Vraag & Antwoord

Beveiliging & privacy

rare melding

Anoniem
M@rc
36 antwoorden
  • Bert,

    Bestanden ontvangen. Dank je.
    Heb heel vlug even gekeken en deze moeten weg.
    We kunnen best eerst even kijken waar ze naar verwijzen in het register.
    Download de Registry Search Tool hier. Unzip en run het script. Krijg je een reactie van je antivirusprogramma dan moet je Script blocking uitschakelen in het anti-virusprogramma. In het Zoekveld geef je het volgende in:
    [b:712975441c]helper.exe[/b:712975441c]
    Post het resultaat.

    Doe hetzelfde voor [b:712975441c]ole32vbs.exe[/b:712975441c]

    Maak een nieuwe Hijackthislog en post deze ook.
  • REGEDIT4
    ; RegSrch.vbs © Bill James

    ; Registry search results for string "helper.exe" 29-3-2005 21:01:57

    ; NOTE: This file will be deleted when you close WordPad.
    ; You must manually save this file to a new location if you want to refer to it again later.
    ; (If you save the file with a .reg extension, you can use it to restore any Registry changes you make to these values.)


    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer\run]
    "winlogon.exe"="helper.exe"

    [HKEY_USERS\S-1-5-21-3554970537-333336155-1624158702-1006\Software\Microsoft\Search Assistant\ACMru\5603]
    "001"="helper.exe"

    [HKEY_USERS\S-1-5-21-3554970537-333336155-1624158702-1006\Software\Microsoft\Windows\CurrentVersion\Run]
    "Hitman Pro SurfRight Helper"=""C:\\Program Files\\Hitman Pro\\srhelper.exe""

    [HKEY_USERS\S-1-5-21-3554970537-333336155-1624158702-1006\Software\Microsoft\Windows\ShellNoRoam\MUICache]
    "C:\\WINDOWS\\system32\\helper.exe"="helper"

    [HKEY_USERS\S-1-5-21-3554970537-333336155-1624158702-1006\Software\Microsoft\Windows\ShellNoRoam\MUICache]
    "C:\\Program Files\\Hitman Pro\\srhelper.exe"="srhelper"




    REGEDIT4
    ; RegSrch.vbs © Bill James

    ; Registry search results for string "ole32vbs.exe" 29-3-2005 21:07:57

    ; NOTE: This file will be deleted when you close WordPad.
    ; You must manually save this file to a new location if you want to refer to it again later.
    ; (If you save the file with a .reg extension, you can use it to restore any Registry changes you make to these values.)


    [HKEY_USERS\S-1-5-21-3554970537-333336155-1624158702-1006\Software\Microsoft\Search Assistant\ACMru\5603]
    "000"="ole32vbs.exe"



    Logfile of HijackThis v1.99.1
    Scan saved at 21:10:13, on 29-3-2005
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\SYSTEM32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
    C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
    C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
    C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
    C:\Program Files\Norton SystemWorks\Norton AntiVirus\navapsvc.exe
    C:\PROGRA~1\NORTON~1\NORTON~1\NPROTECT.EXE
    C:\PROGRA~1\NORTON~1\NORTON~1\SPEEDD~1\NOPDB.EXE
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
    C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Messenger\msmsgs.exe
    C:\WINDOWS\system32\helper.exe
    C:\ATI-CPanel\atiptaxx.exe
    C:\WINDOWS\SOUNDMAN.EXE
    C:\Program Files\Pinnacle\Shared Files\remoterm.exe
    C:\WINDOWS\system32\PRISMSTA.EXE
    C:\PROGRA~1\DAP\DAP.EXE
    C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb10.exe
    C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
    C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
    C:\Program Files\Java\jre1.5.0_02\bin\jusched.exe
    C:\WINDOWS\system32\LVCOMSX.EXE
    C:\Program Files\Logitech\Video\LogiTray.exe
    C:\WINDOWS\system32\rundll32.exe
    C:\Program Files\Common Files\Symantec Shared\ccApp.exe
    C:\Program Files\MessengerPlus! 3\MsgPlus.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Pinnacle\InstantCDDVD\InstantWrite\iwctrl.exe
    C:\Program Files\Hitman Pro\srhelper.exe
    C:\PROGRA~1\INCRED~1\bin\IMApp.exe
    C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
    C:\Program Files\HP\hpcoretech\comp\hptskmgr.exe
    C:\Program Files\Logitech\Video\FxSvr2.exe
    C:\Program Files\MSN Messenger\msnmsgr.exe
    C:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\PROGRA~1\INCRED~1\bin\IncMail.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\PROGRA~1\WinZip\winzip32.exe
    C:\WINDOWS\System32\WScript.exe
    C:\Program Files\Windows NT\Bureau-accessoires\WORDPAD.EXE
    C:\Documents and Settings\Bert\Mijn documenten\hijackthis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.zonnet.nl/
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: Web assistant - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
    O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton SystemWorks\Norton AntiVirus\NavShExt.dll
    O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton SystemWorks\Norton AntiVirus\NavShExt.dll
    O3 - Toolbar: Web assistant - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
    O4 - HKLM\..\Run: [ATIPTA] C:\ATI-CPanel\atiptaxx.exe
    O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
    O4 - HKLM\..\Run: [PinnacleDriverCheck] c:\WINDOWS\System32\PSDrvCheck.exe
    O4 - HKLM\..\Run: [PinnacleRemote] c:\Program Files\Pinnacle\Shared Files\remoterm.exe
    O4 - HKLM\..\Run: [PRISMSTA.EXE] PRISMSTA.EXE START
    O4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe" /icon
    O4 - HKLM\..\Run: [DownloadAccelerator] C:\PROGRA~1\DAP\DAP.EXE /STARTUP
    O4 - HKLM\..\Run: [PCTVRemote] C:\Program Files\Pinnacle\Shared Files\remoterm.exe
    O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb10.exe
    O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
    O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe"
    O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_02\bin\jusched.exe
    O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
    O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
    O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
    O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
    O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe
    O4 - HKLM\..\Run: [gcasServ] "C:\Program Files\Microsoft AntiSpyware\gcasServ.exe"
    O4 - HKLM\..\Run: [URLLSTCK.exe] C:\Program Files\Norton Internet Security\UrlLstCk.exe
    O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [IW_Drop_Icon] c:\Program Files\Pinnacle\InstantCDDVD\InstantWrite\iwctrl.exe /dropdisc
    O4 - HKCU\..\Run: [IncrediMail] C:\PROGRA~1\INCRED~1\bin\IncMail.exe /c
    O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
    O4 - HKCU\..\Run: [Norton SystemWorks] "C:\Program Files\Norton SystemWorks\cfgwiz.exe" /GUID {05858CFD-5CC4-4ceb-AAAF-CF00BF39736A} /MODE CfgWiz
    O4 - HKCU\..\Run: [Hitman Pro SurfRight Helper] "C:\Program Files\Hitman Pro\srhelper.exe"
    O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
    O4 - Global Startup: BTTray.lnk = ?
    O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
    O8 - Extra context menu item: &Add animation to IncrediMail Style Box - C:\PROGRA~1\INCRED~1\bin\resources\WebMenuImg.htm
    O8 - Extra context menu item: &Download with &DAP - C:\PROGRA~1\DAP\dapextie.htm
    O8 - Extra context menu item: Download &all with DAP - C:\PROGRA~1\DAP\dapextie2.htm
    O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
    O8 - Extra context menu item: Send To &Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
    O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
    O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra button: Microsoft AntiSpyware helper - {A481606A-E7CC-435C-8171-ABCE4D53F0E9} - (no file) (HKCU)
    O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {A481606A-E7CC-435C-8171-ABCE4D53F0E9} - (no file) (HKCU)
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5consumer/V5Controls/en/x86/client/wuweb_site.cab?1110634286921
    O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
    O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmessengersetupdownloader.cab
    O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://chat.msn.com/bin/msnchat45.cab
    O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab31267.cab
    O17 - HKLM\System\CCS\Services\Tcpip\..\{26674B4C-A814-43F0-B3FB-36B4BA167E94}: NameServer = 69.50.176.197 195.225.176.31
    O23 - Service: Bluetooth Service (btwdins) - WIDCOMM, Inc. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
    O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
    O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
    O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
    O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
    O23 - Service: Norton AntiVirus Auto-Protect-service (navapsvc) - Symantec Corporation - C:\Program Files\Norton SystemWorks\Norton AntiVirus\navapsvc.exe
    O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton SystemWorks\Norton AntiVirus\IWP\NPFMntor.exe
    O23 - Service: Norton Unerase Protection (NProtectService) - Symantec Corporation - C:\PROGRA~1\NORTON~1\NORTON~1\NPROTECT.EXE
    O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton SystemWorks\Norton AntiVirus\SAVScan.exe
    O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
    O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
    O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
    O23 - Service: Speed Disk service - Symantec Corporation - C:\PROGRA~1\NORTON~1\NORTON~1\SPEEDD~1\NOPDB.EXE
    O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
    O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
  • Bert,

    Dit zou het moeten doen volgens mij:

    Open een klablokbestand.
    Kopieer onderstaande code in dit kladblokbestand.
    Ga naar Bestand - Opslaan als.
    Bij "Opslaan in" kies je: Bureaublad
    Bij "Bestandsnaam" zet je: fix.reg
    Bij "Opslaan als type" selecteer je: Alle bestanden (*.*).
    Klik op de knop Opslaan.

    [code:1:8d1707ade3]REGEDIT4

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer\run]
    "winlogon.exe"=-
    [/code:1:8d1707ade3]

    Start de computer in veilige modus.

    Fix deze met Hijackthis:
    [b:8d1707ade3]
    O17 - HKLM\System\CCS\Services\Tcpip\..\{26674B4C-A814-43F0-B3FB-36B4BA167E94}: NameServer = 69.50.176.197 195.225.176.31[/b:8d1707ade3]

    verwijder deze bestanden:
    C:\WINDOWS\system32\helper.exe
    C:\WINDOWS\system32\ole32vbs.exe

    Dubbelklik op de fix.reg file en laat de wijzigingen aan het register toevoegen.

    Herstart de computer en maak een nieuwe hijackthislog. Post deze.
    Vertel me hoe de situatie nu is.
  • hoi marc
    in de veilige modus zijn de bestanden wat je zei niet te vinden in de hijjacklog
    zie hieronder de log

    Logfile of HijackThis v1.99.1
    Scan saved at 21:50:50, on 29-3-2005
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\SYSTEM32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\Explorer.EXE
    C:\Documents and Settings\Bert\Mijn documenten\hijackthis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.zonnet.nl/
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: Web assistant - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
    O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton SystemWorks\Norton AntiVirus\NavShExt.dll
    O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton SystemWorks\Norton AntiVirus\NavShExt.dll
    O3 - Toolbar: Web assistant - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
    O4 - HKLM\..\Run: [ATIPTA] C:\ATI-CPanel\atiptaxx.exe
    O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
    O4 - HKLM\..\Run: [PinnacleDriverCheck] c:\WINDOWS\System32\PSDrvCheck.exe
    O4 - HKLM\..\Run: [PinnacleRemote] c:\Program Files\Pinnacle\Shared Files\remoterm.exe
    O4 - HKLM\..\Run: [PRISMSTA.EXE] PRISMSTA.EXE START
    O4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe" /icon
    O4 - HKLM\..\Run: [DownloadAccelerator] C:\PROGRA~1\DAP\DAP.EXE /STARTUP
    O4 - HKLM\..\Run: [PCTVRemote] C:\Program Files\Pinnacle\Shared Files\remoterm.exe
    O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb10.exe
    O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
    O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe"
    O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_02\bin\jusched.exe
    O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
    O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
    O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
    O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
    O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe
    O4 - HKLM\..\Run: [gcasServ] "C:\Program Files\Microsoft AntiSpyware\gcasServ.exe"
    O4 - HKLM\..\Run: [URLLSTCK.exe] C:\Program Files\Norton Internet Security\UrlLstCk.exe
    O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [IW_Drop_Icon] c:\Program Files\Pinnacle\InstantCDDVD\InstantWrite\iwctrl.exe /dropdisc
    O4 - HKCU\..\Run: [IncrediMail] C:\PROGRA~1\INCRED~1\bin\IncMail.exe /c
    O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
    O4 - HKCU\..\Run: [Norton SystemWorks] "C:\Program Files\Norton SystemWorks\cfgwiz.exe" /GUID {05858CFD-5CC4-4ceb-AAAF-CF00BF39736A} /MODE CfgWiz
    O4 - HKCU\..\Run: [Hitman Pro SurfRight Helper] "C:\Program Files\Hitman Pro\srhelper.exe"
    O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart
    O4 - Global Startup: BTTray.lnk = ?
    O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
    O8 - Extra context menu item: &Add animation to IncrediMail Style Box - C:\PROGRA~1\INCRED~1\bin\resources\WebMenuImg.htm
    O8 - Extra context menu item: &Download with &DAP - C:\PROGRA~1\DAP\dapextie.htm
    O8 - Extra context menu item: Download &all with DAP - C:\PROGRA~1\DAP\dapextie2.htm
    O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
    O8 - Extra context menu item: Send To &Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
    O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
    O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra button: Microsoft AntiSpyware helper - {A481606A-E7CC-435C-8171-ABCE4D53F0E9} - (no file) (HKCU)
    O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {A481606A-E7CC-435C-8171-ABCE4D53F0E9} - (no file) (HKCU)
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5consumer/V5Controls/en/x86/client/wuweb_site.cab?1110634286921
    O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
    O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmessengersetupdownloader.cab
    O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://chat.msn.com/bin/msnchat45.cab
    O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab31267.cab
    O23 - Service: Bluetooth Service (btwdins) - WIDCOMM, Inc. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
    O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
    O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
    O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
    O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
    O23 - Service: Norton AntiVirus Auto-Protect-service (navapsvc) - Symantec Corporation - C:\Program Files\Norton SystemWorks\Norton AntiVirus\navapsvc.exe
    O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton SystemWorks\Norton AntiVirus\IWP\NPFMntor.exe
    O23 - Service: Norton Unerase Protection (NProtectService) - Symantec Corporation - C:\PROGRA~1\NORTON~1\NORTON~1\NPROTECT.EXE
    O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton SystemWorks\Norton AntiVirus\SAVScan.exe
    O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
    O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
    O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
    O23 - Service: Speed Disk service - Symantec Corporation - C:\PROGRA~1\NORTON~1\NORTON~1\SPEEDD~1\NOPDB.EXE
    O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
    O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe

    groetjes bert
  • Bert,

    Kan je een log maken in gewone modus? (deze is in veilige modus)

    Als je de regfile gerbruikt hebt in veilige modus, zou je de bestanden moeten kunnen verwijderen in gewone modus.

    Hoe is de situatie nu?
  • hoi marc
    de 2 exe bestanden heb ik kunnen verwijderen
    alleen de regel 17 kan ik niet fixen
    en als ik offline ben is deze niet zichtbaar in de log wel als ik online ben
    tot nu toe heb ik nog geen meldingen meer gehad
    zal nog even afwachten en laat je dan nog wel horen hoe het is
    in iedergeval bedankt dat je zoveel tijd en moeite aan me besteed hebt
    hieronder mijn log [is wel online gemaakt dus regel 17 staat er nu wel in]

    bedankt en groetjes bert

    Logfile of HijackThis v1.99.1
    Scan saved at 22:29:28, on 29-3-2005
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\SYSTEM32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
    C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
    C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
    C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
    C:\Program Files\Norton SystemWorks\Norton AntiVirus\navapsvc.exe
    C:\PROGRA~1\NORTON~1\NORTON~1\NPROTECT.EXE
    C:\PROGRA~1\NORTON~1\NORTON~1\SPEEDD~1\NOPDB.EXE
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
    C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Messenger\msmsgs.exe
    C:\ATI-CPanel\atiptaxx.exe
    C:\WINDOWS\SOUNDMAN.EXE
    C:\Program Files\Pinnacle\Shared Files\remoterm.exe
    C:\WINDOWS\system32\PRISMSTA.EXE
    C:\PROGRA~1\DAP\DAP.EXE
    C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb10.exe
    C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
    C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
    C:\Program Files\Java\jre1.5.0_02\bin\jusched.exe
    C:\WINDOWS\system32\LVCOMSX.EXE
    C:\Program Files\Logitech\Video\LogiTray.exe
    C:\WINDOWS\system32\rundll32.exe
    C:\Program Files\Common Files\Symantec Shared\ccApp.exe
    C:\Program Files\MessengerPlus! 3\MsgPlus.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Pinnacle\InstantCDDVD\InstantWrite\iwctrl.exe
    C:\Program Files\Logitech\Video\FxSvr2.exe
    C:\Program Files\Hitman Pro\srhelper.exe
    C:\PROGRA~1\INCRED~1\bin\IMApp.exe
    C:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe
    C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
    C:\Program Files\MSN Messenger\msnmsgr.exe
    C:\Program Files\HP\hpcoretech\comp\hptskmgr.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Documents and Settings\Bert\Mijn documenten\hijackthis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.zonnet.nl/
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: Web assistant - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
    O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton SystemWorks\Norton AntiVirus\NavShExt.dll
    O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton SystemWorks\Norton AntiVirus\NavShExt.dll
    O3 - Toolbar: Web assistant - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
    O4 - HKLM\..\Run: [ATIPTA] C:\ATI-CPanel\atiptaxx.exe
    O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
    O4 - HKLM\..\Run: [PinnacleDriverCheck] c:\WINDOWS\System32\PSDrvCheck.exe
    O4 - HKLM\..\Run: [PinnacleRemote] c:\Program Files\Pinnacle\Shared Files\remoterm.exe
    O4 - HKLM\..\Run: [PRISMSTA.EXE] PRISMSTA.EXE START
    O4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe" /icon
    O4 - HKLM\..\Run: [DownloadAccelerator] C:\PROGRA~1\DAP\DAP.EXE /STARTUP
    O4 - HKLM\..\Run: [PCTVRemote] C:\Program Files\Pinnacle\Shared Files\remoterm.exe
    O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb10.exe
    O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
    O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe"
    O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_02\bin\jusched.exe
    O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
    O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
    O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
    O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
    O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe
    O4 - HKLM\..\Run: [gcasServ] "C:\Program Files\Microsoft AntiSpyware\gcasServ.exe"
    O4 - HKLM\..\Run: [URLLSTCK.exe] C:\Program Files\Norton Internet Security\UrlLstCk.exe
    O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [IW_Drop_Icon] c:\Program Files\Pinnacle\InstantCDDVD\InstantWrite\iwctrl.exe /dropdisc
    O4 - HKCU\..\Run: [IncrediMail] C:\PROGRA~1\INCRED~1\bin\IncMail.exe /c
    O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
    O4 - HKCU\..\Run: [Norton SystemWorks] "C:\Program Files\Norton SystemWorks\cfgwiz.exe" /GUID {05858CFD-5CC4-4ceb-AAAF-CF00BF39736A} /MODE CfgWiz
    O4 - HKCU\..\Run: [Hitman Pro SurfRight Helper] "C:\Program Files\Hitman Pro\srhelper.exe"
    O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
    O4 - Global Startup: BTTray.lnk = ?
    O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
    O8 - Extra context menu item: &Add animation to IncrediMail Style Box - C:\PROGRA~1\INCRED~1\bin\resources\WebMenuImg.htm
    O8 - Extra context menu item: &Download with &DAP - C:\PROGRA~1\DAP\dapextie.htm
    O8 - Extra context menu item: Download &all with DAP - C:\PROGRA~1\DAP\dapextie2.htm
    O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
    O8 - Extra context menu item: Send To &Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
    O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
    O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra button: Microsoft AntiSpyware helper - {A481606A-E7CC-435C-8171-ABCE4D53F0E9} - (no file) (HKCU)
    O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {A481606A-E7CC-435C-8171-ABCE4D53F0E9} - (no file) (HKCU)
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5consumer/V5Controls/en/x86/client/wuweb_site.cab?1110634286921
    O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
    O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmessengersetupdownloader.cab
    O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://chat.msn.com/bin/msnchat45.cab
    O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab31267.cab
    O17 - HKLM\System\CCS\Services\Tcpip\..\{26674B4C-A814-43F0-B3FB-36B4BA167E94}: NameServer = 69.50.176.197 195.225.176.31
    O23 - Service: Bluetooth Service (btwdins) - WIDCOMM, Inc. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
    O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
    O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
    O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
    O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
    O23 - Service: Norton AntiVirus Auto-Protect-service (navapsvc) - Symantec Corporation - C:\Program Files\Norton SystemWorks\Norton AntiVirus\navapsvc.exe
    O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton SystemWorks\Norton AntiVirus\IWP\NPFMntor.exe
    O23 - Service: Norton Unerase Protection (NProtectService) - Symantec Corporation - C:\PROGRA~1\NORTON~1\NORTON~1\NPROTECT.EXE
    O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton SystemWorks\Norton AntiVirus\SAVScan.exe
    O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
    O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
    O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
    O23 - Service: Speed Disk service - Symantec Corporation - C:\PROGRA~1\NORTON~1\NORTON~1\SPEEDD~1\NOPDB.EXE
    O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
    O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
  • Probeer dit even:
    Ga naar Start - Configuratiescherm - Netwerkverbindingen.
    Rechtsklik op je standaard internetverbinding en kies Eigenschappen.
    Ga naar het tabblad Algemeen Selecteer "Internet-Protocol (TCP/IP)". Klik op Eigenschappen.
    Vink het volgende aan (indien dit nog niet aangevinkt is): Automatisch een DNS-serveradres laten toewijzen.
    Klik op OK.


    Herstart de computer.
    Komt dezelfde O17 sleutel nu nog terug?
  • sleutel 017 komt gewoon weer terug
    moet ik de instellingen weer terug zeten op de oude of kan ik deze staan laten
    ps heb helemaal geen rare meldingen meer gekregen dus neem aan dat dit goed is
    die sleutel 017 is dit een probleem dan

    groetjes bert
  • Die O17 moet in principe weg hoor Bert.

    Download PV.zip: http://www.downloads.subratam.org/pv.zip
    Sluit Internet Explorer.
    Sla pvzip op en unzip naar een eigen map.
    Start Internet Explorer.

    In de map PV dubbelklik je runme.bat.
    In het menu dat verschijnt kies je optie 2.
    Er wordt een logje geopend. Post de inhoud.
  • hoi marc
    als ik 2 kies geeft hij aan pv word niet herkend als interne of externe opdracht
    er opent zich wel een logbestand maar daar komt niks in te staan
  • Bert,

    Heb je de bestanden eerst unzipt?
    Je download een zipfile. Je moet deze eerst unzippen (uitpakken) in een eigen map, daarna klik je op runme.bat.
    Start je runme.bat uit de zipfile, dan kan je deze melding krijgen.
  • waren uitgepakt maar had nog verbinding met internet


    Module information for 'iexplore.exe'
    MODULE BASE SIZE PATH
    iexplore.exe 400000 102400 C:\Program Files\Internet Explorer\iexplore.exe 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158) Internet Explorer
    ntdll.dll 7c900000 745472 C:\WINDOWS\system32\ntdll.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) DLL-bestand voor NT-laag
    kernel32.dll 7c800000 1040384 C:\WINDOWS\system32\kernel32.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) DLL-bestand voor Windows NT BASE API-client
    msvcrt.dll 77be0000 360448 C:\WINDOWS\system32\msvcrt.dll 7.0.2600.2180 (xpsp_sp2_rtm.040803-2158) Windows NT CRT DLL
    USER32.dll 77d10000 589824 C:\WINDOWS\system32\USER32.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) DLL-bestand voor Windows XP USER API-client
    GDI32.dll 77e40000 286720 C:\WINDOWS\system32\GDI32.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) GDI Client DLL
    SHLWAPI.dll 77e90000 483328 C:\WINDOWS\system32\SHLWAPI.dll 6.00.2900.2573 (xpsp_sp2_gdr.041130-1729) Shell lichtgewicht hulpprogrammabibliotheek
    ADVAPI32.dll 77f40000 700416 C:\WINDOWS\system32\ADVAPI32.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Geavanceerde Windows 32 basis-API
    RPCRT4.dll 77da0000 593920 C:\WINDOWS\system32\RPCRT4.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Remote Procedure Call Runtime
    SHDOCVW.dll 77720000 1490944 C:\WINDOWS\system32\SHDOCVW.dll 6.00.2900.2573 (xpsp_sp2_gdr.041130-1729) Objecten- en besturingselementenbibliotheek Shell Doc
    CRYPT32.dll 77a40000 610304 C:\WINDOWS\system32\CRYPT32.dll 5.131.2600.2180 (xpsp_sp2_rtm.040803-2158) Crypto-API32
    MSASN1.dll 77ae0000 73728 C:\WINDOWS\system32\MSASN1.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) ASN.1 Runtime APIs
    CRYPTUI.dll 76880000 540672 C:\WINDOWS\system32\CRYPTUI.dll 5.131.2600.2180 (xpsp_sp2_rtm.040803-2158) Microsoft-provider voor vertrouwensgebruikersinterface
    WINTRUST.dll 76bf0000 188416 C:\WINDOWS\system32\WINTRUST.dll 5.131.2600.2180 (xpsp_sp2_rtm.040803-2158) API's voor Microsoft-vertrouwenslijstcontrole
    IMAGEHLP.dll 76c50000 163840 C:\WINDOWS\system32\IMAGEHLP.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Windows NT Image Helper
    OLEAUT32.dll 770e0000 573440 C:\WINDOWS\system32\OLEAUT32.dll 5.1.2600.2180
    ole32.dll 774a0000 1298432 C:\WINDOWS\system32\ole32.dll 5.1.2600.2595 (xpsp_sp2_gdr.041130-1729) Microsoft OLE voor Windows
    NETAPI32.dll 6ff20000 344064 C:\WINDOWS\system32\NETAPI32.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Net Win32 API DLL
    WININET.dll 77170000 684032 C:\WINDOWS\system32\WININET.dll 6.00.2900.2577 (xpsp_sp2_gdr.041130-1729) Internet-extensies voor Win32
    WLDAP32.dll 76f20000 184320 C:\WINDOWS\system32\WLDAP32.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Win32 LDAP API DLL
    VERSION.dll 77bd0000 32768 C:\WINDOWS\system32\VERSION.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Version Checking and File Installation Libraries
    comctl32.dll 77390000 1056768 C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll 6.0 (xpsp_sp2_rtm.040803-2158) User Experience Controls Library
    SHELL32.dll 7c9c0000 8515584 C:\WINDOWS\system32\SHELL32.dll 6.00.2900.2578 (xpsp_sp2_gdr.041130-1729) Gemeenschappelijk DLL-bestand van Windows Shell
    comctl32.dll 5d4e0000 618496 C:\WINDOWS\system32\comctl32.dll 5.82 (xpsp_sp2_rtm.040803-2158) Common Controls Library
    uxtheme.dll 5b190000 229376 C:\WINDOWS\system32\uxtheme.dll 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158) DLL-bestand Microsoft UxTheme
    MsgPlusLoader.dll 10000000 57344 C:\Program Files\MessengerPlus! 3\MsgPlusLoader.dll 3, 50, 0, 0 Messenger Plus! Process Monitor
    asOEHook.dll 3d0000 196608 C:\PROGRA~1\COMMON~1\SYMANT~1\ANTISPAM\asOEHook.dll 2004.1.04.18 AntiSpam OE Hook
    MSVCR70.dll 7c000000 344064 C:\WINDOWS\system32\MSVCR70.dll 7.00.9466.0 Microsoft® C Runtime Library
    MSCTF.dll 746a0000 307200 C:\WINDOWS\system32\MSCTF.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) DLL-bestand voor MSCTF-server
    BROWSEUI.dll 75f20000 1032192 C:\WINDOWS\system32\BROWSEUI.dll 6.00.2900.2578 (xpsp_sp2_gdr.041130-1729) Shell Browser-bibliotheek voor gebruikersinterface
    browselc.dll 20000000 77824 C:\WINDOWS\system32\browselc.dll 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158) Shell Browser-bibliotheek voor gebruikersinterface
    appHelp.dll 77b00000 139264 C:\WINDOWS\system32\appHelp.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Application Compatibility Client Library
    CLBCATQ.DLL 76f90000 520192 C:\WINDOWS\system32\CLBCATQ.DLL 2001.12.4414.258
    COMRes.dll 77010000 839680 C:\WINDOWS\system32\COMRes.dll 2001.12.4414.258
    urlmon.dll 77220000 647168 C:\WINDOWS\system32\urlmon.dll 6.00.2900.2574 (xpsp_sp2_gdr.041130-1729) OLE32-extensies voor Win32
    Secur32.dll 77f10000 69632 C:\WINDOWS\system32\Secur32.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Security Support Provider Interface
    cscui.dll 779e0000 352256 C:\WINDOWS\System32\cscui.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Gebruikersinterface voor caching aan clientzijde
    CSCDLL.dll 765a0000 118784 C:\WINDOWS\System32\CSCDLL.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Off line netwerk-agent
    SETUPAPI.dll 778e0000 1011712 C:\WINDOWS\system32\SETUPAPI.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Windows Setup API
    shdoclc.dll 1070000 573440 C:\WINDOWS\system32\shdoclc.dll 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158) Objecten- en besturingselementenbibliotheek Shell Doc
    AcroIEHelper.dll 1300000 49152 C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll 6.0.1.2003110300 Adobe Acrobat IE Helper Version 6.0 for ActivieX
    SDHelper.dll 1330000 765952 C:\PROGRA~1\SPYBOT~1\SDHelper.dll 1, 3, 0, 12 Bad download blocker
    olepro32.dll 5f230000 94208 C:\WINDOWS\system32\olepro32.dll 5.1.2600.2180
    NISShExt.dll 1500000 135168 C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll 7.0.0.177 NIS Shell Extension
    NavShExt.dll 1540000 217088 C:\Program Files\Norton SystemWorks\Norton AntiVirus\NavShExt.dll 11.0.2.4 Norton AntiVirusNAVShellExt Module
    ATL71.DLL 7c120000 102400 C:\WINDOWS\system32\ATL71.DLL 7.10.3077.0 ATL Module for Windows (Unicode)
    MSVCP71.dll 7c3a0000 503808 C:\WINDOWS\system32\MSVCP71.dll 7.10.3077.0 Microsoft® C++ Runtime Library
    MSVCR71.dll 7c340000 352256 C:\WINDOWS\system32\MSVCR71.dll 7.10.3052.4 Microsoft® C Runtime Library
    WSOCK32.dll 71a50000 40960 C:\WINDOWS\system32\WSOCK32.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Windows Socket 32-bits DLL-bestand
    WS2_32.dll 71a30000 94208 C:\WINDOWS\system32\WS2_32.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Windows Socket 2.0 32-Bit DLL
    WS2HELP.dll 71a20000 32768 C:\WINDOWS\system32\WS2HELP.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Windows Socket 2.0-helper voor Windows NT
    ccL30.dll 6af30000 249856 C:\Program Files\Common Files\Symantec Shared\ccL30.dll 103.0.3.8 Symantec Library
    SXS.DLL 75e30000 720896 C:\WINDOWS\system32\SXS.DLL 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Fusion 2.5
    xpsp2res.dll 15f0000 2969600 C:\WINDOWS\system32\xpsp2res.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Service Pack 2-berichten
    DAPIE.DLL 60dc0000 65536 C:\PROGRA~1\DAP\DAPIE.DLL 7, 0, 0, 1 DAP MSIE Integration DLL
    MFC42.DLL 6c370000 991232 C:\PROGRA~1\DAP\MFC42.DLL 6.00.8665.0 MFCDLL Shared Library - Retail Version
    MFC42LOC.DLL 61e00000 57344 C:\WINDOWS\system32\MFC42LOC.DLL 6.00.8665.0 Taalspecifieke bronnen voor MFC
    mlang.dll 75d40000 593920 C:\WINDOWS\system32\mlang.dll 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158) Multi Language Support DLL
    mswsock.dll 719d0000 262144 C:\WINDOWS\system32\mswsock.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Microsoft Windows Sockets 2.0 Service-aanbieder
    hnetcfg.dll 61200000 364544 C:\WINDOWS\system32\hnetcfg.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Configuratiebeheer van thuisnetwerk
    wshtcpip.dll 71a10000 32768 C:\WINDOWS\System32\wshtcpip.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Windows Sockets Helper DLL
    RASAPI32.DLL 76ea0000 245760 C:\WINDOWS\system32\RASAPI32.DLL 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) RAS-API
    rasman.dll 76e50000 73728 C:\WINDOWS\system32\rasman.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Remote Access Connection Manager
    TAPI32.dll 76e70000 192512 C:\WINDOWS\system32\TAPI32.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) DLL-bestand voor Microsoft® Windows(TM) TAPI-client
    rtutils.dll 76e40000 57344 C:\WINDOWS\system32\rtutils.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Routing Utilities
    WINMM.dll 76af0000 188416 C:\WINDOWS\system32\WINMM.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) MCI API DLL
    msv1_0.dll 77c40000 143360 C:\WINDOWS\system32\msv1_0.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Microsoft Authentication Package v1.0
    iphlpapi.dll 76d20000 102400 C:\WINDOWS\system32\iphlpapi.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) IP-helper-API
    DNSAPI.dll 76ee0000 159744 C:\WINDOWS\system32\DNSAPI.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) DNS Client API DLL
    winrnr.dll 76f70000 32768 C:\WINDOWS\System32\winrnr.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) LDAP RnR Provider DLL
    wshbth.dll 75150000 122880 C:\WINDOWS\system32\wshbth.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Windows Sockets Helper DLL
    msi.dll 7d1f0000 2826240 C:\WINDOWS\system32\msi.dll 3.0.3790.2180 Windows Installer
    USERENV.dll 76970000 737280 C:\WINDOWS\system32\USERENV.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Userenv
    sensapi.dll 72240000 20480 C:\WINDOWS\system32\sensapi.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) SENS Connectivity API DLL
    rsaenh.dll ffd0000 163840 C:\WINDOWS\system32\rsaenh.dll 5.1.2600.2161 (xpsp.040706-1629) Microsoft Enhanced Cryptographic Provider
  • Het kan zijn dat ik hem mis Bert, maar ik zie hier geen verdachte zaken tussen.

    Wat ik voorstel is dat je de computer scant met een geupdate Ad-Aware SE: http://users.telenet.be/marcvn/spyware/1414188.htm
    en nadien met Spybot Search & Destroy: http://users.telenet.be/marcvn/spyware/1127646.htm

    Laat de problemen verwijderen die gevonden worden (bij spybot enkel de rode items).

    Herstart de computer, open Internet Explorer en maak een nieuwe hijackthislog. Post deze.
  • heb adware en spybot laten lopen waren geen updates beschikbaar

    helemaal niks aangetroffen bij beide progr.

    hieronder de logLogfile of HijackThis v1.99.1
    Scan saved at 19:34:55, on 30-3-2005
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\SYSTEM32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
    C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
    C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
    C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
    C:\Program Files\Norton SystemWorks\Norton AntiVirus\navapsvc.exe
    C:\PROGRA~1\NORTON~1\NORTON~1\NPROTECT.EXE
    C:\PROGRA~1\NORTON~1\NORTON~1\SPEEDD~1\NOPDB.EXE
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
    C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Messenger\msmsgs.exe
    C:\ATI-CPanel\atiptaxx.exe
    C:\WINDOWS\SOUNDMAN.EXE
    C:\Program Files\Pinnacle\Shared Files\remoterm.exe
    C:\WINDOWS\system32\PRISMSTA.EXE
    C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb10.exe
    C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
    C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
    C:\Program Files\Java\jre1.5.0_02\bin\jusched.exe
    C:\WINDOWS\system32\LVCOMSX.EXE
    C:\Program Files\Logitech\Video\LogiTray.exe
    C:\WINDOWS\system32\rundll32.exe
    C:\Program Files\Common Files\Symantec Shared\ccApp.exe
    C:\Program Files\Microsoft AntiSpyware\gcasServ.exe
    C:\Program Files\MessengerPlus! 3\MsgPlus.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Pinnacle\InstantCDDVD\InstantWrite\iwctrl.exe
    C:\Program Files\Hitman Pro\srhelper.exe
    C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
    C:\Program Files\HP\hpcoretech\comp\hptskmgr.exe
    C:\Program Files\Logitech\Video\FxSvr2.exe
    C:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe
    C:\Program Files\MSN Messenger\msnmsgr.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Documents and Settings\Bert\Mijn documenten\hijackthis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.zonnet.nl/
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: Web assistant - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
    O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton SystemWorks\Norton AntiVirus\NavShExt.dll
    O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton SystemWorks\Norton AntiVirus\NavShExt.dll
    O3 - Toolbar: Web assistant - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
    O4 - HKLM\..\Run: [ATIPTA] C:\ATI-CPanel\atiptaxx.exe
    O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
    O4 - HKLM\..\Run: [PinnacleDriverCheck] c:\WINDOWS\System32\PSDrvCheck.exe
    O4 - HKLM\..\Run: [PinnacleRemote] c:\Program Files\Pinnacle\Shared Files\remoterm.exe
    O4 - HKLM\..\Run: [PRISMSTA.EXE] PRISMSTA.EXE START
    O4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe" /icon
    O4 - HKLM\..\Run: [PCTVRemote] C:\Program Files\Pinnacle\Shared Files\remoterm.exe
    O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb10.exe
    O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
    O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe"
    O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_02\bin\jusched.exe
    O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
    O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
    O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
    O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
    O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe
    O4 - HKLM\..\Run: [gcasServ] "C:\Program Files\Microsoft AntiSpyware\gcasServ.exe"
    O4 - HKLM\..\Run: [URLLSTCK.exe] C:\Program Files\Norton Internet Security\UrlLstCk.exe
    O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [IW_Drop_Icon] c:\Program Files\Pinnacle\InstantCDDVD\InstantWrite\iwctrl.exe /dropdisc
    O4 - HKCU\..\Run: [IncrediMail] C:\PROGRA~1\INCRED~1\bin\IncMail.exe /c
    O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
    O4 - HKCU\..\Run: [Norton SystemWorks] "C:\Program Files\Norton SystemWorks\cfgwiz.exe" /GUID {05858CFD-5CC4-4ceb-AAAF-CF00BF39736A} /MODE CfgWiz
    O4 - HKCU\..\Run: [Hitman Pro SurfRight Helper] "C:\Program Files\Hitman Pro\srhelper.exe"
    O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
    O4 - Global Startup: BTTray.lnk = ?
    O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
    O8 - Extra context menu item: &Add animation to IncrediMail Style Box - C:\PROGRA~1\INCRED~1\bin\resources\WebMenuImg.htm
    O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
    O8 - Extra context menu item: Send To &Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
    O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
    O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra button: Microsoft AntiSpyware helper - {A481606A-E7CC-435C-8171-ABCE4D53F0E9} - (no file) (HKCU)
    O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {A481606A-E7CC-435C-8171-ABCE4D53F0E9} - (no file) (HKCU)
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5consumer/V5Controls/en/x86/client/wuweb_site.cab?1110634286921
    O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
    O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmessengersetupdownloader.cab
    O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://chat.msn.com/bin/msnchat45.cab
    O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab31267.cab
    O17 - HKLM\System\CCS\Services\Tcpip\..\{26674B4C-A814-43F0-B3FB-36B4BA167E94}: NameServer = 62.58.50.5 62.58.50.6
    O23 - Service: Bluetooth Service (btwdins) - WIDCOMM, Inc. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
    O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
    O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
    O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
    O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
    O23 - Service: Norton AntiVirus Auto-Protect-service (navapsvc) - Symantec Corporation - C:\Program Files\Norton SystemWorks\Norton AntiVirus\navapsvc.exe
    O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton SystemWorks\Norton AntiVirus\IWP\NPFMntor.exe
    O23 - Service: Norton Unerase Protection (NProtectService) - Symantec Corporation - C:\PROGRA~1\NORTON~1\NORTON~1\NPROTECT.EXE
    O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton SystemWorks\Norton AntiVirus\SAVScan.exe
    O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
    O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
    O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
    O23 - Service: Speed Disk service - Symantec Corporation - C:\PROGRA~1\NORTON~1\NORTON~1\SPEEDD~1\NOPDB.EXE
    O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
    O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
  • Bert,

    Dit ziet er weer goed uit.
    De 017 sleutel die er nu staat, die is ok.

    Alle problemen opgelost?

    Zo ja, dan volgen hier nog wat tips:

    Maak je Temp-map leeg: Start - Uitvoeren tik in: %TEMP%.
    Selecteer alle bestanden in deze map en verwijder ze.

    Ledig de map met tijdelijke internetbestanden: Configuratiescherm - Internetopties - tabblad Algemeen - klik bij Tijdelijke internetbestanden op Bestanden Verwijderen.

    Maak je Prullenbak leeg.

    Schakel Systeemherstel uit. Herstart de computer. Schakel Systeemherstel weer in.
    Systeemherstel uitschakelen.

    Bezoek regelmatig de Windows Update Site. Alleen zo ben je zeker dat je de nieuwste patches voor je besturingssysteem geïnstalleerd hebt. Als er nieuwe updates beschikbaar zijn, dan dowload en installeer je alle essentiële updates en service packs. Reboot je computer en controleer opnieuw. Herhaal deze procedure tot dat er geen essentiële updates meer zijn.

    Installeer ook SpywareBlaster en Spywareguard.
    Gebruik je de laatste versie van Spybot Search & Destroy, en je maakt gebruik van de realtime protectie TeaTimer, dan moet je Spywareguard niet installeren.
    Meer info over hoe je een nieuwe infectie kan voorkomen vind je hier.

    groeten,
    Marc
  • hoi marc
    wou je nog even bedanken voor je hulp
    alles werkt nu prima
    bedankt voor je tijd
    en misschien tot de volgende keer[hoop het niet]

    groetjes bert

Beantwoord deze vraag

Dit is een gearchiveerde pagina. Antwoorden is niet meer mogelijk.