Vraag & Antwoord

Beveiliging & privacy

Even vragen of mijn pc goed is

17 antwoorden
  • Hallo Ik wou gewoon even vragen of mijn pc goed is Hier het logje: Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 16:38:46, on 22-2-2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16608) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\System32\Ati2evxx.exe F:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe F:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe C:\Program Files\McAfee\McAfee VirusScan\Avsynmgr.exe C:\WINDOWS\System32\CTsvcCDA.exe C:\WINDOWS\System32\GEARSec.exe C:\WINDOWS\system32\HPZipm12.exe C:\Program Files\McAfee\McAfee VirusScan\VsStat.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\PowerQuest\Drive Image 7.0\Agent\PQV2iSvc.exe C:\WINDOWS\System32\MsPMSPSv.exe C:\Program Files\McAfee\McAfee VirusScan\Vshwin32.exe C:\Program Files\Common Files\Network Associates\McShield\Mcshield.exe C:\Program Files\McAfee\McAfee VirusScan\Avconsol.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\System32\DSentry.exe C:\WINDOWS\system32\LVCOMSX.EXE C:\Program Files\Logitech\Video\LogiTray.exe C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe F:\Program Files\HP\HP Software Update\HPWuSchd2.exe C:\WINDOWS\system32\rundll32.exe F:\PROGRA~1\Grisoft\AVG7\avgcc.exe C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe F:\Program Files\VoipBuster.com\VoipBuster\VoipBuster.exe C:\Program Files\Logitech\Video\FxSvr2.exe F:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe F:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkCalRem.exe F:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe C:\Program Files\MSN Messenger\usnsvc.exe F:\Program Files\LimeWire\LimeWire.exe C:\Documents and Settings\Maarten\Application Data\U3\00001873CB61BDAA\LaunchPad.exe C:\WINDOWS\regedit.exe C:\PROGRA~1\Mozilla Firefox\firefox.exe F:\Program Files\Trend Micro\HijackThis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.euro.dell.com/ R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.nl/0SENLNL/SAOS01?FORM=TOOLBR R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://g.msn.nl/0SENLNL/SAOS01?FORM=TOOLBR R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.nl/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.nl/0SENLNL/SAOS01?FORM=TOOLBR R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = \blank.htm R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://g.msn.com/5menl_ms/156 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen O2 - BHO: (no name) - {02B88A4F-27BB-447E-B704-6D4BE72980CA} - C:\WINDOWS\system32\KBDHE419.DLL O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar4.dll O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O3 - Toolbar: McAfee VirusScan - {ACB1E670-3217-45C4-A021-6B829A8A27CB} - C:\Program Files\McAfee\McAfee VirusScan\VSCShellExtension.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar4.dll O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: [diagent] "C:\Program Files\Creative\SBLive\Diagnostics\diagent.exe" startup O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE O4 - HKLM\..\Run: [DVDSentry] C:\WINDOWS\System32\DSentry.exe O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe" O4 - HKLM\..\Run: [HP Software Update] F:\Program Files\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [media poll bib first] C:\Documents and Settings\All Users\Application Data\up creative first dumb\Fork settings itch.exe O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent O4 - HKLM\..\Run: [AVG7_CC] F:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [VoipBuster] "F:\Program Files\VoipBuster.com\VoipBuster\VoipBuster.exe" -nosplash -minimized O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Lokale service') O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] F:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'Lokale service') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Netwerkservice') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'Default user') O4 - Startup: RocketDock.lnk = F:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe O4 - Startup: wkcalrem.LNK = C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkCalRem.exe O4 - Global Startup: HP Digital Imaging Monitor.lnk = F:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O4 - Global Startup: Snelstart HP Image Zone.lnk = F:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe O8 - Extra context menu item: &Google Zoeken - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm O8 - Extra context menu item: &Woord vertalen in het Nederlands - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: Gelijkwaardige pagina's - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html O8 - Extra context menu item: Koppelingspagina's - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html O8 - Extra context menu item: Opgeslagen momentopname van de pagina - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O12 - Plugin for .fpx: C:\\Program Files\\Internet Explorer\\PLUGINS\\NPRVRT32.dll O12 - Plugin for .ivr: C:\\Program Files\\Internet Explorer\\PLUGINS\\NPRVRT32.dll O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} (CamImage Class) - http://activex.webcam.nl/AxisCamControl.cab O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - F:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - F:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe O23 - Service: AVSync Manager (AvSynMgr) - Network Associates, Inc. - C:\Program Files\McAfee\McAfee VirusScan\Avsynmgr.exe O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.exe O23 - Service: GEARSecurity - GEAR Software - C:\WINDOWS\System32\GEARSec.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: McShield - Unknown owner - C:\Program Files\Common Files\Network Associates\McShield\Mcshield.exe O23 - Service: Intel(R) NMS (NMSSvc) - Intel Corporation - C:\WINDOWS\System32\NMSSvc.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: V2i Protector - PowerQuest Corporation - C:\Program Files\PowerQuest\Drive Image 7.0\Agent\PQV2iSvc.exe O24 - Desktop Component 0: (no name) - file:///C:/DOCUME~1/Maarten/LOCALS~1/Temp/msohtml1/01/clip_image002.jpg -- End of file - 11099 bytes En oh ja weet iemand een goeie firewall? :roll:
  • als je geen reactie krijgt zou je je hjt naar www.hijackthis.de (geen hyperlink) kunnen laten beoordelen. Ze maakten een opmerking over de regel waar R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = \blank.htm in staat.
  • Maar vertrouw niet al te veel op het oordeel van die site.
  • Wat vond hijackthis.de van deze regels: [b:fdecadbc80]O2 - BHO: (no name) - {02B88A4F-27BB-447E-B704-6D4BE72980CA} - C:\WINDOWS\system32\KBDHE419.DLL O4 - HKLM\..\Run: [media poll bib first] C:\Documents and Settings\All Users\Application Data\up creative first dumb\Fork settings itch.exe[/b:fdecadbc80] :P Die regels even verwijderen met Hijackthis. Herstart daarna je computer. Download dit bestand: [url=http://home.hetnet.nl/~stefsmeenk/deljob][b:fdecadbc80]Deljob.exe[/b:fdecadbc80][/url] ([url=http://members.lycos.nl/deljob/]mirror[/url]) Dubbelklik Deljob.exe. Een logje(logit.txt) zal openen. Post de inhoud van [b:fdecadbc80]logit.txt[/b:fdecadbc80] in je volgende bericht. Post ook een nieuw logje van HijackThis ;)
  • hier is de Hijack + de Deljob: Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 18:46:57, on 25-2-2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16608) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\System32\Ati2evxx.exe F:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe F:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe C:\Program Files\McAfee\McAfee VirusScan\Avsynmgr.exe C:\WINDOWS\System32\CTsvcCDA.exe C:\WINDOWS\System32\GEARSec.exe C:\WINDOWS\system32\HPZipm12.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\McAfee\McAfee VirusScan\VsStat.exe C:\Program Files\PowerQuest\Drive Image 7.0\Agent\PQV2iSvc.exe C:\WINDOWS\System32\MsPMSPSv.exe C:\Program Files\McAfee\McAfee VirusScan\Vshwin32.exe C:\Program Files\Common Files\Network Associates\McShield\Mcshield.exe C:\Program Files\McAfee\McAfee VirusScan\Avconsol.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\System32\DSentry.exe C:\WINDOWS\system32\LVCOMSX.EXE C:\Program Files\Logitech\Video\LogiTray.exe C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe F:\Program Files\HP\HP Software Update\HPWuSchd2.exe C:\WINDOWS\system32\rundll32.exe F:\PROGRA~1\Grisoft\AVG7\avgcc.exe C:\Program Files\MSN Messenger\msnmsgr.exe C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe F:\Program Files\VoipBuster.com\VoipBuster\VoipBuster.exe F:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe F:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkCalRem.exe C:\Program Files\Logitech\Video\FxSvr2.exe F:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe C:\Program Files\Java\jre1.5.0_09\bin\jucheck.exe F:\Program Files\LimeWire\LimeWire.exe C:\PROGRA~1\Mozilla Firefox\firefox.exe C:\WINDOWS\system32\notepad.exe C:\WINDOWS\system32\wuauclt.exe F:\Program Files\Trend Micro\HijackThis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.euro.dell.com/ R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.nl/0SENLNL/SAOS01?FORM=TOOLBR R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://g.msn.nl/0SENLNL/SAOS01?FORM=TOOLBR R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.nl/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.nl/0SENLNL/SAOS01?FORM=TOOLBR R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = \blank.htm R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://g.msn.com/5menl_ms/156 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar4.dll O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O2 - BHO: Ask Toolbar BHO - {F0D4B231-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\AskSBar\bar\1.bin\ASKSBAR.DLL O3 - Toolbar: McAfee VirusScan - {ACB1E670-3217-45C4-A021-6B829A8A27CB} - C:\Program Files\McAfee\McAfee VirusScan\VSCShellExtension.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar4.dll O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O3 - Toolbar: Ask Toolbar - {F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\AskSBar\bar\1.bin\ASKSBAR.DLL O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: [diagent] "C:\Program Files\Creative\SBLive\Diagnostics\diagent.exe" startup O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE O4 - HKLM\..\Run: [DVDSentry] C:\WINDOWS\System32\DSentry.exe O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe" O4 - HKLM\..\Run: [HP Software Update] F:\Program Files\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [media poll bib first] C:\Documents and Settings\All Users\Application Data\up creative first dumb\Fork settings itch.exe O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent O4 - HKLM\..\Run: [AVG7_CC] F:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [VoipBuster] "F:\Program Files\VoipBuster.com\VoipBuster\VoipBuster.exe" -nosplash -minimized O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Lokale service') O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] F:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'Lokale service') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Netwerkservice') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'Default user') O4 - Startup: RocketDock.lnk = F:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe O4 - Startup: wkcalrem.LNK = C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkCalRem.exe O4 - Global Startup: HP Digital Imaging Monitor.lnk = F:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O4 - Global Startup: Snelstart HP Image Zone.lnk = F:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe O8 - Extra context menu item: &Google Zoeken - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm O8 - Extra context menu item: &Woord vertalen in het Nederlands - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: Gelijkwaardige pagina's - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html O8 - Extra context menu item: Koppelingspagina's - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html O8 - Extra context menu item: Opgeslagen momentopname van de pagina - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O12 - Plugin for .fpx: C:\\Program Files\\Internet Explorer\\PLUGINS\\NPRVRT32.dll O12 - Plugin for .ivr: C:\\Program Files\\Internet Explorer\\PLUGINS\\NPRVRT32.dll O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} (CamImage Class) - http://activex.webcam.nl/AxisCamControl.cab O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - F:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - F:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe O23 - Service: AVSync Manager (AvSynMgr) - Network Associates, Inc. - C:\Program Files\McAfee\McAfee VirusScan\Avsynmgr.exe O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.exe O23 - Service: GEARSecurity - GEAR Software - C:\WINDOWS\System32\GEARSec.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: McShield - Unknown owner - C:\Program Files\Common Files\Network Associates\McShield\Mcshield.exe O23 - Service: Intel(R) NMS (NMSSvc) - Intel Corporation - C:\WINDOWS\System32\NMSSvc.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: V2i Protector - PowerQuest Corporation - C:\Program Files\PowerQuest\Drive Image 7.0\Agent\PQV2iSvc.exe O24 - Desktop Component 0: (no name) - file:///C:/DOCUME~1/Maarten/LOCALS~1/Temp/msohtml1/01/clip_image002.jpg -- End of file - 11341 bytes Hier de Deljob: -------------------------------------------------------- No LOP job-files found -------------------------------------------------------- Files in Windows Tasks folder Controleren op updates voor Windows Live Toolbar.job Symantec NetDetect.job -------------------------------------------------------- Export App Data folders -------------------------------------------------------- De volumenaam van station C is HD1_1 Het volumenummer is DCB9-0B09 Map van C:\Documents and Settings\Maarten\Application Data 22-02-2008 19:38 <DIR> . 22-02-2008 19:38 <DIR> .. 24-03-2005 14:28 <DIR> ACDSYS~1 ACD Systems 15-01-2008 17:48 <DIR> Adobe 05-03-2007 17:33 <DIR> Ahead 25-02-2008 12:30 <DIR> AVG7 06-11-2006 17:08 <DIR> Babylon 23-02-2008 18:57 <DIR> FROSTW~1 FrostWire 13-09-2006 15:15 <DIR> Google 14-09-2007 15:29 <DIR> HbTools 24-04-2004 08:56 <DIR> Help 07-02-2003 13:22 <DIR> IDENTI~1 Identities 20-01-2006 16:28 <DIR> MACROM~1 Macromedia 25-10-2007 14:39 <DIR> MICROS~1 Microsoft 21-01-2005 15:39 <DIR> MICROS~2 Microsoft Games 15-01-2008 17:36 <DIR> Mozilla 28-09-2006 13:24 <DIR> MSN6 28-01-2007 18:33 <DIR> Sun 07-02-2003 13:46 <DIR> Symantec 19-01-2008 15:12 <DIR> Talkback 09-06-2006 11:36 <DIR> TEAMSP~1 teamspeak2 19-08-2003 19:31 <DIR> Template 24-02-2008 20:27 <DIR> U3 26-10-2007 08:49 <DIR> VOIPBU~1 VoipBuster 13-01-2008 15:39 <DIR> Xfire 0 bestand(en) 0 bytes 25 map(pen) 822.026.240 bytes beschikbaar De volumenaam van station C is HD1_1 Het volumenummer is DCB9-0B09 Map van C:\Documents and Settings\All Users\Application Data 15-01-2008 21:19 <DIR> . 15-01-2008 21:19 <DIR> .. 13-09-2006 20:36 <DIR> ACDSYS~1 ACD Systems 15-01-2008 21:37 <DIR> avg7 07-02-2003 13:45 <DIR> Creative 15-01-2008 21:22 <DIR> DUMBPU~1 dumb pure bind support 12-09-2006 20:10 <DIR> Google 15-01-2008 21:19 <DIR> Grisoft 31-01-2007 20:54 <DIR> MICROS~1 Microsoft 21-12-2004 22:14 <DIR> MICROS~2 Microsoft Games 12-04-2003 14:39 <DIR> MSN6 16-11-2004 20:54 <DIR> POWERQ~1 PowerQuest 29-01-2006 14:50 <DIR> QUICKT~1 QuickTime 07-02-2003 13:44 <DIR> SBSI 17-11-2004 22:25 <DIR> SPYBOT~1 Spybot - Search & Destroy 11-06-2003 19:54 <DIR> Symantec 31-08-2007 14:44 <DIR> UPCREA~1 up creative first dumb 31-01-2006 21:19 <DIR> WINDOW~1 Windows Genuine Advantage 17-09-2007 15:06 <DIR> WINDOW~2 Windows Live Toolbar 0 bestand(en) 0 bytes 19 map(pen) 822.026.240 bytes beschikbaar -------------------------------------------------------- All User Accounts -------------------------------------------------------- All Users Gast ieder Maarten Marita Peter Tijmen --------------------------------------------------------
  • Start de computer in [url=http://users.pandora.be/marcvn/spyware/1378056.htm]veilige modus[/url]. Start HijackThis nog een keer en plaats alleen een vinkje voor de volgende regel: [b:4e176829a8]O4 - HKLM\..\Run: [media poll bib first] C:\Documents and Settings\All Users\Application Data\up creative first dumb\Fork settings itch.exe[/b:4e176829a8] Sluit alle open vensters(behalve HijackThis), klik daarna op "Fix checked" en sluit HijackThis af. Open een kladblokbestand. Kopieer onderstaande (alles wat vetgedrukt is) in dit kladblokbestand. [b:4e176829a8]@ECHO OFF IF EXIST log.txt DEL log.txt ECHO Deleting folders>>log.txt FOR %%I in ( "C:\Documents and Settings\All Users\Application Data\up creative first dumb" "C:\Documents and Settings\All Users\Application Data\dumb pure bind support" "C:\Documents and Settings\Maarten\Application Data\HbTools") DO ( IF EXIST %%I ( RD /S /Q %%I IF EXIST %%I ( ECHO %%I not deleted>>log.txt ) ELSE ( ECHO %%I deleted>>log.txt) ) ELSE ( ECHO %%I not found>>log.txt)) START NOTEPAD.EXE log.txt [/b:4e176829a8] Ga naar Bestand - Opslaan als. Bij "Opslaan in" kies je: Bureaublad Bij "Bestandsnaam" zet je: del.bat Bij "Opslaan als type" selecteer je: Alle bestanden (*.*). Klik op de knop Opslaan. Dubbelklik op del.bat en bewaar de logfile die opent. Herstart in normale modus en post log.txt, post ook een nieuw logje van Hijackthis. Ik zie trouwens dat er meerdere accounts zijn, check even of er op die andere accounts ook problemen met popups zijn ;)
  • nog een klein vraagje Moet ik ook nog een deljob maken. Ahh weet je wat ik doe dat wel voor de zekerheid
  • [quote="smeenk"]Start de computer in [url=http://users.pandora.be/marcvn/spyware/1378056.htm]veilige modus[/url]. Start HijackThis nog een keer en plaats alleen een vinkje voor de volgende regel: [b]O4 - HKLM\..\Run: [media poll bib first] C:\Documents and Settings\All Users\Application Data\up creative first dumb\Fork settings itch.exe[/b] Sluit alle open vensters(behalve HijackThis), klik daarna op "Fix checked" en sluit HijackThis af. Open een kladblokbestand. Kopieer onderstaande (alles wat vetgedrukt is) in dit kladblokbestand. [b]@ECHO OFF IF EXIST log.txt DEL log.txt ECHO Deleting folders>>log.txt FOR %%I in ( "C:\Documents and Settings\All Users\Application Data\up creative first dumb" "C:\Documents and Settings\All Users\Application Data\dumb pure bind support" "C:\Documents and Settings\Maarten\Application Data\HbTools") DO ( IF EXIST %%I ( RD /S /Q %%I IF EXIST %%I ( ECHO %%I not deleted>>log.txt ) ELSE ( ECHO %%I deleted>>log.txt) ) ELSE ( ECHO %%I not found>>log.txt)) START NOTEPAD.EXE log.txt [/b] Ga naar Bestand - Opslaan als. Bij "Opslaan in" kies je: Bureaublad Bij "Bestandsnaam" zet je: del.bat Bij "Opslaan als type" selecteer je: Alle bestanden (*.*). Klik op de knop Opslaan. Dubbelklik op del.bat en bewaar de logfile die opent. Herstart in normale modus en post log.txt, post ook een nieuw logje van Hijackthis. Ik zie trouwens dat er meerdere accounts zijn, check even of er op die andere accounts ook problemen met popups zijn ;)[/quote]ik had veilige modus zonder netwerk nog wat gedaan dus nu moet ik het overtypen van de andere pc (deze)
  • Overtypen :lol: Kan je de instructies niet opslaan in een kladblokbestand en in veilige modus dat kladblokbestand bekijken?
  • nou hier heb ik het hijackthis logje: Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 11:46:52, on 26-2-2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16608) Boot mode: Safe mode Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\Explorer.EXE F:\Program Files\Trend Micro\HijackThis\HijackThis.exe C:\WINDOWS\system32\NOTEPAD.EXE R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.euro.dell.com/ R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.nl/0SENLNL/SAOS01?FORM=TOOLBR R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://g.msn.nl/0SENLNL/SAOS01?FORM=TOOLBR R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.nl/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.nl/0SENLNL/SAOS01?FORM=TOOLBR R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = \blank.htm R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://g.msn.com/5menl_ms/156 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar4.dll O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O2 - BHO: Ask Toolbar BHO - {F0D4B231-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\AskSBar\bar\1.bin\ASKSBAR.DLL O3 - Toolbar: McAfee VirusScan - {ACB1E670-3217-45C4-A021-6B829A8A27CB} - C:\Program Files\McAfee\McAfee VirusScan\VSCShellExtension.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar4.dll O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O3 - Toolbar: Ask Toolbar - {F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\AskSBar\bar\1.bin\ASKSBAR.DLL O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: [diagent] "C:\Program Files\Creative\SBLive\Diagnostics\diagent.exe" startup O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE O4 - HKLM\..\Run: [DVDSentry] C:\WINDOWS\System32\DSentry.exe O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe" O4 - HKLM\..\Run: [HP Software Update] F:\Program Files\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent O4 - HKLM\..\Run: [AVG7_CC] F:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [VoipBuster] "F:\Program Files\VoipBuster.com\VoipBuster\VoipBuster.exe" -nosplash -minimized O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Netwerkservice') O4 - HKUS\S-1-5-20\..\Run: [AVG7_Run] F:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'Netwerkservice') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'SYSTEM') O4 - HKUS\S-1-5-18\..\Run: [AVG7_Run] F:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'Default user') O4 - Startup: RocketDock.lnk = F:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe O4 - Startup: wkcalrem.LNK = C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkCalRem.exe O4 - Global Startup: HP Digital Imaging Monitor.lnk = F:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O4 - Global Startup: Snelstart HP Image Zone.lnk = F:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe O8 - Extra context menu item: &Google Zoeken - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm O8 - Extra context menu item: &Woord vertalen in het Nederlands - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: Gelijkwaardige pagina's - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html O8 - Extra context menu item: Koppelingspagina's - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html O8 - Extra context menu item: Opgeslagen momentopname van de pagina - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O12 - Plugin for .fpx: C:\\Program Files\\Internet Explorer\\PLUGINS\\NPRVRT32.dll O12 - Plugin for .ivr: C:\\Program Files\\Internet Explorer\\PLUGINS\\NPRVRT32.dll O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} (CamImage Class) - http://activex.webcam.nl/AxisCamControl.cab O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - F:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - F:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe O23 - Service: AVSync Manager (AvSynMgr) - Network Associates, Inc. - C:\Program Files\McAfee\McAfee VirusScan\Avsynmgr.exe O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.exe O23 - Service: GEARSecurity - GEAR Software - C:\WINDOWS\System32\GEARSec.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: McShield - Unknown owner - C:\Program Files\Common Files\Network Associates\McShield\Mcshield.exe O23 - Service: Intel(R) NMS (NMSSvc) - Intel Corporation - C:\WINDOWS\System32\NMSSvc.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: V2i Protector - PowerQuest Corporation - C:\Program Files\PowerQuest\Drive Image 7.0\Agent\PQV2iSvc.exe O24 - Desktop Component 0: (no name) - file:///C:/DOCUME~1/Maarten/LOCALS~1/Temp/msohtml1/01/clip_image002.jpg -- End of file - 9515 bytes Ohh ja dat del.bat is niet gelukt ik probeerde het te openen maar het lukte niet. Hier nog een Deljob: -------------------------------------------------------- No LOP job-files found -------------------------------------------------------- Files in Windows Tasks folder Controleren op updates voor Windows Live Toolbar.job Symantec NetDetect.job -------------------------------------------------------- Export App Data folders -------------------------------------------------------- De volumenaam van station C is HD1_1 Het volumenummer is DCB9-0B09 Map van C:\Documents and Settings\Maarten\Application Data 22-02-2008 19:38 <DIR> . 22-02-2008 19:38 <DIR> .. 24-03-2005 14:28 <DIR> ACDSYS~1 ACD Systems 15-01-2008 17:48 <DIR> Adobe 05-03-2007 17:33 <DIR> Ahead 26-02-2008 12:05 <DIR> AVG7 06-11-2006 17:08 <DIR> Babylon 23-02-2008 18:57 <DIR> FROSTW~1 FrostWire 13-09-2006 15:15 <DIR> Google 14-09-2007 15:29 <DIR> HbTools 24-04-2004 08:56 <DIR> Help 07-02-2003 13:22 <DIR> IDENTI~1 Identities 20-01-2006 16:28 <DIR> MACROM~1 Macromedia 25-10-2007 14:39 <DIR> MICROS~1 Microsoft 21-01-2005 15:39 <DIR> MICROS~2 Microsoft Games 15-01-2008 17:36 <DIR> Mozilla 28-09-2006 13:24 <DIR> MSN6 28-01-2007 18:33 <DIR> Sun 07-02-2003 13:46 <DIR> Symantec 19-01-2008 15:12 <DIR> Talkback 09-06-2006 11:36 <DIR> TEAMSP~1 teamspeak2 19-08-2003 19:31 <DIR> Template 26-02-2008 15:28 <DIR> U3 26-10-2007 08:49 <DIR> VOIPBU~1 VoipBuster 13-01-2008 15:39 <DIR> Xfire 0 bestand(en) 0 bytes 25 map(pen) 523.857.920 bytes beschikbaar De volumenaam van station C is HD1_1 Het volumenummer is DCB9-0B09 Map van C:\Documents and Settings\All Users\Application Data 26-02-2008 16:18 <DIR> . 26-02-2008 16:18 <DIR> .. 13-09-2006 20:36 <DIR> ACDSYS~1 ACD Systems 15-01-2008 21:37 <DIR> avg7 07-02-2003 13:45 <DIR> Creative 15-01-2008 21:22 <DIR> DUMBPU~1 dumb pure bind support 12-09-2006 20:10 <DIR> Google 15-01-2008 21:19 <DIR> Grisoft 31-01-2007 20:54 <DIR> MICROS~1 Microsoft 21-12-2004 22:14 <DIR> MICROS~2 Microsoft Games 12-04-2003 14:39 <DIR> MSN6 16-11-2004 20:54 <DIR> POWERQ~1 PowerQuest 29-01-2006 14:50 <DIR> QUICKT~1 QuickTime 07-02-2003 13:44 <DIR> SBSI 26-02-2008 16:22 <DIR> SPYBOT~1 Spybot - Search & Destroy 26-02-2008 16:18 <DIR> SURFRI~1 SurfRight 11-06-2003 19:54 <DIR> Symantec 31-08-2007 14:44 <DIR> UPCREA~1 up creative first dumb 31-01-2006 21:19 <DIR> WINDOW~1 Windows Genuine Advantage 17-09-2007 15:06 <DIR> WINDOW~2 Windows Live Toolbar 0 bestand(en) 0 bytes 20 map(pen) 523.857.920 bytes beschikbaar -------------------------------------------------------- All User Accounts -------------------------------------------------------- All Users Gast ieder Maarten Marita Peter Tijmen --------------------------------------------------------
  • Hmmm del.bat zou toch eigenlijk moeten werken :? Probeer dit eens: Download: [url=http://home.hetnet.nl/~stefsmeenk/del.exe][color=blue:fb709dc824][b:fb709dc824]del.exe[/b:fb709dc824][/color:fb709dc824][/url] Dubbelklik del.exe en post het logje dat opent ;)
  • sorry dat ik lang weg was maar in het volgende berichtje staat nog wat
  • [quote="smeenk"]Hmmm del.bat zou toch eigenlijk moeten werken :? Probeer dit eens: Download: [url=http://home.hetnet.nl/~stefsmeenk/del.exe][color=blue][b]del.exe[/b][/color][/url] Dubbelklik del.exe en post het logje dat opent ;)[/quote]dat lukt oooook niet er staat heel vaak het woord token en dan na een tijdje zegt ie kan het bestand delete.bat niet vinden en dan nog wat
  • Als je trouwens nog steeds geen firewall hebt, kijk dan eens naar comodo.
  • [quote:0223d2e955="gerben"]Als je trouwens nog steeds geen firewall hebt, kijk dan eens naar comodo.[/quote:0223d2e955]nee ik heb er al 1 van zonealarm
  • Niet gezien dat je alsnog gereageerd had :oops: Probeer deze mappen handmatig te verwijderen: C:\Documents and Settings\All Users\Application Data\[b:5fa35a58a5]up creative first dumb[/b:5fa35a58a5] C:\Documents and Settings\All Users\Application Data\[b:5fa35a58a5]dumb pure bind support[/b:5fa35a58a5] C:\Documents and Settings\Maarten\Application Data\[b:5fa35a58a5]HbTools[/b:5fa35a58a5] Zijn er nog problemen?
  • deze kan gesloten worden hele pc was naar de haaien en dus voor iets meer als honderd euries een HD 2400 in laten bouwen een nieuwe HD en 512 MB ram geheugen Dus deze kan gesloten worden

Beantwoord deze vraag

Weet jij het antwoord op deze vraag? Registreer of meld je aan met je account

Dit is een gearchiveerde pagina. Antwoorden is niet meer mogelijk.