Vraag & Antwoord

Beveiliging & privacy

Hijack Logje, kan iemand helpen?

Anoniem
juisterr
5 antwoorden
 • Beste allemaal, ik heb problemen met mijn pc. Op aanraden van een andere bezoeker logje gemaakt, wordt iemand hier wijs uit?

  Alvast bedankt!!

  Logfile of HijackThis v1.99.1
  Scan saved at 19:41:32, on 22-2-2007
  Platform: Windows XP SP2 (WinNT 5.01.2600)
  MSIE: Internet Explorer v7.00 (7.00.6000.16414)

  Running processes:
  C:\WINDOWS\System32\smss.exe
  C:\WINDOWS\system32\winlogon.exe
  C:\WINDOWS\system32\services.exe
  C:\WINDOWS\system32\lsass.exe
  C:\WINDOWS\system32\Ati2evxx.exe
  C:\WINDOWS\system32\svchost.exe
  C:\WINDOWS\System32\svchost.exe
  C:\WINDOWS\system32\S24EvMon.exe
  C:\WINDOWS\system32\spoolsv.exe
  C:\WINDOWS\system32\ZCfgSvc.exe
  C:\WINDOWS\Explorer.EXE
  C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTSMLBIZ\Binn\sqlservr.exe
  C:\WINDOWS\system32\RegSrvc.exe
  C:\WINDOWS\system32\svchost.exe
  C:\WINDOWS\system32\1XConfig.exe
  C:\WINDOWS\system32\ctfmon.exe
  C:\WINDOWS\ATK0100\HControl.exe
  C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe
  C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
  C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
  C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
  C:\Program Files\ASUSTeK\ASUSDVD\PDVDServ.exe
  C:\Program Files\Internet Explorer\IEXPLORE.EXE
  C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
  C:\Program Files\ASUS\ASUS Live Update\ALU.exe
  C:\Program Files\QuickTime\qttask.exe
  C:\Program Files\iTunes\iTunesHelper.exe
  C:\WINDOWS\ATK0100\ATKOSD.exe
  C:\Program Files\Lavasoft\Ad-Aware SE Professional\Ad-Watch.exe
  C:\Program Files\iPod\bin\iPodService.exe
  C:\Program Files\Asus\Asus ChkMail\ChkMail.exe
  C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
  C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
  C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
  C:\Program Files\Grisoft\AVG7\avgcc.exe
  C:\Documents and Settings\R.G. Visser\Mijn documenten\HijackThis.exe

  R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.fok.nl/
  R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.asus.com
  R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.asus.com/
  R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
  O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
  O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
  O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
  O4 - HKLM\..\Run: [HControl] C:\WINDOWS\ATK0100\HControl.exe
  O4 - HKLM\..\Run: [Power_Gear] C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe 1
  O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
  O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
  O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
  O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\ASUSTeK\ASUSDVD\PDVDServ.exe"
  O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
  O4 - HKLM\..\Run: [ZCfgSvc.exe] C:\WINDOWS\system32\ZCfgSvc.exe
  O4 - HKLM\..\Run: [PRONoMgr.exe] C:\Program Files\Intel\PROSetWireless\NCS\PROSet\PRONoMgr.exe
  O4 - HKLM\..\Run: [CaISSDT] "C:\Program Files\CA\eTrust Internet Security Suite\caissdt.exe"
  O4 - HKLM\..\Run: [CaAvTray] "C:\Program Files\CA\eTrust Internet Security Suite\eTrust EZ Antivirus\CAVTray.exe"
  O4 - HKLM\..\Run: [CAVRID] "C:\Program Files\CA\eTrust Internet Security Suite\eTrust EZ Antivirus\CAVRID.exe"
  O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
  O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
  O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd2.exe"
  O4 - HKLM\..\Run: [ASUS Live Update] C:\Program Files\ASUS\ASUS Live Update\ALU.exe
  O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
  O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
  O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
  O4 - HKCU\..\Run: [AWMON] "C:\Program Files\Lavasoft\Ad-Aware SE Professional\Ad-Watch.exe"
  O4 - Startup: Yahoo! Widget Engine.lnk = C:\Program Files\Widget Engine\YahooWidgetEngine.exe
  O4 - Global Startup: ASUS ChkMail.lnk = C:\Program Files\Asus\Asus ChkMail\ChkMail.exe
  O4 - Global Startup: Servicebeheer.lnk = C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
  O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
  O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
  O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
  O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
  O9 - Extra button: Absolute Poker - {13C1DBF6-7535-495c-91F6-8C13714ED485} - C:\Documents and Settings\All Users\Menu Start\Programma's\Absolute Poker\Absolute Poker.lnk (file missing)
  O9 - Extra 'Tools' menuitem: Absolute Poker - {13C1DBF6-7535-495c-91F6-8C13714ED485} - C:\Documents and Settings\All Users\Menu Start\Programma's\Absolute Poker\Absolute Poker.lnk (file missing)
  O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
  O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe
  O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe
  O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
  O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
  O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
  O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
  O11 - Options group: [INTERNATIONAL] International*
  O14 - IERESET.INF: START_PAGE_URL=http://www.asus.com
  O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
  O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
  O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
  O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
  O20 - Winlogon Notify: NavLogon - C:\WINDOWS\
  O20 - Winlogon Notify: Sebring - C:\WINDOWS\system32\LgNotify.dll
  O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
  O20 - Winlogon Notify: WRNotifier - WRLogonNTF.dll (file missing)
  O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe
  O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
  O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
  O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
  O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
  O23 - Service: MSSQL$MICROSOFTSMLBIZ - Unknown owner - C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTSMLBIZ\Binn\sqlservr.exe" -sMICROSOFTSMLBIZ (file missing)
  O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
  O23 - Service: RegSrvc - Intel Corporation - C:\WINDOWS\system32\RegSrvc.exe
  O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\WINDOWS\system32\S24EvMon.exe
  O23 - Service: SQLAgent$MICROSOFTSMLBIZ - Unknown owner - C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTSMLBIZ\Binn\sqlagent.EXE" -i MICROSOFTSMLBIZ (file missing)
 • Denk het wel.  Download en installeer CCleaner
  (De CCLeaner Yahoo Toolbar is niet nodig)
  Nog niet gebruiken.
  [b:46d53d35d6]
  Schakel eerst Ad-Watch uit, anders worden alle register veranderingen weer terug gedraaid.
  [/b:46d53d35d6]


  Download [b:46d53d35d6] naar je bureaublad.[list:46d53d35d6]

  [*:46d53d35d6]Sluit alle vensters voordat je verdergaat
  [*:46d53d35d6]Dubbelklik [b:46d53d35d6]Look2Me-Destroyer.exe[/b:46d53d35d6]
  *Je krijgt het volgende bericht: [i:46d53d35d6]Look2Me-Destroyer will close and re-open in approximately 10 seconds[/i:46d53d35d6]. Klik “OK”
  [*:46d53d35d6]Als Look2Me-Destroyer opent, klik de [b:46d53d35d6]Scan for L2M button[/b:46d53d35d6], je bureaubladiconen zullen verdwijnen, dat is normaal.
  [*:46d53d35d6]Als het scannen is afgelopen klik [b:46d53d35d6]Remove L2M button[/b:46d53d35d6]
  [*:46d53d35d6]Je krijgt een bericht [b:46d53d35d6]Done Scanning message[/b:46d53d35d6], klik “OK”
  [*:46d53d35d6]Als alles klaar is verschijnt een bericht :[i:46d53d35d6] Done removing infected files! Look2Me-Destroyer will now shutdown your computer[/i:46d53d35d6], klik “OK”
  [*:46d53d35d6]De computer zal nu afsluiten
  [*:46d53d35d6]Start je computer opnieuw
  [*:46d53d35d6]Kopieer de inhoud van [b:46d53d35d6]C:\Look2Me-Destroyer.txt[/b:46d53d35d6] and maak een nieuw HJT logje. [/list:u:46d53d35d6]

  Post deze 2 logjes in je volgende antwoord.

  Krijg je een bericht van je firewall sta dan toe deze tool te runnen.
  Krijg je bericht [b:46d53d35d6]runtime error '339'[/b:46d53d35d6]. download [b:46d53d35d6]MSWINSCK.OCX [/b:46d53d35d6] van de link hieronder en plaats het bestand in je [b:46d53d35d6]C:\Windows\System32[/b:46d53d35d6]. Directory
  http://www.ascentive.com/support/new/images/lib/MSWINSCK.OCX

  Start Hijackthis op en kies voor 'Do a system scan only'
  Selecteer alleen de items die hieronder zijn genoemd:
  [b:46d53d35d6]
  O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe
  O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe
  O20 - Winlogon Notify: NavLogon - C:\WINDOWS\
  [/b:46d53d35d6]
  Klik op 'Fix checked' om de items te verwijderen.

  Open de verkenner ("Mijn Computer";) en kies [b:46d53d35d6]Extra[/b:46d53d35d6] -> [b:46d53d35d6]Mapopties…[/b:46d53d35d6]
  Controleer onder [b:46d53d35d6]Weergave[/b:46d53d35d6] de volgende instellingen:

  Uitzetten: Beveiligde besturingssysteembestanden verbergen (aanbevolen)
  Uitzetten: Extensies voor bekende bestandstypen verbergen

  Selecteer: De inhoud van systeemmappen weergeven (alleen bij XP)
  Selecteer: Verborgen bestanden en mappen weergeven

  Verwijder de volgende directories:
  C:\Program Files\PartyGaming\[b:46d53d35d6]PartyPoker[/b:46d53d35d6]\

  [b:46d53d35d6]
 • Ik heb alle stappen doorlopen.

  Hierbij de nieuwe log van Hijackthis:

  Logfile of HijackThis v1.99.1
  Scan saved at 16:49:44, on 23-2-2007
  Platform: Windows XP SP2 (WinNT 5.01.2600)
  MSIE: Internet Explorer v7.00 (7.00.6000.16414)

  Running processes:
  C:\WINDOWS\System32\smss.exe
  C:\WINDOWS\system32\winlogon.exe
  C:\WINDOWS\system32\services.exe
  C:\WINDOWS\system32\lsass.exe
  C:\WINDOWS\system32\Ati2evxx.exe
  C:\WINDOWS\system32\svchost.exe
  C:\WINDOWS\System32\svchost.exe
  C:\WINDOWS\system32\S24EvMon.exe
  C:\WINDOWS\system32\spoolsv.exe
  C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
  C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
  C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTSMLBIZ\Binn\sqlservr.exe
  C:\WINDOWS\system32\RegSrvc.exe
  C:\WINDOWS\system32\svchost.exe
  C:\WINDOWS\system32\ZCfgSvc.exe
  C:\WINDOWS\Explorer.EXE
  C:\WINDOWS\system32\1XConfig.exe
  C:\WINDOWS\ATK0100\HControl.exe
  C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe
  C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
  C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
  C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
  C:\Program Files\ASUSTeK\ASUSDVD\PDVDServ.exe
  C:\Program Files\ASUS\ASUS Live Update\ALU.exe
  C:\Program Files\QuickTime\qttask.exe
  C:\Program Files\iTunes\iTunesHelper.exe
  C:\Program Files\Lavasoft\Ad-Aware SE Professional\Ad-Watch.exe
  C:\WINDOWS\system32\ctfmon.exe
  C:\Program Files\Asus\Asus ChkMail\ChkMail.exe
  C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
  C:\Program Files\iPod\bin\iPodService.exe
  C:\WINDOWS\ATK0100\ATKOSD.exe
  C:\Program Files\Internet Explorer\IEXPLORE.EXE
  C:\WINDOWS\system32\msiexec.exe
  C:\Program Files\Internet Explorer\iexplore.exe
  C:\Documents and Settings\R.G. Visser\Mijn documenten\HijackThis.exe

  R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.fok.nl/
  R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.asus.com
  R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.asus.com/
  R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
  O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
  O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
  O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
  O4 - HKLM\..\Run: [HControl] C:\WINDOWS\ATK0100\HControl.exe
  O4 - HKLM\..\Run: [Power_Gear] C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe 1
  O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
  O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
  O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
  O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\ASUSTeK\ASUSDVD\PDVDServ.exe"
  O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
  O4 - HKLM\..\Run: [ZCfgSvc.exe] C:\WINDOWS\system32\ZCfgSvc.exe
  O4 - HKLM\..\Run: [PRONoMgr.exe] C:\Program Files\Intel\PROSetWireless\NCS\PROSet\PRONoMgr.exe
  O4 - HKLM\..\Run: [CaISSDT] "C:\Program Files\CA\eTrust Internet Security Suite\caissdt.exe"
  O4 - HKLM\..\Run: [CaAvTray] "C:\Program Files\CA\eTrust Internet Security Suite\eTrust EZ Antivirus\CAVTray.exe"
  O4 - HKLM\..\Run: [CAVRID] "C:\Program Files\CA\eTrust Internet Security Suite\eTrust EZ Antivirus\CAVRID.exe"
  O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
  O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd2.exe"
  O4 - HKLM\..\Run: [ASUS Live Update] C:\Program Files\ASUS\ASUS Live Update\ALU.exe
  O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
  O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
  O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
  O4 - HKCU\..\Run: [AWMON] "C:\Program Files\Lavasoft\Ad-Aware SE Professional\Ad-Watch.exe"
  O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
  O4 - Startup: Yahoo! Widget Engine.lnk = C:\Program Files\Widget Engine\YahooWidgetEngine.exe
  O4 - Global Startup: ASUS ChkMail.lnk = C:\Program Files\Asus\Asus ChkMail\ChkMail.exe
  O4 - Global Startup: Servicebeheer.lnk = C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
  O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
  O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
  O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
  O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
  O9 - Extra button: Absolute Poker - {13C1DBF6-7535-495c-91F6-8C13714ED485} - C:\Documents and Settings\All Users\Menu Start\Programma's\Absolute Poker\Absolute Poker.lnk (file missing)
  O9 - Extra 'Tools' menuitem: Absolute Poker - {13C1DBF6-7535-495c-91F6-8C13714ED485} - C:\Documents and Settings\All Users\Menu Start\Programma's\Absolute Poker\Absolute Poker.lnk (file missing)
  O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
  O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
  O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
  O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
  O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
  O11 - Options group: [INTERNATIONAL] International*
  O14 - IERESET.INF: START_PAGE_URL=http://www.asus.com
  O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
  O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
  O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
  O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
  O20 - Winlogon Notify: Sebring - C:\WINDOWS\system32\LgNotify.dll
  O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
  O20 - Winlogon Notify: WRNotifier - WRLogonNTF.dll (file missing)
  O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe
  O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
  O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
  O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
  O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
  O23 - Service: MSSQL$MICROSOFTSMLBIZ - Unknown owner - C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTSMLBIZ\Binn\sqlservr.exe" -sMICROSOFTSMLBIZ (file missing)
  O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
  O23 - Service: RegSrvc - Intel Corporation - C:\WINDOWS\system32\RegSrvc.exe
  O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\WINDOWS\system32\S24EvMon.exe
  O23 - Service: SQLAgent$MICROSOFTSMLBIZ - Unknown owner - C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTSMLBIZ\Binn\sqlagent.EXE" -i MICROSOFTSMLBIZ (file missing)

  Daarnaast heb ik geprobeerd dat logje te vinden van Look2Me destroyer, is dat deze?

  Look2Me-Destroyer V1.0.12

  Scanning for infected files…..
  Scan started at 23-2-2007 15:36:31


  Attempting to delete infected files…

  Making registry repairs.


  Restoring Windows certificates.

  Replaced hosts file with default windows hosts file


  Restoring SeDebugPrivilege for Administrators - Succeeded
  Daarnaast nog een vraagje: Moet ik de instellingen die ik heb veranderd in de verkenner zo laten of moet ik deze weer terugveranderen? Hartstikke bedankt in ieder geval!

  Vriendelijke groet,

  Robert
 • [quote:4a3b1f604d]Daarnaast nog een vraagje: Moet ik de instellingen die ik heb veranderd in de verkenner zo laten of moet ik deze weer terugveranderen? Hartstikke bedankt in ieder geval!
  [/quote:4a3b1f604d] terugzetten zoals het was.


  en
  ad watch weer aandoen, systeemherstel even uitzetten en dan weer aan.

  verder geen klachten meer???
 • Mijn balk (met de tijd erin) reageert niet altijd op commando's en met typen gaat het soms ook fout, dwz. als ik een enkele hoge komma wil (') komt er automatisch dit: '', geld ook voor aanhalingstekens. Dat is overigens het enige, snap echt niet hoe dat kan. In ieder geval bedankt voor alle hulp.

  Robert

Beantwoord deze vraag

Dit is een gearchiveerde pagina. Antwoorden is niet meer mogelijk.