Op deze website gebruiken we cookies om content en advertenties te personaliseren, om functies voor social media te bieden en om ons websiteverkeer te analyseren. Ook delen we informatie over uw gebruik van onze site met onze partners voor social media, adverteren en analyse. Deze partners kunnen deze gegevens combineren met andere informatie die u aan ze heeft verstrekt of die ze hebben verzameld op basis van uw gebruik van hun services. Meer informatie.

Akkoord

Vraag & Antwoord

Beveiliging & privacy

Advertentie-overlast

Anoniem
pimvandenderen
12 antwoorden
  • Sinds pak weg een week word ik geplaagd door een zondvloed aan advertenties. Ik meen te hebben gelezen dat dit een heersende ziekte is, maar daar stond niet bij hoe je ervan afkomt. Ik gebruik altijd Firefox, mar die rommel komt allemaal via Internet Explorer (7), dat ook nog op de machine staat. In het adresvak staat de url adserver.com. Geen idee hoe ik eraan kom, maar graag hulp bij een oplossing.
  • Probeer eens een spyware scanner te draaien. Je kunt de één van de onderstaande scanners (of beide) eens proberen:

    Spybot
    Ad-Aware

    Succes
  • Mocht Spybot en AdAware geen redding brengen (wat waarschijnlijk ook niet het geval zal zijn), moet je overstappen naar de volgende optie : het aanmaken van een log met HiJackThis en dat hier plaatsen op het forum. Dan kan de infectie dieper bekeken worden.
  • Inderdaad, Ad-Aware en Spybot gaven geen resultaat. Dus heb ik m'n hoop gevestigd op iemand die er meer verstand van heeft dan ik. Hierbij dus het logbestad van HiJack This. Tenminste, als ik zou weten hoe dat log hierin te krijgen, want dat is blijkbaar nog niet zo eenvoudig.
  • Lukt het niet met "kopïeren" van het log en via "plakken" dit log hier in een bericht te kleven ?
  • Kennelijk ben ik daar een beetje te dom voor, maar het wil me niet lukken, want hierboven in de bovenste balk onder Efit is de optie Paste uitgegrauwd. Het zal dus waarschijnlijk op een andere manier moeten.
  • En dat Efit moet natuurlijk worden gelezen als Edit. Ik heb dus een engelstalige windows, zoals ik al sinds m'n eerste huiscomputer in 1975 engelstalige software gebruik.
  • http://forum.computertotaal.nl/phpBB2/viewtopic.php?t=115358
    Lees dit eventjes door, over hoe je een Hijackthis log maakt.

    Vervolgens kun je deze op het forum plakken door het volgende te doen: Ga naar je Hijackthislog die in een kladblok venster is geopent. Klik er éénmalig op, nu is hij actief. Selecteer de hele tekst, door de sneltoetsen ctrl-A te gebruiken. Kopieer deze tekst vervolgens, door ctrl-C te gebruiken. Nu kun je hem op het forum plakken met ctrl-V.

    Succes!
  • Kijk, dat was een goeie hint! Hier is dus het HiJack-log:

    Logfile of HijackThis v1.99.1
    Scan saved at 12:59:21, on 24-8-2007
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16512)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Ahead\InCD\InCDsrv.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
    D:\Program Files\Ashampoo\Ashampoo Magical Defrag 2\bin\aDefragService.exe
    C:\Program Files\Ahead\InCD\InCD.exe
    C:\Program Files\Microsoft Hardware\Mouse\point32.exe
    C:\Program Files\Microsoft Hardware\Keyboard\type32.exe
    C:\WINDOWS\system32\VTTimer.exe
    C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
    C:\Program Files\Analog Devices\SoundMAX\Smax4.exe
    C:\Program Files\VIA\RAID\raid_tool.exe
    C:\Program Files\Thomson SpeedTouch\SpeedTouch 121g Wireless USB Monitor\PRISMSVR.EXE
    C:\Program Files\Creative\Shared Files\CAMTRAY.EXE
    C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
    C:\Program Files\SiteAdvisor\6066\SiteAdv.exe
    C:\Program Files\Common Files\LightScribe\LSSrvc.exe
    C:\Program Files\Common Files\McAfee\HackerWatch\HWAPI.exe
    D:\Program Files\Ashampoo\Ashampoo Magical Defrag 2\bin\defragTaskBar.exe
    C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
    C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
    C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
    c:\program files\common files\mcafee\mna\mcnasvc.exe
    C:\Program Files\SPAMfighter\SFAgent.exe
    C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe
    C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
    C:\PROGRA~1\McAfee\MSC\mcpromgr.exe
    D:\Program Files\Ashampoo\Ashampoo Magical Defrag 2\bin\defragActivityMonitor.exe
    D:\Program Files\Winamp\winampa.exe
    c:\PROGRA~1\COMMON~1\mcafee\redirsvc\redirsvc.exe
    C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
    C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
    C:\Program Files\Internet Explorer\IEXPLORE.EXE
    C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
    C:\Program Files\McAfee\MPF\MPFSrv.exe
    C:\Program Files\Common Files\Real\Update_OB\realsched.exe
    D:\Program Files\Atomic Clock Sync\Atomic.exe
    C:\WINDOWS\system32\tcpsvcs.exe
    D:\PROGRA~1\3BSOFT~1\WINDOW~2\Windows Clean-Up Pro.uzy
    C:\Program Files\SiteAdvisor\6066\SAService.exe
    D:\Program Files\3B Software\Ad Blocker Pro\Ad Blocker Pro.uzy
    C:\Program Files\AIM6\aim6.exe
    D:\Program Files\BitTorrent\bittorrent.exe
    C:\PROGRA~1\mcafee.com\agent\mcagent.exe
    C:\WINDOWS\System32\snmp.exe
    C:\Program Files\Internet Explorer\IEXPLORE.EXE
    C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Thomson SpeedTouch\SpeedTouch 121g Wireless USB Monitor\st121g.exe
    D:\Program Files\OpenOffice.org 2.2\program\soffice.exe
    D:\Program Files\OpenOffice.org 2.2\program\soffice.BIN
    C:\Program Files\Outlook Express\msimn.exe
    C:\PROGRA~1\COMMON~1\McAfee\EmProxy\emproxy.exe
    D:\Program Files\RealPlay.exe
    C:\Program Files\AIM6\aolsoftware.exe
    C:\WINDOWS\explorer.exe
    D:\Program Files\RealPlay.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
    D:\Documenten en settings\Pieter.SP2PC1\Desktop\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
    R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.pczapper.tv/intro/xnl/
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:54545
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - D:\Program Files\rpbrowserrecordplugin.dll
    O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - D:\Program Files\BitComet\tools\BitCometBHO_1.1.7.4.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
    O3 - Toolbar: McAfee SiteAdvisor - {0BF43445-2F28-4351-9252-17FE6E806AA0} - C:\Program Files\SiteAdvisor\6066\SiteAdv.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
    O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
    O4 - HKLM\..\Run: [POINTER] point32.exe
    O4 - HKLM\..\Run: [IntelliType] "C:\Program Files\Microsoft Hardware\Keyboard\type32.exe"
    O4 - HKLM\..\Run: [DXDllRegExe] C:\WINDOWS\system32\dxdllreg.exe
    O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
    O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
    O4 - HKLM\..\Run: [SoundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray
    O4 - HKLM\..\Run: [RaidTool] C:\Program Files\VIA\RAID\raid_tool.exe
    O4 - HKLM\..\Run: [PRISMSVR.EXE] "C:\Program Files\Thomson SpeedTouch\SpeedTouch 121g Wireless USB Monitor\PRISMSVR.EXE" /APPLY
    O4 - HKLM\..\Run: [Creative WebCam Tray] C:\Program Files\Creative\Shared Files\CAMTRAY.EXE
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
    O4 - HKLM\..\Run: [SiteAdvisor] C:\Program Files\SiteAdvisor\6066\SiteAdv.exe
    O4 - HKLM\..\Run: [DefragTaskBar] "D:\Program Files\Ashampoo\Ashampoo Magical Defrag 2\bin\defragTaskBar.exe"
    O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
    O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
    O4 - HKLM\..\Run: [SPAMfighter Agent] "C:\Program Files\SPAMfighter\SFAgent.exe" update delay 60
    O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe"
    O4 - HKLM\..\Run: [WinampAgent] D:\Program Files\Winamp\winampa.exe
    O4 - HKLM\..\Run: [Support audio cool poll] D:\Documenten en settings\All Users\Application Data\INTERNET SPAM SUPPORT AUDIO\Beep math.exe
    O4 - HKLM\..\Run: [Windows Clean-Up Pro] D:\PROGRA~1\3BSOFT~1\WINDOW~2\WINDOWS CLEAN-UP PRO.Exe
    O4 - HKLM\..\Run: [Ad Blocker Pro] "D:\Program Files\3B Software\Ad Blocker Pro\Ad Blocker Pro.exe" -minimized
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [Atomic.exe] D:\Program Files\Atomic Clock Sync\Atomic.exe
    O4 - HKCU\..\Run: [Aim6] "C:\Program Files\AIM6\aim6.exe" /d locale=en-US ee://aol/imApp
    O4 - HKCU\..\Run: [BitTorrent] "D:\Program Files\BitTorrent\bittorrent.exe" –force_start_minimized
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [SP2 Connection Patcher] "C:\Program Files\SP2 Connection Patcher\SP2ConnPatcher.exe" -n=200
    O4 - HKCU\..\Run: [soap way] D:\DOCUME~1\PIETER~1.SP2\APPLIC~1\INSIDE~1\Defaultexitplan.exe
    O4 - Startup: OpenOffice.org 2.2 .lnk = D:\Program Files\OpenOffice.org 2.2\program\quickstart.exe
    O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
    O4 - Global Startup: Adobe Reader Synchronizer.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe
    O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    O4 - Global Startup: SpeedTouch 121g Wireless USB Monitor.lnk = C:\Program Files\Thomson SpeedTouch\SpeedTouch 121g Wireless USB Monitor\st121g.exe
    O8 - Extra context menu item: &D&ownload &with BitComet - res://D:\Program Files\BitComet\BitComet.exe/AddLink.htm
    O8 - Extra context menu item: &D&ownload all video with BitComet - res://D:\Program Files\BitComet\BitComet.exe/AddVideo.htm
    O8 - Extra context menu item: &D&ownload all with BitComet - res://D:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
    O9 - Extra button: BitComet Search - {461CC20B-FB6E-4f16-8FE8-C29359DB100E} - D:\Program Files\BitComet\tools\BitCometBHO_1.1.7.4.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra button: MyCom - {4610E429-A609-46E2-A228-06F7A79D7CB2} - http://www.mycom.nl (file missing) (HKCU)
    O11 - Options group: [INTERNATIONAL] International*
    O18 - Protocol: siteadvisor - {3A5DC592-7723-4EAA-9EE6-AF4222BCF879} - C:\Program Files\SiteAdvisor\6066\SiteAdv.dll
    O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
    O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
    O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
    O23 - Service: AshampooDefragService - - D:\Program Files\Ashampoo\Ashampoo Magical Defrag 2\bin\aDefragService.exe
    O23 - Service: McAfee E-mail Proxy (Emproxy) - McAfee, Inc. - C:\PROGRA~1\COMMON~1\McAfee\EmProxy\emproxy.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
    O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
    O23 - Service: McAfee HackerWatch Service - McAfee, Inc. - C:\Program Files\Common Files\McAfee\HackerWatch\HWAPI.exe
    O23 - Service: McAfee Update Manager (mcmispupdmgr) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcupdmgr.exe
    O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
    O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\program files\common files\mcafee\mna\mcnasvc.exe
    O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
    O23 - Service: McAfee Protection Manager (mcpromgr) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcpromgr.exe
    O23 - Service: McAfee Redirector Service (McRedirector) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\redirsvc\redirsvc.exe
    O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
    O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
    O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
    O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
    O23 - Service: SiteAdvisor Service - McAfee, Inc. - C:\Program Files\SiteAdvisor\6066\SAService.exe
    O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
  • Hoi OAP,

    Je hebt last van een lop infectie, dit komt doordat je MSN Plus [b:f8c8728197]met[/b:f8c8728197] sponsers hebt geinstalleerd.

    Start Hijackthis, kies voor [i:f8c8728197]'Do a system scan only'[/i:f8c8728197] en vink onderstaande regels aan:
    [b:f8c8728197]
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
    O4 - HKLM\..\Run: [Support audio cool poll] D:\Documenten en settings\All Users\Application Data\INTERNET SPAM SUPPORT AUDIO\Beep math.exe
    O4 - HKCU\..\Run: [soap way] D:\DOCUME~1\PIETER~1.SP2\APPLIC~1\INSIDE~1\Defaultexitplan.exe
    [/b:f8c8728197]

    Sluit nu [u:f8c8728197]alle[/u:f8c8728197] openstaande vensters, behalve Hijackthis en klik op [b:f8c8728197]Fix Checked[/b:f8c8728197].

    Download Deljob.exe (mirror) naar je [b:f8c8728197]Bureaublad[/b:f8c8728197].
    Indien je virusscanner de download van deljob.exe blokkeert,
    schakel dan tijdelijk je virusscanner uit of download de zip-versie deljob.zip en pak deze uit naar je Bureaublad.

    Dubbelklik op [b:f8c8728197]Deljob.exe[/b:f8c8728197].
    Een logje([u:f8c8728197]logit.txt[/u:f8c8728197]) zal openen, het bestandje kan je ook terugvinden op je Bureaublad.
    Post de inhoud van [b:f8c8728197]logit.txt[/b:f8c8728197] in je volgende bericht tesamen met een nieuw gemaakt Hijackthis logje.

    Succes!

    Pim
  • eerst de nieuwe hijacklog:

    Logfile of HijackThis v1.99.1
    Scan saved at 17:38:24, on 26-8-2007
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16512)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Ahead\InCD\InCDsrv.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
    D:\Program Files\Ashampoo\Ashampoo Magical Defrag 2\bin\aDefragService.exe
    C:\Program Files\Common Files\LightScribe\LSSrvc.exe
    C:\Program Files\Common Files\McAfee\HackerWatch\HWAPI.exe
    C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
    C:\Program Files\Ahead\InCD\InCD.exe
    C:\Program Files\Microsoft Hardware\Mouse\point32.exe
    C:\Program Files\Microsoft Hardware\Keyboard\type32.exe
    c:\program files\common files\mcafee\mna\mcnasvc.exe
    C:\WINDOWS\system32\VTTimer.exe
    C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
    C:\Program Files\Analog Devices\SoundMAX\Smax4.exe
    C:\Program Files\VIA\RAID\raid_tool.exe
    C:\Program Files\Thomson SpeedTouch\SpeedTouch 121g Wireless USB Monitor\PRISMSVR.EXE
    C:\Program Files\Creative\Shared Files\CAMTRAY.EXE
    C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
    C:\Program Files\SiteAdvisor\6066\SiteAdv.exe
    C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
    D:\Program Files\Ashampoo\Ashampoo Magical Defrag 2\bin\defragTaskBar.exe
    C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
    C:\PROGRA~1\McAfee\MSC\mcpromgr.exe
    C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
    C:\Program Files\SPAMfighter\SFAgent.exe
    c:\PROGRA~1\COMMON~1\mcafee\redirsvc\redirsvc.exe
    C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe
    D:\Program Files\Winamp\winampa.exe
    D:\Program Files\Ashampoo\Ashampoo Magical Defrag 2\bin\defragActivityMonitor.exe
    C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
    C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
    C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
    C:\Program Files\McAfee\MPF\MPFSrv.exe
    C:\Program Files\Internet Explorer\IEXPLORE.EXE
    C:\WINDOWS\system32\tcpsvcs.exe
    C:\Program Files\SiteAdvisor\6066\SAService.exe
    C:\WINDOWS\System32\snmp.exe
    C:\Program Files\Common Files\Real\Update_OB\realsched.exe
    C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
    C:\WINDOWS\system32\svchost.exe
    D:\PROGRA~1\3BSOFT~1\WINDOW~2\Windows Clean-Up Pro.uzy
    D:\Program Files\Atomic Clock Sync\Atomic.exe
    D:\Program Files\3B Software\Ad Blocker Pro\Ad Blocker Pro.uzy
    C:\Program Files\AIM6\aim6.exe
    C:\Program Files\Internet Explorer\IEXPLORE.EXE
    C:\PROGRA~1\mcafee.com\agent\mcagent.exe
    D:\Program Files\BitTorrent\bittorrent.exe
    C:\Program Files\AIM6\aolsoftware.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Thomson SpeedTouch\SpeedTouch 121g Wireless USB Monitor\st121g.exe
    D:\Program Files\OpenOffice.org 2.2\program\soffice.exe
    D:\Program Files\OpenOffice.org 2.2\program\soffice.BIN
    D:\Program Files\RealPlay.exe
    C:\PROGRA~1\COMMON~1\McAfee\EmProxy\emproxy.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\WINDOWS\system32\NOTEPAD.EXE
    C:\WINDOWS\system32\wuauclt.exe
    D:\Documenten en settings\Pieter.SP2PC1\Desktop\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.pczapper.tv/intro/xnl/
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:54545
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - D:\Program Files\rpbrowserrecordplugin.dll
    O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - D:\Program Files\BitComet\tools\BitCometBHO_1.1.7.4.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
    O3 - Toolbar: McAfee SiteAdvisor - {0BF43445-2F28-4351-9252-17FE6E806AA0} - C:\Program Files\SiteAdvisor\6066\SiteAdv.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
    O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
    O4 - HKLM\..\Run: [POINTER] point32.exe
    O4 - HKLM\..\Run: [IntelliType] "C:\Program Files\Microsoft Hardware\Keyboard\type32.exe"
    O4 - HKLM\..\Run: [DXDllRegExe] C:\WINDOWS\system32\dxdllreg.exe
    O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
    O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
    O4 - HKLM\..\Run: [SoundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray
    O4 - HKLM\..\Run: [RaidTool] C:\Program Files\VIA\RAID\raid_tool.exe
    O4 - HKLM\..\Run: [PRISMSVR.EXE] "C:\Program Files\Thomson SpeedTouch\SpeedTouch 121g Wireless USB Monitor\PRISMSVR.EXE" /APPLY
    O4 - HKLM\..\Run: [Creative WebCam Tray] C:\Program Files\Creative\Shared Files\CAMTRAY.EXE
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
    O4 - HKLM\..\Run: [SiteAdvisor] C:\Program Files\SiteAdvisor\6066\SiteAdv.exe
    O4 - HKLM\..\Run: [DefragTaskBar] "D:\Program Files\Ashampoo\Ashampoo Magical Defrag 2\bin\defragTaskBar.exe"
    O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
    O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
    O4 - HKLM\..\Run: [SPAMfighter Agent] "C:\Program Files\SPAMfighter\SFAgent.exe" update delay 60
    O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe"
    O4 - HKLM\..\Run: [WinampAgent] D:\Program Files\Winamp\winampa.exe
    O4 - HKLM\..\Run: [Windows Clean-Up Pro] D:\PROGRA~1\3BSOFT~1\WINDOW~2\WINDOWS CLEAN-UP PRO.Exe
    O4 - HKLM\..\Run: [Ad Blocker Pro] "D:\Program Files\3B Software\Ad Blocker Pro\Ad Blocker Pro.exe" -minimized
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [Atomic.exe] D:\Program Files\Atomic Clock Sync\Atomic.exe
    O4 - HKCU\..\Run: [Aim6] "C:\Program Files\AIM6\aim6.exe" /d locale=en-US ee://aol/imApp
    O4 - HKCU\..\Run: [BitTorrent] "D:\Program Files\BitTorrent\bittorrent.exe" –force_start_minimized
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [SP2 Connection Patcher] "C:\Program Files\SP2 Connection Patcher\SP2ConnPatcher.exe" -n=200
    O4 - Startup: OpenOffice.org 2.2 .lnk = D:\Program Files\OpenOffice.org 2.2\program\quickstart.exe
    O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
    O4 - Global Startup: Adobe Reader Synchronizer.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe
    O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    O4 - Global Startup: SpeedTouch 121g Wireless USB Monitor.lnk = C:\Program Files\Thomson SpeedTouch\SpeedTouch 121g Wireless USB Monitor\st121g.exe
    O8 - Extra context menu item: &D&ownload &with BitComet - res://D:\Program Files\BitComet\BitComet.exe/AddLink.htm
    O8 - Extra context menu item: &D&ownload all video with BitComet - res://D:\Program Files\BitComet\BitComet.exe/AddVideo.htm
    O8 - Extra context menu item: &D&ownload all with BitComet - res://D:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
    O9 - Extra button: BitComet Search - {461CC20B-FB6E-4f16-8FE8-C29359DB100E} - D:\Program Files\BitComet\tools\BitCometBHO_1.1.7.4.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra button: MyCom - {4610E429-A609-46E2-A228-06F7A79D7CB2} - http://www.mycom.nl (file missing) (HKCU)
    O11 - Options group: [INTERNATIONAL] International*
    O18 - Protocol: siteadvisor - {3A5DC592-7723-4EAA-9EE6-AF4222BCF879} - C:\Program Files\SiteAdvisor\6066\SiteAdv.dll
    O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
    O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
    O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
    O23 - Service: AshampooDefragService - - D:\Program Files\Ashampoo\Ashampoo Magical Defrag 2\bin\aDefragService.exe
    O23 - Service: McAfee E-mail Proxy (Emproxy) - McAfee, Inc. - C:\PROGRA~1\COMMON~1\McAfee\EmProxy\emproxy.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
    O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
    O23 - Service: McAfee HackerWatch Service - McAfee, Inc. - C:\Program Files\Common Files\McAfee\HackerWatch\HWAPI.exe
    O23 - Service: McAfee Update Manager (mcmispupdmgr) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcupdmgr.exe
    O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
    O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\program files\common files\mcafee\mna\mcnasvc.exe
    O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
    O23 - Service: McAfee Protection Manager (mcpromgr) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcpromgr.exe
    O23 - Service: McAfee Redirector Service (McRedirector) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\redirsvc\redirsvc.exe
    O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
    O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
    O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
    O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
    O23 - Service: SiteAdvisor Service - McAfee, Inc. - C:\Program Files\SiteAdvisor\6066\SAService.exe
    O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe

    en vervolgens het deljoblog:

    ——————————————————–
    File(s) moved to C:\deljob

    AA0F2A0090DCA694.job
    ——————————————————–
    Files remaining after cleaning

    McDefragTask.job
    McQcTask.job
    ——————————————————–
    App data folders

    Volume in drive D is Data
    Volume Serial Number is 3CE6-702B

    Directory of D:\Documenten en settings\Pieter.SP2PC1\Application Data

    23-08-2007 16:56 <DIR> .
    23-08-2007 16:56 <DIR> ..
    01-07-2007 17:40 <DIR> acccore
    18-07-2007 13:59 <DIR> Adobe
    16-08-2007 19:38 <DIR> Ashampoo
    26-08-2007 01:08 <DIR> BITTOR~1 BitTorrent
    01-07-2007 16:50 <DIR> Creative
    06-08-2007 23:47 <DIR> Google
    02-07-2007 15:56 <DIR> Help
    01-07-2007 18:35 <DIR> HP
    01-07-2007 16:49 <DIR> IDENTI~1 Identities
    06-08-2007 16:51 <DIR> INSIDE~1 Insidelist
    07-07-2007 19:39 <DIR> Lavasoft
    02-07-2007 02:00 <DIR> LEADER~1 Leadertech
    25-08-2007 13:29 <DIR> LimeWire
    01-07-2007 17:40 <DIR> MACROM~1 Macromedia
    05-07-2007 19:20 <DIR> MICROS~1 Microsoft
    14-08-2007 20:33 <DIR> Mozilla
    26-08-2007 10:48 <DIR> OPENOF~1.ORG OpenOffice.org2
    16-08-2007 21:23 <DIR> Real
    07-07-2007 22:50 <DIR> Sammsoft
    23-08-2007 16:56 <DIR> SecuROM
    21-08-2007 09:20 <DIR> SITEAD~1 SiteAdvisor
    01-07-2007 19:39 <DIR> SPAMFI~1 SPAMfighter
    05-07-2007 18:02 <DIR> Sun
    14-08-2007 19:38 <DIR> THUNDE~1 Thunderbird
    18-08-2007 02:14 <DIR> uTorrent
    01-07-2007 17:33 <DIR> VanDale
    09-08-2007 16:50 <DIR> vlc
    0 File(s) 0 bytes
    29 Dir(s) 31.812.923.392 bytes free
    Volume in drive D is Data
    Volume Serial Number is 3CE6-702B

    Directory of D:\Documenten en settings\All Users\Application Data

    06-08-2007 16:51 <DIR> .
    06-08-2007 16:51 <DIR> ..
    06-08-2007 23:49 <DIR> Adobe
    01-07-2007 16:38 <DIR> AOL
    01-07-2007 16:38 <DIR> AOLDOW~1 AOL Downloads
    01-07-2007 16:38 <DIR> AOLOCP~1 AOL OCP
    01-07-2007 16:38 <DIR> APPLEC~1 Apple Computer
    01-07-2007 16:38 <DIR> ashampoo
    01-07-2007 16:38 <DIR> CYBERL~1 CyberLink
    21-08-2007 16:53 <DIR> FREEDE~1 Free dent poll internet
    01-07-2007 16:38 <DIR> Google
    01-07-2007 16:39 <DIR> HP
    06-08-2007 16:51 <DIR> INTERN~1 INTERNET SPAM SUPPORT AUDIO
    08-06-2007 18:39 <DIR> Lavasoft
    01-07-2007 16:38 <DIR> McAfee
    01-07-2007 16:38 <DIR> McAfee.com
    07-07-2007 19:39 <DIR> MICROS~1 Microsoft
    01-07-2007 16:38 <DIR> MICROS~2 Microsoft Corporation
    30-08-2006 17:47 <DIR> Prism
    01-07-2007 16:38 <DIR> QUESTS~1 Quest Software
    01-07-2007 16:38 <DIR> SBSI
    01-07-2007 16:38 <DIR> SITEAD~1 SiteAdvisor
    15-08-2007 01:12 <DIR> SPYBOT~1 Spybot - Search & Destroy
    01-07-2007 16:38 <DIR> TEMP
    01-07-2007 16:38 <DIR> VIEWPO~1 Viewpoint
    01-07-2007 16:38 <DIR> WINDOW~1 Windows Genuine Advantage
    0 File(s) 0 bytes
    26 Dir(s) 31.812.923.392 bytes free
    ——————————————————–
  • Kennelijk had ik alle ruimte voor een posting gebruikt. Bedankt en ik hoop er het beste van!

Beantwoord deze vraag

Dit is een gearchiveerde pagina. Antwoorden is niet meer mogelijk.