Heb al eens een logje gestuurd op 3 aug,maar nog geen reactie op gehad op aanraden van kokki die fout is opgelost maar zit met iets anders
Hallo,


ik heb volgende problemen met internet verbinding op het internet forum bij minatica,Kokki rade me aan om ook een hijacklogje te plaatsen wegens volgende problemen
Heb Windows Xp Home,geen draadloze verbinding,Telenet met modem
Heb al naar telenet gebeld maar modem blijkt ok
Als ik mijn pc opstart werkt alles normaal kan ik naar google met firefox,als ik surf naar andere site's blokkeert mijn internet,als ik firefox afsluit en terug open kom ik niet meer tot verbinding.Dan moet ik pc terug opstarten en is verbinding terug enige tijd ok
Als ik dan IE 7 probeer krijg ik ook geen verbinding
Heb wel enkele weken geleden foutmelding gekregen van host bij opstarten pc,maar dit was na enkele dagen gedaan
Moet ik eens een Hijackthis logje sturen ??

Op 4 aug is dit probleen opgelost door Kokki
Kokki, :good:

Ik heb winsockfix gedownload en laten draaien,mijn internet problemen zijn opgelost denk ik,voorlopig gaat alles goed.
Ik heb ook een hijackthislog geplaatst,maar daar heb ik nog geen antwoordt op gehad

Alvast bedankt :bow:

Trebor

12 aug 2007
Nu heb ik weer een ander probleem,als mijn internet browser niet actief is (firefox) spring dit van zelf op en krijg ik steeds rare site's die zich dan openen
BV:
http://ennkhalil.free.fr/phone/index.html
http://www.pourinfo.on.ma/
http://ennkhalil.free.fr/ccard.html
http://ennkhalil.free.fr/bccard.html
http://topinfo.c.la/

Daarom graag een Hijacktis logje ter nazicht aub
heb alles laten scannen met mijn programmas en alle laten verwijderen wat gevonden is

Logfile of HijackThis v1.99.1
Scan saved at 12:18:20, on 12/08/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16473)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Spyware Doctor\svcntaux.exe
C:\Program Files\Spyware Doctor\swdsvc.exe
C:\Program Files\NETGATE\Spy Emergency 2007\SpyEmergencySrv.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Spyware Doctor\SDTrayApp.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\Gmail Notifier\gnotify.exe
C:\Program Files\Telemeter 3.0\telemeter3.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
C:\PC-Checkup\PCCheckUp.exe
C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe
C:\Program Files\inKline Global\PC Booster\PCBooster.exe
C:\Program Files\IObit\Advanced WindowsCare V2 Pro\Awc.exe
C:\Windows\system32\isys32.exe
C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe
C:\Program Files\NETGATE\Spy Emergency 2007\SpyEmergency.exe
C:\Program Files\Microsoft Office\OFFICE11\OUTLOOK.EXE
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Microsoft Office\OFFICE11\EXCEL.EXE
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Documents and Settings\Hoofdgebruiker\Mijn documenten\Allerlei\programmas\Hijack This\hijackthis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.be
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\pchealth\helpctr\System\panels\blank.ht m
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [NvCplDaemon] "RUNDLL32.EXE" C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] "RUNDLL32.EXE" C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] "C:\Program Files\Google\Gmail Notifier\gnotify.exe"
O4 - HKLM\..\Run: [Telemeter 3.0] "C:\Program Files\Telemeter 3.0\telemeter3.exe"
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKLM\..\Run: [PC-Checkup] "C:\PC-Checkup\PCCheckUp.exe" -mini
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [OpwareSE4] "C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe"
O4 - HKLM\..\Run: [PC Booster] C:\Program Files\inKline Global\PC Booster\PCBooster.exe
O4 - HKLM\..\Run: [Advanced WindowsCare V2 Pro] "C:\Program Files\IObit\Advanced WindowsCare V2 Pro\Awc.exe" /startup
O4 - HKLM\..\Run: [SDTray] "C:\Program Files\Spyware Doctor\SDTrayApp.exe"
O4 - HKLM\..\Run: [MonAppli] C:\Windows\system32\isys32.exe
O4 - HKLM\..\RunServices: [Microsoft Update Application] npmggavmr.exe
O4 - HKCU\..\Run: [Gadwin PrintScreen 3.5] "C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe" /nosplash
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_9 -reboot 1
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\Run: [SpyEmergency] "C:\Program Files\NETGATE\Spy Emergency 2007\SpyEmergency.exe"
O4 - Global Startup: Adobe Reader Snelle start.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\npjpi160_02.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\npjpi160_02.dll
O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.6) - http://housecall65.trendmicro.com/housecall/applet/html/native/x86/win32/activex/hcImpl.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1184164824703
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1184164811531
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O20 - Winlogon Notify: awtsp - C:\WINDOWS\
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O20 - Winlogon Notify: WRNotifier - WRLogonNTF.dll (file missing)
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Spyware Doctor Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\svcntaux.exe
O23 - Service: Spyware Doctor Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\swdsvc.exe
O23 - Service: Spy Emergency Shield Service (SpyEmrgSrv) - NETGATE Technologies s.r.o. - C:\Program Files\NETGATE\Spy Emergency 2007\SpyEmergencySrv.exe
O23 - Service: TuneUp WinStyler Theme Service (TUWinStylerThemeSvc) - TuneUp Software GmbH - C:\Program Files\TuneUp WinStyler\WinStylerThemeSvc.exe

Hai,

We zullen eens wat uitproberen.

Uit het logje blijkt niets alarmerends.
Download: RemoveVideoActiveXObject.exe (http://home.hetnet.nl/~stefsmeenk/RemoveVideoActiveXObject.exe)
Sla het bestand op je bureaublad op, daarna dubbelklikken.
Mogelijk start de uninstaller van een rogue scanner op, sluit deze niet af maar laat deze zijn werk doen.

Daarna de PC herstarten en nogmaals RemoveVideoActiveXObject.exe dubbelklikken.
Post daarna het logje C:\RVAXO-results.log in je volgende bericht tesamen met een nieuw logje van HijackThis.

Juisterr,

RemoveVideoActiveXObject laten draaien zoals gevraagd
----------------RemoveVideoActiveXObject.exe first run-------------

Files found:

C:\WINDOWS\system32\pstwa.bak1

Uninstallers Rogue scanners:


Folders Found:


--------------RemoveVideoActiveXObject.exe last run---------------

Files found:


Uninstallers Rogue scanners:


Folders Found:

Hijackthis log
Logfile of HijackThis v1.99.1
Scan saved at 15:21:22, on 12/08/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16473)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Spyware Doctor\svcntaux.exe
C:\Program Files\Spyware Doctor\swdsvc.exe
C:\Program Files\NETGATE\Spy Emergency 2007\SpyEmergencySrv.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\Explorer.EXE
C:\Documents and Settings\Hoofdgebruiker\Application Data\Microsoft\spoolsv.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Google\Gmail Notifier\gnotify.exe
C:\Program Files\Telemeter 3.0\telemeter3.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
C:\PC-Checkup\PCCheckUp.exe
C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe
C:\Program Files\inKline Global\PC Booster\PCBooster.exe
C:\Program Files\IObit\Advanced WindowsCare V2 Pro\Awc.exe
C:\Program Files\Spyware Doctor\SDTrayApp.exe
C:\Windows\system32\isys32.exe
C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\NETGATE\Spy Emergency 2007\SpyEmergency.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Microsoft Office\OFFICE11\OUTLOOK.EXE
C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE
C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Documents and Settings\Hoofdgebruiker\Mijn documenten\Allerlei\programmas\Hijack This\hijackthis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.be
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\pchealth\helpctr\System\panels\blank.ht m
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [NvCplDaemon] "RUNDLL32.EXE" C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] "RUNDLL32.EXE" C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] "C:\Program Files\Google\Gmail Notifier\gnotify.exe"
O4 - HKLM\..\Run: [Telemeter 3.0] "C:\Program Files\Telemeter 3.0\telemeter3.exe"
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKLM\..\Run: [PC-Checkup] "C:\PC-Checkup\PCCheckUp.exe" -mini
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [OpwareSE4] "C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe"
O4 - HKLM\..\Run: [PC Booster] C:\Program Files\inKline Global\PC Booster\PCBooster.exe
O4 - HKLM\..\Run: [Advanced WindowsCare V2 Pro] "C:\Program Files\IObit\Advanced WindowsCare V2 Pro\Awc.exe" /startup
O4 - HKLM\..\Run: [SDTray] "C:\Program Files\Spyware Doctor\SDTrayApp.exe"
O4 - HKLM\..\Run: [MonAppli] C:\Windows\system32\isys32.exe
O4 - HKLM\..\RunServices: [Microsoft Update Application] npmggavmr.exe
O4 - HKCU\..\Run: [Gadwin PrintScreen 3.5] "C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe" /nosplash
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_9 -reboot 1
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\Run: [SpyEmergency] "C:\Program Files\NETGATE\Spy Emergency 2007\SpyEmergency.exe"
O4 - Global Startup: Adobe Reader Snelle start.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\npjpi160_02.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\npjpi160_02.dll
O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.6) - http://housecall65.trendmicro.com/housecall/applet/html/native/x86/win32/activex/hcImpl.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1184164824703
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1184164811531
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O20 - Winlogon Notify: awtsp - C:\WINDOWS\
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O20 - Winlogon Notify: WRNotifier - WRLogonNTF.dll (file missing)
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Spyware Doctor Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\svcntaux.exe
O23 - Service: Spyware Doctor Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\swdsvc.exe
O23 - Service: Spy Emergency Shield Service (SpyEmrgSrv) - NETGATE Technologies s.r.o. - C:\Program Files\NETGATE\Spy Emergency 2007\SpyEmergencySrv.exe
O23 - Service: TuneUp WinStyler Theme Service (TUWinStylerThemeSvc) - TuneUp Software GmbH - C:\Program Files\TuneUp WinStyler\WinStylerThemeSvc.exe

Trebor

Hmm,


Download combofix.exe: http://download.bleepingcomputer.com/sUBs/ComboFix.exe
Plaats het op je bureaublad.
Dubbelklik er op om het programma te starten.
In het scherm dat verschijnt tik je een 1 in om het cleaning- en analysesproces te laten uitvoeren.
Volg de instructies op het scherm.
Als het tooltje klaar is, opent er een logfile (combofix.txt).
Post de inhoud van dit bestandje samen met een nieuwe hijackthislog.

Juisterr,

Combofix laten draaien

ComboFix 07-08-09.3 - "Hoofdgebruiker" 2007-08-12 16:05:20.1 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.2.1252.31.1043.18.1241 [GMT 2:00]
* Created a new restore point


((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))


-------\LEGACY_MESPANGER
-------\Mespanger


((((((((((((((((((((((((( Files Created from 2007-07-12 to 2007-08-12 )))))))))))))))))))))))))))))))


2007-08-12 16:04 51,200 --a------ C:\WINDOWS\nircmd.exe
2007-08-12 15:10 69,632 --a------ C:\WINDOWS\system32\remove.exe
2007-08-10 16:40 76,560 --a------ C:\WINDOWS\system32\drivers\tmcomm.sys
2007-08-10 15:02 <DIR> dr-h----- C:\DOCUME~1\HOOFDG~1\Onlangs geopend
2007-08-08 14:50 0 --a------ C:\WINDOWS\system32\Ultra.dll
2007-08-08 14:42 <DIR> d-------- C:\Program Files\Bug Doctor
2007-08-08 14:33 <DIR> d-------- C:\Program Files\TechTracker
2007-08-08 14:33 <DIR> d-------- C:\DOCUME~1\HOOFDG~1\APPLIC~1\VersionTracker Pro
2007-08-08 13:28 <DIR> d-------- C:\DOCUME~1\HOOFDG~1\APPLIC~1\Simple Sudoku
2007-08-07 13:16 73,728 --a------ C:\WINDOWS\system32\drivers\SENTINEL.SYS
2007-08-07 13:16 49,664 --a------ C:\WINDOWS\system32\SNTI386.DLL
2007-08-04 16:32 83,024 --a------ C:\WINDOWS\system32\drivers\iksyssec.sys
2007-08-04 16:32 57,424 --a------ C:\WINDOWS\system32\drivers\iksysflt.sys
2007-08-04 16:32 53,840 --a------ C:\WINDOWS\system32\drivers\ikfilesec.sys
2007-08-04 16:32 39,376 --a------ C:\WINDOWS\system32\drivers\ikfileflt.sys
2007-08-04 16:32 29,264 --a------ C:\WINDOWS\system32\drivers\kcom.sys
2007-08-04 16:32 <DIR> d-------- C:\Program Files\Spyware Doctor
2007-08-04 10:52 186,880 --a------ C:\WINDOWS\comsysapp.pif
2007-08-03 17:55 194 --a------ C:\WINDOWS\system32\RBDELDRV.BAT
2007-08-01 18:55 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\NVIDIA
2007-07-29 17:07 14,528 --a------ C:\WINDOWS\system32\drivers\spyemrg_guard.sys
2007-07-29 17:07 14,016 --a------ C:\WINDOWS\system32\drivers\spyemrg.sys
2007-07-29 17:07 129,856 --a------ C:\WINDOWS\system32\SpyEmergencyCnt.dll
2007-07-29 17:07 <DIR> d-------- C:\Program Files\NETGATE
2007-07-29 17:07 <DIR> d-------- C:\DOCUME~1\HOOFDG~1\APPLIC~1\Spy Emergency
2007-07-29 17:07 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\NETGATE
2007-07-29 12:40 <DIR> d-------- C:\DOCUME~1\HOOFDG~1\APPLIC~1\SlySoft
2007-07-26 08:38 <DIR> d-------- C:\Program Files\FDRLab
2007-07-21 17:33 <DIR> d-------- C:\Program Files\CCleaner
2007-07-20 12:32 <DIR> dr------- C:\DOCUME~1\NETWOR~1\Favorieten
2007-07-18 15:08 1,379 --a------ C:\WINDOWS\system32\SpoonUninstall-dBpowerAMP WMA V9.1 Codec.dat
2007-07-18 15:06 3,365 --a------ C:\WINDOWS\system32\SpoonUninstall-dBpoweramp Windows Media Audio 10 Codec.dat
2007-07-18 14:26 <DIR> d-------- C:\Program Files\inKline Global
2007-07-18 14:11 <DIR> d-------- C:\Program Files\FLVPlayer
2007-07-18 13:50 <DIR> dr------- C:\DOCUME~1\LOCALS~1\Favorieten
2007-07-18 13:33 2,069 --a------ C:\WINDOWS\system32\SpoonUninstall-dBpowerAMP FLAC Codec.dat


(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))) ))

2007-08-12 16:07 --------- d-------- C:\DOCUME~1\HOOFDG~1\APPLIC~1\Azureus
2007-08-10 14:53 --------- d-------- C:\Program Files\SUPERAntiSpyware
2007-08-08 19:46 --------- d-------- C:\Program Files\TuneUp WinStyler
2007-08-08 14:54 --------- d-------- C:\Program Files\SpywareBlaster
2007-08-04 10:52 36604 --a------ C:\WINDOWS\system32\SpoonUninstall-dBpowerAMP Music Converter.dat
2007-08-04 10:52 131072 --a------ C:\WINDOWS\system32\SpoonUninstall.exe
2007-08-01 17:26 10841 --a------ C:\WINDOWS\system32\SpoonUninstall-dMC Power Pack.dat
2007-08-01 14:37 --------- d-------- C:\Program Files\IObit
2007-07-29 11:29 737280 --a------ C:\WINDOWS\iun6002.exe
2007-07-29 11:29 --------- d-------- C:\Program Files\FireTune
2007-07-28 00:07 783224 --a------ C:\WINDOWS\system32\aswBoot.exe
2007-07-28 00:02 94416 --a------ C:\WINDOWS\system32\drivers\aswmon2.sys
2007-07-28 00:02 92848 --a------ C:\WINDOWS\system32\drivers\aswmon.sys
2007-07-28 00:00 23152 --a------ C:\WINDOWS\system32\drivers\aswRdr.sys
2007-07-27 23:59 42912 --a------ C:\WINDOWS\system32\drivers\aswTdi.sys
2007-07-27 23:58 26624 --a------ C:\WINDOWS\system32\drivers\aavmker4.sys
2007-07-27 23:57 95608 --a------ C:\WINDOWS\system32\AVASTSS.scr
2007-07-18 14:26 --------- d--h----- C:\Program Files\InstallShield Installation Information
2007-07-15 14:25 1198 --a------ C:\WINDOWS\system32\SpoonUninstall-dBpowerAMP AAC Codec.dat
2007-07-11 16:48 82426 --a------ C:\WINDOWS\system32\perfc013.dat
2007-07-11 16:48 468882 --a------ C:\WINDOWS\system32\perfh013.dat
2007-07-11 13:26 --------- d-------- C:\DOCUME~1\HOOFDG~1\APPLIC~1\SUPERAntiSpyware.com
2007-07-11 13:25 --------- d-------- C:\Program Files\Common Files\Wise Installation Wizard
2007-07-08 14:57 --------- d-------- C:\DOCUME~1\HOOFDG~1\APPLIC~1\AdobeUM
2007-07-04 14:04 --------- d-------- C:\DOCUME~1\HOOFDG~1\APPLIC~1\TrojanHunter
2007-07-04 14:00 --------- d-------- C:\Program Files\Lavasoft
2007-07-03 17:14 --------- d-------- C:\DOCUME~1\HOOFDG~1\APPLIC~1\Lavasoft
2007-07-01 09:16 --------- d-------- C:\DOCUME~1\HOOFDG~1\APPLIC~1\LimeWire
2007-06-08 14:36 51 --a------ C:\WINDOWS\system32\cleartmp.cmd
2007-06-01 16:16 152064 --a------ C:\WINDOWS\system32\isys32.exe
2007-05-23 13:11 2154 --a------ C:\WINDOWS\system32\SpoonUninstall-dBpowerAMP Ogg Vorbis Codec.dat
2007-05-16 17:19 86528 --a--c--- C:\WINDOWS\system32\dllcache\directdb.dll
2007-05-16 17:19 85504 --a--c--- C:\WINDOWS\system32\dllcache\wabimp.dll
2007-05-16 17:19 683520 --a--c--- C:\WINDOWS\system32\dllcache\inetcomm.dll
2007-05-16 17:19 683520 --a------ C:\WINDOWS\system32\inetcomm.dll
2007-05-16 17:19 510976 --a--c--- C:\WINDOWS\system32\dllcache\wab32.dll
2007-05-16 17:19 1314816 --a--c--- C:\WINDOWS\system32\dllcache\msoe.dll
2007-05-06 15:44 64512 --ah----- C:\DOCUME~1\HOOFDG~1\APPLIC~1\dach100.dll
2007-03-18 15:29 87608 --a------ C:\DOCUME~1\HOOFDG~1\APPLIC~1\ezpinst.exe
2007-03-18 15:29 47360 --a------ C:\DOCUME~1\HOOFDG~1\APPLIC~1\pcouffin.sys
2006-12-21 18:48:32 56 --sh--r C:\WINDOWS\system32\9AFC748EF3.sys
2006-12-21 18:48:32 3,766 --sha-w C:\WINDOWS\system32\KGyGaAvL.sys
2006-03-02 12:00:00 125,347 --sh--r C:\WINDOWS\system32\npmggavmr.exe


((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))


*Note* empty entries & legit default entries are not shown

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run]
"RTHDCPL"="RTHDCPL.EXE" [2006-05-18 08:27 C:\WINDOWS\RTHDCPL.exe]
"SkyTel"="SkyTel.EXE" [2006-05-16 12:04 C:\WINDOWS\SkyTel.exe]
"NvCplDaemon"="RUNDLL32.exe" [2006-03-02 14:00 C:\WINDOWS\system32\rundll32.exe]
"NvMediaCenter"="RUNDLL32.exe" [2006-03-02 14:00 C:\WINDOWS\system32\rundll32.exe]
"{0228e555-4f9c-4e35-a3ec-b109a192b4c2}"="C:\Program Files\Google\Gmail Notifier\gnotify.exe" [2005-07-15 23:48]
"Telemeter 3.0"="C:\Program Files\Telemeter 3.0\telemeter3.exe" [2007-04-16 00:38]
"ISUSScheduler"="C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" [2005-02-16 16:15]
"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2007-07-28 00:03]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe" [2007-07-12 04:00]
"PC-Checkup"="C:\PC-Checkup\PCCheckUp.exe" [2007-03-05 19:45]
"SSBkgdUpdate"="C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2006-09-28 13:16]
"OpwareSE4"="C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe" [2006-10-11 12:45]
"PC Booster"="C:\Program Files\inKline Global\PC Booster\PCBooster.exe" [2006-07-12 14:59]
"Advanced WindowsCare V2 Pro"="C:\Program Files\IObit\Advanced WindowsCare V2 Pro\Awc.exe" [2006-12-24 12:55]
"SDTray"="C:\Program Files\Spyware Doctor\SDTrayApp.exe" [2007-06-27 13:54]
"MonAppli"="C:\Windows\system32\isys32.exe" [2007-06-01 16:16]
"ISUSPM Startup"="L:\PROGRA~1\ROXIOE~1\CD1~1\Common\INSTAL~1\UPDATE~ 1\ISUSPM.exe" [2004-07-27 17:50]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Run]
"Gadwin PrintScreen 3.5"="C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe" [2006-07-08 10:57]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2006-03-02 14:00]
"updateMgr"="C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" [2006-03-30 17:45]
"SUPERAntiSpyware"="C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2007-06-25 22:52]
"SpyEmergency"="C:\Program Files\NETGATE\Spy Emergency 2007\SpyEmergency.exe" [2007-06-18 17:30]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\runservices]
"Microsoft Update Application"=npmggavmr.exe

C:\Documents and Settings\All Users\Menu Start\Programma's\Opstarten\
Adobe Reader Snelle start.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-09-23 23:05:26]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\policies\explorer]
"LinkResolveIgnoreLinkInfo"=0 (0x0)
"NoResolveSearch"=1 (0x1)

[HKEY_CURRENT_USER\software\microsoft\windows\curre ntversion\policies\explorer]
"LinkResolveIgnoreLinkInfo"=0 (0x0)
"MaxRecentDocs"=0
"NoLowDiskSpaceChecks"=0
"NoInstrumentation"=0 (0x0)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2006-12-20 13:55 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
C:\Program Files\SUPERAntiSpyware\SASWINLO.dll 2007-04-19 13:41 294912 C:\Program Files\SUPERAntiSpyware\SASWINLO.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\awtsp]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\SafeBoot\Minimal\sdauxservice"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\SafeBoot\Minimal\sdcoreservice"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Adobe Reader Snelle start.lnk]
backup=C:\WINDOWS\pss\Adobe Reader Snelle start.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^hp psc 2000 Series.lnk]
backup=C:\WINDOWS\pss\hp psc 2000 Series.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^hpoddt01.exe.lnk]
backup=C:\WINDOWS\pss\hpoddt01.exe.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RoxioDragToDisc]
"L:\programmas\Roxio easy media creator 8\Cd 1\program files\Roxio\Easy Media Creator 8\Drag to Disc\DrgToDsc.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RoxWatchTray]
"L:\programmas\Roxio easy media creator 8\Cd 1\Common\Roxio Shared\SharedCOM8\RoxWatchTray.exe"

R1 IKFileFlt;File Filter Driver;C:\WINDOWS\system32\drivers\ikfileflt.sys
R1 IKFileSec;File Security Driver;C:\WINDOWS\system32\drivers\ikfilesec.sys
R1 IkSysFlt;System Filter Driver;C:\WINDOWS\system32\drivers\iksysflt.sys
R1 IKSysSec;System Security Driver;C:\WINDOWS\system32\drivers\iksyssec.sys
R1 SASDIFSV;SASDIFSV;\??\C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
R1 SASKUTIL;SASKUTIL;\??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys
R1 SpyEmrg;Spy Emergency Driver;C:\WINDOWS\system32\Drivers\spyemrg.sys
R2 NVKEYNT;NVKEYNT;\??\C:\WINDOWS\system32\DRIVERS\NV KEYNT.SYS
R3 ElbyCDFL;ElbyCDFL;C:\WINDOWS\system32\Drivers\Elby CDFL.sys
R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver;C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys
R3 SASENUM;SASENUM;\??\C:\Program Files\SUPERAntiSpyware\SASENUM.SYS
R3 SpyEmrgGuard;Spy Emergency Real-Time Shield Driver;C:\WINDOWS\system32\Drivers\spyemrg_guard.s ys
S3 Sntnlusb;Rainbow USB SuperPro;C:\WINDOWS\system32\DRIVERS\SNTNLUSB.SYS
S3 TUWinStylerThemeSvc;TuneUp WinStyler Theme Service;"C:\Program Files\TuneUp WinStyler\WinStylerThemeSvc.exe"


[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{6778F1EE-80BB-4F27-BC69-F91B843782CD}]
C:\Documents and Settings\Hoofdgebruiker\Application Data\Microsoft\cfgmgr.vbs

Contents of the 'Scheduled Tasks' folder
2007-08-10 14:30:01 C:\WINDOWS\Tasks\Advanced WindowsCare V2 Pro.job
2007-08-10 18:00:32 C:\WINDOWS\Tasks\AwcProUpdate.job

************************************************** ************************

catchme 0.3.1061 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-08-12 16:10:26
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden registry entries ...

[HKEY_CURRENT_USER\Software\Microsoft\Windows\Curre ntVersion\Shell Extensions\Approved\{7B79C13C-1796-6F4B-3C3C-8D649D381CD9}]
"dbelmahkmikdiifcjllhjapahbohofognbloojnf"=hex:69,61,6a,67,65,6c,68,70,68,6b,61,6a,6a,6f,65, 62,62,68,00,00
"cboldajpelnchhminohhmmohbbihgmbjihinpd"=hex:69,61,6a,67,65,6c,68,70,68,6b,61,6a,6a,6f,65, 62,62,68,00,00
"iaelmahkmikdiifcjl"=hex:61,61,00,00
"haoldajpelnchhmi"=hex:61,61,00,00
"iaaofnibjjkijidofc"=hex:61,61,00,00
"abaofophncbjpapklmcoginpidmccenlda"=hex:61,61,00,b2
"mapnanladnmbkncobndnponegp"=hex:61,61,00,b2
[HKEY_CURRENT_USER\Software\Microsoft\Windows\Curre ntVersion\Shell Extensions\Approved\{F96A51AF-5D56-1663-8384-7D64B078F8F8}]
"dbpfghoodhedmijnjjidpgffenoacoemcihainhg"=hex:69,61,6f,69,61,66,66,65,67,66,62,6d,70,70,6d, 65,6a,6d,00,00
"cbjhmkigomblgpmmbmejmifoimcbdppddpoogp"=hex:69,61,6f,69,61,66,66,65,67,66,62,6d,70,70,6d, 65,6a,6d,00,00
"iapfghoodhedmijnjj"=hex:61,61,00,00
"hajhmkigomblgpmm"=hex:61,61,00,00
"iadholbompmjmlpcek"=hex:61,61,00,00
"abdhoiiaoiijbngllgchjmnjadjcdgpbcp"=hex:69,61,62,68,61,68,6f,61,67,6a,6f,6b,6a,6e,67, 65,63,6c,00,00
"maehnimaacoecnpemlhdaghhbb"=hex:68,61,67,6a,63,67,6b,6b,6f,6d,6f,61,6e,61,61, 62,00,6c

scanning hidden files ...

scan completed successfully
hidden files: 0

************************************************** ************************

Completion time: 2007-08-12 16:11:59 - machine was rebooted
C:\ComboFix-quarantined-files.txt ... 2007-08-12 16:11

--- E O F ---

Hijackthislog

Logfile of HijackThis v1.99.1
Scan saved at 16:20:47, on 12/08/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16473)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Spyware Doctor\svcntaux.exe
C:\Program Files\Spyware Doctor\swdsvc.exe
C:\Program Files\NETGATE\Spy Emergency 2007\SpyEmergencySrv.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\Explorer.EXE
C:\Documents and Settings\Hoofdgebruiker\Application Data\Microsoft\spoolsv.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Google\Gmail Notifier\gnotify.exe
C:\Program Files\Telemeter 3.0\telemeter3.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
C:\PC-Checkup\PCCheckUp.exe
C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe
C:\Program Files\inKline Global\PC Booster\PCBooster.exe
C:\Program Files\IObit\Advanced WindowsCare V2 Pro\Awc.exe
C:\Program Files\Spyware Doctor\SDTrayApp.exe
C:\Windows\system32\isys32.exe
C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\NETGATE\Spy Emergency 2007\SpyEmergency.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Microsoft Office\OFFICE11\OUTLOOK.EXE
C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Hoofdgebruiker\Mijn documenten\Allerlei\programmas\Hijack This\hijackthis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.be
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\pchealth\helpctr\System\panels\blank.ht m
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [NvCplDaemon] "RUNDLL32.EXE" C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] "RUNDLL32.EXE" C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] "C:\Program Files\Google\Gmail Notifier\gnotify.exe"
O4 - HKLM\..\Run: [Telemeter 3.0] "C:\Program Files\Telemeter 3.0\telemeter3.exe"
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKLM\..\Run: [PC-Checkup] "C:\PC-Checkup\PCCheckUp.exe" -mini
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [OpwareSE4] "C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe"
O4 - HKLM\..\Run: [PC Booster] C:\Program Files\inKline Global\PC Booster\PCBooster.exe
O4 - HKLM\..\Run: [Advanced WindowsCare V2 Pro] "C:\Program Files\IObit\Advanced WindowsCare V2 Pro\Awc.exe" /startup
O4 - HKLM\..\Run: [SDTray] "C:\Program Files\Spyware Doctor\SDTrayApp.exe"
O4 - HKLM\..\Run: [MonAppli] C:\Windows\system32\isys32.exe
O4 - HKLM\..\Run: [ISUSPM Startup] L:\PROGRA~1\ROXIOE~1\CD1~1\Common\INSTAL~1\UPDATE~ 1\ISUSPM.exe -startup
O4 - HKLM\..\RunServices: [Microsoft Update Application] npmggavmr.exe
O4 - HKCU\..\Run: [Gadwin PrintScreen 3.5] "C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe" /nosplash
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_9 -reboot 1
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\Run: [SpyEmergency] "C:\Program Files\NETGATE\Spy Emergency 2007\SpyEmergency.exe"
O4 - Global Startup: Adobe Reader Snelle start.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\npjpi160_02.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\npjpi160_02.dll
O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.6) - http://housecall65.trendmicro.com/housecall/applet/html/native/x86/win32/activex/hcImpl.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1184164824703
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1184164811531
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O20 - Winlogon Notify: awtsp - C:\WINDOWS\
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O20 - Winlogon Notify: WRNotifier - WRLogonNTF.dll (file missing)
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Spyware Doctor Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\svcntaux.exe
O23 - Service: Spyware Doctor Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\swdsvc.exe
O23 - Service: Spy Emergency Shield Service (SpyEmrgSrv) - NETGATE Technologies s.r.o. - C:\Program Files\NETGATE\Spy Emergency 2007\SpyEmergencySrv.exe
O23 - Service: TuneUp WinStyler Theme Service (TUWinStylerThemeSvc) - TuneUp Software GmbH - C:\Program Files\TuneUp WinStyler\WinStylerThemeSvc.exe

Trebor

Start Hijackthis op en kies voor 'Do a system scan only'
Selecteer alleen de items die hieronder zijn genoemd:

O4 - HKLM\..\Run: [MonAppli] C:\Windows\system32\isys32.exe



Sluit alle vensters behalve Hijackthis
Klik op 'Fix checked' om de items te verwijderen.


Herstart de computer. (BELANGRIJK)

---------------------------------------------------------

Open de verkenner en verwijder het volgende bestand indien nog aanwezig:

C:\Windows\System32\isys32.exe


Ga naar Control Panel / Printers en check alle printers. Bij een daar van (waarschijnlijk de MS Office Printer) is de wachtrij vol. Deze moet je stuk voor stuk cancellen. Dan is het probleem voorbij.

Juisterr,

O4 - HKLM\..\Run: [MonAppli] C:\Windows\system32\isys32.exe verxijderd met hijackthis
C:\Windows\System32\**isys32.exe** verwijderd stond er nog
MS Office Printer wachtrij leeg gemmakt (stond niets in)
heb ook hp printer verwijderd,heb nu nieuwe printer cannon

Logfile of HijackThis v1.99.1
Scan saved at 16:49:07, on 12/08/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16473)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Spyware Doctor\svcntaux.exe
C:\Program Files\Spyware Doctor\swdsvc.exe
C:\Program Files\NETGATE\Spy Emergency 2007\SpyEmergencySrv.exe
C:\WINDOWS\Explorer.EXE
C:\Documents and Settings\Hoofdgebruiker\Application Data\Microsoft\spoolsv.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Google\Gmail Notifier\gnotify.exe
C:\Program Files\Telemeter 3.0\telemeter3.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
C:\PC-Checkup\PCCheckUp.exe
C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe
C:\Program Files\inKline Global\PC Booster\PCBooster.exe
C:\Program Files\IObit\Advanced WindowsCare V2 Pro\Awc.exe
C:\Program Files\Spyware Doctor\SDTrayApp.exe
C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\NETGATE\Spy Emergency 2007\SpyEmergency.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Microsoft Office\OFFICE11\OUTLOOK.EXE
C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE
C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
C:\Documents and Settings\Hoofdgebruiker\Mijn documenten\Allerlei\programmas\Hijack This\hijackthis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.be
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\pchealth\helpctr\System\panels\blank.ht m
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [NvCplDaemon] "RUNDLL32.EXE" C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] "RUNDLL32.EXE" C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] "C:\Program Files\Google\Gmail Notifier\gnotify.exe"
O4 - HKLM\..\Run: [Telemeter 3.0] "C:\Program Files\Telemeter 3.0\telemeter3.exe"
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKLM\..\Run: [PC-Checkup] "C:\PC-Checkup\PCCheckUp.exe" -mini
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [OpwareSE4] "C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe"
O4 - HKLM\..\Run: [PC Booster] C:\Program Files\inKline Global\PC Booster\PCBooster.exe
O4 - HKLM\..\Run: [Advanced WindowsCare V2 Pro] "C:\Program Files\IObit\Advanced WindowsCare V2 Pro\Awc.exe" /startup
O4 - HKLM\..\Run: [SDTray] "C:\Program Files\Spyware Doctor\SDTrayApp.exe"
O4 - HKLM\..\Run: [ISUSPM Startup] L:\PROGRA~1\ROXIOE~1\CD1~1\Common\INSTAL~1\UPDATE~ 1\ISUSPM.exe -startup
O4 - HKLM\..\RunServices: [Microsoft Update Application] npmggavmr.exe
O4 - HKCU\..\Run: [Gadwin PrintScreen 3.5] "C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe" /nosplash
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_9 -reboot 1
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\Run: [SpyEmergency] "C:\Program Files\NETGATE\Spy Emergency 2007\SpyEmergency.exe"
O4 - Global Startup: Adobe Reader Snelle start.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\npjpi160_02.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\npjpi160_02.dll
O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.6) - http://housecall65.trendmicro.com/housecall/applet/html/native/x86/win32/activex/hcImpl.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1184164824703
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1184164811531
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O20 - Winlogon Notify: awtsp - C:\WINDOWS\
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O20 - Winlogon Notify: WRNotifier - WRLogonNTF.dll (file missing)
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Spyware Doctor Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\svcntaux.exe
O23 - Service: Spyware Doctor Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\swdsvc.exe
O23 - Service: Spy Emergency Shield Service (SpyEmrgSrv) - NETGATE Technologies s.r.o. - C:\Program Files\NETGATE\Spy Emergency 2007\SpyEmergencySrv.exe
O23 - Service: TuneUp WinStyler Theme Service (TUWinStylerThemeSvc) - TuneUp Software GmbH - C:\Program Files\TuneUp WinStyler\WinStylerThemeSvc.exe

Trebor

Hallo,

Ga al je printers na of er iets in de wachtrij staat, zo ja bericht verwijderen.

Juisterr,

Canon MP160 Printer en Microsoft Office Document Image Writer nagezien staat niets in wachtrij

Trebor

Ok mag ik vragen hoe het nu gaat met je pc?

Juisterr,:good:

Pc werkt terug normaal

bedankt voor de snelle hulp

Trebor :bow:

Om herinfectie via systeemherstel te voorkomen, is het raadzaam de bestaande systeemherstelpunten te verwijderen door systeemherstel tijdelijk uit te schakelen.


- Ga naar Start/Alle programma's/Bureau-accessoires/Systeemwerkset/Systeemherstel.
- Klik in de linkerhelft van het venster op "Instellingen van systeemherstel".
- Zet een vinkje voor "Systeemherstel uitschakelen".
- Klik "Toepassen".
- Windows vraagt of je dat zeker weet.
- Klik "Ja".
- Klik "OK".
- Start de pc opnieuw op.
- Ga weer naar Start/Alle programma's/Bureau-accessoires/Systeemwerkset/Systeemherstel.
- Je krijgt de melding: "Systeemherstel is uitgeschakeld. Wilt u systeemherstel nu inschakelen?"
- Klik "Ja".
- Verwijder het vinkje voor "Systeemherstel uitschakelen".
- Klik "Toepassen".
- Klik "OK".
- Start de pc opnieuw op
- Er is nu een nieuw schoon herstel punt aangemaakt

Hier nog wat tips. tips (http://www.jawwi.nl/tips/beveiligen.html)

Juisterr,

bestaande systeemherstelpunten verwijderd door systeemherstel tijdelijk uit te schakelen en nieuw herstelpunt aangemaakt.
Het beste is dus dat ik dit regelmatig doe ??

Voor de rest alles ok

Nee hoor, dat hoeft in principe maar zo heel af en toe.
Het neemt wel ruimte in op je harde schijf en om ruimte vrij te maken kan je dat bv. ook uitvoeren.

Juisterr,

Nogmaals bedankt voor de hulp en de tips
Ga dit onderwerp afsluiten

Trebor :good: