Pagina 1 van 2 12 LaatsteLaatste
Weergegeven resultaten: 1 t/m 10 van 17
  1. #1
    Up-to-date  
    Geregistreerd
    21 November 2007
    Berichten
    46
    Bedankjes
    3
    Bedankt
    0 keer in 0 posts

    ' Ad served by context tool' probleem

    Hey ik heb al een lange tijd een probleem ,
    Als ik aan het surfen ben of aan het gamen springt er opeens een venster op met reclame dinge.
    Die moet ik dan weg klikken en dan verschijnt er in de rechter hoek een verschijnt er dan een klein bannertje en daar staat op Ad served by context tool.
    Ik ben niet zo goed met computers dus ik zou graag een duidelijk uitleg willen =P
    Mijn log :
    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 18:33:07, on 21-11-2007
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16544)
    Boot mode: Normal
    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\csrss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
    C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
    C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
    C:\Program Files\CA\SharedComponents\CA_LIC\LogWatNT.exe
    C:\WINDOWS\system32\nvsvc32.exe
    C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
    C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
    C:\WINDOWS\System32\alg.exe
    C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
    C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
    C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
    C:\WINDOWS\system32\RUNDLL32.EXE
    C:\Program Files\Windows CE Services\DCCMAN.EXE
    C:\WINDOWS\system32\ctfmon.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNo tifier.exe
    C:\Program Files\MD40323\ICON.EXE
    C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    C:\Program Files\IEEE 802.11g USB Wireless LAN\IEEE 802.11g USB Wireless LAN\WlanUtil.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe
    C:\Program Files\RegClean\RegClean.exe
    C:\WINDOWS\explorer.exe
    C:\Program Files\Internet Explorer\IEXPLORE.EXE
    C:\WINDOWS\System32\Rundll32.exe
    C:\Program Files\Xfire\xfire.exe
    C:\WINDOWS\system32\HPZipm12.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\WINDOWS\system32\rundll32.exe
    C:\Program Files\Spyware Doctor\svcntaux.exe
    C:\Program Files\Spyware Doctor\swdsvc.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
    C:\WINDOWS\System32\wbem\wmiprvse.exe
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://gunz.ijji.com/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.medion.com/nl/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/...ch/search.html
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    O1 - Hosts: 75.67.92.226 paypal.com
    O1 - Hosts: 75.67.92.226 www.paypal.com
    O1 - Hosts: 75.67.92.226 http://paypal.com
    O1 - Hosts: 75.67.92.226 http://www.paypal.com
    O1 - Hosts: 75.67.92.226 paypal.co.uk
    O1 - Hosts: 75.67.92.226 www.paypal.co.uk
    O1 - Hosts: 75.67.92.226 http://paypal.co.uk
    O1 - Hosts: 75.67.92.226 http://www.paypal.co.uk
    O2 - BHO: (no name) - rsion - (no file)
    O2 - BHO: Media Holding Enterprises, LLC - {0D39A900-0F3A-4C29-A254-3E65244FDC34} - C:\Program Files\ContextTool\ContextTool-2.dll
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O2 - BHO: (no name) - {9C8A568E-4201-478a-8536-526CF371D2E2} - (no file)
    O2 - BHO: optimizer by rightonadz - {AB71E94E-3DC4-41eb-BBD5-31E82C9FD1D4} - C:\WINDOWS\system32\gzmrotate.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\sw g.dll
    O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar5.dll
    O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd2.exe"
    O4 - HKLM\..\Run: [AVG7_CC] "C:\PROGRA~1\Grisoft\AVG7\avgcc.exe" /STARTUP
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [H/PC Connection Agent] "C:\Program Files\Windows CE Services\DCCMAN.EXE"
    O4 - HKLM\..\Run: [RegClean] "C:\Program Files\RegClean\RegClean.exe" -boot
    O4 - HKLM\..\Run: [hid_start] C:\WINDOWS\System32\Rundll32.exe "C:\WINDOWS\system32\gzmrotate.dll" DllVerify
    O4 - HKLM\..\RunOnce: [SpybotDeletingA1866] command /c del "C:\WINDOWS\system32\dwdsrngt.exe_tobedeleted"
    O4 - HKLM\..\RunOnce: [SpybotDeletingC337] cmd /c del "C:\WINDOWS\system32\dwdsrngt.exe_tobedeleted"
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNo tifier.exe
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Lokale service')
    O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'Lokale service')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Netwerkservice')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
    O4 - Startup: Xfire.lnk = C:\Program Files\Xfire\xfire.exe
    O4 - Global Startup: 2Mega Camera Manager Monitor.lnk = ?
    O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    O4 - Global Startup: IEEE 802.11g USB Wireless LAN Utility.lnk = C:\Program Files\IEEE 802.11g USB Wireless LAN\IEEE 802.11g USB Wireless LAN\WlanUtil.exe
    O4 - Global Startup: Snelstart HP Image Zone.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\WINDOWS\System32\shdocvw.dll
    O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O14 - IERESET.INF: START_PAGE_URL=http://www.medion.com/nl/
    O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/S...in/AvSniff.cab
    O16 - DPF: {5F5F9FB8-878E-4455-95E0-F64B2314288A} (ijjiPlugin2 Class) - http://gamedownload.ijjimax.com/game...lugin11USA.cab
    O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/S.../bin/cabsa.cab
    O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsof...?1127411100421
    O16 - DPF: {8714912E-380D-11D5-B8AA-00D0B78F3D48} (Yahoo! Webcam Upload Wrapper) - http://chat.yahoo.com/cab/yuplapp.cab
    O16 - DPF: {AA07EBD2-EBDD-4BD6-9F8F-114BD513492C} (NeffyLauncherCtl Class) - http://disteng.nefficient.com/disten...fyLauncher.cab
    O16 - DPF: {CD995117-98E5-4169-9920-6C12D4C0B548} - http://gamedownload.ijjimax.com/game...Plugin9USA.cab
    O16 - DPF: {DD583921-A9E9-4FBF-9266-8DC2AB5EA0AF} - http://gamedownload.ijjimax.com/game...lugin10USA.cab
    O16 - DPF: {E8F628B5-259A-4734-97EE-BA914D7BE941} (Driver Agent ActiveX Control) - http://driveragent.com/files/driveragent.cab
    O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
    O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
    O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
    O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
    O23 - Service: CA License Client (CA_LIC_CLNT) - Computer Associates - C:\Program Files\CA\SharedComponents\CA_LIC\lic98rmt.exe
    O23 - Service: CA License Server (CA_LIC_SRVR) - Computer Associates - C:\Program Files\CA\SharedComponents\CA_LIC\lic98rmtd.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: Event Log Watch (LogWatch) - Computer Associates - C:\Program Files\CA\SharedComponents\CA_LIC\LogWatNT.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
    O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
    O23 - Service: Spyware Doctor Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\svcntaux.exe
    O23 - Service: Spyware Doctor Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\swdsvc.exe
    O23 - Service: Webroot Spy Sweeper Engine (WebrootSpySweeperService) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
    --
    End of file - 10066 bytes
    Weet iemand een oplossing voor dit probleem?
    Bij voorbaat bedankt MvG Gilian

  2. #2
    Erelid   Juisterr's schermafbeelding
    Geregistreerd
    31 July 2006
    Locatie
    kotje aan de kust
    Berichten
    3.653
    Bedankjes
    1.008
    Bedankt
    2.268 keer in 1.411 posts
    Download: RVAXO.exe
    Sla het bestand op je bureaublad op, daarna mag je het dubbelklikken.
    Je kunt het programma laten uitpakken naar je bureaublad.
    Open nu de map RVAXO op je bureaublad en dubbelklik RVAXO.cmd
    Er zal een schermpje openen, daarin zullen snel enkele regels over niet gevonden bestanden voorbijkomen, dit is normaal.
    Mogelijk start er ook een uninstaller van een rogue scanner op, sluit deze niet af maar volg eventuele aanwijzingen en laat deze zijn werk doen.
    Daarna zal je PC herstarten, na de herstart opent het venster van RVAXO opnieuw.
    Laat deze lopen en wacht tot er een logfile opent.
    Deze is eventueel ook hier te vinden: C:\RVAXO-results.log
    Post de inhoud in je volgende bericht tesamen met een nieuw logje van HijackThis.

    Herstarte je PC niet?

    Laat RVAXO nog een keer lopen en post dan het nieuwe logje: C:\rvaxo-results.log
    "
    "

  3. #3
    Up-to-date  
    Geregistreerd
    21 November 2007
    Berichten
    46
    Bedankjes
    3
    Bedankt
    0 keer in 0 posts
    Dit is er uit gekomen :
    RVAXO logje :
    ----------------RVAXO.exe first run-------------
    ----------------RVAXO.exe first run-------------

    Files found:

    C:\WINDOWS\system32\_000026_.tmp.dll
    C:\WINDOWS\system32\rightonadz-uninst.exe
    C:\WINDOWS\exploeee.exe
    C:\WINDOWS\system32\adssite-remove.exe
    C:\WINDOWS\system32\gzmrot-uninst.exe
    C:\WINDOWS\system32\gzmrotate.dll
    C:\WINDOWS\system32\ijjiSetup.exe
    C:\install.dat

    Uninstallers Rogue scanners:


    Folders Found:

    C:\Documents and Settings\rob\application data\Adssite Advanced Toolbar
    C:\Program Files\Adssite Advanced Toolbar
    C:\Documents and Settings\All Users\Application Data\SalesMonitor
    C:\Program Files\Common Files\DokterFix
    C:\Documents and Settings\rob\Application Data\DokterFix

    Hosts-file was reset, If you use a custom hosts file please replace it...

    --------------RVAXO.exe last run---------------

    Files found:

    Folders Found:

    --------------RVAXO.exe finished----------------
    En dit is het logje van hijackthis :
    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 17:35:08, on 22-11-2007
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16544)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\csrss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
    C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
    C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
    C:\Program Files\CA\SharedComponents\CA_LIC\LogWatNT.exe
    C:\WINDOWS\system32\nvsvc32.exe
    C:\WINDOWS\system32\HPZipm12.exe
    C:\Program Files\Spyware Doctor\svcntaux.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Spyware Doctor\swdsvc.exe
    C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
    C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
    C:\WINDOWS\system32\notepad.exe
    C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
    C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
    C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
    C:\Program Files\Windows CE Services\DCCMAN.EXE
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNo tifier.exe
    C:\Program Files\MD40323\ICON.EXE
    C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    C:\Program Files\IEEE 802.11g USB Wireless LAN\IEEE 802.11g USB Wireless LAN\WlanUtil.exe
    C:\Program Files\Xfire\xfire.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe
    C:\WINDOWS\System32\wbem\wmiprvse.exe
    C:\WINDOWS\System32\alg.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
    C:\WINDOWS\system32\HPZinw12.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://gunz.ijji.com/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.medion.com/nl/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/...ch/search.html
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    O2 - BHO: (no name) - rsion - (no file)
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O2 - BHO: optimizer by rightonadz - {AB71E94E-3DC4-41eb-BBD5-31E82C9FD1D4} - C:\WINDOWS\system32\gzmrotate.dll (file missing)
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\sw g.dll
    O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar5.dll
    O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd2.exe"
    O4 - HKLM\..\Run: [AVG7_CC] "C:\PROGRA~1\Grisoft\AVG7\avgcc.exe" /STARTUP
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [H/PC Connection Agent] "C:\Program Files\Windows CE Services\DCCMAN.EXE"
    O4 - HKLM\..\Run: [RegClean] "C:\Program Files\RegClean\RegClean.exe" -boot
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNo tifier.exe
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Lokale service')
    O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'Lokale service')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Netwerkservice')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
    O4 - Startup: Xfire.lnk = C:\Program Files\Xfire\xfire.exe
    O4 - Global Startup: 2Mega Camera Manager Monitor.lnk = ?
    O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    O4 - Global Startup: IEEE 802.11g USB Wireless LAN Utility.lnk = C:\Program Files\IEEE 802.11g USB Wireless LAN\IEEE 802.11g USB Wireless LAN\WlanUtil.exe
    O4 - Global Startup: Snelstart HP Image Zone.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\WINDOWS\System32\shdocvw.dll
    O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O14 - IERESET.INF: START_PAGE_URL=http://www.medion.com/nl/
    O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/S...in/AvSniff.cab
    O16 - DPF: {5F5F9FB8-878E-4455-95E0-F64B2314288A} (ijjiPlugin2 Class) - http://gamedownload.ijjimax.com/game...lugin11USA.cab
    O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/S.../bin/cabsa.cab
    O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsof...?1127411100421
    O16 - DPF: {8714912E-380D-11D5-B8AA-00D0B78F3D48} (Yahoo! Webcam Upload Wrapper) - http://chat.yahoo.com/cab/yuplapp.cab
    O16 - DPF: {AA07EBD2-EBDD-4BD6-9F8F-114BD513492C} (NeffyLauncherCtl Class) - http://disteng.nefficient.com/disten...fyLauncher.cab
    O16 - DPF: {CD995117-98E5-4169-9920-6C12D4C0B548} - http://gamedownload.ijjimax.com/game...Plugin9USA.cab
    O16 - DPF: {DD583921-A9E9-4FBF-9266-8DC2AB5EA0AF} - http://gamedownload.ijjimax.com/game...lugin10USA.cab
    O16 - DPF: {E8F628B5-259A-4734-97EE-BA914D7BE941} (Driver Agent ActiveX Control) - http://driveragent.com/files/driveragent.cab
    O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
    O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
    O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
    O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
    O23 - Service: CA License Client (CA_LIC_CLNT) - Computer Associates - C:\Program Files\CA\SharedComponents\CA_LIC\lic98rmt.exe
    O23 - Service: CA License Server (CA_LIC_SRVR) - Computer Associates - C:\Program Files\CA\SharedComponents\CA_LIC\lic98rmtd.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: Event Log Watch (LogWatch) - Computer Associates - C:\Program Files\CA\SharedComponents\CA_LIC\LogWatNT.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
    O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
    O23 - Service: Spyware Doctor Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\svcntaux.exe
    O23 - Service: Spyware Doctor Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\swdsvc.exe
    O23 - Service: Webroot Spy Sweeper Engine (WebrootSpySweeperService) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe

    --
    End of file - 9038 bytes
    Wat moet ik nu doen en bedankt voor je tijd!

    Groetjes Gilian

  4. #4
    Erelid   Juisterr's schermafbeelding
    Geregistreerd
    31 July 2006
    Locatie
    kotje aan de kust
    Berichten
    3.653
    Bedankjes
    1.008
    Bedankt
    2.268 keer in 1.411 posts
    Start Hijackthis op en kies voor 'Do a system scan only'
    Selecteer alleen de items die hieronder zijn genoemd:

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/...ch/search.html
    O2 - BHO: (no name) - rsion - (no file)
    O2 - BHO: optimizer by rightonadz - {AB71E94E-3DC4-41eb-BBD5-31E82C9FD1D4} - C:\WINDOWS\system32\gzmrotate.dll (file missing)

    Sluit alle vensters behalve Hijackthis
    Klik op 'Fix checked' om de items te verwijderen.

    Download Combofix naar je Bureaublad.
    Indien je Combofix al eerder hebt gebruikt, gelieve die versie te verwijderen en Combofix opnieuw te downloaden via bovenstaande link, want Combofix wordt dagelijks geupdate.

    OPMERKING: indien je, tijdens of na het downloaden van Combofix of tijdens het gebruik van Combofix een melding krijgt van je Antivirus- of een andere realtime scanner, schakel dan deze scanner uit en download Combofix opnieuw. Sommige scanners zien bepaalde componenten die Combofix gebruikt als verdacht en gaan deze blokkeren of verwijderen!
    • Dubbelklik op Combofix.exe
      Volg de instructies, aanvaard de disclaimer door 1 (continue) te typen, gevolgd door ENTER.
      Tijdens het runnen van de fix, NIET in het venster klikken, want dit zal je pc doen vasthangen.

    Wanneer de fix voltooid is en na herstart, zal de log combofix.txt openen.
    Plaats deze log in je volgende post samen met een nieuw HijackThis log.
    "
    "

  5. De volgende gebruiker bedankt Juisterr voor deze nuttige post:

    Frostie (22 November 2007)

  6. #5
    Up-to-date  
    Geregistreerd
    21 November 2007
    Berichten
    46
    Bedankjes
    3
    Bedankt
    0 keer in 0 posts
    Oke dit is mijn resultaat
    Combofix logje :
    ComboFix 07-11-19.3 - rob 2007-11-22 18:17:55.1 - NTFSx86
    Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1043.18.763 [GMT 1:00]
    Gestart vanuit: C:\Documents and Settings\rob\Bureaublad\ComboFix.exe
    * Nieuw herstelpunt werd aangemaakt
    .

    (((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
    .

    C:\Documents and Settings\Gil\Menu Start\Programma's\Opstarten\ta_start.lnk
    C:\Documents and Settings\Gil\Menu Start\Programma's\Opstarten\think-adz.lnk
    C:\Program Files\webhancer
    C:\setup.exe
    C:\WINDOWS\system32\nsa13C3.dll
    C:\WINDOWS\system32\nsw61.dll
    C:\WINDOWS\system32\nsy97B.dll

    .
    ((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))

    .
    -------\LEGACY_FMTR


    (((((((((((((((((((( Bestanden Gemaakt van 2007-10-22 to 2007-11-22 ))))))))))))))))))))))))))))))
    .

    2007-11-22 17:31 <DIR> d-------- C:\RVAXO
    2007-11-22 17:19 457,493 --a------ C:\WINDOWS\system32\RVAXO.bat
    2007-11-22 17:19 69,632 --a------ C:\WINDOWS\system32\remove.exe
    2007-11-21 18:31 <DIR> d-------- C:\Program Files\Trend Micro
    2007-11-21 10:01 <DIR> dr-h----- C:\Documents and Settings\rob\Onlangs geopend
    2007-11-20 18:39 <DIR> d-------- C:\Documents and Settings\rob\Application Data\RegistrySmart
    2007-11-20 16:51 <DIR> d-------- C:\Program Files\PcMedik
    2007-11-18 14:01 2,560 --a------ C:\WINDOWS\system32\drivers\mchInjDrv.sys
    2007-11-18 12:57 <DIR> dr------- C:\Documents and Settings\All Users\Application Data\dokterfix
    2007-11-17 19:00 <DIR> d-------- C:\Program Files\LimeWire
    2007-11-16 17:43 <DIR> d--hs---- C:\UGA6PM
    2007-11-16 17:43 <DIR> d-------- C:\Documents and Settings\rob\Application Data\AntiVirusScherm
    2007-11-16 17:42 <DIR> d-------- C:\Program Files\Common Files\AntiVirusScherm
    2007-11-16 17:42 <DIR> d-------- C:\Program Files\AntiVirusScherm
    2007-11-16 17:42 24,064 --a------ C:\WINDOWS\system32\msxml3a.dll
    2007-11-16 16:54 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Banner Maker Pro 7
    2007-11-12 17:16 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\IJJIGame
    2007-11-11 20:26 1,156 --a------ C:\WINDOWS\mozver.dat
    2007-11-11 20:22 0 --a------ C:\WINDOWS\nsreg.dat
    2007-11-11 09:22 <DIR> d-------- C:\Game Recordings
    2007-11-05 17:30 <DIR> d-------- C:\Program Files\Common Files\Blizzard Entertainment
    2007-10-29 16:20 <DIR> d-------- C:\Documents and Settings\NetworkService\Application Data\Webroot
    2007-10-28 11:56 <DIR> d-------- C:\Program Files\MSBuild
    2007-10-28 11:52 <DIR> d-------- C:\WINDOWS\system32\XPSViewer
    2007-10-28 11:50 <DIR> d-------- C:\Program Files\Reference Assemblies
    2007-10-28 11:49 14,048 --------- C:\WINDOWS\system32\spmsg2.dll
    2007-10-28 11:32 <DIR> d-------- C:\Program Files\MSXML 6.0
    2007-10-28 08:30 5,329 --a------ C:\WINDOWS\system32\jupdate-1.6.0_03-b05.log

    .
    ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))) ))
    .
    2007-11-22 17:13 --------- d-----w C:\Documents and Settings\rob\Application Data\uTorrent
    2007-11-22 17:08 --------- d-----w C:\Documents and Settings\rob\Application Data\Xfire
    2007-11-22 16:08 --------- d-----w C:\Documents and Settings\rob\Application Data\AVG7
    2007-11-21 17:23 --------- d-----w C:\Documents and Settings\rob\Application Data\RegClean
    2007-11-21 14:45 --------- d-----w C:\Program Files\Lavasoft
    2007-11-21 11:00 --------- d-----w C:\Program Files\Hitman Pro
    2007-11-21 10:53 --------- d-----w C:\Program Files\Spyware Doctor
    2007-11-21 09:36 --------- d-----w C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
    2007-11-21 06:06 --------- d-s---w C:\Program Files\Xfire
    2007-11-20 18:24 --------- d-----w C:\Documents and Settings\All Users\Application Data\Prevx
    2007-11-20 17:14 --------- d-----w C:\Documents and Settings\rob\Application Data\Lavasoft
    2007-11-18 11:37 --------- d---a-w C:\Documents and Settings\All Users\Application Data\TEMP
    2007-11-17 18:02 --------- d-----w C:\Documents and Settings\rob\Application Data\LimeWire
    2007-11-17 18:00 --------- d-----w C:\Documents and Settings\rob\Application Data\BitTorrent
    2007-11-13 15:12 --------- d--h--w C:\Documents and Settings\rob\Application Data\ijjigame
    2007-11-11 08:14 --------- d-----w C:\Documents and Settings\Gil\Application Data\AVG7
    2007-11-10 11:46 --------- d-----w C:\Program Files\Windows Live Safety Center
    2007-11-07 18:14 --------- d-----w C:\Program Files\Sony
    2007-11-07 18:14 --------- d-----w C:\Documents and Settings\All Users\Application Data\Sony
    2007-10-28 10:43 --------- d-----w C:\Documents and Settings\rob\Application Data\Sony Setup
    2007-10-28 10:33 --------- d-----w C:\Program Files\Microsoft.NET
    2007-10-28 10:33 --------- d-----w C:\Program Files\Microsoft SQL Server
    2007-10-28 10:27 --------- d-----w C:\Program Files\Sony Setup
    2007-10-28 07:31 --------- d-----w C:\Program Files\Java
    2007-10-15 16:49 --------- d-----w C:\Documents and Settings\rob\Application Data\teamspeak2
    2007-10-14 13:52 --------- d-----w C:\Documents and Settings\Gast\Application Data\RegClean
    2007-10-14 13:52 --------- d-----w C:\Documents and Settings\Gast\Application Data\AVG7
    2007-10-13 15:29 --------- d-----w C:\Program Files\Common Files\Adobe Systems Shared
    2007-10-13 15:29 --------- d-----w C:\Program Files\Common Files\Adobe
    2007-10-13 15:29 --------- d-----w C:\Documents and Settings\All Users\Application Data\Adobe Systems
    2007-10-13 12:05 --------- d-----w C:\Program Files\uTorrent
    2007-10-13 11:54 --------- d-----w C:\Program Files\PSCS2
    2007-10-13 11:49 --------- d--h--w C:\Program Files\InstallShield Installation Information
    2007-10-13 11:49 --------- d-----w C:\Documents and Settings\rob\Application Data\AdobeUM
    2007-10-13 11:49 --------- d-----w C:\Documents and Settings\rob\Application Data\AdobeAUM
    2007-10-07 12:26 --------- d-----w C:\Program Files\Teamspeak2_RC2
    2007-10-02 17:44 242 ----a-w C:\WINDOWS\Fonts\Necropsy.txt
    2007-10-01 09:16 --------- d-----w C:\Program Files\SpywareBlaster
    2007-09-30 10:42 --------- d-----w C:\Program Files\Google
    2007-09-22 20:25 --------- d-----w C:\Documents and Settings\Gil\Application Data\LimeWire
    2007-09-22 17:04 --------- d-----w C:\Documents and Settings\Gil\Application Data\Xfire
    .

    ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))) )
    .
    .
    *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Run]
    "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 09:03]
    "swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNo tifier.exe" [2007-06-16 13:02]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run]
    "HP Software Update"="C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" [2004-09-13 14:49]
    "AVG7_CC"="C:\PROGRA~1\Grisoft\AVG7\avgcc.exe" [2007-10-28 08:24]
    "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 01:11]
    "NvCplDaemon"="RUNDLL32.exe" [2004-08-04 09:03 C:\WINDOWS\system32\rundll32.exe]
    "NvMediaCenter"="RUNDLL32.exe" [2004-08-04 09:03 C:\WINDOWS\system32\rundll32.exe]
    "H/PC Connection Agent"="C:\Program Files\Windows CE Services\DCCMAN.EXE" [1998-09-16 21:40]
    "RegClean"="C:\Program Files\RegClean\RegClean.exe" [2007-08-15 22:50]

    [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\Cur rentVersion\Run]
    "CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [2004-08-04 09:03]
    "AVG7_Run"="C:\PROGRA~1\Grisoft\AVG7\avgw.exe" [2007-10-28 08:25]

    C:\Documents and Settings\rob\Menu Start\Programma's\Opstarten\
    Xfire.lnk - C:\Program Files\Xfire\xfire.exe [2007-11-15 02:00:40]

    C:\Documents and Settings\All Users\Menu Start\Programma's\Opstarten\
    2Mega Camera Manager Monitor.lnk - C:\Program Files\MD40323\ICON.EXE [2005-10-04 08:43:53]
    HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [2004-11-04 18:28:24]
    IEEE 802.11g USB Wireless LAN Utility.lnk - C:\Program Files\IEEE 802.11g USB Wireless LAN\IEEE 802.11g USB Wireless LAN\WlanUtil.exe [2004-06-20 09:41:04]
    Snelstart HP Image Zone.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe [2004-11-04 18:50:52]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\policies\explorer]
    "NoResolveSearch"= 1 (0x1)

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\SafeBoot\Minimal\sdauxservice]
    @=""

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\SafeBoot\Minimal\sdcoreservice]
    @=""

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Acrobat Assistant.lnk]
    path=C:\Documents and Settings\All Users\Menu Start\Programma's\Opstarten\Acrobat Assistant.lnk
    backup=C:\WINDOWS\pss\Acrobat Assistant.lnkCommon Startup

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Adobe Reader Speed Launch.lnk]
    path=C:\Documents and Settings\All Users\Menu Start\Programma's\Opstarten\Adobe Reader Speed Launch.lnk
    backup=C:\WINDOWS\pss\Adobe Reader Speed Launch.lnkCommon Startup

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Digital Image Monitor.lnk]
    path=C:\Documents and Settings\All Users\Menu Start\Programma's\Opstarten\Digital Image Monitor.lnk
    backup=C:\WINDOWS\pss\Digital Image Monitor.lnkCommon Startup

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Lotus Organizer EasyClip.lnk]
    path=C:\Documents and Settings\All Users\Menu Start\Programma's\Opstarten\Lotus Organizer EasyClip.lnk
    backup=C:\WINDOWS\pss\Lotus Organizer EasyClip.lnkCommon Startup

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Lotus QuickStart.lnk]
    path=C:\Documents and Settings\All Users\Menu Start\Programma's\Opstarten\Lotus QuickStart.lnk
    backup=C:\WINDOWS\pss\Lotus QuickStart.lnkCommon Startup

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Lotus SmartCenter.lnk]
    path=C:\Documents and Settings\All Users\Menu Start\Programma's\Opstarten\Lotus SmartCenter.lnk
    backup=C:\WINDOWS\pss\Lotus SmartCenter.lnkCommon Startup

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Lotus SuiteStart.lnk]
    path=C:\Documents and Settings\All Users\Menu Start\Programma's\Opstarten\Lotus SuiteStart.lnk
    backup=C:\WINDOWS\pss\Lotus SuiteStart.lnkCommon Startup

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Microsoft Office.lnk]
    path=C:\Documents and Settings\All Users\Menu Start\Programma's\Opstarten\Microsoft Office.lnk
    backup=C:\WINDOWS\pss\Microsoft Office.lnkCommon Startup

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^WinZip Quick Pick.lnk]
    path=C:\Documents and Settings\All Users\Menu Start\Programma's\Opstarten\WinZip Quick Pick.lnk
    backup=C:\WINDOWS\pss\WinZip Quick Pick.lnkCommon Startup

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^rob^Menu Start^Programma's^Opstarten^SpywareGuard.lnk]
    path=C:\Documents and Settings\rob\Menu Start\Programma's\Opstarten\SpywareGuard.lnk
    backup=C:\WINDOWS\pss\SpywareGuard.lnkStartup

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^rob^Menu Start^Programma's^Opstarten^Xfire.lnk]
    path=C:\Documents and Settings\rob\Menu Start\Programma's\Opstarten\Xfire.lnk
    backup=C:\WINDOWS\pss\Xfire.lnkStartup

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BitTorrent]
    C:\Program Files\BitTorrent\bittorrent.exe --force_start_minimized

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CLSID]
    C:\WINDOWS\System32\dll.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Free Download Manager]
    C:\Program Files\Free Download Manager\fdm.exe -autorun

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
    RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
    C:\Program Files\QuickTime\qttask.exe -atboottime

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpyBlocs]
    C:\Program Files\SpyBlocs\SpyBlocs.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VoipBuster]
    C:\Program Files\VoipBuster.com\VoipBuster\VoipBuster.exe -nosplash -minimized

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VoipCheapCom]
    C:\Program Files\VoipCheapCom\VoipCheapCom.exe -nosplash -minimized

    R1 mchInjDrv;madCodeHook DLL injection driver;\??\C:\WINDOWS\system32\Drivers\mchInjDrv.s ys
    R2 LogWatch;Event Log Watch;C:\Program Files\CA\SharedComponents\CA_LIC\LogWatNT.exe
    R2 SQLWriter;SQL Server VSS Writer;"C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe"
    R3 Intels51;Creatix V.9X DSP Data Fax Modem;C:\WINDOWS\system32\DRIVERS\ctxs51.sys
    R3 ZDPNDIS5;ZDPNDIS5 NDIS Protocol Driver;\??\C:\WINDOWS\System32\ZDPNDIS5.SYS
    S3 CA_LIC_CLNT;CA License Client;C:\Program Files\CA\SharedComponents\CA_LIC\lic98rmt.exe
    S3 CA_LIC_SRVR;CA License Server;C:\Program Files\CA\SharedComponents\CA_LIC\lic98rmtd.exe
    S3 Ca100v;2Mega Camera, WDM Video Capture;C:\WINDOWS\system32\Drivers\Ca100v.sys
    S3 MSSQL$SONY_MEDIAMGR2;SQL Server (SONY_MEDIAMGR2);"C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe" -sSONY_MEDIAMGR2
    S3 USBCamera;DSC Still Image Capture (CA100);C:\WINDOWS\system32\Drivers\Bulk100.sys
    S3 v800bus;Sony Ericsson V800-Vodafone 802SE driver (WDM);C:\WINDOWS\system32\DRIVERS\v800bus.sys
    S3 v800mdfl;Sony Ericsson V800-Vodafone 802SE USB WMC Modem Filter;C:\WINDOWS\system32\DRIVERS\v800mdfl.sys
    S3 v800mdm;Sony Ericsson V800-Vodafone 802SE USB WMC Modem Driver;C:\WINDOWS\system32\DRIVERS\v800mdm.sys
    S3 v800mgmt;Sony Ericsson V800-Vodafone 802SE USB WMC Device Management Drivers (WDM);C:\WINDOWS\system32\DRIVERS\v800mgmt.sys
    S3 v800obex;Sony Ericsson V800-Vodafone 802SE USB WMC OBEX Interface;C:\WINDOWS\system32\DRIVERS\v800obex.sys

    .
    Inhoud van de 'Gedeelde Taken' map
    "2007-11-22 17:29:08 C:\WINDOWS\Tasks\RegClean Scheduled Scan.job"
    - C:\Program Files\RegClean\RegClean.exe
    "2007-11-20 17:40:11 C:\WINDOWS\Tasks\RegistrySmart Scheduled Scan.job"
    - C:\Program Files\RegistrySmart\RegistrySmart.exe
    - C:\Program Files\RegistrySmart
    .
    ************************************************** ************************

    catchme 0.3.1262 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2007-11-22 18:29:26
    Windows 5.1.2600 Service Pack 2 NTFS

    scannen van verborgen processen ...

    scannen van verborgen autostart items ...

    scannen van verborgen bestanden ...

    Scan succesvol afgerond
    verborgen bestanden: 0

    ************************************************** ************************
    .
    Voltooingstijd: 2007-11-22 18:32:58 - machine was rebooted
    .
    --- E O F ---






    En mn hijackthis logje :
    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 18:36:55, on 22-11-2007
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16544)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\csrss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
    C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
    C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
    C:\Program Files\CA\SharedComponents\CA_LIC\LogWatNT.exe
    C:\WINDOWS\system32\nvsvc32.exe
    C:\WINDOWS\system32\HPZipm12.exe
    C:\Program Files\Spyware Doctor\svcntaux.exe
    C:\Program Files\Spyware Doctor\swdsvc.exe
    C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
    C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
    C:\WINDOWS\System32\alg.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
    C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
    C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\RUNDLL32.EXE
    C:\Program Files\Windows CE Services\DCCMAN.EXE
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNo tifier.exe
    C:\Program Files\MD40323\ICON.EXE
    C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    C:\Program Files\IEEE 802.11g USB Wireless LAN\IEEE 802.11g USB Wireless LAN\WlanUtil.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe
    C:\WINDOWS\system32\msiexec.exe
    C:\WINDOWS\system32\notepad.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
    C:\WINDOWS\System32\wbem\wmiprvse.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://gunz.ijji.com/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.medion.com/nl/
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\sw g.dll
    O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar5.dll
    O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd2.exe"
    O4 - HKLM\..\Run: [AVG7_CC] "C:\PROGRA~1\Grisoft\AVG7\avgcc.exe" /STARTUP
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [H/PC Connection Agent] "C:\Program Files\Windows CE Services\DCCMAN.EXE"
    O4 - HKLM\..\Run: [RegClean] "C:\Program Files\RegClean\RegClean.exe" -boot
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNo tifier.exe
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Lokale service')
    O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'Lokale service')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Netwerkservice')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
    O4 - Startup: Xfire.lnk = C:\Program Files\Xfire\xfire.exe
    O4 - Global Startup: 2Mega Camera Manager Monitor.lnk = ?
    O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    O4 - Global Startup: IEEE 802.11g USB Wireless LAN Utility.lnk = C:\Program Files\IEEE 802.11g USB Wireless LAN\IEEE 802.11g USB Wireless LAN\WlanUtil.exe
    O4 - Global Startup: Snelstart HP Image Zone.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\WINDOWS\System32\shdocvw.dll
    O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O14 - IERESET.INF: START_PAGE_URL=http://www.medion.com/nl/
    O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/S...in/AvSniff.cab
    O16 - DPF: {5F5F9FB8-878E-4455-95E0-F64B2314288A} (ijjiPlugin2 Class) - http://gamedownload.ijjimax.com/game...lugin11USA.cab
    O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/S.../bin/cabsa.cab
    O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsof...?1127411100421
    O16 - DPF: {8714912E-380D-11D5-B8AA-00D0B78F3D48} (Yahoo! Webcam Upload Wrapper) - http://chat.yahoo.com/cab/yuplapp.cab
    O16 - DPF: {AA07EBD2-EBDD-4BD6-9F8F-114BD513492C} (NeffyLauncherCtl Class) - http://disteng.nefficient.com/disten...fyLauncher.cab
    O16 - DPF: {CD995117-98E5-4169-9920-6C12D4C0B548} - http://gamedownload.ijjimax.com/game...Plugin9USA.cab
    O16 - DPF: {DD583921-A9E9-4FBF-9266-8DC2AB5EA0AF} - http://gamedownload.ijjimax.com/game...lugin10USA.cab
    O16 - DPF: {E8F628B5-259A-4734-97EE-BA914D7BE941} (Driver Agent ActiveX Control) - http://driveragent.com/files/driveragent.cab
    O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
    O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
    O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
    O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
    O23 - Service: CA License Client (CA_LIC_CLNT) - Computer Associates - C:\Program Files\CA\SharedComponents\CA_LIC\lic98rmt.exe
    O23 - Service: CA License Server (CA_LIC_SRVR) - Computer Associates - C:\Program Files\CA\SharedComponents\CA_LIC\lic98rmtd.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: Event Log Watch (LogWatch) - Computer Associates - C:\Program Files\CA\SharedComponents\CA_LIC\LogWatNT.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
    O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
    O23 - Service: Spyware Doctor Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\svcntaux.exe
    O23 - Service: Spyware Doctor Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\swdsvc.exe
    O23 - Service: Webroot Spy Sweeper Engine (WebrootSpySweeperService) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe

    --
    End of file - 8750 bytes

  7. #6
    Erelid   Juisterr's schermafbeelding
    Geregistreerd
    31 July 2006
    Locatie
    kotje aan de kust
    Berichten
    3.653
    Bedankjes
    1.008
    Bedankt
    2.268 keer in 1.411 posts
    Open Kladblok, kopiëer en plak het volgende (vetgedrukte, blauwe tekst) in een leeg venster:

    • File::
      C:\WINDOWS\System32\dll.exe

      Registry::
      [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CLSID]



    Sla dit op op je Bureaublad als CFScript.txt.

    Sleep CFScript.txt in ComboFix.exe zoals getoond in onderstaand voorbeeld :



    Dit zal ComboFix doen herstarten.

    Na het herstarten van je computer, (indien het vraagt om te herstarten), kopieer en plak de inhoud van Combofix.txt in je volgende antwoord.
    "
    "

  8. #7
    Up-to-date  
    Geregistreerd
    21 November 2007
    Berichten
    46
    Bedankjes
    3
    Bedankt
    0 keer in 0 posts
    Combofix logje :
    ComboFix 07-11-19.3 - rob 2007-11-22 18:53:43.2 - NTFSx86
    Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1043.18.797 [GMT 1:00]
    Gestart vanuit: C:\Documents and Settings\rob\Bureaublad\ComboFix.exe
    Command switches used :: C:\Documents and Settings\rob\Bureaublad\CFScript.txt
    * Nieuw herstelpunt werd aangemaakt

    FILE
    C:\WINDOWS\System32\dll.exe
    .

    (((((((((((((((((((( Bestanden Gemaakt van 2007-10-22 to 2007-11-22 ))))))))))))))))))))))))))))))
    .

    2007-11-22 17:31 <DIR> d-------- C:\RVAXO
    2007-11-22 17:19 457,493 --a------ C:\WINDOWS\system32\RVAXO.bat
    2007-11-22 17:19 69,632 --a------ C:\WINDOWS\system32\remove.exe
    2007-11-21 18:31 <DIR> d-------- C:\Program Files\Trend Micro
    2007-11-21 10:01 <DIR> dr-h----- C:\Documents and Settings\rob\Onlangs geopend
    2007-11-20 18:39 <DIR> d-------- C:\Documents and Settings\rob\Application Data\RegistrySmart
    2007-11-20 16:51 <DIR> d-------- C:\Program Files\PcMedik
    2007-11-18 14:01 2,560 --a------ C:\WINDOWS\system32\drivers\mchInjDrv.sys
    2007-11-18 12:57 <DIR> dr------- C:\Documents and Settings\All Users\Application Data\dokterfix
    2007-11-17 19:00 <DIR> d-------- C:\Program Files\LimeWire
    2007-11-16 17:43 <DIR> d--hs---- C:\UGA6PM
    2007-11-16 17:43 <DIR> d-------- C:\Documents and Settings\rob\Application Data\AntiVirusScherm
    2007-11-16 17:42 <DIR> d-------- C:\Program Files\Common Files\AntiVirusScherm
    2007-11-16 17:42 <DIR> d-------- C:\Program Files\AntiVirusScherm
    2007-11-16 17:42 24,064 --a------ C:\WINDOWS\system32\msxml3a.dll
    2007-11-16 16:54 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Banner Maker Pro 7
    2007-11-12 17:16 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\IJJIGame
    2007-11-11 20:26 1,156 --a------ C:\WINDOWS\mozver.dat
    2007-11-11 20:22 0 --a------ C:\WINDOWS\nsreg.dat
    2007-11-11 09:22 <DIR> d-------- C:\Game Recordings
    2007-11-05 17:30 <DIR> d-------- C:\Program Files\Common Files\Blizzard Entertainment
    2007-10-29 16:20 <DIR> d-------- C:\Documents and Settings\NetworkService\Application Data\Webroot
    2007-10-28 11:56 <DIR> d-------- C:\Program Files\MSBuild
    2007-10-28 11:52 <DIR> d-------- C:\WINDOWS\system32\XPSViewer
    2007-10-28 11:50 <DIR> d-------- C:\Program Files\Reference Assemblies
    2007-10-28 11:49 14,048 --------- C:\WINDOWS\system32\spmsg2.dll
    2007-10-28 11:32 <DIR> d-------- C:\Program Files\MSXML 6.0
    2007-10-28 08:30 5,329 --a------ C:\WINDOWS\system32\jupdate-1.6.0_03-b05.log

    .
    ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))) ))
    .
    2007-11-22 17:31 --------- d-----w C:\Documents and Settings\rob\Application Data\Xfire
    2007-11-22 17:13 --------- d-----w C:\Documents and Settings\rob\Application Data\uTorrent
    2007-11-22 16:08 --------- d-----w C:\Documents and Settings\rob\Application Data\AVG7
    2007-11-21 17:23 --------- d-----w C:\Documents and Settings\rob\Application Data\RegClean
    2007-11-21 14:45 --------- d-----w C:\Program Files\Lavasoft
    2007-11-21 11:00 --------- d-----w C:\Program Files\Hitman Pro
    2007-11-21 10:53 --------- d-----w C:\Program Files\Spyware Doctor
    2007-11-21 09:36 --------- d-----w C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
    2007-11-21 06:06 --------- d-s---w C:\Program Files\Xfire
    2007-11-20 18:24 --------- d-----w C:\Documents and Settings\All Users\Application Data\Prevx
    2007-11-20 17:14 --------- d-----w C:\Documents and Settings\rob\Application Data\Lavasoft
    2007-11-18 11:37 --------- d---a-w C:\Documents and Settings\All Users\Application Data\TEMP
    2007-11-17 18:02 --------- d-----w C:\Documents and Settings\rob\Application Data\LimeWire
    2007-11-17 18:00 --------- d-----w C:\Documents and Settings\rob\Application Data\BitTorrent
    2007-11-13 15:12 --------- d--h--w C:\Documents and Settings\rob\Application Data\ijjigame
    2007-11-11 08:14 --------- d-----w C:\Documents and Settings\Gil\Application Data\AVG7
    2007-11-10 11:46 --------- d-----w C:\Program Files\Windows Live Safety Center
    2007-11-07 18:14 --------- d-----w C:\Program Files\Sony
    2007-11-07 18:14 --------- d-----w C:\Documents and Settings\All Users\Application Data\Sony
    2007-10-28 10:43 --------- d-----w C:\Documents and Settings\rob\Application Data\Sony Setup
    2007-10-28 10:33 --------- d-----w C:\Program Files\Microsoft.NET
    2007-10-28 10:33 --------- d-----w C:\Program Files\Microsoft SQL Server
    2007-10-28 10:27 --------- d-----w C:\Program Files\Sony Setup
    2007-10-28 07:31 --------- d-----w C:\Program Files\Java
    2007-10-15 16:49 --------- d-----w C:\Documents and Settings\rob\Application Data\teamspeak2
    2007-10-14 13:52 --------- d-----w C:\Documents and Settings\Gast\Application Data\RegClean
    2007-10-14 13:52 --------- d-----w C:\Documents and Settings\Gast\Application Data\AVG7
    2007-10-13 15:29 --------- d-----w C:\Program Files\Common Files\Adobe Systems Shared
    2007-10-13 15:29 --------- d-----w C:\Program Files\Common Files\Adobe
    2007-10-13 15:29 --------- d-----w C:\Documents and Settings\All Users\Application Data\Adobe Systems
    2007-10-13 12:05 --------- d-----w C:\Program Files\uTorrent
    2007-10-13 11:54 --------- d-----w C:\Program Files\PSCS2
    2007-10-13 11:49 --------- d--h--w C:\Program Files\InstallShield Installation Information
    2007-10-13 11:49 --------- d-----w C:\Documents and Settings\rob\Application Data\AdobeUM
    2007-10-13 11:49 --------- d-----w C:\Documents and Settings\rob\Application Data\AdobeAUM
    2007-10-07 12:26 --------- d-----w C:\Program Files\Teamspeak2_RC2
    2007-10-02 17:44 242 ----a-w C:\WINDOWS\Fonts\Necropsy.txt
    2007-10-01 09:16 --------- d-----w C:\Program Files\SpywareBlaster
    2007-09-30 10:42 --------- d-----w C:\Program Files\Google
    2007-09-22 20:25 --------- d-----w C:\Documents and Settings\Gil\Application Data\LimeWire
    2007-09-22 17:04 --------- d-----w C:\Documents and Settings\Gil\Application Data\Xfire
    1998-08-24 10:09 10,000 ----a-w C:\WINDOWS\inf\unregpn.exe
    .

    ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))) )
    .
    .
    *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Run]
    "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 09:03]
    "swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNo tifier.exe" [2007-06-16 13:02]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run]
    "HP Software Update"="C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" [2004-09-13 14:49]
    "AVG7_CC"="C:\PROGRA~1\Grisoft\AVG7\avgcc.exe" [2007-10-28 08:24]
    "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 01:11]
    "NvCplDaemon"="RUNDLL32.exe" [2004-08-04 09:03 C:\WINDOWS\system32\rundll32.exe]
    "NvMediaCenter"="RUNDLL32.exe" [2004-08-04 09:03 C:\WINDOWS\system32\rundll32.exe]
    "H/PC Connection Agent"="C:\Program Files\Windows CE Services\DCCMAN.EXE" [1998-09-16 21:40]
    "RegClean"="C:\Program Files\RegClean\RegClean.exe" [2007-08-15 22:50]
    "MSConfig"="C:\WINDOWS\PCHealth\HelpCtr\Binaries\M SConfig.exe" [2004-08-04 09:03]

    [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\Cur rentVersion\Run]
    "CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [2004-08-04 09:03]
    "AVG7_Run"="C:\PROGRA~1\Grisoft\AVG7\avgw.exe" [2007-10-28 08:25]

    C:\Documents and Settings\rob\Menu Start\Programma's\Opstarten\
    Xfire.lnk - C:\Program Files\Xfire\xfire.exe [2007-11-15 02:00:40]

    C:\Documents and Settings\All Users\Menu Start\Programma's\Opstarten\
    HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [2004-11-04 18:28:24]
    IEEE 802.11g USB Wireless LAN Utility.lnk - C:\Program Files\IEEE 802.11g USB Wireless LAN\IEEE 802.11g USB Wireless LAN\WlanUtil.exe [2004-06-20 09:41:04]
    Snelstart HP Image Zone.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe [2004-11-04 18:50:52]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\policies\explorer]
    "NoResolveSearch"= 1 (0x1)

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\SafeBoot\Minimal\sdauxservice]
    @=""

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\SafeBoot\Minimal\sdcoreservice]
    @=""

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^2Mega Camera Manager Monitor.lnk]
    path=C:\Documents and Settings\All Users\Menu Start\Programma's\Opstarten\2Mega Camera Manager Monitor.lnk
    backup=C:\WINDOWS\pss\2Mega Camera Manager Monitor.lnkCommon Startup

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Acrobat Assistant.lnk]
    path=C:\Documents and Settings\All Users\Menu Start\Programma's\Opstarten\Acrobat Assistant.lnk
    backup=C:\WINDOWS\pss\Acrobat Assistant.lnkCommon Startup

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Adobe Reader Speed Launch.lnk]
    path=C:\Documents and Settings\All Users\Menu Start\Programma's\Opstarten\Adobe Reader Speed Launch.lnk
    backup=C:\WINDOWS\pss\Adobe Reader Speed Launch.lnkCommon Startup

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Digital Image Monitor.lnk]
    path=C:\Documents and Settings\All Users\Menu Start\Programma's\Opstarten\Digital Image Monitor.lnk
    backup=C:\WINDOWS\pss\Digital Image Monitor.lnkCommon Startup

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Lotus Organizer EasyClip.lnk]
    path=C:\Documents and Settings\All Users\Menu Start\Programma's\Opstarten\Lotus Organizer EasyClip.lnk
    backup=C:\WINDOWS\pss\Lotus Organizer EasyClip.lnkCommon Startup

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Lotus QuickStart.lnk]
    path=C:\Documents and Settings\All Users\Menu Start\Programma's\Opstarten\Lotus QuickStart.lnk
    backup=C:\WINDOWS\pss\Lotus QuickStart.lnkCommon Startup

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Lotus SmartCenter.lnk]
    path=C:\Documents and Settings\All Users\Menu Start\Programma's\Opstarten\Lotus SmartCenter.lnk
    backup=C:\WINDOWS\pss\Lotus SmartCenter.lnkCommon Startup

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Lotus SuiteStart.lnk]
    path=C:\Documents and Settings\All Users\Menu Start\Programma's\Opstarten\Lotus SuiteStart.lnk
    backup=C:\WINDOWS\pss\Lotus SuiteStart.lnkCommon Startup

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Microsoft Office.lnk]
    path=C:\Documents and Settings\All Users\Menu Start\Programma's\Opstarten\Microsoft Office.lnk
    backup=C:\WINDOWS\pss\Microsoft Office.lnkCommon Startup

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^WinZip Quick Pick.lnk]
    path=C:\Documents and Settings\All Users\Menu Start\Programma's\Opstarten\WinZip Quick Pick.lnk
    backup=C:\WINDOWS\pss\WinZip Quick Pick.lnkCommon Startup

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^rob^Menu Start^Programma's^Opstarten^SpywareGuard.lnk]
    path=C:\Documents and Settings\rob\Menu Start\Programma's\Opstarten\SpywareGuard.lnk
    backup=C:\WINDOWS\pss\SpywareGuard.lnkStartup

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^rob^Menu Start^Programma's^Opstarten^Xfire.lnk]
    path=C:\Documents and Settings\rob\Menu Start\Programma's\Opstarten\Xfire.lnk
    backup=C:\WINDOWS\pss\Xfire.lnkStartup

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BitTorrent]
    C:\Program Files\BitTorrent\bittorrent.exe --force_start_minimized

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Free Download Manager]
    C:\Program Files\Free Download Manager\fdm.exe -autorun

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
    RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
    C:\Program Files\QuickTime\qttask.exe -atboottime

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpyBlocs]
    C:\Program Files\SpyBlocs\SpyBlocs.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VoipBuster]
    C:\Program Files\VoipBuster.com\VoipBuster\VoipBuster.exe -nosplash -minimized

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VoipCheapCom]
    C:\Program Files\VoipCheapCom\VoipCheapCom.exe -nosplash -minimized

    R1 mchInjDrv;madCodeHook DLL injection driver;\??\C:\WINDOWS\system32\Drivers\mchInjDrv.s ys
    R2 LogWatch;Event Log Watch;C:\Program Files\CA\SharedComponents\CA_LIC\LogWatNT.exe
    R2 SQLWriter;SQL Server VSS Writer;"C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe"
    R3 Intels51;Creatix V.9X DSP Data Fax Modem;C:\WINDOWS\system32\DRIVERS\ctxs51.sys
    R3 ZDPNDIS5;ZDPNDIS5 NDIS Protocol Driver;\??\C:\WINDOWS\System32\ZDPNDIS5.SYS
    S3 CA_LIC_CLNT;CA License Client;C:\Program Files\CA\SharedComponents\CA_LIC\lic98rmt.exe
    S3 CA_LIC_SRVR;CA License Server;C:\Program Files\CA\SharedComponents\CA_LIC\lic98rmtd.exe
    S3 Ca100v;2Mega Camera, WDM Video Capture;C:\WINDOWS\system32\Drivers\Ca100v.sys
    S3 MSSQL$SONY_MEDIAMGR2;SQL Server (SONY_MEDIAMGR2);"C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe" -sSONY_MEDIAMGR2
    S3 USBCamera;DSC Still Image Capture (CA100);C:\WINDOWS\system32\Drivers\Bulk100.sys
    S3 v800bus;Sony Ericsson V800-Vodafone 802SE driver (WDM);C:\WINDOWS\system32\DRIVERS\v800bus.sys
    S3 v800mdfl;Sony Ericsson V800-Vodafone 802SE USB WMC Modem Filter;C:\WINDOWS\system32\DRIVERS\v800mdfl.sys
    S3 v800mdm;Sony Ericsson V800-Vodafone 802SE USB WMC Modem Driver;C:\WINDOWS\system32\DRIVERS\v800mdm.sys
    S3 v800mgmt;Sony Ericsson V800-Vodafone 802SE USB WMC Device Management Drivers (WDM);C:\WINDOWS\system32\DRIVERS\v800mgmt.sys
    S3 v800obex;Sony Ericsson V800-Vodafone 802SE USB WMC OBEX Interface;C:\WINDOWS\system32\DRIVERS\v800obex.sys

    .
    Inhoud van de 'Gedeelde Taken' map
    "2007-11-22 17:29:08 C:\WINDOWS\Tasks\RegClean Scheduled Scan.job"
    - C:\Program Files\RegClean\RegClean.exe
    "2007-11-20 17:40:11 C:\WINDOWS\Tasks\RegistrySmart Scheduled Scan.job"
    - C:\Program Files\RegistrySmart\RegistrySmart.exe
    - C:\Program Files\RegistrySmart
    .
    ************************************************** ************************

    catchme 0.3.1262 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2007-11-22 18:56:24
    Windows 5.1.2600 Service Pack 2 NTFS

    scannen van verborgen processen ...

    scannen van verborgen autostart items ...

    scannen van verborgen bestanden ...

    Scan succesvol afgerond
    verborgen bestanden: 0

    ************************************************** ************************
    .
    Voltooingstijd: 2007-11-22 18:57:30
    C:\ComboFix2.txt ... 2007-11-22 18:32
    .
    --- E O F ---


    Geen hijackthis logje?

    Bedankt voor je hulp tot nu toe!

    Gilian

  9. #8
    Erelid   Juisterr's schermafbeelding
    Geregistreerd
    31 July 2006
    Locatie
    kotje aan de kust
    Berichten
    3.653
    Bedankjes
    1.008
    Bedankt
    2.268 keer in 1.411 posts
    geen logje tuurlijk wel aub.

    Graag een nieuw HJT logje en vertel even hoe het nu gaat aub.
    "
    "

  10. #9
    Up-to-date  
    Geregistreerd
    21 November 2007
    Berichten
    46
    Bedankjes
    3
    Bedankt
    0 keer in 0 posts
    Ok dit is het logje van hijacktthis :
    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 7:23:04, on 23-11-2007
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16544)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\csrss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
    C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
    C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
    C:\Program Files\CA\SharedComponents\CA_LIC\LogWatNT.exe
    C:\WINDOWS\system32\nvsvc32.exe
    C:\WINDOWS\system32\HPZipm12.exe
    C:\Program Files\Spyware Doctor\svcntaux.exe
    C:\Program Files\Spyware Doctor\swdsvc.exe
    C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
    C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
    C:\WINDOWS\System32\alg.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
    C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
    C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
    C:\Program Files\Windows CE Services\DCCMAN.EXE
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNo tifier.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    C:\Program Files\IEEE 802.11g USB Wireless LAN\IEEE 802.11g USB Wireless LAN\WlanUtil.exe
    C:\Program Files\Xfire\xfire.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\WINDOWS\system32\msiexec.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
    C:\WINDOWS\System32\wbem\wmiprvse.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://gunz.ijji.com/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.medion.com/nl/
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\sw g.dll
    O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar5.dll
    O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd2.exe"
    O4 - HKLM\..\Run: [AVG7_CC] "C:\PROGRA~1\Grisoft\AVG7\avgcc.exe" /STARTUP
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [H/PC Connection Agent] "C:\Program Files\Windows CE Services\DCCMAN.EXE"
    O4 - HKLM\..\Run: [RegClean] "C:\Program Files\RegClean\RegClean.exe" -boot
    O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNo tifier.exe
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Lokale service')
    O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'Lokale service')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Netwerkservice')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
    O4 - Startup: Xfire.lnk = C:\Program Files\Xfire\xfire.exe
    O4 - Global Startup: 2Mega Camera Manager Monitor.lnk = ?
    O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    O4 - Global Startup: IEEE 802.11g USB Wireless LAN Utility.lnk = C:\Program Files\IEEE 802.11g USB Wireless LAN\IEEE 802.11g USB Wireless LAN\WlanUtil.exe
    O4 - Global Startup: Snelstart HP Image Zone.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\WINDOWS\System32\shdocvw.dll
    O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O14 - IERESET.INF: START_PAGE_URL=http://www.medion.com/nl/
    O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/S...in/AvSniff.cab
    O16 - DPF: {5F5F9FB8-878E-4455-95E0-F64B2314288A} (ijjiPlugin2 Class) - http://gamedownload.ijjimax.com/game...lugin11USA.cab
    O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/S.../bin/cabsa.cab
    O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsof...?1127411100421
    O16 - DPF: {8714912E-380D-11D5-B8AA-00D0B78F3D48} (Yahoo! Webcam Upload Wrapper) - http://chat.yahoo.com/cab/yuplapp.cab
    O16 - DPF: {AA07EBD2-EBDD-4BD6-9F8F-114BD513492C} (NeffyLauncherCtl Class) - http://disteng.nefficient.com/disten...fyLauncher.cab
    O16 - DPF: {CD995117-98E5-4169-9920-6C12D4C0B548} - http://gamedownload.ijjimax.com/game...Plugin9USA.cab
    O16 - DPF: {DD583921-A9E9-4FBF-9266-8DC2AB5EA0AF} - http://gamedownload.ijjimax.com/game...lugin10USA.cab
    O16 - DPF: {E8F628B5-259A-4734-97EE-BA914D7BE941} (Driver Agent ActiveX Control) - http://driveragent.com/files/driveragent.cab
    O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
    O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
    O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
    O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
    O23 - Service: CA License Client (CA_LIC_CLNT) - Computer Associates - C:\Program Files\CA\SharedComponents\CA_LIC\lic98rmt.exe
    O23 - Service: CA License Server (CA_LIC_SRVR) - Computer Associates - C:\Program Files\CA\SharedComponents\CA_LIC\lic98rmtd.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: Event Log Watch (LogWatch) - Computer Associates - C:\Program Files\CA\SharedComponents\CA_LIC\LogWatNT.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
    O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
    O23 - Service: Spyware Doctor Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\svcntaux.exe
    O23 - Service: Spyware Doctor Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\swdsvc.exe
    O23 - Service: Webroot Spy Sweeper Engine (WebrootSpySweeperService) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe

    --
    End of file - 8800 bytes


    Het gaat nu wel goed ik krijg niet meer ad served by context tool aleen is m'n computer wel sloom met opstarte en dingen starten.

    MvG Gilian

  11. #10
    Erelid   Juisterr's schermafbeelding
    Geregistreerd
    31 July 2006
    Locatie
    kotje aan de kust
    Berichten
    3.653
    Bedankjes
    1.008
    Bedankt
    2.268 keer in 1.411 posts
    je logje ziet er toch schoon uit.

    wat is jouw virtueel geheugen ( 512 mb?)
    "
    "

Discussie informatie

Users Browsing this Thread

Momenteel bekijken 1 gebruikers deze discussie. (0 leden en 1 gasten)

Soortgelijke discussies

  1. ad served by context tool
    Door cowboy1 in forum Malware
    Reacties: 2
    Laatste bericht: 6 October 2007, 16:22
  2. Intel Thermal Analysis Tool
    Door Emile.H in forum Processoren, moederborden en geheugen
    Reacties: 2
    Laatste bericht: 7 August 2007, 15:59
  3. Hdd Tool ?
    Door teken in forum Opslagmedia
    Reacties: 12
    Laatste bericht: 7 December 2006, 03:43
  4. ATI-tool
    Door Nammy in forum Grafische kaarten & monitors
    Reacties: 7
    Laatste bericht: 21 August 2006, 22:22
  5. unlocker tool,
    Door siegy in forum Overige software
    Reacties: 3
    Laatste bericht: 26 July 2006, 22:09

Favorieten/bladwijzers

Favorieten/bladwijzers

Regels voor berichten

  • Je mag geen nieuwe discussies starten
  • Je mag niet reageren op berichten
  • Je mag geen bijlagen versturen
  • Je mag niet je berichten bewerken
  •