Logfile of HijackThis v1.99.1
Scan saved at 20:19:30, on 13/06/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\system32\slserv.exe
C:\Program Files\Virtual CD v4 SDK\system\vcssecs.exe
C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\ALCWZRD.EXE
C:\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Java\j2re1.4.2_05\bin\jusched.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Apps\Powercinema\PCMService.exe
C:\apps\ABoard\ABoard.exe
C:\APPS\NET2PLUG\tools\wait4IP.exe
C:\apps\ABoard\AOSD.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\microsoft office\Office\FINDFAST.EXE
C:\Program Files\microsoft office\Office\OSA.EXE
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Outlook Express\msimn.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\hijackthis\hijackthis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.be/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.telenet.be
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer aangeboden door Telenet Internet
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,AutoConfigURL = http://pac.telenet.be:8080
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: 213.219.251.78 www.google.com (http://www.google.com)
O1 - Hosts: 213.219.251.78 google.com
O1 - Hosts: 213.219.251.78 www.google.co.uk (http://www.google.co.uk)
O1 - Hosts: 213.219.251.78 google.co.uk
O1 - Hosts: 213.219.251.78 www.google.ca (http://www.google.ca)
O1 - Hosts: 213.219.251.78 google.ca
O1 - Hosts: 213.219.251.78 www.google.es (http://www.google.es)
O1 - Hosts: 213.219.251.78 google.es
O1 - Hosts: 213.219.251.78 www.google.de (http://www.google.de)
O1 - Hosts: 213.219.251.78 google.de
O1 - Hosts: 213.219.251.78 www.google.fr (http://www.google.fr)
O1 - Hosts: 213.219.251.78 google.fr
O1 - Hosts: 213.219.251.78 www.google.com.au (http://www.google.com.au)
O1 - Hosts: 213.219.251.78 google.com.au
O1 - Hosts: 213.219.251.79 www.yahoo.com (http://www.yahoo.com)
O1 - Hosts: 213.219.251.79 yahoo.com
O1 - Hosts: 66.218.75.184 mail.yahoo.com
O1 - Hosts: 213.219.251.81 astalavista.com
O1 - Hosts: 213.219.251.81 www.astalavista.com (http://www.astalavista.com)
O1 - Hosts: 213.219.251.81 astalavista.box.sk
O1 - Hosts: 213.219.251.81 www.astalavista.box.sk (http://www.astalavista.box.sk)
O1 - Hosts: 213.219.251.81 cracks.com
O1 - Hosts: 213.219.251.81 www.cracks.com (http://www.cracks.com)
O1 - Hosts: 213.219.251.80 www.msn.com (http://www.msn.com)
O1 - Hosts: 213.219.251.80 msn.com
O1 - Hosts: 213.219.251.80 search.msn.com
O1 - Hosts: 213.219.251.80 www.search.msn.com (http://www.search.msn.com)
O1 - Hosts: 213.219.251.80 go.com
O1 - Hosts: 213.219.251.80 www.go.com (http://www.go.com)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Web assistant - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [Snelkoppeling naar eigenschappenvenster voor High Definition Audio] HDAudPropShortcut.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [ATIPTA] C:\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_05\bin\jusched.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [URLLSTCK.exe] C:\Program Files\Norton Internet Security\UrlLstCk.exe
O4 - HKLM\..\Run: [PCMService] "c:\Apps\Powercinema\PCMService.exe"
O4 - HKLM\..\Run: [ACTIVBOARD] c:\apps\ABoard\ABoard.exe
O4 - HKLM\..\Run: [ClickMe] C:\apps\ClickMe\ClickMe.exe
O4 - HKLM\..\Run: [wait4ip] C:\APPS\NET2PLUG\tools\wait4IP.exe
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe
O4 - HKLM\..\RunOnce: [OE5_0] fixmapi.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Intel system tool] C:\WINDOWS\system32\hookdump.exe
O4 - Startup: Microsoft Office Snelzoeken.lnk = C:\Program Files\microsoft office\Office\FINDFAST.EXE
O4 - Startup: Office Opstarten.lnk = C:\Program Files\microsoft office\Office\OSA.EXE
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_05\bin\npjpi142_05.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_05\bin\npjpi142_05.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.telenet.be
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
O23 - Service: Virtual CD v4 Security service (SDK - Version) (VCSSecS) - H+H Software GmbH - C:\Program Files\Virtual CD v4 SDK\system\vcssecs.exe

(y)

*open hijackthis en vink het volende aan:

O1 - Hosts: 213.219.251.78 www.google.com
O1 - Hosts: 213.219.251.78 google.com
O1 - Hosts: 213.219.251.78 www.google.co.uk
O1 - Hosts: 213.219.251.78 google.co.uk
O1 - Hosts: 213.219.251.78 www.google.ca
O1 - Hosts: 213.219.251.78 google.ca
O1 - Hosts: 213.219.251.78 www.google.es
O1 - Hosts: 213.219.251.78 google.es
O1 - Hosts: 213.219.251.78 www.google.de
O1 - Hosts: 213.219.251.78 google.de
O1 - Hosts: 213.219.251.78 www.google.fr
O1 - Hosts: 213.219.251.78 google.fr
O1 - Hosts: 213.219.251.78 www.google.com.au
O1 - Hosts: 213.219.251.78 google.com.au
O1 - Hosts: 213.219.251.79 www.yahoo.com
O1 - Hosts: 213.219.251.79 yahoo.com
O1 - Hosts: 66.218.75.184 mail.yahoo.com
O1 - Hosts: 213.219.251.81 astalavista.com
O1 - Hosts: 213.219.251.81 www.astalavista.com
O1 - Hosts: 213.219.251.81 astalavista.box.sk
O1 - Hosts: 213.219.251.81 www.astalavista.box.sk
O1 - Hosts: 213.219.251.81 cracks.com
O1 - Hosts: 213.219.251.81 www.cracks.com
O1 - Hosts: 213.219.251.80 www.msn.com
O1 - Hosts: 213.219.251.80 msn.com
O1 - Hosts: 213.219.251.80 search.msn.com
O1 - Hosts: 213.219.251.80 www.search.msn.com
O1 - Hosts: 213.219.251.80 go.com
O1 - Hosts: 213.219.251.80 www.go.com

* Sluit alle open vensters behalve hijackthis en klik fix checked.

*download the hoster (http://users.telenet.be/jurgen1/hoster.zip)
unzip het naar je bureaublad,
dubbelklik erop,
klik op 'Restore Original Hosts'
klik op 'ok'

*Vervolgens maak je de map met tijdelijke bestanden van Windows,
de tijdelijke internetbestanden en de prullenbak leeg.
Eventueel met C.Cleaner (http://www.ccleaner.com/ccdownload.php)

*post een nieuw logje

aandacht! er was een grove fout ingeslopen! gelieve nog eens na te kijken!!

Logfile of HijackThis v1.99.1
Scan saved at 20:54:24, on 13/06/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\system32\slserv.exe
C:\Program Files\Virtual CD v4 SDK\system\vcssecs.exe
C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\ALCWZRD.EXE
C:\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Java\j2re1.4.2_05\bin\jusched.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Apps\Powercinema\PCMService.exe
C:\apps\ABoard\ABoard.exe
C:\APPS\NET2PLUG\tools\wait4IP.exe
C:\apps\ABoard\AOSD.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\microsoft office\Office\FINDFAST.EXE
C:\Program Files\microsoft office\Office\OSA.EXE
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\hijackthis\hijackthis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.be/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.telenet.be
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer aangeboden door Telenet Internet
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,AutoConfigURL = http://pac.telenet.be:8080
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Web assistant - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [Snelkoppeling naar eigenschappenvenster voor High Definition Audio] HDAudPropShortcut.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [ATIPTA] C:\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_05\bin\jusched.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [URLLSTCK.exe] C:\Program Files\Norton Internet Security\UrlLstCk.exe
O4 - HKLM\..\Run: [PCMService] "c:\Apps\Powercinema\PCMService.exe"
O4 - HKLM\..\Run: [ACTIVBOARD] c:\apps\ABoard\ABoard.exe
O4 - HKLM\..\Run: [ClickMe] C:\apps\ClickMe\ClickMe.exe
O4 - HKLM\..\Run: [wait4ip] C:\APPS\NET2PLUG\tools\wait4IP.exe
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe
O4 - HKLM\..\RunOnce: [OE5_0] fixmapi.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Intel system tool] C:\WINDOWS\system32\hookdump.exe
O4 - Startup: Microsoft Office Snelzoeken.lnk = C:\Program Files\microsoft office\Office\FINDFAST.EXE
O4 - Startup: Office Opstarten.lnk = C:\Program Files\microsoft office\Office\OSA.EXE
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_05\bin\npjpi142_05.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_05\bin\npjpi142_05.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.telenet.be
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
O23 - Service: Virtual CD v4 Security service (SDK - Version) (VCSSecS) - H+H Software GmbH - C:\Program Files\Virtual CD v4 SDK\system\vcssecs.exe

Amai mijn hersenpan

ziet er goed uit, hoe werkt alles verder? nog ergens last van? ;)

Zit nog altijd met dat wit beeldscherm nondedju

je achtergrond is dus wit, start==>configuratiescherm==>beeldscherm==>tabblad 'bureaublad'==>kies een bureaublad achtergrond

noppes, had ik al gedaan
Achtergrond is dus wit en wordt om de drie sec grijs, en wit en grijs....
pokkeding

voer eens een online virusscan uit bij bitdefender en trend micro
bitdefender online (http://www.bitdefender.com/scan/licence.php)
trend micro online (http://housecall.trendmicro.com/housecall/start_corp.asp)

trend micro heeft nikske gevonden den andere heeft er 4 gevonden maar kwee nie welke

C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\AzeSearch.zip=>sbRecovery.reg: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\AzeSearch.zip=>sbRecovery.ini: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\AzeSearch1.zip=>sbRecovery.reg: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\AzeSearch1.zip=>sbRecovery.ini: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\AzeSearch10.zip=>sbRecovery.reg: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\AzeSearch10.zip=>sbRecovery.ini: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\AzeSearch11.zip=>sbRecovery.reg: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\AzeSearch11.zip=>sbRecovery.ini: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\AzeSearch12.zip=>sbRecovery.reg: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\AzeSearch12.zip=>sbRecovery.ini: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\AzeSearch13.zip=>sbRecovery.reg: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\AzeSearch13.zip=>sbRecovery.ini: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\AzeSearch14.zip=>sbRecovery.reg: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\AzeSearch14.zip=>sbRecovery.ini: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\AzeSearch15.zip=>sbRecovery.reg: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\AzeSearch15.zip=>sbRecovery.ini: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\AzeSearch2.zip=>sbRecovery.reg: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\AzeSearch2.zip=>sbRecovery.ini: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\AzeSearch3.zip=>sbRecovery.reg: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\AzeSearch3.zip=>sbRecovery.ini: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\AzeSearch4.zip=>sbRecovery.reg: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\AzeSearch4.zip=>sbRecovery.ini: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\AzeSearch5.zip=>sbRecovery.reg: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\AzeSearch5.zip=>sbRecovery.ini: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\AzeSearch6.zip=>sbRecovery.reg: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\AzeSearch6.zip=>sbRecovery.ini: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\AzeSearch7.zip=>sbRecovery.reg: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\AzeSearch7.zip=>sbRecovery.ini: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\AzeSearch8.zip=>sbRecovery.reg: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\AzeSearch8.zip=>sbRecovery.ini: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\AzeSearch9.zip=>sbRecovery.reg: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\AzeSearch9.zip=>sbRecovery.ini: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\EffectiveBandToolbar.zip=>sbRecovery.reg: password protected
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\EffectiveBandToolbar.zip=>sbRecovery.ini: password protected
C:\Program Files\Lavasoft\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask=>arrow1.bmp: password protected
C:\Program Files\Lavasoft\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask=>arrow2.bmp: password protected
C:\Program Files\Lavasoft\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask=>bck1.bmp: password protected
C:\Program Files\Lavasoft\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask=>bck2.bmp: password protected
C:\Program Files\Lavasoft\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask=>bt11.bmp: password protected
C:\Program Files\Lavasoft\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask=>bt12.bmp: password protected
C:\Program Files\Lavasoft\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask=>bt13.bmp: password protected
C:\Program Files\Lavasoft\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask=>bt21.bmp: password protected
C:\Program Files\Lavasoft\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask=>bt22.bmp: password protected
C:\Program Files\Lavasoft\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask=>bt23.bmp: password protected
C:\Program Files\Lavasoft\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask=>bt31.bmp: password protected
C:\Program Files\Lavasoft\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask=>bt32.bmp: password protected
C:\Program Files\Lavasoft\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask=>bt33.bmp: password protected
C:\Program Files\Lavasoft\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask=>bt41.bmp: password protected
C:\Program Files\Lavasoft\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask=>bt42.bmp: password protected
C:\Program Files\Lavasoft\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask=>bt43.bmp: password protected
C:\Program Files\Lavasoft\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask=>bt51.bmp: password protected
C:\Program Files\Lavasoft\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask=>bt52.bmp: password protected
C:\Program Files\Lavasoft\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask=>bt53.bmp: password protected
C:\Program Files\Lavasoft\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask=>bt61.bmp: password protected
C:\Program Files\Lavasoft\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask=>bt62.bmp: password protected
C:\Program Files\Lavasoft\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask=>checkbox1.bmp: password protected
C:\Program Files\Lavasoft\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask=>checkbox2.bmp: password protected
C:\Program Files\Lavasoft\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask=>checkbox3.bmp: password protected
C:\Program Files\Lavasoft\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask=>checkbox4.bmp: password protected
C:\Program Files\Lavasoft\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask=>default.skn: password protected
C:\Program Files\Lavasoft\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask=>defbtn1.bmp: password protected
C:\Program Files\Lavasoft\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask=>defbtn2.bmp: password protected
C:\Program Files\Lavasoft\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask=>defbtn3.bmp: password protected
C:\Program Files\Lavasoft\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask=>glyph1.bmp: password protected
C:\Program Files\Lavasoft\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask=>glyph2.bmp: password protected
C:\Program Files\Lavasoft\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask=>glyph3.bmp: password protected
C:\Program Files\Lavasoft\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask=>glyph4.bmp: password protected
C:\Program Files\Lavasoft\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask=>glyph5.bmp: password protected
C:\Program Files\Lavasoft\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask=>glyph6.bmp: password protected
C:\Program Files\Lavasoft\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask=>glyph7.bmp: password protected
C:\Program Files\Lavasoft\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask=>main.bmp: password protected
C:\Program Files\Lavasoft\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask=>preview.bmp: password protected
C:\Program Files\Lavasoft\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask=>sprite1.bmp: password protected
C:\Program Files\Lavasoft\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask=>tab1.bmp: password protected
C:\Program Files\Lavasoft\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask=>tab2.bmp: password protected
C:\System Volume Information\_restore{D786E0BB-1C34-4673-BCA6-1BB91F86BD21}\RP1\A0000847.exe: infected with Dropped:BAT.AutoDelete.A
C:\System Volume Information\_restore{D786E0BB-1C34-4673-BCA6-1BB91F86BD21}\RP1\A0000847.exe: disinfection failed
C:\System Volume Information\_restore{D786E0BB-1C34-4673-BCA6-1BB91F86BD21}\RP1\A0000848.exe: infected with Trojan.Dialer.GD
C:\System Volume Information\_restore{D786E0BB-1C34-4673-BCA6-1BB91F86BD21}\RP1\A0000848.exe: deleted
C:\System Volume Information\_restore{D786E0BB-1C34-4673-BCA6-1BB91F86BD21}\RP1\A0000949.exe: infected with Trojan.Dialer.GD
C:\System Volume Information\_restore{D786E0BB-1C34-4673-BCA6-1BB91F86BD21}\RP1\A0000949.exe: deleted
C:\System Volume Information\_restore{D786E0BB-1C34-4673-BCA6-1BB91F86BD21}\RP1\A0000956.exe: infected with Dropped:BAT.AutoDelete.A
C:\System Volume Information\_restore{D786E0BB-1C34-4673-BCA6-1BB91F86BD21}\RP1\A0000956.exe: disinfection failed

zullen denk ik van systeemhertsel zijn
rechtermuisklik op 'deze computer'==>eigenschappen==>tabblad 'systeemherstel'==>'systeemherstel op alle stations uitschakelen' AANVINKEN==> pc herstarten==> terug UITVINKEN==>nieuw herstelpunt maken(start==>alle programma's==>bureau-accesiores==>systeemwerkset==>systeemherstel)

hebt dit gedaan, als het scherm verschijnt "herstellen voltooid" is de achtergrond (bureaublad) in orde, als ik op ok klik komt dat wit beeld terug.
Heb de computer pas van vandaag dus kan niet naar een andere datum springen

' ben zeeziek aan't worde

start==>uitvoeren==>msconfig==>tabblad'opstarten'==>'clickme' uivinken en pc herstarten

Noppes

* Open kladblok en kopieer en plak het volgende erin:

dir %Windir%\tasks /a h > files.txt
notepad files.txt

Sla dit op als findjobs.bat , kies voor opslaan als alle bestanden en plaats het op je bureaublad.
Dubbelklik op findjobs.bat en post de inhoud van het txtbestandje die je verkrijgt hier

De volumenaam van station C is HDD
Het volumenummer is 9088-C10B

Map van C:\WINDOWS\tasks

13/06/2005 16:00 <DIR> .
13/06/2005 16:00 <DIR> ..
04/08/2004 14:00 65 desktop.ini
11/06/2005 07:07 240 HDReg.job
11/06/2005 07:07 258 Herinnering voor registratie 1.job
11/06/2005 07:07 258 Herinnering voor registratie 2.job
11/06/2005 07:07 258 Herinnering voor registratie 3.job
13/06/2005 15:50 554 Norton AntiVirus - Mijn computer scannen.job
13/06/2005 22:28 6 SA.DAT
13/06/2005 20:05 372 Symantec NetDetect.job
8 bestand(en) 2.011 bytes

Map van C:\Documents and Settings\Who Cares\Bureaublad


Zoiets??

ja, maar het zit hem ook niet daar

controleer voor mij eens of dat in de windows map het bestand desktop.html aanwezig is(c:/windows/desktop.html)

controleer ook eens of dat de map antivirus gold nog aanwezig is in de map program files (c:/program files)

In mijn cookies staat er who cares@www.antivirus-gold(1), komt altijd terug
voor de rest vindt hij nikske

van den desktop vindt hij er 17 maar nie (c:/windows/desktop.html), peins'k

open kladblok en plak het volgende erin:

REGEDIT4

[HKEY_CURRENT_USER\Software\Microsoft\Windows\Curre ntVersion\Policies\Explorer]
"NoActiveDesktop"=dword:00000001

sla dit op als noact.reg op je bureaublad, dubbelklik dan erop en klik op ja, herstart dan je pc

curre ntversion moet currentversion worden, verbeter dit handmatig, want als ik het wil bewerken staat ie goed, maar als ik het post staat er een spatie tussen

:wtf: Tuuta boem

Da wit/grijs goe is verleden tijd.
U bent geweldig en enorm van harte bedankt
Als ik u eens tegenkom doe'k u een fles Champagne kadoo



:thxpcfreakske


Thanx

ps: 't is te hopen da hij nu braaf blijft sé

graag gedaan hoor ;)