Vraag & Antwoord

Beveiliging & privacy

Microsoft AntSpyware.

Anoniem
None
40 antwoorden
  • @ M@rc: Nee, alleen bij Hijackthis
  • @smeenk: Ik heb met de botte bijl van alles gesloten in taakbeheer, maar ook dat maakte geen verschil.
  • Download startdreck.zip.
    Unzip het. Dubbelklik op 'StartDreck.exe'.
    Er wordt een logje gemaakt. Post de inhoud van dit logje.
  • Komt er aan:

    StartDreck (build 2.1.7 public stable) - 2005-05-06 @ 13:52:03 (GMT +02:00)
    Platform: Windows XP (Win NT 5.1.2600 Service Pack 2)
    Internet Explorer: 6.0.2900.2180
    Logged in as Dick at CHARLEVILLE

    »Registry
    »Run Keys
    »Current User
    »Run
    *Norton SystemWorks="G:\Program Files\Norton SystemWorks\cfgwiz.exe" /GUID {05858CFD-5CC4-4ceb-AAAF-CF00BF39736A} /MODE CfgWiz
    *Google Desktop Search=G:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe /startup
    *Gadwin PrintScreen 2.6=H:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe /nosplash
    *MagnifyingGlass=G:\Program Files\Virtual Magnifying Glass\Magnifying Glass.exe /autorun
    *a-squared="G:\Program Files\a2\a2guard.exe"
    *StrokeIt=H:\Program Files\StrokeIt\strokeit.exe
    *ctfmon.exe=G:\WINDOWS\system32\ctfmon.exe
    »RunOnce
    »Default User
    »Run
    *CTFMON.EXE=G:\WINDOWS\System32\CTFMON.EXE
    »RunOnce
    »Local Machine
    »Run
    *WinPatrol=H:\Program Files\BillP Studios\WinPatrol\WinPatrol.exe
    *HCChulp=G:\WINDOWS\HCChulp.exe
    *ATIPTA=atiptaxx.exe
    *Norton Ghost 9.0=G:\Program Files\Norton SystemWorks\Norton Ghost\Agent\GhostTray.exe
    *Symantec NetDriver Monitor=G:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
    *WallpaperChanger=H:\Program Files\Wallpaper Master\Wallpaper.exe
    *DownloadAccelerator=G:\PROGRA~1\DAP\DAP.EXE /STARTUP
    *ccApp="G:\Program Files\Common Files\Symantec Shared\ccApp.exe"
    *SunJavaUpdateSched=G:\Program Files\Java\jre1.5.0_02\bin\jusched.exe
    +OptionalComponents
    +MSFS
    *Installed=1
    +MAPI
    *Installed=1
    *NoChange=1
    +MAPI
    *Installed=1
    *NoChange=1
    »RunOnce
    *MRUBlaster=H:\Program Files\MRU-Blaster\indexcleaner.exe -COOKIES
    »RunServices
    »RunServicesOnce
    »RunOnceEx
    »RunServicesOnceEx
    »File Associations (CR)
    +.bat
    *batfile="%1" %*
    +.com
    *comfile="%1" %*
    +.disabled
    *SpybotSD.DisabledFile="H:\Program Files\Spybot - Search & Destroy\blindman.exe" "%1"
    +.exe
    *exefile="%1" %*
    +.hta
    *htafile=G:\WINDOWS\System32\mshta.exe "%1" %*
    +.htm
    *FirefoxHTML=G:\PROGRA~1\MOZILL~1\FIREFOX.EXE -url "%1"
    +.html
    *FirefoxHTML=G:\PROGRA~1\MOZILL~1\FIREFOX.EXE -url "%1"
    +.js
    *JSFile=%SystemRoot%\System32\WScript.exe "%1" %*
    +.jse
    *JSEFile=%SystemRoot%\System32\WScript.exe "%1" %*
    +.pif
    *piffile="%1" %*
    +.reg
    *regfile=regedit.exe "%1"
    +.scr
    *scrfile="%1" /S
    +.txt
    *txtfile=%SystemRoot%\system32\NOTEPAD.EXE %1
    +.vbe
    *VBEFile=%SystemRoot%\System32\WScript.exe "%1" %*
    +.wsh
    *WSHFile=%SystemRoot%\System32\WScript.exe "%1" %*
    +.wsf
    *WSFFile=%SystemRoot%\System32\WScript.exe "%1" %*
    +.lnk
    `lnkfile= [key or value does not exist]
    »Browser Helper Objects (LM)
    *GoogleDesktop.IeBho.1/{7c1ce531-09e9-4fc5-9803-1c2956615786}
    `InprocServer32=G:\Program Files\Google\Google Desktop Search\GoogleDesktopIE.dll
    *Nisbho.CNisExtBho.1/{9ECB9560-04F9-4bbc-943D-298DDF1699E1}
    `InprocServer32=G:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
    *Navbho.CNavExtBho.1/{BDF3E430-B101-42AD-A544-FADC6B084872}
    `InprocServer32=G:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
    »Files
    »Autostart Folders
    »Current User
    *G:\Documents and Settings\Dick\Menu Start\Programma's\Opstarten\desktop.ini
    *G:\Documents and Settings\Dick\Menu Start\Programma's\Opstarten\MRU-Blaster Scheduler.lnk
    *G:\Documents and Settings\Dick\Menu Start\Programma's\Opstarten\MRU-Blaster Silent Clean.lnk
    »Default User
    *G:\WINDOWS\system32\config\systemprofile\Menu Start\Programma's\Opstarten\desktop.ini
    »Local Machine
    *G:\Documents and Settings\All Users\Menu Start\Programma's\Opstarten\BOINC.lnk
    *G:\Documents and Settings\All Users\Menu Start\Programma's\Opstarten\desktop.ini
    *G:\Documents and Settings\All Users\Menu Start\Programma's\Opstarten\HP Digital Imaging Monitor.lnk
    *G:\Documents and Settings\All Users\Menu Start\Programma's\Opstarten\Microsoft Office.lnk
    *G:\Documents and Settings\All Users\Menu Start\Programma's\Opstarten\Odometer.lnk
    *G:\Documents and Settings\All Users\Menu Start\Programma's\Opstarten\SETI Driver.exe.lnk
    »INI-Files
    »WIN.INI\[windows]
    *LOAD=
    *RUN=
    »SYSTEM.INI\[boot]
    *SHELL=Explorer.exe
    »Text Files
    *C:\boot.ini
    *C:\msdos.sys
    *C:\config.sys
    *G:\WINDOWS\system32\config.nt
    *C:\autoexec.bat
    *G:\WINDOWS\system32\autoexec.nt
    *G:\WINDOWS\system32\drivers\etc\hosts
    »System/Drivers
    »Running Processes
    +0=<idle>
    +4=<system>
    +732=\SystemRoot\System32\smss.exe
    +972=\??\G:\WINDOWS\system32\csrss.exe
    +996=\??\G:\WINDOWS\system32\winlogon.exe
    +1040=G:\WINDOWS\system32\services.exe
    +1052=G:\WINDOWS\system32\lsass.exe
    +1200=G:\WINDOWS\system32\svchost.exe
    +1260=G:\WINDOWS\system32\svchost.exe
    +1328=G:\WINDOWS\System32\svchost.exe
    +1392=G:\WINDOWS\System32\svchost.exe
    +1532=G:\WINDOWS\System32\svchost.exe
    +1668=G:\Program Files\Common Files\Symantec Shared\ccProxy.exe
    +1684=G:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
    +1696=G:\Program Files\Norton Internet Security\ISSVC.exe
    +1724=G:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
    +1816=G:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
    +388=G:\WINDOWS\system32\spoolsv.exe
    +700=G:\WINDOWS\Explorer.EXE
    +1056=H:\Program Files\BillP Studios\WinPatrol\WinPatrol.exe
    +1168=G:\WINDOWS\HCChulp.exe
    +1088=G:\WINDOWS\system32\atiptaxx.exe
    +1296=G:\Program Files\Norton SystemWorks\Norton Ghost\Agent\GhostTray.exe
    +1312=H:\Program Files\Wallpaper Master\Wallpaper.exe
    +1320=G:\PROGRA~1\DAP\DAP.EXE
    +1376=G:\Program Files\Common Files\Symantec Shared\ccApp.exe
    +1400=G:\Program Files\Java\jre1.5.0_02\bin\jusched.exe
    +1424=G:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
    +1480=G:\Program Files\Virtual Magnifying Glass\Magnifying Glass.exe
    +1084=G:\Program Files\a2\a2guard.exe
    +1516=H:\Program Files\StrokeIt\strokeit.exe
    +1528=G:\WINDOWS\system32\ctfmon.exe
    +1608=G:\Program Files\BOINC\boinc_gui.exe
    +1652=H:\Program Files\Odometer\Odometer.exe
    +1732=H:\Program Files\Easy SETI CLI\SETI Driver.exe
    +1840=H:\Program Files\MRU-Blaster\scheduler.exe
    +1964=H:\Program Files\Easy SETI CLI\setiathome-3.08.i386-winnt-cmdline.exe
    +2080=G:\WINDOWS\System32\GEARSec.exe
    +2132=G:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
    +2312=G:\Program Files\Microsoft Office\Office10\msoffice.exe
    +2416=G:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
    +3068=G:\PROGRA~1\NORTON~1\NORTON~1\NPROTECT.EXE
    +3180=G:\PROGRA~1\NORTON~1\NORTON~1\SPEEDD~1\NOPDB.EXE
    +3224=G:\WINDOWS\System32\svchost.exe
    +3244=G:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
    +3280=G:\WINDOWS\system32\wdfmgr.exe
    +3416=G:\WINDOWS\system32\fxssvc.exe
    +3832=G:\Program Files\Norton SystemWorks\Norton Ghost\Agent\PQV2iSvc.exe
    +2428=G:\WINDOWS\System32\alg.exe
    +2304=H:\Program Files\Wallpaper Master\Wallpaper.exe
    +1916=G:\Program Files\Google\Google Desktop Search\GoogleDesktopIndex.exe
    +3212=G:\Program Files\Google\Google Desktop Search\GoogleDesktopCrawl.exe
    +3316=G:\Program Files\Google\Google Desktop Search\GoogleDesktopOE.exe
    +2780=G:\PROGRA~1\MOZILL~1\FIREFOX.EXE
    +2164=G:\Documents and Settings\Dick\Bureaublad\startdreck217\StartDreck.exe
    »NT Services
    *Alerter Alerter - disabled
    *Application Layer Gateway-service ALG running on demand
    *Application Management AppMgmt - on demand
    *ASP.NET-statusservice aspnet_state - on demand
    *Windows Audio AudioSrv running auto
    *AutoWhat Registry Service AutoWhatService - on demand
    *Intelligente achtergrondsoverdrachtservice BITS running auto
    *Computer Browser Browser running auto
    *Symantec Event Manager ccEvtMgr running auto
    *Symantec Network Proxy ccProxy running auto
    *Symantec Password Validation ccPwdSvc - on demand
    *Symantec Settings Manager ccSetMgr running auto
    *Indexing-service CiSvc - on demand
    *ClipBook ClipSrv - disabled
    *COM+-systeemtoepassing COMSysApp - on demand
    *Services voor cryptografie CryptSvc running auto
    *DCOM Server Process Launcher DcomLaunch running auto
    *DHCP Client Dhcp running auto
    *Logical Disk Manager Administrative-service dmadmin - on demand
    *Logical Disk Manager dmserver running auto
    *DNS Client Dnscache running auto
    *Service voor het rapporteren van fouten ERSvc - disabled
    *Event Log Eventlog running auto
    *COM+-gebeurtenissysteem EventSystem running on demand
    *Compatibiliteit voor Snelle gebruikerswisseling FastUserSwitchingCom running on demand
    *Fax Fax running auto
    *GEARSecurity GEARSecurity running auto
    *Help en ondersteuning helpsvc running auto
    *Apparaattoegang via menselijke interface HidServ - disabled
    *hpdj3600 hpdj3600 - auto
    *HTTP SSL HTTPFilter - on demand
    *COM-service voor IMAPI cd-branders ImapiService - on demand
    *ISSVC ISSVC running auto
    *Server lanmanserver running auto
    *Workstation lanmanworkstation running auto
    *TCP/IP NetBIOS Helper LmHosts running auto
    *Machine Debug Manager MDM running auto
    *Messenger Messenger - disabled
    *NetMeeting Remote Desktop Sharing mnmsrvc - on demand
    *Distributed Transaction Coordinator MSDTC - on demand
    *Windows Installer MSIServer - on demand
    *Norton AntiVirus Auto-Protect-service navapsvc running auto
    *Network DDE NetDDE - disabled
    *Network DDE DSDM NetDDEdsdm - disabled
    *NETI@home NETI@home - disabled
    *Net Logon Netlogon - on demand
    *Network Connections Netman running on demand
    *Network Location Awareness (NLA) Nla running on demand
    *Norton Ghost Norton Ghost running auto
    *Norton Unerase Protection NProtectService running auto
    *NT LM Security Support Provider NtLmSsp - on demand
    *Verwisselbare opslag NtmsSvc - on demand
    *Plug and Play PlugPlay running auto
    *IPSEC-services PolicyAgent running auto
    *Protected Storage ProtectedStorage running auto
    *Remote Access Auto Connection Manager RasAuto - on demand
    *Verbindingsbeheer voor RAS RasMan running on demand
    *Helpsessiebeheer voor Extern bureaublad RDSessMgr - on demand
    *Routing and Remote Access RemoteAccess - disabled
    *Remote Registry RemoteRegistry running auto
    *Remote Packet Capture Protocol v.0 (experimenta rpcapd - on demand
    `l)
    *Remote Procedure Call (RPC) Locator RpcLocator - on demand
    *Remote Procedure Call (RPC) RpcSs running auto
    *QoS RSVP RSVP - on demand
    *Security Accounts Manager SamSs running auto
    *SAVScan SAVScan - on demand
    *ScriptBlocking Service SBService - auto
    *Smart Card SCardSvr - on demand
    *Task Scheduler Schedule running auto
    *Secondary Logon seclogon running auto
    *System Event Notification SENS running auto
    *Windows Firewall (WF) / Internet-verbinding del SharedAccess running auto
    `en (ICS)
    *Shell Hardware Detection ShellHWDetection running auto
    *Symantec Network Drivers Service SNDSrvc running auto
    *Symantec SPBBCSvc SPBBCSvc - on demand
    *Speed Disk service Speed Disk service running auto
    *Print Spooler Spooler running auto
    *System Restore-service srservice running auto
    *SSDP Discovery-service SSDPSRV - on demand
    *Windows Image Acquisition (WIA) stisvc running auto
    *MS Software Shadow Copy Provider SwPrv - on demand
    *Symantec Core LC Symantec Core LC running auto
    *Performance Logs and Alerts SysmonLog - on demand
    *Telephony TapiSrv running on demand
    *Terminal Services TermService running on demand
    *Thema's Themes running auto
    *Telnet TlntSvr - disabled
    *Distributed Link Tracking Client TrkWks - on demand
    *Windows User Mode Driver Framework UMWdf running auto
    *Universele Plug en Play-apparaathost upnphost - disabled
    *Uninterruptible Power Supply UPS - on demand
    *Volume Shadow Copy VSS - on demand
    *Windows Time W32Time running auto
    *WebClient WebClient running auto
    *Windows Management Instrumentation winmgmt running auto
    *Serienummerservice voor draagbare media WmdmPmSN - auto
    *Uitbreidingen van het stuurprogramma voor Windo Wmi - on demand
    `ws Management Instrumentation
    *WMI-prestatieadapter WmiApSrv - on demand
    *Security Center wscsvc running auto
    *Automatische updates wuauserv running auto
    *Wireless Zero Configuration-service WZCSVC running auto
    *Network Provisioning Service xmlprov - on demand
    »Application specific
  • Ik zie hier niks bijzonders in, of ik moet er over kijken. Blijkbaar wordt MS Antispy niet mee opgestart.

    Je meldt in een vroegere post dat a-squared een trojandroppers heeft verwijderd. Enig idee welke?

    Download rkfiles.zip .
    Pak de bestanden uit naar de map c:\rkfiles.
    Start de computer in veilige modus.
    Ga via de verkenner naar de map c:\rkfiles en dubbelklik op rkfiles.bat.
    De computer wordt nu gescand.
    Als het dosvenster sluit, start je de computer terug in normale modus.
    Zoek het bestand C:\log.txt
    Post de inhoud van dit bestand.
  • [quote:bae3db0aa7="M@rc"]Ik zie hier niks bijzonders in, of ik moet er over kijken. [/quote:bae3db0aa7]
    Kan ik natuurlijk niet meer terugvinden :oops:

    Ik ga even verder.
  • Kostte een beetje tijd …..

    C:\rkfiles

    PLEASE NOTE THAT ALL FILES FOUND BY THIS METHOD ARE NOT BAD FILES, THERE MIGHT BE LEGIT FILES LISTED AND PLEASE BE CAREFUL WHILE FIXING. IF YOU ARE UNSURE OF WHAT IT IS LEAVE THEM ALONE.
    Files Found in system Folder…………
    ————————
    G:\WINDOWS\system32\3D Wormhole.scr: UPX!
    G:\WINDOWS\system32\saxzip.ocx: UPX!
    G:\WINDOWS\system32\dfrg.msc: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQAAAAAwGpEc213
    G:\WINDOWS\system32\dfrg.msc: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQAAAAAwGpEc213

    Files Found in all users startup Folder…………
    ————————
    G:\WINDOWS\system32\3D Wormhole.scr: UPX!
    G:\WINDOWS\system32\saxzip.ocx: UPX!
    Files Found in all users windows Folder…………
    ————————
    G:\WINDOWS\daemon.dll: UPX!
    Finished
    bye
  • Lijkt me ook weer legaal. :(
  • Mee leren leven dus.
    Er zijn ergere dingen; verder kan ik uiteindelijk alles doen met mijn spul wat ik wil.
    Zeg, ik ben je bijzonder erkentelijk. Mocht je nog iets te binnen schieten, dan graag.
  • Kijk toch eens of je die logjes van a-squared niet kan vinden. Die zaken worden meestal ergens opgeslagen. Dit kan ons misschien op weg helpen.
  • OK, ik doe mijn best
  • Nee dus. :(:(
    Er zijn "trojandroppers" verwijderd, zoald ik al zei maar een logje daarvan heb ik niet kunnen vinden. Sorry.
    Wat nu nog? Of zo maar laten?
  • Hier ben ik even in dit nachtelijk uur.
    Wonderen zijn de wereld nog niet uit: MAS draait weer, zomaar ineens, spywarescan en alles! (Of hij dat mogen nog doet, moeten we afwachten …. :):):)) Zou dit kunnen komen, omdat ik schijfopruiming heb gedaan?
    Ook HijackThis werkt nu zowaar! Hier komt de log:

    Logfile of HijackThis v1.99.1
    Scan saved at 2:17:56, on 16-5-2005
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

    Running processes:
    G:\WINDOWS\System32\smss.exe
    G:\WINDOWS\system32\csrss.exe
    G:\WINDOWS\system32\winlogon.exe
    G:\WINDOWS\system32\services.exe
    G:\WINDOWS\system32\lsass.exe
    G:\WINDOWS\system32\svchost.exe
    G:\WINDOWS\system32\svchost.exe
    G:\WINDOWS\System32\svchost.exe
    G:\WINDOWS\System32\svchost.exe
    G:\WINDOWS\System32\svchost.exe
    G:\Program Files\Common Files\Symantec Shared\ccProxy.exe
    G:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
    G:\Program Files\Norton Internet Security\ISSVC.exe
    G:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
    G:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
    G:\WINDOWS\system32\spoolsv.exe
    G:\WINDOWS\Explorer.EXE
    G:\WINDOWS\System32\GEARSec.exe
    G:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
    G:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
    G:\Program Files\Norton SystemWorks\Norton Ghost\Agent\PQV2iSvc.exe
    G:\PROGRA~1\NORTON~1\NORTON~1\NPROTECT.EXE
    G:\PROGRA~1\NORTON~1\NORTON~1\SPEEDD~1\NOPDB.EXE
    G:\WINDOWS\System32\svchost.exe
    G:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
    G:\WINDOWS\system32\wdfmgr.exe
    G:\WINDOWS\system32\fxssvc.exe
    G:\WINDOWS\System32\alg.exe
    H:\Program Files\BillP Studios\WinPatrol\WinPatrol.exe
    G:\WINDOWS\HCChulp.exe
    G:\WINDOWS\system32\atiptaxx.exe
    H:\Program Files\Wallpaper Master\Wallpaper.exe
    G:\PROGRA~1\DAP\DAP.EXE
    G:\Program Files\Common Files\Symantec Shared\ccApp.exe
    G:\Program Files\Java\jre1.5.0_02\bin\jusched.exe
    G:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
    H:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe
    G:\Program Files\Virtual Magnifying Glass\Magnifying Glass.exe
    G:\Program Files\a2\a2guard.exe
    G:\WINDOWS\system32\ctfmon.exe
    G:\Program Files\Strokeit\strokeit.exe
    H:\Program Files\Odometer\Odometer.exe
    H:\Program Files\Easy SETI CLI\SETI Driver.exe
    H:\Program Files\MRU-Blaster\scheduler.exe
    H:\Program Files\Easy SETI CLI\setiathome-3.08.i386-winnt-cmdline.exe
    G:\Program Files\Microsoft Office\Office10\msoffice.exe
    G:\Program Files\Google\Google Desktop Search\GoogleDesktopIndex.exe
    G:\Program Files\Google\Google Desktop Search\GoogleDesktopCrawl.exe
    H:\Program Files\MailWasher Pro\MailWasher.exe
    H:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe
    H:\Program Files\Microsoft AntiSpyware\gcasServ.exe
    H:\downloads\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.zoeken.nl/?sttname=ie_rsearch
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.zoeken.nl/
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.hccmagazine.nl/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.zoeken.nl/?sttname=ie_rsearch
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.zoeken.nl/
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.hccmagazine.nl
    R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.zoeken.nl/?query=%s
    R1 - HKLM\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.zoeken.nl/?query=%s
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = G:\WINDOWS\PCHealth\HelpCtr\System\panels\blank.htm
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = G:\WINDOWS\PCHealth\HelpCtr\System\panels\blank.htm
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = proxy.rott.chello.nl:8080
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
    O2 - BHO: IeCaptureBho Object - {7c1ce531-09e9-4fc5-9803-1c2956615786} - G:\Program Files\Google\Google Desktop Search\GoogleDesktopIE.dll
    O2 - BHO: CNisExtBho Class - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - G:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
    O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - G:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - g:\program files\google\googletoolbar2.dll
    O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - G:\Program Files\MSN Apps\MSN Toolbar\01.02.3000.1001\en-xu\msntb.dll
    O3 - Toolbar: &HCC Hulp - {0BFDDA12-9C1A-46B8-9681-AFF63C2A1EF0} - G:\PROGRA~1\hcchulp\HCCHulp.dll
    O3 - Toolbar: Norton Internet Security - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - G:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
    O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - G:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
    O3 - Toolbar: Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - G:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_5_7_0.dll
    O3 - Toolbar: (no name) - {62999427-33FC-4baf-9C9C-BCE6BD127F08} - (no file)
    O4 - HKLM\..\Run: [WinPatrol] H:\Program Files\BillP Studios\WinPatrol\WinPatrol.exe
    O4 - HKLM\..\Run: [HCChulp] G:\WINDOWS\HCChulp.exe
    O4 - HKLM\..\Run: [ATIPTA] atiptaxx.exe
    O4 - HKLM\..\Run: [Symantec NetDriver Monitor] G:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
    O4 - HKLM\..\Run: [WallpaperChanger] H:\Program Files\Wallpaper Master\Wallpaper.exe
    O4 - HKLM\..\Run: [DownloadAccelerator] G:\PROGRA~1\DAP\DAP.EXE /STARTUP
    O4 - HKLM\..\Run: [ccApp] "G:\Program Files\Common Files\Symantec Shared\ccApp.exe"
    O4 - HKLM\..\Run: [SunJavaUpdateSched] G:\Program Files\Java\jre1.5.0_02\bin\jusched.exe
    O4 - HKLM\..\Run: [RAMDef] G:\Program Files\RAM Def XT\ramdef.exe -tray
    O4 - HKLM\..\Run: [gcasServ] H:\Program Files\Microsoft AntiSpyware\gcasServ.exe
    O4 - HKLM\..\RunOnce: [MRUBlaster] H:\Program Files\MRU-Blaster\indexcleaner.exe -COOKIES
    O4 - HKCU\..\Run: [Norton SystemWorks] "G:\Program Files\Norton SystemWorks\cfgwiz.exe" /GUID {05858CFD-5CC4-4ceb-AAAF-CF00BF39736A} /MODE CfgWiz
    O4 - HKCU\..\Run: [Google Desktop Search] G:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe /startup
    O4 - HKCU\..\Run: [Gadwin PrintScreen 2.6] H:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe /nosplash
    O4 - HKCU\..\Run: [MagnifyingGlass] G:\Program Files\Virtual Magnifying Glass\Magnifying Glass.exe /autorun
    O4 - HKCU\..\Run: [a-squared] "G:\Program Files\a2\a2guard.exe"
    O4 - HKCU\..\Run: [ctfmon.exe] G:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [StrokeIt] G:\Program Files\Strokeit\strokeit.exe
    O4 - Startup: MRU-Blaster Scheduler.lnk = H:\Program Files\MRU-Blaster\scheduler.exe
    O4 - Startup: MRU-Blaster Silent Clean.lnk = H:\Program Files\MRU-Blaster\mrublaster.exe
    O4 - Global Startup: HP Digital Imaging Monitor.lnk = G:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    O4 - Global Startup: Microsoft Office.lnk = G:\Program Files\Microsoft Office\Office10\OSA.EXE
    O4 - Global Startup: Odometer.lnk = H:\Program Files\Odometer\Odometer.exe
    O4 - Global Startup: SETI Driver.exe.lnk = H:\Program Files\Easy SETI CLI\SETI Driver.exe
    O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
    O8 - Extra context menu item: &Download with &DAP - G:\PROGRA~1\DAP\dapextie.htm
    O8 - Extra context menu item: &Google Search - res://g:\program files\google\GoogleToolbar2.dll/cmsearch.html
    O8 - Extra context menu item: Backward Links - res://g:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
    O8 - Extra context menu item: Cached Snapshot of Page - res://g:\program files\google\GoogleToolbar2.dll/cmcache.html
    O8 - Extra context menu item: Download &all with DAP - G:\PROGRA~1\DAP\dapextie2.htm
    O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://G:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
    O8 - Extra context menu item: Save Flash - res://G:\Program Files\UnH Solutions\Flash Saving Plugin\FlashSButton.dll/210
    O8 - Extra context menu item: Similar Pages - res://g:\program files\google\GoogleToolbar2.dll/cmsimilar.html
    O8 - Extra context menu item: Translate into English - res://g:\program files\google\GoogleToolbar2.dll/cmtrans.html
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - G:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - G:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
    O9 - Extra button: Subscribe in Desktop Sidebar - {09FE188B-6E85-479e-9411-51FB2220DF80} - H:\Program Files\Desktop Sidebar\sbhelp.dll
    O9 - Extra 'Tools' menuitem: Subscribe in Desktop Sidebar - {09FE188B-6E85-479e-9411-51FB2220DF80} - H:\Program Files\Desktop Sidebar\sbhelp.dll
    O9 - Extra button: Get More Games - {120CC99A-8016-42d4-93AF-8C5FE64FE4E3} - http://www.dapgames.com (file missing)
    O9 - Extra 'Tools' menuitem: Get More Games - {120CC99A-8016-42d4-93AF-8C5FE64FE4E3} - http://www.dapgames.com (file missing)
    O9 - Extra button: Run WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - G:\Program Files\WinHTTrack\WinHTTrackIEBar.dll
    O9 - Extra 'Tools' menuitem: Launch WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - G:\Program Files\WinHTTrack\WinHTTrackIEBar.dll
    O9 - Extra button: FreeToGoSwitch - {A888F560-58E4-11d0-A68A-000000000000} - G:\WINDOWS\System32\shdocvw.dll
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - G:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - G:\Program Files\Messenger\msmsgs.exe
    O9 - Extra button: Flash - {43CF38F3-5AEC-45a3-AD31-04EB06E9C6CA} - G:\Program Files\UnH Solutions\Flash Saving Plugin\FlashSButton.dll (HKCU)
    O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} (ASquaredScanForm Element) - http://www.windowsecurity.com/trojanscan/axscan.cab
    O23 - Service: AutoWhat Registry Service (AutoWhatService) - Ziff Davis Media, Inc. - G:\Program Files\PC Magazine Utilities\AutoWhat\Autoserv.exe
    O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - G:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
    O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - G:\Program Files\Common Files\Symantec Shared\ccProxy.exe
    O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - G:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
    O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - G:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
    O23 - Service: GEARSecurity - GEAR Software - G:\WINDOWS\System32\GEARSec.exe
    O23 - Service: hpdj3600 - Unknown owner - G:\DOCUME~1\Dick\LOCALS~1\Temp\hpdj3600.exe (file missing)
    O23 - Service: ISSvc (ISSVC) - Symantec Corporation - G:\Program Files\Norton Internet Security\ISSVC.exe
    O23 - Service: Norton AntiVirus Auto-Protect-service (navapsvc) - Symantec Corporation - G:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
    O23 - Service: Norton Ghost - Symantec Corporation - G:\Program Files\Norton SystemWorks\Norton Ghost\Agent\PQV2iSvc.exe
    O23 - Service: Norton Unerase Protection (NProtectService) - Symantec Corporation - G:\PROGRA~1\NORTON~1\NORTON~1\NPROTECT.EXE
    O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - %ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini (file missing)
    O23 - Service: SAVScan - Symantec Corporation - G:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
    O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - G:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
    O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - G:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
    O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - G:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
    O23 - Service: Speed Disk service - Symantec Corporation - G:\PROGRA~1\NORTON~1\NORTON~1\SPEEDD~1\NOPDB.EXE
    O23 - Service: Symantec Core LC - Symantec Corporation - G:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe

    Dus als je nog even zin en tijd hebt ………
    Alvast bedankt.
  • Download en installeer CCleaner.
    Gebruik het programma nog niet.

    Sluit alle open vensters, run HijackThis nog een keer en plaats een vinkje bij de volgende items:

    [b:5244c9e38c]R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = G:\WINDOWS\PCHealth\HelpCtr\System\panels\blank.htm
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = G:\WINDOWS\PCHealth\HelpCtr\System\panels\blank.htm
    O23 - Service: hpdj3600 - Unknown owner - G:\DOCUME~1\Dick\LOCALS~1\Temp\hpdj3600.exe (file missing)[/b:5244c9e38c]

    Klik daarna op "Fix checked" en sluit HijackThis af.

    Start CCleaner en klik op de knop opschonen.
    Over DAP zijn de meningen wat verdeeld.
  • O.K., allemaal gedaan :)
  • Nog een HijackThis log zien?
  • Dat mag.
  • Sorry, ik ben een beetje bescheiden van aard :):)

    Hier komt ….

    Logfile of HijackThis v1.99.1
    Scan saved at 19:57:34, on 16-5-2005
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

    Running processes:
    G:\WINDOWS\System32\smss.exe
    G:\WINDOWS\system32\csrss.exe
    G:\WINDOWS\system32\winlogon.exe
    G:\WINDOWS\system32\services.exe
    G:\WINDOWS\system32\lsass.exe
    G:\WINDOWS\system32\svchost.exe
    G:\WINDOWS\system32\svchost.exe
    G:\WINDOWS\System32\svchost.exe
    G:\WINDOWS\System32\svchost.exe
    G:\WINDOWS\System32\svchost.exe
    G:\Program Files\Common Files\Symantec Shared\ccProxy.exe
    G:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
    G:\Program Files\Norton Internet Security\ISSVC.exe
    G:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
    G:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
    G:\WINDOWS\system32\spoolsv.exe
    G:\WINDOWS\Explorer.EXE
    H:\Program Files\BillP Studios\WinPatrol\WinPatrol.exe
    G:\WINDOWS\HCChulp.exe
    G:\WINDOWS\system32\atiptaxx.exe
    H:\Program Files\Wallpaper Master\Wallpaper.exe
    G:\PROGRA~1\DAP\DAP.EXE
    G:\Program Files\Common Files\Symantec Shared\ccApp.exe
    G:\Program Files\Java\jre1.5.0_02\bin\jusched.exe
    G:\Program Files\RAM Def XT\ramdef.exe
    H:\Program Files\Microsoft AntiSpyware\gcasServ.exe
    G:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
    H:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe
    G:\Program Files\Virtual Magnifying Glass\Magnifying Glass.exe
    G:\Program Files\a2\a2guard.exe
    G:\WINDOWS\system32\ctfmon.exe
    G:\Program Files\Strokeit\strokeit.exe
    H:\Program Files\Odometer\Odometer.exe
    H:\Program Files\Easy SETI CLI\SETI Driver.exe
    H:\Program Files\MRU-Blaster\scheduler.exe
    G:\WINDOWS\System32\GEARSec.exe
    G:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
    H:\Program Files\Easy SETI CLI\setiathome-3.08.i386-winnt-cmdline.exe
    G:\Program Files\Microsoft Office\Office10\msoffice.exe
    G:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
    G:\Program Files\Norton SystemWorks\Norton Ghost\Agent\PQV2iSvc.exe
    H:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe
    G:\PROGRA~1\NORTON~1\NORTON~1\NPROTECT.EXE
    G:\PROGRA~1\NORTON~1\NORTON~1\SPEEDD~1\NOPDB.EXE
    G:\WINDOWS\System32\svchost.exe
    G:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
    G:\WINDOWS\system32\wdfmgr.exe
    G:\WINDOWS\system32\fxssvc.exe
    G:\WINDOWS\System32\alg.exe
    G:\Program Files\Google\Google Desktop Search\GoogleDesktopIndex.exe
    G:\Program Files\Google\Google Desktop Search\GoogleDesktopCrawl.exe
    G:\Program Files\MSN Messenger\msnmsgr.exe
    H:\downloads\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.zoeken.nl/?sttname=ie_rsearch
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.zoeken.nl/
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.hccmagazine.nl/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.zoeken.nl/?sttname=ie_rsearch
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.zoeken.nl/
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.hccmagazine.nl
    R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.zoeken.nl/?query=%s
    R1 - HKLM\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.zoeken.nl/?query=%s
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = proxy.rott.chello.nl:8080
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
    O2 - BHO: IeCaptureBho Object - {7c1ce531-09e9-4fc5-9803-1c2956615786} - G:\Program Files\Google\Google Desktop Search\GoogleDesktopIE.dll
    O2 - BHO: CNisExtBho Class - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - G:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
    O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - G:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - g:\program files\google\googletoolbar2.dll
    O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - G:\Program Files\MSN Apps\MSN Toolbar\01.02.3000.1001\en-xu\msntb.dll
    O3 - Toolbar: &HCC Hulp - {0BFDDA12-9C1A-46B8-9681-AFF63C2A1EF0} - G:\PROGRA~1\hcchulp\HCCHulp.dll
    O3 - Toolbar: Norton Internet Security - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - G:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
    O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - G:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
    O3 - Toolbar: Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - G:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_5_7_0.dll
    O3 - Toolbar: (no name) - {62999427-33FC-4baf-9C9C-BCE6BD127F08} - (no file)
    O4 - HKLM\..\Run: [WinPatrol] H:\Program Files\BillP Studios\WinPatrol\WinPatrol.exe
    O4 - HKLM\..\Run: [HCChulp] G:\WINDOWS\HCChulp.exe
    O4 - HKLM\..\Run: [ATIPTA] atiptaxx.exe
    O4 - HKLM\..\Run: [Symantec NetDriver Monitor] G:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
    O4 - HKLM\..\Run: [WallpaperChanger] H:\Program Files\Wallpaper Master\Wallpaper.exe
    O4 - HKLM\..\Run: [DownloadAccelerator] G:\PROGRA~1\DAP\DAP.EXE /STARTUP
    O4 - HKLM\..\Run: [ccApp] "G:\Program Files\Common Files\Symantec Shared\ccApp.exe"
    O4 - HKLM\..\Run: [SunJavaUpdateSched] G:\Program Files\Java\jre1.5.0_02\bin\jusched.exe
    O4 - HKLM\..\Run: [RAMDef] G:\Program Files\RAM Def XT\ramdef.exe -tray
    O4 - HKLM\..\Run: [gcasServ] H:\Program Files\Microsoft AntiSpyware\gcasServ.exe
    O4 - HKLM\..\RunOnce: [MRUBlaster] H:\Program Files\MRU-Blaster\indexcleaner.exe -COOKIES
    O4 - HKCU\..\Run: [Norton SystemWorks] "G:\Program Files\Norton SystemWorks\cfgwiz.exe" /GUID {05858CFD-5CC4-4ceb-AAAF-CF00BF39736A} /MODE CfgWiz
    O4 - HKCU\..\Run: [Google Desktop Search] G:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe /startup
    O4 - HKCU\..\Run: [Gadwin PrintScreen 2.6] H:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe /nosplash
    O4 - HKCU\..\Run: [MagnifyingGlass] G:\Program Files\Virtual Magnifying Glass\Magnifying Glass.exe /autorun
    O4 - HKCU\..\Run: [a-squared] "G:\Program Files\a2\a2guard.exe"
    O4 - HKCU\..\Run: [ctfmon.exe] G:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [StrokeIt] G:\Program Files\Strokeit\strokeit.exe
    O4 - Startup: MRU-Blaster Scheduler.lnk = H:\Program Files\MRU-Blaster\scheduler.exe
    O4 - Startup: MRU-Blaster Silent Clean.lnk = H:\Program Files\MRU-Blaster\mrublaster.exe
    O4 - Global Startup: HP Digital Imaging Monitor.lnk = G:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    O4 - Global Startup: Microsoft Office.lnk = G:\Program Files\Microsoft Office\Office10\OSA.EXE
    O4 - Global Startup: Odometer.lnk = H:\Program Files\Odometer\Odometer.exe
    O4 - Global Startup: SETI Driver.exe.lnk = H:\Program Files\Easy SETI CLI\SETI Driver.exe
    O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
    O8 - Extra context menu item: &Download with &DAP - G:\PROGRA~1\DAP\dapextie.htm
    O8 - Extra context menu item: &Google Search - res://g:\program files\google\GoogleToolbar2.dll/cmsearch.html
    O8 - Extra context menu item: Backward Links - res://g:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
    O8 - Extra context menu item: Cached Snapshot of Page - res://g:\program files\google\GoogleToolbar2.dll/cmcache.html
    O8 - Extra context menu item: Download &all with DAP - G:\PROGRA~1\DAP\dapextie2.htm
    O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://G:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
    O8 - Extra context menu item: Save Flash - res://G:\Program Files\UnH Solutions\Flash Saving Plugin\FlashSButton.dll/210
    O8 - Extra context menu item: Similar Pages - res://g:\program files\google\GoogleToolbar2.dll/cmsimilar.html
    O8 - Extra context menu item: Translate into English - res://g:\program files\google\GoogleToolbar2.dll/cmtrans.html
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - G:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - G:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
    O9 - Extra button: Subscribe in Desktop Sidebar - {09FE188B-6E85-479e-9411-51FB2220DF80} - H:\Program Files\Desktop Sidebar\sbhelp.dll
    O9 - Extra 'Tools' menuitem: Subscribe in Desktop Sidebar - {09FE188B-6E85-479e-9411-51FB2220DF80} - H:\Program Files\Desktop Sidebar\sbhelp.dll
    O9 - Extra button: Get More Games - {120CC99A-8016-42d4-93AF-8C5FE64FE4E3} - http://www.dapgames.com (file missing)
    O9 - Extra 'Tools' menuitem: Get More Games - {120CC99A-8016-42d4-93AF-8C5FE64FE4E3} - http://www.dapgames.com (file missing)
    O9 - Extra button: Run WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - G:\Program Files\WinHTTrack\WinHTTrackIEBar.dll
    O9 - Extra 'Tools' menuitem: Launch WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - G:\Program Files\WinHTTrack\WinHTTrackIEBar.dll
    O9 - Extra button: FreeToGoSwitch - {A888F560-58E4-11d0-A68A-000000000000} - G:\WINDOWS\System32\shdocvw.dll
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - G:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - G:\Program Files\Messenger\msmsgs.exe
    O9 - Extra button: Flash - {43CF38F3-5AEC-45a3-AD31-04EB06E9C6CA} - G:\Program Files\UnH Solutions\Flash Saving Plugin\FlashSButton.dll (HKCU)
    O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} (ASquaredScanForm Element) - http://www.windowsecurity.com/trojanscan/axscan.cab
    O23 - Service: AutoWhat Registry Service (AutoWhatService) - Ziff Davis Media, Inc. - G:\Program Files\PC Magazine Utilities\AutoWhat\Autoserv.exe
    O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - G:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
    O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - G:\Program Files\Common Files\Symantec Shared\ccProxy.exe
    O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - G:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
    O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - G:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
    O23 - Service: GEARSecurity - GEAR Software - G:\WINDOWS\System32\GEARSec.exe
    O23 - Service: ISSvc (ISSVC) - Symantec Corporation - G:\Program Files\Norton Internet Security\ISSVC.exe
    O23 - Service: Norton AntiVirus Auto-Protect-service (navapsvc) - Symantec Corporation - G:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
    O23 - Service: Norton Ghost - Symantec Corporation - G:\Program Files\Norton SystemWorks\Norton Ghost\Agent\PQV2iSvc.exe
    O23 - Service: Norton Unerase Protection (NProtectService) - Symantec Corporation - G:\PROGRA~1\NORTON~1\NORTON~1\NPROTECT.EXE
    O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - %ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini (file missing)
    O23 - Service: SAVScan - Symantec Corporation - G:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
    O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - G:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
    O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - G:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
    O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - G:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
    O23 - Service: Speed Disk service - Symantec Corporation - G:\PROGRA~1\NORTON~1\NORTON~1\SPEEDD~1\NOPDB.EXE
    O23 - Service: Symantec Core LC - Symantec Corporation - G:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
  • Ziet er goed uit baksteen.
  • O.K., dan maar laten zo …..
    bedankt!

    lena

Beantwoord deze vraag

Dit is een gearchiveerde pagina. Antwoorden is niet meer mogelijk.