Op deze website gebruiken we cookies om content en advertenties te personaliseren, om functies voor social media te bieden en om ons websiteverkeer te analyseren. Ook delen we informatie over uw gebruik van onze site met onze partners voor social media, adverteren en analyse. Deze partners kunnen deze gegevens combineren met andere informatie die u aan ze heeft verstrekt of die ze hebben verzameld op basis van uw gebruik van hun services. Meer informatie.

Akkoord

Vraag & Antwoord

Beveiliging & privacy

hijackthis logje omdat......

None
16 antwoorden
  • Hallo allemaal,
    Sommige pagina's op internet laden heel langzaam o.a. dit form, het form van tiscali en zo zijn er nog een paar. Alle scans op virus, maleware, enz.heb ik al gedaan. Zit te twijfelen om win.xp er opnieuw op te zetten, maar dacht misschien wil iemand mijn logje even bekijken. Als daar niets uit komt ga ik win. xp er eens fris opzetten en kijken of dit helpt. temp enz is ook al leeg flush dns ook. dus ben benieuwd. Al vast heel veel dank. groetjes Hans.

    Logfile of HijackThis v1.99.1
    Scan saved at 13:35, on 06-09-16
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.5700.0006)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\system32\CTSvcCDA.EXE
    C:\Program Files\Eset
    od32krn.exe
    C:\WINDOWS\system32\oodag.exe
    C:\WINDOWS\System32\snmp.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\ZoneLabs\vsmon.exe
    C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
    C:\WINDOWS\system32\MsPMSPSv.exe
    C:\WINDOWS\System32\wbem\wmiapsrv.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
    C:\Program Files\Winamp\winampa.exe
    C:\Program Files\TomTom HOME\TomTomHOME.exe
    C:\Program Files\Eset
    od32kui.exe
    C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb08.exe
    C:\Program Files\Creative\SBAudigy2\Surround Mixer\CTSysVol.exe
    C:\WINDOWS\CTHELPER.EXE
    C:\WINDOWS\system32\rundll32.exe
    C:\Program Files\TGTSoft\StyleXP\StyleXP.exe
    C:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE
    C:\Program Files\IE New Window Maximizer\iemaximizer.exe
    C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Logitech\SetPoint\SetPoint.exe
    C:\Program Files\NetMeter\NetMeter.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\3M\PSNLite\PsnLite.exe
    C:\Program Files\Common Files\Logitech\KhalShared\KHALMNPR.EXE
    C:\PROGRA~1\3M\PSNLite\PSNGive.exe
    C:\Program Files\Yahoo!\WidgetEngine\YahooWidgetEngine.exe
    C:\PROGRA~1\INCRED~1\bin\IMApp.exe
    C:\Program Files\Webshots\WebshotsTray.exe
    C:\Program Files\Yahoo!\WidgetEngine\YahooWidgetEngine.exe
    C:\Program Files\Yahoo!\WidgetEngine\YahooWidgetEngine.exe
    C:\Program Files\NU.nl Nieuwslezer
    unwslzr.exe
    C:\Program Files\Yahoo!\WidgetEngine\YahooWidgetEngine.exe
    C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\MSN Messenger\msnmsgr.exe
    C:\Documents and Settings\HR\Bureaublad\Nieuwe map\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.nl/0SENLNL/SAOS02
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.startpagina.nl/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=54729
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=55245&clcid={SUB_CLCID}
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
    O2 - BHO: SpywareGuard Download Protection - {4A368E80-174F-4872-96B5-0B27DDD11DB2} - C:\Program Files\SpywareGuard\dlprotect.dll
    O2 - BHO: OpinionBar IE monitor - {6607C683-AE7C-11D4-ACD7-0050DAC291A2} - C:\PROGRA~1\OPINIO~1\MYIEMO~1.DLL
    O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: CoTGT_BHO Class - {C333CF63-767F-4831-94AC-E683D962C63C} - C:\Program Files\TGTSoft\StyleXP\TGT_BHO.dll
    O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
    O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
    O4 - HKLM\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME\TomTomHOME.exe" -s
    O4 - HKLM\..\Run: [SpySweeper] "C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe" /startintray
    O4 - HKLM\..\Run: [Ptipbmf] "rundll32.exe" ptipbmf.dll,SetWriteCacheMode
    O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset
    od32kui.exe" /WAITSERVICE
    O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
    O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb08.exe
    O4 - HKLM\..\Run: [CTSysVol] "C:\Program Files\Creative\SBAudigy2\Surround Mixer\CTSysVol.exe"
    O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
    O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] "rundll32.exe" bthprops.cpl,,BluetoothAuthenticationAgent
    O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe"
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\RunOnce: [c_usdir] cmd /C "rmdir /Q C:\WINDOWS\system32\Macromed\Download"
    O4 - HKLM\..\RunOnce: [b_usexe] cmd /C "del C:\WINDOWS\system32\Macromed\Download\Download.exe"
    O4 - HKLM\..\RunOnce: [a_usdll] cmd /C "del C:\WINDOWS\system32\Macromed\Download\Download.dll"
    O4 - HKCU\..\Run: [STYLEXP] "C:\Program Files\TGTSoft\StyleXP\StyleXP.exe" -Hide
    O4 - HKCU\..\Run: [IE New Window Maximizer] "C:\Program Files\IE New Window Maximizer\iemaximizer.exe"
    O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe"
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
    O4 - HKCU\..\Run: [IncrediMail] "C:\Program Files\IncrediMail\bin\IncMail.exe" /c
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - Startup: E-mail.lnk = ?
    O4 - Startup: Webshots.lnk = C:\Program Files\Webshots\WebshotsTray.exe
    O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
    O4 - Global Startup: NetMeter.lnk = C:\Program Files\NetMeter\NetMeter.exe
    O4 - Global Startup: NU.nl Nieuwslezer.lnk = C:\Program Files\NU.nl Nieuwslezer
    unwslzr.exe
    O4 - Global Startup: Post-it® Software Notes Lite.lnk = C:\Program Files\3M\PSNLite\PsnLite.exe
    O4 - Global Startup: SpywareGuard.lnk = C:\Program Files\SpywareGuard\sgmain.exe
    O4 - Global Startup: Yahoo! Widget Engine (2).lnk = C:\Program Files\Yahoo!\WidgetEngine\YahooWidgetEngine.exe
    O9 - Extra button: (no name) - AutorunsDisabled - (no file)
    O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
    O11 - Options group: [INTERNATIONAL] International*
    O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} (Creative Software AutoUpdate) - http://www.creative.com/su/ocx/15026/CTSUEng.cab
    O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://www.creative.com/su/ocx/15026/CTPID.cab
    O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
    O20 - Winlogon Notify: WRNotifier - C:\WINDOWS\SYSTEM32\WRLogonNTF.dll
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
    O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTSvcCDA.EXE
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - c:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
    O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset
    od32krn.exe
    O23 - Service: O&O Defrag - O&O Software GmbH - C:\WINDOWS\system32\oodag.exe
    O23 - Service: StyleXPService - Unknown owner - C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
    O23 - Service: TuneUp WinStyler Theme Service (TUWinStylerThemeSvc) - TuneUp Software GmbH - C:\Program Files\TuneUp Utilities 2006\WinStylerThemeSvc.exe
    O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
    O23 - Service: Webroot Spy Sweeper Engine (WebrootSpySweeperService) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe





  • Download [b:62a4c3bf09]Combofix[/b:62a4c3bf09] naar je Bureaublad.[list:62a4c3bf09]
    Dubbelklik [b:62a4c3bf09]Combofix.exe[/b:62a4c3bf09]
    Volg de instructies, aanvaard de disclaimer door "y" of "Y" te typen.
    Tijdens het runnen van de fix, [b:62a4c3bf09]NIET[/b:62a4c3bf09] in het venster klikken, want dit zal je pc doen vasthangen.[/list:u:62a4c3bf09]
    Wanneer de fix voltooid is en na herstart, zal de log [b:62a4c3bf09]combofix.txt[/b:62a4c3bf09] openen.
    [i:62a4c3bf09]Plaats deze log in je volgende post samen met een nieuw HijackThis log.[/i:62a4c3bf09]

    NOTA: Indien je virusscanner reageert met een melding van een scriptuitvoering, mag je dit negeren.
  • Hallo,
    Bedankt voor je reactie, heb combofix gedownload, maar als ik klik op instaleren krijg ik net een blauw scherm te zien en op het moment dat daar letters in komen floept het hele scherm weg. dus kan hem niet draaien. Heb virusscanner en alle andere progjes wat op de achtergrond draaid al uit gezet, maar helaas. Heeft het nu op dit ook te draien in de veilige modus? of heeft dit geen zin of kan het helemaal niet.
  • HR - 06-09-16 23:05:59.60 Service Pack 2
    ComboFix 06.09.14 - Running from: C:\Documents and Settings\HR\Bureaublad

    ((((((((((((((((((((((((((((((( Files Created from 2006-08-16 to 2006-09-16 ))))))))))))))))))))))))))))))))))


    2006-09-16 17:57 94,208 –a—— C:\WINDOWS\DEVREG.DLL
    2006-09-16 17:57 24,576 –a—— C:\WINDOWS\system32\CTHELPER.EXE
    2006-09-16 17:57 20,480 –a—— C:\WINDOWS\system32\ENSDEF.EXE
    2006-09-16 17:57 155,648 –a—— C:\WINDOWS\system32\OPENAL32.DLL
    2006-09-16 14:16 181,760 –a—— C:\WINDOWS\system32\AM-Install.exe
    2006-09-09 16:22 121,856 ——— C:\WINDOWS\system32\xmllite.dll
    2006-08-24 22:20 520,192 ——— C:\WINDOWS\system32\ati2sgag.exe
    2006-08-23 00:31 50,688 ——— C:\WINDOWS\system32\msfeedsbs.dll
    2006-08-23 00:31 5,906,432 ——— C:\WINDOWS\system32\ieframe.dll
    2006-08-23 00:31 457,728 ——— C:\WINDOWS\system32\msfeeds.dll
    2006-08-23 00:31 175,616 ——— C:\WINDOWS\system32\ieui.dll
    2006-08-23 00:18 206,336 ——— C:\WINDOWS\system32\WinFXDocObj.exe
    2006-08-23 00:13 11,776 –a—— C:\WINDOWS\system32\ieudinit.exe
    2006-08-23 00:11 12,288 ——— C:\WINDOWS\system32\msfeedssync.exe
    2006-08-23 00:10 61,440 ——— C:\WINDOWS\system32\icardie.dll
    2006-08-23 00:09 262,656 ——— C:\WINDOWS\system32\iertutil.dll
    2006-08-22 23:36 380,928 ——— C:\WINDOWS\system32\ieapfltr.dll


    (((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))))


    2006-09-16 14:52 ——– d——– C:\Program Files\Ad Muncher
    2006-09-15 10:02 ——– d——– C:\Program Files\TomTom HOME
    2006-09-14 23:32 ——– d——– C:\Program Files\Foxit Software
    2006-09-12 21:59 ——– d——– C:\Program Files\Google
    2006-09-12 20:43 ——– d——– C:\Program Files\OfficeUpdate11
    2006-09-11 22:47 ——– d——– C:\Program Files\MSN Messenger
    2006-09-11 22:40 ——– d—s—- C:\Documents and Settings\HR\Application Data\Microsoft
    2006-09-11 22:25 ——– d——– C:\Program Files\Windows Live Safety Center
    2006-09-10 22:48 ——– d——– C:\Program Files\SpywareBlaster
    2006-09-10 22:47 ——– d——– C:\Program Files\SpywareGuard
    2006-09-10 22:03 ——– d–h—– C:\Program Files\InstallShield Installation Information
    2006-09-09 16:48 ——– d–h—– C:\Program Files\Uninstall Information
    2006-09-09 16:25 ——– d——– C:\Program Files\Internet Explorer
    2006-09-08 21:01 ——– d——– C:\Program Files\IncrediMail
    2006-09-05 22:40 ——– d——– C:\Program Files\Avant Browser
    2006-09-05 22:40 ——– d——– C:\Program Files\ASUS
    2006-09-05 22:39 ——– d——– C:\Documents and Settings\HR\Application Data\Avant Browser
    2006-08-27 16:33 ——– d——– C:\Program Files\Simpli Software
    2006-08-26 23:13 ——– d——– C:\Program Files\Webshots
    2006-08-25 00:07 ——– d——– C:\Program Files\Gabest
    2006-08-24 22:19 ——– d——– C:\Program Files\ATI Technologies
    2006-08-24 19:34 ——– d——– C:\Program Files\Winamp
    2006-08-23 00:31 413696 –a—— C:\WINDOWS\system32\vbscript.dll
    2006-08-23 00:31 225792 –a—— C:\WINDOWS\system32\webcheck.dll
    2006-08-23 00:31 152064 –a—— C:\WINDOWS\system32\msls31.dll
    2006-08-23 00:18 78336 –a—— C:\WINDOWS\system32\ieencode.dll
    2006-08-23 00:17 40448 –a—— C:\WINDOWS\system32\licmgr10.dll
    2006-08-23 00:17 105472 –a—— C:\WINDOWS\system32\url.dll
    2006-08-23 00:17 100352 –a—— C:\WINDOWS\system32\occache.dll
    2006-08-23 00:16 16896 –a—— C:\WINDOWS\system32\corpol.dll
    2006-08-23 00:14 378368 –a—— C:\WINDOWS\system32\iedkcs32.dll
    2006-08-23 00:14 229376 –a—— C:\WINDOWS\system32\ieaksie.dll
    2006-08-23 00:13 71680 –a—— C:\WINDOWS\system32\admparse.dll
    2006-08-23 00:13 55296 –a—— C:\WINDOWS\system32\iesetup.dll
    2006-08-23 00:13 54784 –a—— C:\WINDOWS\system32\ie4uinit.exe
    2006-08-23 00:13 43008 –a—— C:\WINDOWS\system32\iernonce.dll
    2006-08-23 00:13 152064 –a—— C:\WINDOWS\system32\ieakeng.dll
    2006-08-23 00:13 122880 –a—— C:\WINDOWS\system32\advpack.dll
    2006-08-23 00:10 35328 –a—— C:\WINDOWS\system32\imgutil.dll
    2006-08-23 00:07 45568 –a—— C:\WINDOWS\system32\mshta.exe
    2006-08-22 23:37 48128 –a—— C:\WINDOWS\system32\mshtmler.dll
    2006-08-22 23:30 161792 –a—— C:\WINDOWS\system32\ieakui.dll
    2006-08-21 14:28 16896 –a—— C:\WINDOWS\system32\fltlib.dll
    2006-08-21 11:14 23040 –a—— C:\WINDOWS\system32\fltmc.exe
    2006-08-21 11:14 128896 ——— C:\WINDOWS\system32\drivers\fltmgr.sys
    2006-08-15 18:03 ——– d——– C:\Documents and Settings\HR\Application Data\InstallShield
    2006-08-13 22:19 ——– d——– C:\Program Files\Shareaza
    2006-08-13 19:16 ——– d——– C:\Program Files\Kruidvat Fotoservice
    2006-08-10 19:46 22752 –a—— C:\WINDOWS\system32\spupdsvc.exe
    2006-08-06 14:00 ——– d——– C:\Documents and Settings\HR\Application Data\ATI
    2006-08-05 11:58 ——– d——– C:\Program Files\OpinionBar
    2006-08-03 19:33 15360 –a—— C:\WINDOWS\system32\drivers\sshrmd.sys
    2006-08-03 19:33 14848 –a—— C:\WINDOWS\system32\drivers\sskbfd.sys
    2006-08-03 19:33 13824 –a—— C:\WINDOWS\system32\drivers\SSFS0509.sys
    2006-08-03 19:33 117248 –a—— C:\WINDOWS\system32\drivers\ssidrv.sys
    2006-08-03 00:12 307200 –a—— C:\WINDOWS\system32\atiiiexx.dll
    2006-08-03 00:08 258048 –a—— C:\WINDOWS\system32\ati2dvag.dll
    2006-08-03 00:07 1681920 –a—— C:\WINDOWS\system32\drivers\ati2mtag.sys
    2006-08-03 00:02 86016 –a—— C:\WINDOWS\system32\ati2evxx.dll
    2006-08-03 00:02 77824 –a—— C:\WINDOWS\system32\Oemdspif.dll
    2006-08-03 00:02 41984 –a—— C:\WINDOWS\system32\ati2edxx.dll
    2006-08-03 00:02 26112 –a—— C:\WINDOWS\system32\Ati2mdxx.exe
    2006-08-03 00:02 114688 –a—— C:\WINDOWS\system32\atipdlxx.dll
    2006-08-03 00:01 401408 –a—— C:\WINDOWS\system32\ati2evxx.exe
    2006-08-03 00:00 53248 –a—— C:\WINDOWS\system32\ATIDDC.DLL
    2006-08-02 23:55 2373088 –a—— C:\WINDOWS\system32\ati3duag.dll
    2006-08-02 23:51 2354720 –a—— C:\WINDOWS\system32\ativvaxx.dll
    2006-08-02 23:49 6684672 –a—— C:\WINDOWS\system32\atioglx1.dll
    2006-08-02 23:45 5136384 –a—— C:\WINDOWS\system32\atioglxx.dll
    2006-08-02 23:41 208896 –a—— C:\WINDOWS\system32\atikvmag.dll
    2006-08-02 23:40 303104 –a—— C:\WINDOWS\system32\ATIDEMGR.dll
    2006-08-02 23:40 17408 –a—— C:\WINDOWS\system32\atitvo32.dll
    2006-08-02 23:35 286720 –a—— C:\WINDOWS\system32\ati2cqag.dll
    2006-07-29 19:32 48936 –a—— C:\WINDOWS\system32\sirenacm.dll
    2006-07-27 15:26 679424 –a—— C:\WINDOWS\system32\inetcomm.dll
    2006-07-24 20:04 ——– d——– C:\Program Files\World of Warcraft
    2006-07-24 19:56 125264 –a—— C:\Documents and Settings\HR\Application Data\Cosmos Prefs
    2006-07-21 10:29 72704 –a—— C:\WINDOWS\system32\hlink.dll
    2006-07-17 21:25 ——– d——– C:\Program Files\Microsoft Games
    2006-06-30 00:13 53248 –a—— C:\WINDOWS\system32\KemXML.dll
    2006-06-30 00:13 155648 –a—— C:\WINDOWS\system32\kemutb.dll
    2006-06-30 00:13 110592 –a—— C:\WINDOWS\system32\KemWnd.dll
    2006-06-30 00:12 126976 –a—— C:\WINDOWS\system32\KemUtil.dll
    2006-06-29 08:05 26112 ——— C:\WINDOWS\system32\idndl.dll
    2006-06-29 08:05 23552 ——— C:\WINDOWS\system32
    ormaliz.dll
    2006-06-28 17:59 24576 ——— C:\WINDOWS\system32
    lsdl.dll
    2006-06-22 07:17 69120 –a—— C:\WINDOWS\system32\ciodm.dll
    2006-06-22 07:17 1440768 –a—— C:\WINDOWS\system32\query.dll


    (((((((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))

    *Note* empty entries are not shown

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "STYLEXP"="\"C:\\Program Files\\TGTSoft\\StyleXP\\StyleXP.exe\" -Hide"
    "IE New Window Maximizer"="\"C:\\Program Files\\IE New Window Maximizer\\iemaximizer.exe\""
    "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="\"C:\\Program Files\\Common Files\\Ahead\\lib\\NMBgMonitor.exe\""
    "msnmsgr"="\"C:\\Program Files\\MSN Messenger\\msnmsgr.exe\" /background"
    "IncrediMail"="\"C:\\Program Files\\IncrediMail\\bin\\IncMail.exe\" /c"
    "ctfmon.exe"="C:\\WINDOWS\\system32\\ctfmon.exe"

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\AutorunsDisabled]
    "MSMSGS"="\"C:\\Program Files\\Messenger\\msmsgs.exe\" /background"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "Zone Labs Client"="\"C:\\Program Files\\Zone Labs\\ZoneAlarm\\zlclient.exe\""
    "WinampAgent"="\"C:\\Program Files\\Winamp\\winampa.exe\""
    "TomTomHOME.exe"="\"C:\\Program Files\\TomTom HOME\\TomTomHOME.exe\" -s"
    "SpySweeper"="\"C:\\Program Files\\Webroot\\Spy Sweeper\\SpySweeperUI.exe\" /startintray"
    "Ptipbmf"="\"rundll32.exe\" ptipbmf.dll,SetWriteCacheMode"
    "nod32kui"="\"C:\\Program Files\\Eset\
    od32kui.exe\" /WAITSERVICE"
    "Logitech Hardware Abstraction Layer"="KHALMNPR.EXE"
    "HPDJ Taskbar Utility"="C:\\WINDOWS\\system32\\spool\\drivers\\w32x86\\3\\hpztsb08.exe"
    "CTSysVol"="\"C:\\Program Files\\Creative\\SBAudigy2\\Surround Mixer\\CTSysVol.exe\""
    "CTHelper"="CTHELPER.EXE"
    "BluetoothAuthenticationAgent"="\"rundll32.exe\" bthprops.cpl,,BluetoothAuthenticationAgent"
    "ATICCC"="\"C:\\Program Files\\ATI Technologies\\ATI.ACE\\CLIStart.exe\""
    "QuickTime Task"="\"C:\\Program Files\\QuickTime\\qttask.exe\" -atboottime"
    "Ad Muncher"="\"C:\\Program Files\\Ad Muncher\\AdMunch.exe\" /bt"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\AutorunsDisabled]
    "HP Software Update"="C:\\Program Files\\Hewlett-Packard\\HP Software Update\\HPWuSchd.exe"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\IMAIL]
    "Installed"="1"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\MAPI]
    "NoChange"="1"
    "Installed"="1"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\MSFS]
    "Installed"="1"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Runonce]
    "c_usdir"="cmd /C \"rmdir /Q C:\\WINDOWS\\system32\\Macromed\\Download\""
    "b_usexe"="cmd /C \"del C:\\WINDOWS\\system32\\Macromed\\Download\\Download.exe\""
    "a_usdll"="cmd /C \"del C:\\WINDOWS\\system32\\Macromed\\Download\\Download.dll\""

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Desktop\Components]
    "DeskHtmlVersion"=dword:00000110
    "DeskHtmlMinorVersion"=dword:00000005
    "Settings"=dword:00000001
    "GeneralFlags"=dword:00000000

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Desktop\Components\0]
    "Source"="About:Home"
    "SubscribedURL"="About:Home"
    "FriendlyName"="Mijn huidige introductiepagina"
    "Flags"=dword:00000002
    "Position"=hex:2c,00,00,00,00,01,00,00,00,00,00,00,00,04,00,00,00,04,00,00,00,\
    00,00,00,01,00,00,00,01,00,00,00,01,00,00,00,00,00,00,00,00,00,00,00
    "CurrentState"=dword:40000004
    "OriginalStateInfo"=hex:18,00,00,00,00,01,00,00,00,00,00,00,00,04,00,00,00,04,\
    00,00,04,00,00,40
    "RestoredStateInfo"=hex:18,00,00,00,00,01,00,00,00,00,00,00,00,04,00,00,00,04,\
    00,00,01,00,00,00

    [HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"="C:\\WINDOWS\\System32\\CTFMON.EXE"

    [HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"="C:\\WINDOWS\\System32\\CTFMON.EXE"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\shellexecutehooks]
    "{AEB6717E-7E19-11d0-97EE-00C04FD91972}"=""
    "{81559C35-8464-49F7-BB0E-07A383BEF910}"="SpywareGuard"

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer]
    "NoDriveTypeAutoRun"=dword:00000091
    "NoLogoff"=dword:00000000
    "ClearRecentDocsOnExit"=hex:01,00,00,00
    "NoUserNameInStartMenu"=hex:01,00,00,00
    "NoBandCustomize"=dword:00000000
    "NoMovingBands"=dword:00000000
    "NoCloseDragDropBands"=dword:00000000
    "NoSetTaskbar"=dword:00000000
    "NoToolbarsOnTaskbar"=dword:00000000
    "NoSaveSettings"=dword:00000000
    "NoActiveDesktop"=dword:00000000
    "ClassicShell"=dword:00000000
    "NoTrayItemsDisplay"=dword:00000000

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer\Run]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system]
    "dontdisplaylastusername"=dword:00000000
    "legalnoticecaption"=""
    "legalnoticetext"=""
    "shutdownwithoutlogon"=dword:00000001
    "undockwithoutlogon"=dword:00000001

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer]
    "NoFileAssociate"=dword:00000000
    "LinkResolveIgnoreLinkInfo"=dword:00000000
    "NoResolveSearch"=dword:00000001

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer\run]

    [HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer]
    "NoDriveTypeAutoRun"=dword:00000091

    [HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer]
    "NoDriveTypeAutoRun"=dword:00000091

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
    "PostBootReminder"="{7849596a-48ea-486e-8937-a2a3009f31a9}"
    "CDBurn"="{fbeb8a05-beee-4442-804e-409d6c4515e9}"
    "WebCheck"="{E6FB5E20-DE35-11CF-9C87-00AA005127ED}"
    "SysTray"="{35CEC8A3-2BE6-11D2-8773-92E220524153}"
    "UPnPMonitor"="{e57ce738-33e8-4c51-8354-bb4de9d215d1}"

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run-]
    "MSMSGS"="\"C:\\Program Files\\Messenger\\msmsgs.exe\" /background"
    "CTFMON.EXE"="C:\\WINDOWS\\system32\\ctfmon.exe"
    "TuneUp MemOptimizer"="\"C:\\Program Files\\TuneUp Utilities 2006\\MemOptimizer.exe\" autostart"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run-]
    "TkBellExe"="\"C:\\Program Files\\Common Files\\Real\\Update_OB\\realsched.exe\" -osboot"
    "UpdReg"="C:\\WINDOWS\\UpdReg.EXE"
    "ATICCC"="\"C:\\Program Files\\ATI Technologies\\ATI.ACE\\cli.exe\" runtime -Delay"
    "NeroFilterCheck"="C:\\WINDOWS\\system32\\NeroCheck.exe"
    "QuickTime Task"="\"C:\\Program Files\\QuickTime\\qttask.exe\" -atboottime"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupreg]
    "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
    "item"=""
    "hkey"="HKLM"
    "command"=""
    "inimapping"="0"


    HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders
    securityproviders REG_SZ msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll

    HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\minimal\WebrootSpySweeperService

    Contents of the 'Scheduled Tasks' folder
    C:\WINDOWS\tasks\1-Click Maintenance.job

    Completion time: 06-09-16 23:07:20.56
    ComboFix.txt


    Hijackthis 2E

    Logfile of HijackThis v1.99.1
    Scan saved at 23:08, on 06-09-16
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.5700.0006)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
    C:\Program Files\Winamp\winampa.exe
    C:\Program Files\TomTom HOME\TomTomHOME.exe
    C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe
    C:\Program Files\Eset
    od32kui.exe
    C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb08.exe
    C:\Program Files\Creative\SBAudigy2\Surround Mixer\CTSysVol.exe
    C:\WINDOWS\system32\CTHELPER.EXE
    C:\WINDOWS\system32\rundll32.exe
    C:\Program Files\Ad Muncher\AdMunch.exe
    C:\Program Files\TGTSoft\StyleXP\StyleXP.exe
    C:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE
    C:\Program Files\IE New Window Maximizer\iemaximizer.exe
    C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe
    C:\Program Files\MSN Messenger\msnmsgr.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\WINDOWS\system32\CTSvcCDA.EXE
    C:\Program Files\Logitech\SetPoint\SetPoint.exe
    C:\Program Files\Eset
    od32krn.exe
    C:\WINDOWS\system32\oodag.exe
    C:\Program Files\NetMeter\NetMeter.exe
    C:\WINDOWS\System32\snmp.exe
    C:\Program Files\3M\PSNLite\PsnLite.exe
    C:\Program Files\SpywareGuard\sgmain.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\ZoneLabs\vsmon.exe
    C:\Program Files\Yahoo!\WidgetEngine\YahooWidgetEngine.exe
    C:\PROGRA~1\3M\PSNLite\PSNGive.exe
    C:\Program Files\Webshots\WebshotsTray.exe
    C:\PROGRA~1\INCRED~1\bin\IMApp.exe
    C:\Program Files\SpywareGuard\sgbhp.exe
    C:\Program Files\Common Files\Logitech\KhalShared\KHALMNPR.EXE
    C:\Program Files\Yahoo!\WidgetEngine\YahooWidgetEngine.exe
    C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
    C:\WINDOWS\system32\MsPMSPSv.exe
    C:\WINDOWS\System32\wbem\wmiapsrv.exe
    C:\Program Files\Yahoo!\WidgetEngine\YahooWidgetEngine.exe
    C:\Program Files\Yahoo!\WidgetEngine\YahooWidgetEngine.exe
    C:\Program Files\Webroot\Spy Sweeper\SSU.EXE
    C:\Program Files\NU.nl Nieuwslezer
    unwslzr.exe
    C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
    C:\Program Files\Internet Explorer\IEXPLORE.EXE
    C:\Documents and Settings\HR\Bureaublad\Nieuwe map\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.nl/0SENLNL/SAOS02
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.startpagina.nl/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=54729
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=55245&clcid={SUB_CLCID}
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
    O2 - BHO: SpywareGuard Download Protection - {4A368E80-174F-4872-96B5-0B27DDD11DB2} - C:\Program Files\SpywareGuard\dlprotect.dll
    O2 - BHO: OpinionBar IE monitor - {6607C683-AE7C-11D4-ACD7-0050DAC291A2} - C:\PROGRA~1\OPINIO~1\MYIEMO~1.DLL
    O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: CoTGT_BHO Class - {C333CF63-767F-4831-94AC-E683D962C63C} - C:\Program Files\TGTSoft\StyleXP\TGT_BHO.dll
    O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
    O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
    O4 - HKLM\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME\TomTomHOME.exe" -s
    O4 - HKLM\..\Run: [SpySweeper] "C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe" /startintray
    O4 - HKLM\..\Run: [Ptipbmf] "rundll32.exe" ptipbmf.dll,SetWriteCacheMode
    O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset
    od32kui.exe" /WAITSERVICE
    O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
    O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb08.exe
    O4 - HKLM\..\Run: [CTSysVol] "C:\Program Files\Creative\SBAudigy2\Surround Mixer\CTSysVol.exe"
    O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
    O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] "rundll32.exe" bthprops.cpl,,BluetoothAuthenticationAgent
    O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe"
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [Ad Muncher] "C:\Program Files\Ad Muncher\AdMunch.exe" /bt
    O4 - HKLM\..\RunOnce: [c_usdir] cmd /C "rmdir /Q C:\WINDOWS\system32\Macromed\Download"
    O4 - HKLM\..\RunOnce: [b_usexe] cmd /C "del C:\WINDOWS\system32\Macromed\Download\Download.exe"
    O4 - HKLM\..\RunOnce: [a_usdll] cmd /C "del C:\WINDOWS\system32\Macromed\Download\Download.dll"
    O4 - HKCU\..\Run: [STYLEXP] "C:\Program Files\TGTSoft\StyleXP\StyleXP.exe" -Hide
    O4 - HKCU\..\Run: [IE New Window Maximizer] "C:\Program Files\IE New Window Maximizer\iemaximizer.exe"
    O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe"
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
    O4 - HKCU\..\Run: [IncrediMail] "C:\Program Files\IncrediMail\bin\IncMail.exe" /c
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - Startup: E-mail.lnk = ?
    O4 - Startup: Webshots.lnk = C:\Program Files\Webshots\WebshotsTray.exe
    O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
    O4 - Global Startup: NetMeter.lnk = C:\Program Files\NetMeter\NetMeter.exe
    O4 - Global Startup: NU.nl Nieuwslezer.lnk = C:\Program Files\NU.nl Nieuwslezer
    unwslzr.exe
    O4 - Global Startup: Post-it® Software Notes Lite.lnk = C:\Program Files\3M\PSNLite\PsnLite.exe
    O4 - Global Startup: SpywareGuard.lnk = C:\Program Files\SpywareGuard\sgmain.exe
    O4 - Global Startup: Yahoo! Widget Engine (2).lnk = C:\Program Files\Yahoo!\WidgetEngine\YahooWidgetEngine.exe
    O9 - Extra button: (no name) - AutorunsDisabled - (no file)
    O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
    O11 - Options group: [INTERNATIONAL] International*
    O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} (Creative Software AutoUpdate) - http://www.creative.com/su/ocx/15026/CTSUEng.cab
    O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://www.creative.com/su/ocx/15026/CTPID.cab
    O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
    O20 - Winlogon Notify: WRNotifier - C:\WINDOWS\SYSTEM32\WRLogonNTF.dll
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
    O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTSvcCDA.EXE
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - c:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
    O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset
    od32krn.exe
    O23 - Service: O&O Defrag - O&O Software GmbH - C:\WINDOWS\system32\oodag.exe
    O23 - Service: StyleXPService - Unknown owner - C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
    O23 - Service: TuneUp WinStyler Theme Service (TUWinStylerThemeSvc) - TuneUp Software GmbH - C:\Program Files\TuneUp Utilities 2006\WinStylerThemeSvc.exe
    O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
    O23 - Service: Webroot Spy Sweeper Engine (WebrootSpySweeperService) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe

    dan toch een log, hoop dat je hier iets mee kunt








  • Probeer deze eens aub.

    Download [b:5759f0a9e8] naar je bureaublad.[list:5759f0a9e8]
    [*:5759f0a9e8]Dubbelklik [b:5759f0a9e8]VundoFix.exe[/b:5759f0a9e8] om het te starten.
    [*:5759f0a9e8]Zet een vinkje naast: [b:5759f0a9e8]Run VundoFix as a task.[/b:5759f0a9e8]
    [*:5759f0a9e8]Je zal een melding krijgen dat Vundofix zal sluiten en daarna terug openen. Klik [b:5759f0a9e8]OK[/b:5759f0a9e8]
    [*:5759f0a9e8]Wanneer VundoFix opnieuw opent, klik de [b:5759f0a9e8]Scan for Vundo[/b:5759f0a9e8] knop.
    [*:5759f0a9e8]Eenmaal gedaan met scannen, klik de [b:5759f0a9e8]Remove Vundo[/b:5759f0a9e8] knop.
    [*:5759f0a9e8]Je zal een melding krijgen of je de bestanden wilt laten verwijderen, klik [b:5759f0a9e8]YES[/b:5759f0a9e8]
    [*:5759f0a9e8]Nadat je Yes hebt geklikt, zullen de icoontjes op je bureaublad verdwijnen tijdens het verwijderen van Vundo.
    [*:5759f0a9e8]Wanneer voltooid zal je de melding krijgen dat het je PC zal afsluiten, klik [b:5759f0a9e8]OK[/b:5759f0a9e8].
    [*:5759f0a9e8]Start je pc terug opnieuw op.
    [*:5759f0a9e8]Post de inhoud van [b:5759f0a9e8]C:\vundofix.txt[/b:5759f0a9e8] en een nieuwe hijackthislog in je volgende post.
    [/list:u:5759f0a9e8]
    Note: Het is mogelijk dat vundofix een bestand gevonden heeft dat niet kon verwijderd worden.
    In dit geval zal VundoFix na het heropstarten van je pc nog eens opstarten. Dan moet je de instructies van hierboven nog eens uitvoeren vanaf: "Click the [b:5759f0a9e8]Scan for Vundo[/b:5759f0a9e8]."
  • Heb vundofix gedownload, versie v1.6.5, moet zeggen ik had 2 knoppen en kon nergens vinkje zetten. heb dus scan for vundo gedaan en heeft niets gevonden, vandaar ook geen log's erbij gedaan.
    nogmaals had twee knoppen scan en remove.
  • Mag ik nog een nieuw HJT logje van je en vertel gelijk of je problemen al minder zijn.
  • Hier is hij weer, het laden van de pagina's gaat soms goed dan weer zeer traag. Als ik naar de home page van tiscali ga ( www.tiscali.nl ) dan heb ik de site normaal, klik ik daar op diensten/form/internet dan gaat dat weer zeer traag. Als ik naar de home page ga van computertotaal heb ik soms alleen de blauwe achtergrond soms komt hij als ik 2 of 3 keer de page vernieuw wel, soms komt hij ook als ik zeker 20 sec ( ja soms ook langer ) wacht. Dit maar even ter info. hierbij een nieuwe hijack log.

    Alleen doen als je zin en tijd heb hoor, ik heb er ook geen haast mee.
    als je er geen zin meer in heb gewoon even zeggen even goede vrienden. Groetjes Hans


    Logfile of HijackThis v1.99.1
    Scan saved at 17:45, on 06-09-18
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.5700.0006)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
    C:\Program Files\Winamp\winampa.exe
    C:\Program Files\TomTom HOME\TomTomHOME.exe
    C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe
    C:\Program Files\Eset
    od32kui.exe
    C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb08.exe
    C:\Program Files\Creative\SBAudigy2\Surround Mixer\CTSysVol.exe
    C:\WINDOWS\system32\CTHELPER.EXE
    C:\WINDOWS\system32\rundll32.exe
    C:\Program Files\Ad Muncher\AdMunch.exe
    C:\Program Files\TGTSoft\StyleXP\StyleXP.exe
    C:\Program Files\IE New Window Maximizer\iemaximizer.exe
    C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe
    C:\Program Files\MSN Messenger\msnmsgr.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Logitech\SetPoint\SetPoint.exe
    C:\Program Files\NetMeter\NetMeter.exe
    C:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE
    C:\Program Files\3M\PSNLite\PsnLite.exe
    C:\Program Files\SpywareGuard\sgmain.exe
    C:\Program Files\Yahoo!\WidgetEngine\YahooWidgetEngine.exe
    C:\Program Files\Common Files\Logitech\KhalShared\KHALMNPR.EXE
    C:\Program Files\Webshots\WebshotsTray.exe
    C:\PROGRA~1\3M\PSNLite\PSNGive.exe
    C:\PROGRA~1\INCRED~1\bin\IMApp.exe
    C:\Program Files\SpywareGuard\sgbhp.exe
    C:\Program Files\Yahoo!\WidgetEngine\YahooWidgetEngine.exe
    C:\Program Files\Yahoo!\WidgetEngine\YahooWidgetEngine.exe
    C:\Program Files\Yahoo!\WidgetEngine\YahooWidgetEngine.exe
    C:\WINDOWS\system32\CTSvcCDA.EXE
    C:\Program Files\Eset
    od32krn.exe
    C:\WINDOWS\system32\oodag.exe
    C:\WINDOWS\System32\snmp.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\ZoneLabs\vsmon.exe
    C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
    C:\WINDOWS\system32\MsPMSPSv.exe
    C:\WINDOWS\System32\wbem\wmiapsrv.exe
    C:\Program Files\Webroot\Spy Sweeper\SSU.EXE
    C:\Program Files\NU.nl Nieuwslezer
    unwslzr.exe
    C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
    C:\Documents and Settings\HR\Bureaublad\Nieuwe map\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.nl/0SENLNL/SAOS02
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.startpagina.nl/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=54729
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=55245&clcid={SUB_CLCID}
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
    O2 - BHO: SpywareGuard Download Protection - {4A368E80-174F-4872-96B5-0B27DDD11DB2} - C:\Program Files\SpywareGuard\dlprotect.dll
    O2 - BHO: OpinionBar IE monitor - {6607C683-AE7C-11D4-ACD7-0050DAC291A2} - C:\PROGRA~1\OPINIO~1\MYIEMO~1.DLL
    O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: CoTGT_BHO Class - {C333CF63-767F-4831-94AC-E683D962C63C} - C:\Program Files\TGTSoft\StyleXP\TGT_BHO.dll
    O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
    O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
    O4 - HKLM\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME\TomTomHOME.exe" -s
    O4 - HKLM\..\Run: [SpySweeper] "C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe" /startintray
    O4 - HKLM\..\Run: [Ptipbmf] "rundll32.exe" ptipbmf.dll,SetWriteCacheMode
    O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset
    od32kui.exe" /WAITSERVICE
    O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
    O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb08.exe
    O4 - HKLM\..\Run: [CTSysVol] "C:\Program Files\Creative\SBAudigy2\Surround Mixer\CTSysVol.exe"
    O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
    O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] "rundll32.exe" bthprops.cpl,,BluetoothAuthenticationAgent
    O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe"
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [Ad Muncher] "C:\Program Files\Ad Muncher\AdMunch.exe" /bt
    O4 - HKLM\..\RunOnce: [c_usdir] cmd /C "rmdir /Q C:\WINDOWS\system32\Macromed\Download"
    O4 - HKLM\..\RunOnce: [b_usexe] cmd /C "del C:\WINDOWS\system32\Macromed\Download\Download.exe"
    O4 - HKLM\..\RunOnce: [a_usdll] cmd /C "del C:\WINDOWS\system32\Macromed\Download\Download.dll"
    O4 - HKCU\..\Run: [STYLEXP] "C:\Program Files\TGTSoft\StyleXP\StyleXP.exe" -Hide
    O4 - HKCU\..\Run: [IE New Window Maximizer] "C:\Program Files\IE New Window Maximizer\iemaximizer.exe"
    O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe"
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
    O4 - HKCU\..\Run: [IncrediMail] "C:\Program Files\IncrediMail\bin\IncMail.exe" /c
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - Startup: E-mail.lnk = ?
    O4 - Startup: Webshots.lnk = C:\Program Files\Webshots\WebshotsTray.exe
    O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
    O4 - Global Startup: NetMeter.lnk = C:\Program Files\NetMeter\NetMeter.exe
    O4 - Global Startup: NU.nl Nieuwslezer.lnk = C:\Program Files\NU.nl Nieuwslezer
    unwslzr.exe
    O4 - Global Startup: Post-it® Software Notes Lite.lnk = C:\Program Files\3M\PSNLite\PsnLite.exe
    O4 - Global Startup: SpywareGuard.lnk = C:\Program Files\SpywareGuard\sgmain.exe
    O4 - Global Startup: Yahoo! Widget Engine (2).lnk = C:\Program Files\Yahoo!\WidgetEngine\YahooWidgetEngine.exe
    O9 - Extra button: (no name) - AutorunsDisabled - (no file)
    O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
    O11 - Options group: [INTERNATIONAL] International*
    O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} (Creative Software AutoUpdate) - http://www.creative.com/su/ocx/15026/CTSUEng.cab
    O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://www.creative.com/su/ocx/15026/CTPID.cab
    O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
    O20 - Winlogon Notify: WRNotifier - C:\WINDOWS\SYSTEM32\WRLogonNTF.dll
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
    O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTSvcCDA.EXE
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - c:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
    O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset
    od32krn.exe
    O23 - Service: O&O Defrag - O&O Software GmbH - C:\WINDOWS\system32\oodag.exe
    O23 - Service: StyleXPService - Unknown owner - C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
    O23 - Service: TuneUp WinStyler Theme Service (TUWinStylerThemeSvc) - TuneUp Software GmbH - C:\Program Files\TuneUp Utilities 2006\WinStylerThemeSvc.exe
    O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
    O23 - Service: Webroot Spy Sweeper Engine (WebrootSpySweeperService) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe





  • Nee hoor wat ik begin maak ik af , ik heb geduld zat. Ik ga zo snel als kan even kijken voor je.
    hoop info dus kan even duren.
  • Hallo weer,

    -Zorg dat de verborgen bestanden en systeembestanden worden weergegeven. (klik hier ( http://users.telenet.be/marcvn/spyware/1117602.htm ) voor hulp)

    Start HJT opnieuw en doe een systemscan only vink onderstaande regels aan sluit alle vensters behalve die van HJT en klik op fix checked.


    [b:b8a56a50af]O2 - BHO: OpinionBar IE monitor - {6607C683-AE7C-11D4-ACD7-0050DAC291A2} - C:\PROGRA~1\OPINIO~1\MYIEMO~1.DLL
    O4 - HKLM\..\RunOnce: [c_usdir] cmd /C "rmdir /Q C:\WINDOWS\system32\Macromed\Download"
    O4 - HKLM\..\RunOnce: [b_usexe] cmd /C "del C:\WINDOWS\system32\Macromed\Download\Download.exe"[/b:b8a56a50af]





    Download [b:b8a56a50af]ATF cleaner[/b:b8a56a50af] (by Atribune)

    Dubbelklik op ATF cleaner om het programma te starten.
    Op het tabblad "Main", plaats je een vinkje bij [b:b8a56a50af]Select All[/b:b8a56a50af].
    Klik op de knop [b:b8a56a50af]Empty Selected[/b:b8a56a50af].

    Gebruik je ook Firefox als browser:
    Klik op tabblad "Firefox", plaats een vinkje bij [b:b8a56a50af]Select All[/b:b8a56a50af].
    Wil je de door Firefox opgeslagen wachtwoorden behouden, dan klik je in het venster dat verschijnt op "No".
    (dit verwijdert het vinkje bij "Firefox saved passwords";)
    Klik op de knop [b:b8a56a50af]Empty Selected[/b:b8a56a50af].

    Gebruik je ook Opera als browser:
    Klik op tabblad "Opera", plaats een vinkje bij [b:b8a56a50af]Select All[/b:b8a56a50af].
    Wil je de door Opera opgeslagen wachtwoorden behouden, dan klik je in het venster dat verschijnt op "No".
    Klik op de knop [b:b8a56a50af]Empty Selected[/b:b8a56a50af].
    Ga naar het tabblad "Main" en klik op de knop [b:b8a56a50af]Exit[/b:b8a56a50af] om het programma af te sluiten.

    Start opnieuw op en plaats een nieuw logje aub.

    Juisterr
  • opinionbar heb ik toch nog even laten staan, dit omdat mijn vrouw dit nodig heeft. Wel heb ik zoiets van als we alles hebben gehad en het probleem blijft bestaan doe ik dit als nog. Atf cleaner had ik al, heb hem wel nu net even gedraait en hierbij de nieuwe hij log.
  • [quote:818f3c6bb7="Hans1"]opinionbar heb ik toch nog even laten staan, dit omdat mijn vrouw dit nodig heeft. Wel heb ik zoiets van als we alles hebben gehad en het probleem blijft bestaan doe ik dit als nog. Atf cleaner had ik al, heb hem wel nu net even gedraait en hierbij de nieuwe hij log.[/quote:818f3c6bb7]

    tja :-?

    http://www.softwaretipsandtricks.com/browser_helper_objects/366-Myiemonitordll.html
  • Ik heb het gelezen, misschien vannavond nog, anders morgen gaat hij eraf. Daarna zal ik nog even hij.logje neer zetten. alvast bedankt voor je tijd en inspanning tot nu toe. GR.Hans
  • Hallo, ietsje later maar hij is er af hierbij het logje
    Groetjes Hans
    p.s.het lijkt al beter te gaan moet het wel even in de gaten houden, dit omdat het soms goed gaat en dan weer niet.

    Logfile of HijackThis v1.99.1
    Scan saved at 23:50, on 06-09-21
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.5700.0006)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
    C:\Program Files\Winamp\winampa.exe
    C:\Program Files\TomTom HOME\TomTomHOME.exe
    C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe
    C:\Program Files\Eset
    od32kui.exe
    C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb08.exe
    C:\Program Files\Creative\SBAudigy2\Surround Mixer\CTSysVol.exe
    C:\WINDOWS\system32\CTHELPER.EXE
    C:\WINDOWS\system32\rundll32.exe
    C:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE
    C:\WINDOWS\system32\CTSvcCDA.EXE
    C:\Program Files\TGTSoft\StyleXP\StyleXP.exe
    C:\Program Files\IE New Window Maximizer\iemaximizer.exe
    C:\Program Files\Eset
    od32krn.exe
    C:\WINDOWS\system32\oodag.exe
    C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe
    C:\Program Files\MSN Messenger\msnmsgr.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\WINDOWS\System32\snmp.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Logitech\SetPoint\SetPoint.exe
    C:\Program Files\NetMeter\NetMeter.exe
    C:\PROGRA~1\INCRED~1\bin\IMApp.exe
    C:\Program Files\Common Files\Logitech\KhalShared\KHALMNPR.EXE
    C:\WINDOWS\system32\ZoneLabs\vsmon.exe
    C:\Program Files\3M\PSNLite\PsnLite.exe
    C:\Program Files\SpywareGuard\sgmain.exe
    C:\Program Files\Yahoo!\WidgetEngine\YahooWidgetEngine.exe
    C:\PROGRA~1\3M\PSNLite\PSNGive.exe
    C:\Program Files\Webshots\WebshotsTray.exe
    C:\Program Files\SpywareGuard\sgbhp.exe
    C:\Program Files\Yahoo!\WidgetEngine\YahooWidgetEngine.exe
    C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
    C:\Program Files\Yahoo!\WidgetEngine\YahooWidgetEngine.exe
    C:\Program Files\Yahoo!\WidgetEngine\YahooWidgetEngine.exe
    C:\WINDOWS\system32\MsPMSPSv.exe
    C:\WINDOWS\System32\wbem\wmiapsrv.exe
    C:\Program Files\Webroot\Spy Sweeper\SSU.EXE
    C:\Program Files\NU.nl Nieuwslezer
    unwslzr.exe
    C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\Documents and Settings\HR\Bureaublad\Nieuwe map\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.nl/0SENLNL/SAOS02
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.startpagina.nl/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=54729
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=55245&clcid={SUB_CLCID}
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
    O2 - BHO: SpywareGuard Download Protection - {4A368E80-174F-4872-96B5-0B27DDD11DB2} - C:\Program Files\SpywareGuard\dlprotect.dll
    O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: CoTGT_BHO Class - {C333CF63-767F-4831-94AC-E683D962C63C} - C:\Program Files\TGTSoft\StyleXP\TGT_BHO.dll
    O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
    O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
    O4 - HKLM\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME\TomTomHOME.exe" -s
    O4 - HKLM\..\Run: [SpySweeper] "C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe" /startintray
    O4 - HKLM\..\Run: [Ptipbmf] "rundll32.exe" ptipbmf.dll,SetWriteCacheMode
    O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset
    od32kui.exe" /WAITSERVICE
    O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
    O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb08.exe
    O4 - HKLM\..\Run: [CTSysVol] "C:\Program Files\Creative\SBAudigy2\Surround Mixer\CTSysVol.exe"
    O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
    O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] "rundll32.exe" bthprops.cpl,,BluetoothAuthenticationAgent
    O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe"
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [Ad Muncher] "C:\Program Files\Ad Muncher\AdMunch.exe" /bt
    O4 - HKLM\..\RunOnce: [c_usdir] cmd /C "rmdir /Q C:\WINDOWS\system32\Macromed\Download"
    O4 - HKLM\..\RunOnce: [b_usexe] cmd /C "del C:\WINDOWS\system32\Macromed\Download\Download.exe"
    O4 - HKLM\..\RunOnce: [a_usdll] cmd /C "del C:\WINDOWS\system32\Macromed\Download\Download.dll"
    O4 - HKCU\..\Run: [STYLEXP] "C:\Program Files\TGTSoft\StyleXP\StyleXP.exe" -Hide
    O4 - HKCU\..\Run: [IE New Window Maximizer] "C:\Program Files\IE New Window Maximizer\iemaximizer.exe"
    O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe"
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
    O4 - HKCU\..\Run: [IncrediMail] "C:\Program Files\IncrediMail\bin\IncMail.exe" /c
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - Startup: E-mail.lnk = ?
    O4 - Startup: Webshots.lnk = C:\Program Files\Webshots\WebshotsTray.exe
    O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
    O4 - Global Startup: NetMeter.lnk = C:\Program Files\NetMeter\NetMeter.exe
    O4 - Global Startup: NU.nl Nieuwslezer.lnk = C:\Program Files\NU.nl Nieuwslezer
    unwslzr.exe
    O4 - Global Startup: Post-it® Software Notes Lite.lnk = C:\Program Files\3M\PSNLite\PsnLite.exe
    O4 - Global Startup: SpywareGuard.lnk = C:\Program Files\SpywareGuard\sgmain.exe
    O4 - Global Startup: Yahoo! Widget Engine (2).lnk = C:\Program Files\Yahoo!\WidgetEngine\YahooWidgetEngine.exe
    O9 - Extra button: (no name) - AutorunsDisabled - (no file)
    O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
    O11 - Options group: [INTERNATIONAL] International*
    O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} (Creative Software AutoUpdate) - http://www.creative.com/su/ocx/15026/CTSUEng.cab
    O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://www.creative.com/su/ocx/15026/CTPID.cab
    O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
    O20 - Winlogon Notify: WRNotifier - C:\WINDOWS\SYSTEM32\WRLogonNTF.dll
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
    O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTSvcCDA.EXE
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - c:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
    O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset
    od32krn.exe
    O23 - Service: O&O Defrag - O&O Software GmbH - C:\WINDOWS\system32\oodag.exe
    O23 - Service: StyleXPService - Unknown owner - C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
    O23 - Service: TuneUp WinStyler Theme Service (TUWinStylerThemeSvc) - TuneUp Software GmbH - C:\Program Files\TuneUp Utilities 2006\WinStylerThemeSvc.exe
    O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
    O23 - Service: Webroot Spy Sweeper Engine (WebrootSpySweeperService) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe





  • Echt ernstige dingen zie ik niet meer Hans. Misschien zou je het geheugen een beetje moeten verhogen, dat scheelt vaak een hoop. Als je bv een geheugenbankje van 512 hebt kan je er een extra bij doen.
  • Nogmaals bedankt, we laten het zo het werkt nog steeds.
    Het geheugen laat ik maar zitten, dat is al 2 GB en wel meer dan genoeg :wink: groetjes Hans.

Beantwoord deze vraag

Dit is een gearchiveerde pagina. Antwoorden is niet meer mogelijk.