOCAL_MACHINE\system\currentcontrolset\services\tcpip\parameters\interfaces\{EB59754B-6FE7-4767-91F1-191843A51328}
    "DhcpNameServer"="85.255.115.101,85.255.112.68" <Value cleared.

    De DNS-omzettingscache is leeggemaakt.


    System was rebooted successfully.

    ~~~~~ Postrun check
    HKLM\SOFTWARE\~\Winlogon\ "system"=""
    ….
    ….
    ~~~~~ Misc files.
    ….
    ~~~~~ Checking for older varients.
    ….
    ~~~~~ Other
    C:\WINDOWS\Temp\kddsx.ren 73743 07-09-2001


    C:\Program Files\Ultimate Duck Hunting Demo < Found
    Additional tools are recommended.

    ~~~~~ Current runs (hklm hkcu "run" Keys Only)
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "NeroFilterCheck"="C:\\WINDOWS\\system32\\NeroCheck.exe"
    "P17Helper"="Rundll32 P17.dll,P17Helper"
    "CTSysVol"="C:\\Program Files\\Creative\\SBAudigy\\Surround Mixer\\CTSysVol.exe
    "
    "ThrustTSR"="C:\\Program Files\\Thrustmaster\\Thrustmapper\\TMTMTSR.exe"
    "NvCplDaemon"="RUNDLL32.EXE C:\\WINDOWS\\System32\\NvCpl.dll,NvStartup"
    "nwiz"="nwiz.exe /install"
    "SW20"="C:\\WINDOWS\\System32\\sw20.exe"
    "SW24"="C:\\WINDOWS\\System32\\sw24.exe"
    "REGSHAVE"="C:\\Program Files\\REGSHAVE\\REGSHAVE.EXE /AUTORUN"
    "APVXDWIN"="\"C:\\Program Files\\Panda Software\\Panda Internet Security 2007\\APVXDWIN.EXE\" /s"
    "SCANINICIO"="\"C:\\Program Files\\Panda Software\\Panda Internet Security 2007\\Inicio.exe\""
    "SunJavaUpdateSched"="\"C:\\Program Files\\Java\\jre1.6.0_03\\bin\\jusched.exe\""
    "Synchronization Manager"=hex(2):25,53,79,73,74,65,6d,52,6f,6f,74,25,5c,73,79,\
    73,74,65,6d,33,32,5c,6d,6f,62,73,79,6e,63,2e,65,78,65,20,2f,6c,6f,67,6f,6e,\
    00
    "NvMediaCenter"="RUNDLL32.EXE C:\\WINDOWS\\System32\\NvMcTray.dll,NvTaskbarInit"

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"="C:\\WINDOWS\\System32\\ctfmon.exe"
    "STYLEXP"="C:\\Program Files\\TGTSoft\\StyleXP\\StyleXP.exe -Hide"
    "MsnMsgr"="\"C:\\Program Files\\MSN Messenger\\MsnMsgr.Exe\" /background"
    "EVEREST AutoStart"="C:\\Documents and Settings\\Rémon\\Bureaublad\
    ieuw\\everest\\everest.exe"
    ….
    Hosts file was reset, If you use a custom hosts file please replace it…
    ~~~~~ End report ~~~~~
    HJT Log:
    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 0:11:36, on 4-2-2008
    Platform: Windows XP (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 (6.00.2600.0000)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Panda Software\Panda Internet Security 2007\pavsrv51.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Panda Software\Panda Internet Security 2007\TPSrv.exe
    C:\Program Files\Ahead\InCD\InCDsrv.exe
    C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
    c:\program files\panda software\panda internet security 2007\firewall\PNMSRV.EXE
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\System32\cisvc.exe
    C:\WINDOWS\System32\CTsvcCDA.EXE
    C:\Program Files\DriveCrypt\DcrServ.exe
    C:\xampp\filezillaftp\filezillaserver.exe
    C:\Program Files\Common Files\LightScribe\LSSrvc.exe
    C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
    C:\WINDOWS\Explorer.EXE
    C:\xampp\mysql\bin\mysqld-nt.exe
    C:\WINDOWS\System32
    vsvc32.exe
    C:\Program Files\Panda Software\Panda Internet Security 2007\PavFnSvr.exe
    C:\Program Files\Common Files\Panda Software\PavShld\pavprsrv.exe
    C:\Program Files\Panda Software\Panda Internet Security 2007\AntiSpam\pskmssvc.exe
    C:\Program Files\Panda Software\Panda Internet Security 2007\PsImSvc.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\System32\Tablet.exe
    C:\Program Files\Panda Software\Panda Internet Security 2007\apvxdwin.exe
    C:\Program Files\Panda Software\Panda Internet Security 2007\SRVLOAD.EXE
    C:\WINDOWS\system32
    otepad.exe
    C:\WINDOWS\System32\Rundll32.exe
    C:\Program Files\Creative\SBAudigy\Surround Mixer\CTSysVol.exe
    C:\Program Files\Thrustmaster\Thrustmapper\TMTMTSR.exe
    C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
    C:\WINDOWS\System32\RUNDLL32.EXE
    C:\WINDOWS\System32\ctfmon.exe
    C:\WINDOWS\system32\WTablet\TabUserW.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Program Files\Panda Software\Panda Internet Security 2007\AVENGINE.EXE
    C:\Program Files\MSN Messenger\msnmsgr.exe
    C:\Program Files\Panda Software\Panda Internet Security 2007\psimreal.exe
    C:\WINDOWS\System32\cidaemon.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi
    edir.dll?prd=ie&ar=iesearch
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi
    edir.dll?prd=ie&pver=6&ar=msnhome
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft.com/isapi
    edir.dll?prd=ie&pver=6&ar=msnhome
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com/isapi
    edir.dll?prd=ie&ar=iesearch
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi
    edir.dll?prd=ie&ar=iesearch
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi
    edir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [P17Helper] Rundll32 P17.dll,P17Helper
    O4 - HKLM\..\Run: [CTSysVol] C:\Program Files\Creative\SBAudigy\Surround Mixer\CTSysVol.exe

    O4 - HKLM\..\Run: [ThrustTSR] C:\Program Files\Thrustmaster\Thrustmapper\TMTMTSR.exe
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [SW20] C:\WINDOWS\System32\sw20.exe
    O4 - HKLM\..\Run: [SW24] C:\WINDOWS\System32\sw24.exe
    O4 - HKLM\..\Run: [REGSHAVE] C:\Program Files\REGSHAVE\REGSHAVE.EXE /AUTORUN
    O4 - HKLM\..\Run: [APVXDWIN] "C:\Program Files\Panda Software\Panda Internet Security 2007\APVXDWIN.EXE" /s
    O4 - HKLM\..\Run: [SCANINICIO] "C:\Program Files\Panda Software\Panda Internet Security 2007\Inicio.exe"
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
    O4 - HKLM\..\Run: [Synchronization Manager] %SystemRoot%\system32\mobsync.exe /logon
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
    O4 - HKCU\..\Run: [STYLEXP] C:\Program Files\TGTSoft\StyleXP\StyleXP.exe -Hide
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [EVEREST AutoStart] C:\Documents and Settings\Rémon\Bureaublad
    ieuw\everest\everest.exe
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Lokale service')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Netwerkservice')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
    O4 - Startup: CPUFSB.lnk = C:\Program Files\CPUFSB\CPUFSB.exe
    O4 - Startup: Stickies.lnk = C:\Program Files\Stickies\stickies.exe
    O4 - Startup: WinMySQLadmin.lnk = C:\xampp\mysql\bin\winmysqladmin.exe
    O4 - Global Startup: TabUserW.exe.lnk = C:\WINDOWS\system32\WTablet\TabUserW.exe
    O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
    O16 - DPF: {1A4DA620-6217-11CF-BE62-0080C72EDD2D} (MarqueeCtl Object) - file://E:\scripts\vbscript\marquee.ocx
    O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w2/pr02
    esources/MSNPUpld.cab
    O16 - DPF: {59CCB4A0-727D-11CF-AC36-00AA00A47DD2} (Timer Object) - file://E:\scripts\vbscript\ietimer.ocx
    O16 - DPF: {99B42120-6EC7-11CF-A6C7-00AA00A47DD2} (Label Object) - file://E:\scripts\vbscript\ielabel.ocx
    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload.adobe.com/pub/shockwave/cabs/flash/swflash.cab
    O17 - HKLM\System\CCS\Services\Tcpip\..\{5EC61CD7-1FF7-4A9A-BE91-4AE3B8D30E6D}: NameServer = 192.168.1.254
    O17 - HKLM\System\CS2\Services\Tcpip\..\{5EC61CD7-1FF7-4A9A-BE91-4AE3B8D30E6D}: NameServer = 192.168.1.254
    O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
    O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.EXE
    O23 - Service: DriveCrypt Service (DriveCryptService) - Unknown owner - C:\Program Files\DriveCrypt\DcrServ.exe
    O23 - Service: FileZilla Server FTP server (FileZilla Server) - FileZilla Project - C:\xampp\filezillaftp\filezillaserver.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
    O23 - Service: InCD Helper (read only) (InCDsrvR) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
    O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Unknown owner - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
    O23 - Service: mysql - Unknown owner - C:\xampp\mysql\bin\mysqld-nt.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32
    vsvc32.exe
    O23 - Service: Panda Function Service (PAVFNSVR) - Panda Software International - C:\Program Files\Panda Software\Panda Internet Security 2007\PavFnSvr.exe
    O23 - Service: Panda Process Protection Service (PavPrSrv) - Panda Software - C:\Program Files\Common Files\Panda Software\PavShld\pavprsrv.exe
    O23 - Service: Panda anti-virus service (PAVSRV) - Panda Software International - C:\Program Files\Panda Software\Panda Internet Security 2007\pavsrv51.exe
    O23 - Service: Panda Antispam Engine (pmshellsrv) - Panda Software International - C:\Program Files\Panda Software\Panda Internet Security 2007\AntiSpam\pskmssvc.exe
    O23 - Service: Panda Network Manager (PNMSRV) - Panda Software International - c:\program files\panda software\panda internet security 2007\firewall\PNMSRV.EXE
    O23 - Service: Panda IManager Service (PSIMSVC) - Panda Software - C:\Program Files\Panda Software\Panda Internet Security 2007\PsImSvc.exe
    O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - C:\Program Files\WinPcap\rpcapd.exe
    O23 - Service: StyleXPService - Unknown owner - C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
    O23 - Service: TabletService - Wacom Technology, Corp. - C:\WINDOWS\System32\Tablet.exe
    O23 - Service: Panda TPSrv (TPSrv) - Panda Software - C:\Program Files\Panda Software\Panda Internet Security 2007\TPSrv.exe
    O23 - Service: TuneUp WinStyler Theme Service (TUWinStylerThemeSvc) - TuneUp Software GmbH - C:\Program Files\TuneUp Utilities 2006\WinStylerThemeSvc.exe
    O23 - Service: XAMPP Service (XAMPP) - Unknown owner - C:\xampp\service.exe
    O24 - Desktop Component 1: Computer!Totaal :: Bekijk onderwerp - Standaard systeem benodigdheden voor server(info inside) - http://forum.computertotaal.nl/phpBB2/viewtopic.php?t=185019


    End of file - 10300 bytes













  • Zo te zien is het ergste weg, nu als de wiedeweerga je [b:46c0fefaf9]windows updaten [/b:46c0fefaf9]want je hebt niet eens SP1 en je systeem zal binnen de korste keren weer besmet worden omdat je vele security updates mist.
  • ehm… ik ben een beetje illegaal met mijn windows…
    ik heb geen geld voor XP Pro….
  • Tja , dan kan ik je niet verder helpen. Een boete is nog duurder he.

Beantwoord deze vraag

Dit is een gearchiveerde pagina. Antwoorden is niet meer mogelijk.