Pagina 2 van 2 EersteEerste 12
Weergegeven resultaten: 11 t/m 19 van 19

Discussie: "Player Window"

  1. #11
    Up-to-date  
    Geregistreerd
    1 September 2005
    Berichten
    73
    Bedankjes
    4
    Bedankt
    0 keer in 0 posts
    Citaat Oorspronkelijk geplaatst door DJ Inpossible Bekijk bericht
    Dan zoeken we even verder

    Download Combofix naar je bureaublad

    Dubbelklik op combofix.exe
    Volg de instructies, aanvaard de disclaimer door y of Y te typen.
    Tijdens het runnen van de fix, NIET in het venster klikken, want dit zal je pc doen vasthangen.

    Wanneer de fix voltooid is en na herstart, zal de log combofix.txt openen. Bewaar dit logje.

    NOTA: Indien je virusscanner reageert met een melding van een scriptuitvoering, mag je dit negeren.
    Dat programma is nu al een tijdje aan het lopen, maar blijft staan bij:

    Please wait

    Writing '@' with data 'explorer.exe,-111' failed.
    Aha, nu lukt het wel!
    Laatst gewijzigd door Yort; 31 May 2007 om 18:02

  2. #12
    Up-to-date  
    Geregistreerd
    1 September 2005
    Berichten
    73
    Bedankjes
    4
    Bedankt
    0 keer in 0 posts
    "user" - 2007-05-31 18:01:35 Service Pack 2
    ComboFix 07-05.27.BV - Running from: "C:\Documents and Settings\user\Bureaublad\"


    (((((((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))


    "C:\WINDOWS\system32\packet.dll"


    ((((((((((((((((((((((((((((((( Files Created from 2007-04-28 to 2007-05-31 ))))))))))))))))))))))))))))))))))


    2007-05-30 13:42 <DIR> d-------- C:\WINDOWS\system32\FlashAX
    2007-05-30 13:42 <DIR> d-------- C:\DOCUME~1\user\APPLIC~1\Microgaming
    2007-05-27 16:28 <DIR> d-------- C:\Program Files\QuickTime
    2007-05-26 19:18 <DIR> d-------- C:\DOCUME~1\user\APPLIC~1\pdf995
    2007-05-26 19:16 51,716 --a------ C:\WINDOWS\system32\pdf995mon.dll
    2007-05-26 19:16 118,784 --a------ C:\WINDOWS\system32\pdfmona.dll
    2007-05-26 19:16 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\pdf995
    2007-05-26 19:12 <DIR> d----c--- C:\pdf995
    2007-05-26 12:06 <DIR> d-------- C:\WINDOWS\system32\CatRoot2
    2007-05-10 18:04 <DIR> d-------- C:\Program Files\Microsoft CAPICOM 2.1.0.2
    2007-04-07 09:08 <DIR> d--hs---- C:\found.004


    (((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))) )))

    2007-05-31 06:02:22 -------- d-----w C:\Program Files\Winamp
    2007-05-28 07:42:35 -------- d-----w C:\Program Files\HJT
    2007-05-28 07:39:31 -------- d-----w C:\DOCUME~1\user\APPLIC~1\Skype
    2007-05-27 14:27:58 -------- d-----w C:\Program Files\Apple Software Update
    2007-05-21 06:54:03 -------- d-----w C:\Program Files\MSN Messenger
    2007-05-21 06:54:03 -------- d-----w C:\Program Files\Messenger Plus! Live
    2007-04-30 14:13:52 -------- d-----w C:\Program Files\EvilLyrics
    2007-04-18 16:15:26 2,854,400 ----a-w C:\WINDOWS\system32\msi.dll
    2007-04-05 12:04:00 -------- d-----w C:\Program Files\Google
    2007-03-25 08:31:13 465,696 ----a-w C:\WINDOWS\system32\perfh013.dat
    2007-03-25 08:31:12 81,210 ----a-w C:\WINDOWS\system32\perfc013.dat
    2007-03-17 13:45:54 293,376 ----a-w C:\WINDOWS\system32\winsrv.dll
    2007-03-08 15:39:10 579,072 ----a-w C:\WINDOWS\system32\user32.dll
    2007-03-08 15:39:10 40,960 ----a-w C:\WINDOWS\system32\mf3216.dll
    2007-03-08 15:39:10 281,600 ----a-w C:\WINDOWS\system32\gdi32.dll
    2007-03-08 15:37:59 1,843,712 ----a-w C:\WINDOWS\system32\win32k.sys
    2007-03-07 23:51:00 129,784 ------w C:\WINDOWS\system32\pxafs.dll


    (((((((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))


    *Note* empty entries & legit default entries are not shown

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Explorer\Browser Helper Objects]
    {761497BB-D6F0-462C-B6EB-D4DAF1D92D43}=C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll [2007-03-14 03:43]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run]
    "ATIPTA"="C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2004-03-09 21:10]
    "AGRSMMSG"="AGRSMMSG.exe" []
    "SynTPLpr"="C:\Program Files\Synaptics\SynTP\SynTPLpr.exe" [2004-01-22 16:09]
    "SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [2004-01-22 16:08]
    "TPSMain"="TPSMain.exe" [2004-05-04 10:23 C:\WINDOWS\system32\TPSMain.exe]
    "THotkey"="C:\Program Files\Toshiba\Toshiba Applet\thotkey.exe" [2004-04-30 16:42]
    "SmoothView"="C:\Program Files\TOSHIBA\TOSHIBA-zoomutility\SmoothView.exe" [2004-04-30 11:06]
    "PadTouch"="C:\Program Files\TOSHIBA\PadTouch\PadExe.exe" [2004-02-12 11:42]
    "Logitech Hardware Abstraction Layer"="KHALMNPR.EXE" []
    "{0228e555-4f9c-4e35-a3ec-b109a192b4c2}"="C:\Program Files\Google\Gmail Notifier\gnotify.exe" [2005-07-15 23:48]
    "AVG7_CC"="C:\PROGRA~1\Grisoft\AVG7\avgcc.exe" [2007-05-08 19:15]
    "QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2007-04-27 09:41]
    "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe" [2007-03-14 03:43]

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Run]
    "toscdspd"="C:\Program Files\Toshiba\Toscdspd\TOSCDSPD.EXE" [2003-09-15 17:13]

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\contro l\lsa]
    Notification Packages scecli

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Adobe Reader Snelle start.lnk]
    path=C:\Documents and Settings\All Users\Menu Start\Programma's\Opstarten\Adobe Reader Snelle start.lnk
    backup=C:\WINDOWS\pss\Adobe Reader Snelle start.lnkCommon Startup

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^NkvMon.exe.lnk]
    path=C:\Documents and Settings\All Users\Menu Start\Programma's\Opstarten\NkvMon.exe.lnk
    backup=C:\WINDOWS\pss\NkvMon.exe.lnkCommon Startup

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Easy-PrintToolBox]
    C:\Program Files\Canon\Easy-PrintToolBox\BJPSMAIN.EXE /logon

    HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost *netsvcs*


    [HKEY_CURRENT_USER\software\microsoft\windows\curre ntversion\explorer\mountpoints2\{8b7943f2-993f-11db-b479-00134678f477}]
    AutoRun\command- F:\LaunchU3.exe -a


    Contents of the 'Scheduled Tasks' folder
    2007-05-30 18:20:02 C:\WINDOWS\tasks\AppleSoftwareUpdate.job

    ************************************************** ******************

    catchme 0.3.692 W2K/XP/Vista - userland rootkit detector by Gmer, http://www.gmer.net
    Rootkit scan 2007-05-31 18:05:09
    Windows 5.1.2600 Service Pack 2 NTFS

    scanning hidden processes ...

    scanning hidden autostart entries ...

    scanning hidden files ...

    scan completed successfully
    hidden files: 0


    ************************************************** ******************

    Completion time: 2007-05-31 18:06:09
    C:\ComboFix-quarantined-files.txt ... 2007-05-31 18:06

    --- E O F ---

  3. #13
    Expert  
    Geregistreerd
    22 February 2007
    Locatie
    Wijk bij Duurstede
    Berichten
    678
    Bedankjes
    39
    Bedankt
    101 keer in 99 posts
    Download Deckard's System Scanner naar je Bureaublad
    • Sluit alle toepassingen en vensters.
      Dubbelklik op dss.exe om het te activeren, en volg de aanwijzingen.
      Wanneer de scan volledig is, zal een tekstbestand - main.txt - openen.
      Kopiëer Ctrl+A gevolgd door Ctrl+C) en plak (Ctrl+V) de inhoud van main.txt in je volgende antwoord.

    Opmerking: Sommige firewalls kunnen waarschuwen dat sigcheck.exe probeert verbinding te maken met het internet
    - zorg dat sigcheck.exe toestemming krijgt om dit te doen !
    Tevens kan het gebeuren dat je Antivirus DSS als verdacht aangeeft, of zelfs probeert te verwijderen.
    Laat je Antivirus dit niet verwijderen ! (In dit geval is het misschien beter om tijdens de scan van DSS je Antivirus even uit te schakelen)

  4. #14
    Up-to-date  
    Geregistreerd
    1 September 2005
    Berichten
    73
    Bedankjes
    4
    Bedankt
    0 keer in 0 posts
    Deckard's System Scanner v20070426.43
    Run by user on 2007-05-31 at 23:13:17
    Computer is in Normal Mode.
    --------------------------------------------------------------------------------

    -- System Restore --------------------------------------------------------------

    Successfully created a Deckard's System Scanner Restore Point.


    -- Last 5 Restore Point(s) --
    39: 2007-05-31 21:13:32 UTC - RP721 - Deckard's System Scanner Restore Point
    38: 2007-05-31 07:52:56 UTC - RP720 - Controlepunt van systeem
    37: 2007-05-29 11:30:22 UTC - RP719 - Controlepunt van systeem
    36: 2007-05-28 07:36:55 UTC - RP718 - Installed Java(TM) SE Runtime Environment 6 Update 1
    35: 2007-05-28 07:28:41 UTC - RP717 - Removed J2SE Runtime Environment 5.0 Update 9


    -- First Restore Point --
    1: 2007-04-19 17:55:48 UTC - RP683 - Controlepunt van systeem


    Backed up registry hives.

    Performed disk cleanup.


    -- HijackThis (run as user.exe) ------------------------------------------------

    Logfile of HijackThis v1.99.1
    Scan saved at 23:14:26, on 31/05/2007
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
    C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
    C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
    C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
    C:\WINDOWS\AGRSMMSG.exe
    C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\WINDOWS\system32\TPSMain.exe
    C:\Program Files\Toshiba\Toshiba Applet\thotkey.exe
    C:\Program Files\TOSHIBA\TOSHIBA-zoomutility\SmoothView.exe
    C:\Program Files\TOSHIBA\PadTouch\PadExe.exe
    C:\WINDOWS\vsnpstd3.exe
    C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
    C:\WINDOWS\system32\TPSBattM.exe
    C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
    C:\Program Files\Toshiba\Toscdspd\TOSCDSPD.EXE
    C:\Program Files\Logitech\SetPoint\SetPoint.exe
    C:\Program Files\Common Files\Logitech\KHAL\KHALMNPR.EXE
    C:\Program Files\MSN Messenger\msnmsgr.exe
    C:\Program Files\MSN Messenger\usnsvc.exe
    C:\WINDOWS\explorer.exe
    C:\Documents and Settings\user\Bureaublad\dss.exe
    C:\PROGRA~1\HJT\user.exe

    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
    O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
    O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
    O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
    O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    O4 - HKLM\..\Run: [TPSMain] TPSMain.exe
    O4 - HKLM\..\Run: [THotkey] C:\Program Files\Toshiba\Toshiba Applet\thotkey.exe
    O4 - HKLM\..\Run: [SmoothView] C:\Program Files\TOSHIBA\TOSHIBA-zoomutility\SmoothView.exe
    O4 - HKLM\..\Run: [PadTouch] "C:\Program Files\TOSHIBA\PadTouch\PadExe.exe
    O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
    O4 - HKLM\..\Run: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] C:\Program Files\Google\Gmail Notifier\gnotify.exe
    O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
    O4 - HKCU\..\Run: [toscdspd] C:\Program Files\Toshiba\Toscdspd\TOSCDSPD.EXE
    O4 - Global Startup: Adobe Reader Snelle start.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
    O4 - Global Startup: Microsoft Office OneNote 2003 Snel Starten.lnk = C:\Program Files\Microsoft Office\OFFICE11\ONENOTEM.EXE
    O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
    O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary...r.cab31267.cab
    O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary...t.cab31267.cab
    O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
    O16 - DPF: {493ACF15-5CD9-4474-82A6-91670C3DD66E} (LinkedIn ContactFinderControl) - http://www.linkedin.com/cab/LinkedIn...derControl.cab
    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsof...?1123996397609
    O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary...t.cab31267.cab
    O16 - DPF: {9AA73F41-EC64-489E-9A73-9CD52E528BC4} (ZoneAxRcMgr Class) - http://messenger.zone.msn.com/binary/ZAxRcMgr.cab
    O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary...o.cab56649.cab
    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary...t.cab56907.cab
    O16 - DPF: {E87F6C8E-16C0-11D3-BEF7-009027438003} (Persits Software XUpload) - http://asp05.photoprintit.de/microsi...ex/XUpload.ocx
    O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary...n.cab31267.cab
    O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
    O20 - Winlogon Notify: WRNotifier - WRLogonNTF.dll (file missing)
    O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
    O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
    O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
    O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe


    -- HijackThis Fixed Entries (C:\PROGRA~1\HJT\backups\) -------------------------

    backup-20060501-101714-144 O8 - Extra context menu item: Easy-WebPrint High Speed Print - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
    backup-20060501-101714-227 O8 - Extra context menu item: Easy-WebPrint Add To Print List - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
    backup-20060501-101714-924 O8 - Extra context menu item: Easy-WebPrint Preview - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
    backup-20060501-101715-651 O8 - Extra context menu item: Easy-WebPrint Print - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
    backup-20061020-105039-518 O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    backup-20061020-105039-974 O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    backup-20070209-101101-655 O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    backup-20070425-111233-334 O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    backup-20070425-111233-554 O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    backup-20070425-111233-729 O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    backup-20070425-111233-762 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen

    -- File Associations -----------------------------------------------------------

    All associations okay.


    -- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------

    R2 Netdevio (TOSHIBA Network Device Usermode I/O Protocol) - c:\windows\system32\drivers\netdevio.sys <Not Verified; TOSHIBA Corporation.; TOSHIBA Network Device Usermode I/O protocol>
    R3 pfc (Padus ASPI Shell) - c:\windows\system32\drivers\pfc.sys <Not Verified; Padus, Inc.; Padus(R) ASPI Shell>
    R3 TVALD (Toshiba Mobile PC Service) - c:\windows\system32\drivers\nbsmi.sys <Not Verified; Toshiba Corporation; Toshiba Notebook PC SMI Service>

    S3 snpstd (TRUST 120 SPACEC@M) - c:\windows\system32\drivers\snpstd.sys <Not Verified; ; PC Camera driver>


    -- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------

    R2 CFSvcs (ConfigFree Service) - c:\program files\toshiba\configfree\cfsvcs.exe <Not Verified; TOSHIBA CORPORATION; ConfigFree(TM)>


    -- Scheduled Tasks -------------------------------------------------------------

    2007-05-30 20:20:02 284 --a------ C:\WINDOWS\Tasks\AppleSoftwareUpdate.job


    -- Files created between 2007-04-30 and 2007-05-31 -----------------------------

    2007-05-30 13:42:22 0 d-------- C:\Documents and Settings\user\Application Data\Microgaming
    2007-05-30 13:42:06 0 d-------- C:\WINDOWS\system32\FlashAX
    2007-05-27 16:28:46 0 d-------- C:\Program Files\QuickTime
    2007-05-26 19:18:31 0 d-------- C:\Documents and Settings\user\Application Data\pdf995
    2007-05-26 19:16:35 118784 --a------ C:\WINDOWS\system32\pdfmona.dll
    2007-05-26 19:16:35 51716 --a------ C:\WINDOWS\system32\pdf995mon.dll
    2007-05-26 19:16:35 0 d-------- C:\Documents and Settings\All Users\Application Data\pdf995
    2007-05-26 19:12:57 0 d------c- C:\pdf995
    2007-05-26 12:06:32 0 d-------- C:\WINDOWS\system32\CatRoot2
    2007-05-10 18:04:03 0 d-------- C:\Program Files\Microsoft CAPICOM 2.1.0.2
    2007-05-08 19:16:21 0 d-------- C:\Documents and Settings\user\Application Data\AVG7
    2007-05-08 19:16:04 0 d-------- C:\Documents and Settings\LocalService\Application Data\AVG7
    2007-05-08 19:15:37 0 d-------- C:\Documents and Settings\All Users\Application Data\Grisoft
    2007-05-08 19:15:37 0 d-------- C:\Documents and Settings\All Users\Application Data\avg7


    -- Find3M Report ---------------------------------------------------------------

    2007-05-31 23:14:16 0 d-------- C:\Program Files\HJT
    2007-05-31 08:02:22 0 d-------- C:\Program Files\Winamp
    2007-05-28 09:39:31 0 d-------- C:\Documents and Settings\user\Application Data\Skype
    2007-05-28 09:38:13 0 d-------- C:\Program Files\Java
    2007-05-27 16:27:58 0 d-------- C:\Program Files\Apple Software Update
    2007-05-21 08:54:03 0 d-------- C:\Program Files\MSN Messenger
    2007-05-21 08:54:03 0 d-------- C:\Program Files\Messenger Plus! Live
    2007-05-15 16:06:33 0 d-------- C:\Documents and Settings\user\Application Data\Adobe
    2007-04-30 16:13:52 0 d-------- C:\Program Files\EvilLyrics
    2007-04-05 14:04:00 0 d-------- C:\Program Files\Google
    2007-03-25 10:31:13 465696 --a------ C:\WINDOWS\system32\perfh013.dat
    2007-03-25 10:31:12 81210 --a------ C:\WINDOWS\system32\perfc013.dat


    -- Registry Dump ---------------------------------------------------------------

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Explorer\Browser Helper Objects]
    {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\run]
    "ATIPTA"="C:\\Program Files\\ATI Technologies\\ATI Control Panel\\atiptaxx.exe"
    "AGRSMMSG"="AGRSMMSG.exe"
    "SynTPLpr"="C:\\Program Files\\Synaptics\\SynTP\\SynTPLpr.exe"
    "SynTPEnh"="C:\\Program Files\\Synaptics\\SynTP\\SynTPEnh.exe"
    "TPSMain"="TPSMain.exe"
    "THotkey"="C:\\Program Files\\Toshiba\\Toshiba Applet\\thotkey.exe"
    "SmoothView"="C:\\Program Files\\TOSHIBA\\TOSHIBA-zoomutility\\SmoothView.exe"
    "PadTouch"="\"C:\\Program Files\\TOSHIBA\\PadTouch\\PadExe.exe"
    "Logitech Hardware Abstraction Layer"="KHALMNPR.EXE"
    "{0228e555-4f9c-4e35-a3ec-b109a192b4c2}"="C:\\Program Files\\Google\\Gmail Notifier\\gnotify.exe"
    "AVG7_CC"="C:\\PROGRA~1\\Grisoft\\AVG7\\avgcc. exe /STARTUP"
    "QuickTime Task"="\"C:\\Program Files\\QuickTime\\qttask.exe\" -atboottime"
    "SunJavaUpdateSched"="\"C:\\Program Files\\Java\\jre1.6.0_01\\bin\\jusched.exe\""

    [HKEY_CURRENT_USER\software\microsoft\windows\curre ntversion\run]
    "toscdspd"="C:\\Program Files\\Toshiba\\Toscdspd\\TOSCDSPD.EXE"

    [HKEY_USERS\.default\software\microsoft\windows\cur rentversion\run]
    "CTFMON.EXE"="C:\\WINDOWS\\System32\\CTFMON.EX E"

    HKEY_LOCAL_MACHINE\system\currentcontrolset\contro l\lsa
    Authentication Packages REG_MULTI_SZ msv1_0\0\0
    Security Packages REG_MULTI_SZ kerberos\0msv1_0\0schannel\0wdigest\0\0
    Notification Packages REG_MULTI_SZ \0scecli\0\0


    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Adobe Reader Snelle start.lnk]
    "path"="C:\\Documents and Settings\\All Users\\Menu Start\\Programma's\\Opstarten\\Adobe Reader Snelle start.lnk"
    "backup"="C:\\WINDOWS\\pss\\Adobe Reader Snelle start.lnkCommon Startup"
    "location"="Common Startup"
    "command"="C:\\PROGRA~1\\Adobe\\ACROBA~2.0\\Reader \\READER~1.EXE "
    "item"="Adobe Reader Snelle start"

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^NkvMon.exe.lnk]
    "path"="C:\\Documents and Settings\\All Users\\Menu Start\\Programma's\\Opstarten\\NkvMon.exe.lnk"
    "backup"="C:\\WINDOWS\\pss\\NkvMon.exe.lnkComm on Startup"
    "location"="Common Startup"
    "command"="C:\\PROGRA~1\\Nikon\\NkView6\\NkvMon.ex e "
    "item"="NkvMon.exe"

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Easy-PrintToolBox]
    "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersio n\\Run"
    "item"="BJPSMAIN"
    "hkey"="HKLM"
    "command"="C:\\Program Files\\Canon\\Easy-PrintToolBox\\BJPSMAIN.EXE /logon"
    "inimapping"="0"

    [HKEY_LOCAL_MACHINE\software\Microsoft\Windows NT\CurrentVersion\Svchost]
    LocalService REG_MULTI_SZ Alerter\0WebClient\0LmHosts\0RemoteRegistry\0upnph ost\0SSDPSRV\0\0
    NetworkService REG_MULTI_SZ DnsCache\0\0
    rpcss REG_MULTI_SZ RpcSs\0\0
    imgsvc REG_MULTI_SZ StiSvc\0\0
    termsvcs REG_MULTI_SZ TermService\0\0
    HTTPFilter REG_MULTI_SZ HTTPFilter\0\0
    DcomLaunch REG_MULTI_SZ DcomLaunch\0TermService\0\0


    [HKCU\Software\Microsoft\Windows\CurrentVersion\Exp lorer\MountPoints2\{8b7943f2-993f-11db-b479-00134678f477}]
    Shell\AutoRun\command F:\LaunchU3.exe -a


    -- End of Deckard's System Scanner: finished at 2007-05-31 at 23:14:57 ---------

  5. #15
    Expert  
    Geregistreerd
    22 February 2007
    Locatie
    Wijk bij Duurstede
    Berichten
    678
    Bedankjes
    39
    Bedankt
    101 keer in 99 posts
    1. Open HijackThis
    2. Klik op 'Config'
    3. Klik op 'Misc Tools'
    4. Zet een vinkje in 'List also minor sections (full)'
    5. Klik op 'Generate StartupList log'
    6. Klik op 'Ja' om de log te maken
    7. Het StartupList log wordt nu weergegeven in je kladblok.
    8. Druk (op je toetsenbord) achtereenvolgens op ctrl+a en ctrl+c om de gehele tekst te selecteren.
    9. Plaats het log hier dmv toetsen ctrl+v

  6. #16
    Up-to-date  
    Geregistreerd
    1 September 2005
    Berichten
    73
    Bedankjes
    4
    Bedankt
    0 keer in 0 posts
    StartupList report, 2/06/2007, 9:40:00
    StartupList version: 1.52.2
    Started from : C:\Program Files\HJT\HijackThis.EXE
    Detected: Windows XP SP2 (WinNT 5.01.2600)
    Detected: Internet Explorer v6.00 SP2 (6.00.2900.2180)
    * Using default options
    * Showing rarely important sections
    ==================================================

    Running processes:

    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
    C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
    C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
    C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
    C:\WINDOWS\AGRSMMSG.exe
    C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\TPSMain.exe
    C:\Program Files\Toshiba\Toshiba Applet\thotkey.exe
    C:\Program Files\TOSHIBA\TOSHIBA-zoomutility\SmoothView.exe
    C:\Program Files\TOSHIBA\PadTouch\PadExe.exe
    C:\Program Files\Google\Gmail Notifier\gnotify.exe
    C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
    C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
    C:\Program Files\Toshiba\Toscdspd\TOSCDSPD.EXE
    C:\WINDOWS\system32\TPSBattM.exe
    C:\Program Files\Logitech\SetPoint\SetPoint.exe
    C:\Program Files\Common Files\Logitech\KHAL\KHALMNPR.EXE
    C:\Program Files\MSN Messenger\msnmsgr.exe
    C:\Program Files\MSN Messenger\livecall.exe
    C:\Program Files\MSN Messenger\usnsvc.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Program Files\HJT\HijackThis.exe

    --------------------------------------------------

    Listing of startup folders:

    Shell folders Common Startup:
    [C:\Documents and Settings\All Users\Menu Start\Programma's\Opstarten]
    Adobe Reader Snelle start.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
    Microsoft Office OneNote 2003 Snel Starten.lnk = C:\Program Files\Microsoft Office\OFFICE11\ONENOTEM.EXE
    Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE

    --------------------------------------------------

    Checking Windows NT UserInit:

    [HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    UserInit = C:\WINDOWS\system32\userinit.exe,

    --------------------------------------------------

    Autorun entries from Registry:
    HKLM\Software\Microsoft\Windows\CurrentVersion\Run

    ATIPTA = C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
    AGRSMMSG = AGRSMMSG.exe
    SynTPLpr = C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
    SynTPEnh = C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    TPSMain = TPSMain.exe
    THotkey = C:\Program Files\Toshiba\Toshiba Applet\thotkey.exe
    SmoothView = C:\Program Files\TOSHIBA\TOSHIBA-zoomutility\SmoothView.exe
    PadTouch = "C:\Program Files\TOSHIBA\PadTouch\PadExe.exe
    Logitech Hardware Abstraction Layer = KHALMNPR.EXE
    {0228e555-4f9c-4e35-a3ec-b109a192b4c2} = C:\Program Files\Google\Gmail Notifier\gnotify.exe
    AVG7_CC = C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
    QuickTime Task = "C:\Program Files\QuickTime\qttask.exe" -atboottime
    SunJavaUpdateSched = "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"

    --------------------------------------------------

    Autorun entries from Registry:
    HKCU\Software\Microsoft\Windows\CurrentVersion\Run

    toscdspd = C:\Program Files\Toshiba\Toscdspd\TOSCDSPD.EXE

    --------------------------------------------------

    Enumerating Active Setup stub paths:
    HKLM\Software\Microsoft\Active Setup\Installed Components
    (* = disabled by HKCU twin)

    [>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}]
    StubPath = C:\WINDOWS\inf\unregmp2.exe /ShowWMP

    [>{26923b43-4d38-484f-9b9e-de460746276c}] *
    StubPath = %systemroot%\system32\shmgrate.exe OCInstallUserConfigIE

    [>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}]
    StubPath = %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE

    [{2C7339CF-2B09-4501-B3F3-F3508C9228ED}] *
    StubPath = %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll

    [{44BBA840-CC51-11CF-AAFA-00AA00B6015C}] *
    StubPath = "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install

    [{7790769C-0471-11d2-AF11-00C04FA35D02}] *
    StubPath = "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install

    [{89820200-ECBD-11cf-8B85-00AA005B4340}] *
    StubPath = regsvr32.exe /s /n /i:U shell32.dll

    [{89820200-ECBD-11cf-8B85-00AA005B4383}] *
    StubPath = %SystemRoot%\system32\ie4uinit.exe

    [{89B4C1CD-B018-4511-B0A1-5476DBF70820}] *
    StubPath = C:\WINDOWS\System32\Rundll32.exe C:\WINDOWS\System32\mscories.dll,Install

    --------------------------------------------------

    Shell & screensaver key from C:\WINDOWS\SYSTEM.INI:

    Shell=*INI section not found*
    SCRNSAVE.EXE=*INI section not found*
    drivers=*INI section not found*

    Shell & screensaver key from Registry:

    Shell=Explorer.exe
    SCRNSAVE.EXE=*Registry value not found*
    drivers=*Registry value not found*

    Policies Shell key:

    HKCU\..\Policies: Shell=*Registry value not found*
    HKLM\..\Policies: Shell=*Registry value not found*

    --------------------------------------------------

    Checking for EXPLORER.EXE instances:

    C:\WINDOWS\Explorer.exe: PRESENT!

    C:\Explorer.exe: not present
    C:\WINDOWS\Explorer\Explorer.exe: not present
    C:\WINDOWS\System\Explorer.exe: not present
    C:\WINDOWS\System32\Explorer.exe: not present
    C:\WINDOWS\Command\Explorer.exe: not present
    C:\WINDOWS\Fonts\Explorer.exe: not present

    --------------------------------------------------

    Checking for superhidden extensions:

    .lnk: HIDDEN! (arrow overlay: yes)
    .pif: HIDDEN! (arrow overlay: yes)
    .exe: not hidden
    .com: not hidden
    .bat: not hidden
    .hta: not hidden
    .scr: not hidden
    .shs: HIDDEN!
    .shb: HIDDEN!
    .vbs: not hidden
    .vbe: not hidden
    .wsh: not hidden
    .scf: HIDDEN! (arrow overlay: NO!)
    .url: HIDDEN! (arrow overlay: yes)
    .js: not hidden
    .jse: not hidden

    --------------------------------------------------

    Enumerating Browser Helper Objects:

    (no name) - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43}

    --------------------------------------------------

    Enumerating Task Scheduler jobs:

    AppleSoftwareUpdate.job

    --------------------------------------------------

    Enumerating Download Program Files:

    [Checkers Class]
    InProcServer32 = C:\WINDOWS\Downloaded Program Files\msgrchkr.dll
    CODEBASE = http://messenger.zone.msn.com/binary...r.cab31267.cab

    [MessengerStatsClient Class]
    InProcServer32 = C:\WINDOWS\Downloaded Program Files\MessengerStatsPAClient.dll
    CODEBASE = http://messenger.zone.msn.com/binary...t.cab31267.cab

    [Shockwave ActiveX Control]
    InProcServer32 = C:\WINDOWS\system32\Macromed\Director\SwDir.dll
    CODEBASE = http://download.macromedia.com/pub/s...irector/sw.cab

    [Windows Genuine Advantage Validation Tool]
    InProcServer32 = C:\WINDOWS\system32\legitcheckcontrol.dll
    CODEBASE = http://go.microsoft.com/fwlink/?linkid=39204

    [{33564D57-0000-0010-8000-00AA00389B71}]
    CODEBASE = http://download.microsoft.com/downlo...22/wmv9VCM.CAB

    [LinkedIn ContactFinderControl]
    InProcServer32 = C:\WINDOWS\DOWNLO~1\LINKED~1.DLL
    CODEBASE = http://www.linkedin.com/cab/LinkedIn...derControl.cab

    [MUWebControl Class]
    InProcServer32 = C:\WINDOWS\system32\muweb.dll
    CODEBASE = http://update.microsoft.com/microsof...?1123996397609

    [MessengerStatsClient Class]
    InProcServer32 = C:\WINDOWS\Downloaded Program Files\messengerstatsclient.dll
    CODEBASE = http://messenger.zone.msn.com/binary...t.cab31267.cab

    [ZoneAxRcMgr Class]
    InProcServer32 = C:\WINDOWS\Downloaded Program Files\ZAxRcMgr.ocx
    CODEBASE = http://messenger.zone.msn.com/binary/ZAxRcMgr.cab

    [MSN Games - Installer]
    InProcServer32 = C:\WINDOWS\Downloaded Program Files\ZIntro.ocx
    CODEBASE = http://messenger.zone.msn.com/binary...o.cab56649.cab

    [MessengerStatsClient Class]
    InProcServer32 = C:\WINDOWS\Downloaded Program Files\CONFLICT.1\MessengerStatsPAClient.dll
    CODEBASE = http://messenger.zone.msn.com/binary...t.cab56907.cab

    [Shockwave Flash Object]
    InProcServer32 = C:\WINDOWS\system32\Macromed\Flash\Flash9b.ocx
    CODEBASE = http://download.macromedia.com/pub/s...sh/swflash.cab

    [Persits Software XUpload]
    InProcServer32 = C:\WINDOWS\Downloaded Program Files\XUpload.ocx
    CODEBASE = http://asp05.photoprintit.de/microsi...ex/XUpload.ocx

    [Solitaire Showdown Class]
    InProcServer32 = C:\WINDOWS\Downloaded Program Files\solitaireshowdown.dll
    CODEBASE = http://messenger.zone.msn.com/binary...n.cab31267.cab

    --------------------------------------------------

    Enumerating Windows NT/2000/XP services

    Ati HotKey Poller: %SystemRoot%\system32\Ati2evxx.exe (autostart)
    Windows Audio: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
    AVG7 Alert Manager Server: C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe (autostart)
    AVG7 Update Service: C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe (autostart)
    AVG E-mail Scanner: C:\PROGRA~1\Grisoft\AVG7\avgemc.exe (autostart)
    AVG Network Redirector: \SystemRoot\System32\Drivers\avgtdi.sys (autostart)
    Intelligente achtergrondsoverdrachtservice: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
    Computer Browser: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
    ConfigFree Service: C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe (autostart)
    Services voor cryptografie: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart)
    DCOM Server Process Launcher: %SystemRoot%\system32\svchost -k DcomLaunch (autostart)
    DHCP Client: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
    Logical Disk Manager: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
    DNS Client: %SystemRoot%\System32\svchost.exe -k NetworkService (autostart)
    Error Reporting Service: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
    Event Log: %SystemRoot%\system32\services.exe (autostart)
    Help en ondersteuning: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
    IrDA Protocol: System32\DRIVERS\irda.sys (autostart)
    Infraroodmonitor: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
    Server: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
    Workstation: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
    TCP/IP NetBIOS Helper: %SystemRoot%\System32\svchost.exe -k LocalService (autostart)
    TOSHIBA Network Device Usermode I/O Protocol: System32\DRIVERS\netdevio.sys (autostart)
    Plug and Play: %SystemRoot%\system32\services.exe (autostart)
    IPSEC-services: %SystemRoot%\System32\lsass.exe (autostart)
    Protected Storage: %SystemRoot%\system32\lsass.exe (autostart)
    Remote Registry: %SystemRoot%\system32\svchost.exe -k LocalService (autostart)
    Remote Procedure Call (RPC): %SystemRoot%\system32\svchost -k rpcss (autostart)
    Security Accounts Manager: %SystemRoot%\system32\lsass.exe (autostart)
    Task Scheduler: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
    Secondary Logon: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
    System Event Notification: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart)
    Windows Firewall (WF) / Internet-verbinding delen (ICS): %SystemRoot%\system32\svchost.exe -k netsvcs (autostart)
    Shell Hardware Detection: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
    Print Spooler: %SystemRoot%\system32\spoolsv.exe (autostart)
    System Restore-service: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
    Windows Image Acquisition (WIA): %SystemRoot%\System32\svchost.exe -k imgsvc (autostart)
    Thema's: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
    Distributed Link Tracking Client: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart)
    Windows User Mode Driver Framework: C:\WINDOWS\system32\wdfmgr.exe (autostart)
    Uploadbeheer: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
    Universele Plug en Play-apparaathost: %SystemRoot%\System32\svchost.exe -k LocalService (autostart)
    Windows Time: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
    WebClient: %SystemRoot%\System32\svchost.exe -k LocalService (autostart)
    Windows Management Instrumentation: %systemroot%\system32\svchost.exe -k netsvcs (autostart)
    Security Center: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
    Automatische updates: %systemroot%\system32\svchost.exe -k netsvcs (autostart)
    Wireless Zero Configuration-service: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)


    --------------------------------------------------

    Enumerating ShellServiceObjectDelayLoad items:

    PostBootReminder: C:\WINDOWS\system32\SHELL32.dll
    CDBurn: C:\WINDOWS\system32\SHELL32.dll
    WebCheck: C:\WINDOWS\system32\webcheck.dll
    SysTray: C:\WINDOWS\system32\stobject.dll

    --------------------------------------------------
    End of report, 14.036 bytes
    Report generated in 0,406 seconds

    Command line options:
    /verbose - to add additional info on each section
    /complete - to include empty sections and unsuspicious data
    /full - to include several rarely-important sections
    /force9x - to include Win9x-only startups even if running on WinNT
    /forcent - to include WinNT-only startups even if running on Win9x
    /forceall - to include all Win9x and WinNT startups, regardless of platform
    /history - to list version history only

  7. #17
    Expert  
    Geregistreerd
    22 February 2007
    Locatie
    Wijk bij Duurstede
    Berichten
    678
    Bedankjes
    39
    Bedankt
    101 keer in 99 posts
    Hoi Yort,

    Ik kan geen problemen vinden in je logfile :S. Hoe is het inmiddels met je problemen, mochten deze nog aanwezig zijn geef even een duidelijke omschrijving a.u.b.

    Pim

  8. De volgende gebruiker bedankt DJ Inpossible voor deze nuttige post:

    Yort ( 3 June 2007)

  9. #18
    Up-to-date  
    Geregistreerd
    1 September 2005
    Berichten
    73
    Bedankjes
    4
    Bedankt
    0 keer in 0 posts
    Citaat Oorspronkelijk geplaatst door DJ Inpossible Bekijk bericht
    Hoi Yort,

    Ik kan geen problemen vinden in je logfile :S. Hoe is het inmiddels met je problemen, mochten deze nog aanwezig zijn geef even een duidelijke omschrijving a.u.b.

    Pim
    Dag Pim,

    M'n problemen lijken (voorlopig) uit de baan. Moesten die toch nog opduiken, dan laat ik dat weten. Heel erg bedankt voor de moeite en tijd!!

    Groet,
    Yort

  10. #19
    Expert  
    Geregistreerd
    22 February 2007
    Locatie
    Wijk bij Duurstede
    Berichten
    678
    Bedankjes
    39
    Bedankt
    101 keer in 99 posts
    Graag gedaan

    Misschien staat hier nog iets tussen wat je niet wist, erg intressant qua beveiliging:
    http://www.jawwi.nl/nederlands/tips/...eveiligen.html
    Laatst gewijzigd door DJ Inpossible; 3 June 2007 om 20:42

Discussie informatie

Users Browsing this Thread

Momenteel bekijken 1 gebruikers deze discussie. (0 leden en 1 gasten)

Soortgelijke discussies

  1. Reacties: 7
    Laatste bericht: 11 October 2006, 14:50
  2. naam van kind "voor" foto ipv "erachter
    Door creature2you in forum Grafisch algemeen
    Reacties: 15
    Laatste bericht: 3 April 2006, 18:15
  3. Creative Muvo "tx Se" Of "v200" 1gb
    Door vampie in forum PC-randapparatuur en andere PC-hardware
    Reacties: 0
    Laatste bericht: 3 December 2005, 16:25
  4. "Neovo F417BS 17"" TFT zw/zil (12ms) - 3 j on-site - BESTE KOOP PC Magazine!"
    Door eventure in forum PC-randapparatuur en andere PC-hardware
    Reacties: 1
    Laatste bericht: 24 November 2005, 12:45

Favorieten/bladwijzers

Favorieten/bladwijzers

Regels voor berichten

  • Je mag geen nieuwe discussies starten
  • Je mag niet reageren op berichten
  • Je mag geen bijlagen versturen
  • Je mag niet je berichten bewerken
  •