Mededeling

Collapse
No announcement yet.

Popups komen telkens terug

Collapse
X
  •  
  • Tijd
  • Show
Clear All
new posts

  • Popups komen telkens terug

    Bij deze computer heb ik steeds problemen met reclame en bij het afsluiten komt er een melding exusus voor dit ongemak explorer moet worden afgesloten.
    Hier het hijackthislog en alvast bedankt.

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 18:53:56, on 21-12-2007
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16574)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
    C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
    C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
    C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
    C:\Program Files\mst software\mst Defrag\mstDfrgS.exe
    C:\Program Files\Eset\nod32krn.exe
    C:\Program Files\Symantec\Norton Ghost\Agent\PQV2iSvc.exe
    C:\Program Files\Raxco\PerfectDisk\PDAgent.exe
    C:\WINDOWS\system32\HPZipm12.exe
    C:\Program Files\CyberLink\Shared Files\RichVideo.exe
    C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
    C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
    C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
    C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe
    C:\Documents and Settings\Denise\tuEagles\EagleSvr.exe
    C:\Program Files\Common Files\Real\Update_OB\realsched.exe
    C:\Program Files\QuickTime\qttask.exe
    C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
    C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe
    C:\WINDOWS\system32\DrvMon.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE
    C:\Program Files\Windows Media Player\WMPNSCFG.exe
    C:\Program Files\Delux\PS2 Keyboard English Edition 2.0\kb_2k.exe
    C:\Program Files\Internet Explorer\IEXPLORE.EXE
    C:\Program Files\Internet Explorer\IEXPLORE.EXE
    C:\Documents and Settings\Denise\tuEagles\EaglePrx.exe
    C:\Program Files\Webroot\Spy Sweeper\SSU.EXE
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\FTDv3.8\FTDv3.exe
    C:\Program Files\NewsSearcher\NewsSearcher.exe
    C:\Program Files\NewsLeecher\newsleecher.exe
    C:\Program Files\NewsLeecher\newsleecher.exe
    C:\PROGRA~1\INCRED~1\bin\IMApp.exe
    C:\Documents and Settings\Eigenaar\Mijn documenten\Nieuwe map (5)\KaraokeDemo\kerst.exe
    C:\WINDOWS\explorer.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.nl/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.nl/0SENLNL/SAOS01?FORM=TOOLBR
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
    R3 - URLSearchHook: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll
    R3 - URLSearchHook: OLE (Part 1 of 5) - - (no file)
    O1 - Hosts: 127.255.255.255 195.137.236.101
    O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: SWEETIE - {1A0AADCD-3A72-4b5f-900F-E3BB5A838E2A} - C:\PROGRA~1\MACROG~1\SWEETI~1\toolbar.dll
    O2 - BHO: XBTP06823 Class - {51A95DBF-B182-44d7-B75F-1F69F21BF014} - (no file)
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
    O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
    O3 - Toolbar: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll
    O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
    O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min
    O4 - HKLM\..\Run: [EagleEye] C:\Documents and Settings\Denise\tuEagles\EagleSvr.exe
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
    O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD\Language\Language.exe"
    O4 - HKLM\..\Run: [bend logo clock film] C:\Documents and Settings\All Users\Application Data\Frag great bend logo\Owns Heart.exe
    O4 - HKLM\..\Run: [SpySweeper] C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe /startintray
    O4 - HKCU\..\Run: [DrvMon.exe] C:\WINDOWS\system32\DrvMon.exe
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE"
    O4 - HKCU\..\Run: [tray cake] C:\DOCUME~1\Eigenaar\APPLIC~1\TRUSTF~1\lite window meow.exe
    O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Lokale service')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Netwerkservice')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
    O4 - Global Startup: PS2 Keyboard English Edition 2.0.lnk = ?
    O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
    O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
    O8 - Extra context menu item: Download all links using BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
    O8 - Extra context menu item: Download link using &BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
    O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office10\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra button: (no name) - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - (no file)
    O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INETREPL.DLL
    O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INETREPL.DLL
    O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INETREPL.DLL
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?LinkID=39204
    O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1126730830750
    O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
    O16 - DPF: {AB86CE53-AC9F-449F-9399-D8ABCA09EC09} (Get_ActiveX Control) - https://h17000.www1.hp.com/ewfrf-JAVA/Secure/HPGetDownloadManager.ocx
    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
    O16 - DPF: {DEB21AD3-FDA4-42F6-B57D-EE696A675EE8} (IP-Uploader Control) - http://asp02.photoprintit.de/microsite/1386/defaults/activex/ImageUploader3.cab
    O16 - DPF: {E55FD215-A32E-43FE-A777-A7E8F165F551} (Flatcast Viewer 4.15) - http://www.flatcast.com/de/download/NpFv415.dll
    O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
    O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
    O23 - Service: AntiVir Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
    O23 - Service: AntiVir PersonalEdition Classic Service (AntiVirService) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
    O23 - Service: pcAnywhere-hostservice (awhost32) - Symantec Corporation - C:\Program Files\Symantec\pcAnywhere\awhost32.exe
    O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
    O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - D:\Common\Database\bin\fbserver.exe
    O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: mst Defrag Service (mstDfrgS) - mst software, Martin Stiemerling, Germany - C:\Program Files\mst software\mst Defrag\mstDfrgS.exe
    O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
    O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
    O23 - Service: Norton Ghost - Symantec Corporation - C:\Program Files\Symantec\Norton Ghost\Agent\PQV2iSvc.exe
    O23 - Service: PDAgent - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk\PDAgent.exe
    O23 - Service: PDEngine - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk\PDEngine.exe
    O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
    O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
    O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe
    O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\svcntaux.exe
    O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\swdsvc.exe
    O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
    O23 - Service: TuneUp WinStyler Theme Service (TUWinStylerThemeSvc) - TuneUp Software GmbH - C:\Program Files\TuneUp Utilities 2006\WinStylerThemeSvc.exe
    O23 - Service: UPnPService - Magix AG - C:\Program Files\Common Files\MAGIX Shared\UPnPService\UPnPService.exe
    O23 - Service: Webroot Spy Sweeper Engine (WebrootSpySweeperService) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
    O24 - Desktop Component 1: (no name) - http://kopen.marktplaats.nl/c0.html

    --
    End of file - 13755 bytes

  • #2
    Start HijackThis nog een keer, kies voor "Do a system scan only" en plaats alleen een vinkje voor de volgende regels:
    R3 - URLSearchHook: OLE (Part 1 of 5) - - (no file)
    O2 - BHO: XBTP06823 Class - {51A95DBF-B182-44d7-B75F-1F69F21BF014} - (no file)
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O4 - HKLM\..\Run: [bend logo clock film] C:\Documents and Settings\All Users\Application Data\Frag great bend logo\Owns Heart.exe
    O4 - HKCU\..\Run: [tray cake] C:\DOCUME~1\Eigenaar\APPLIC~1\TRUSTF~1\lite window meow.exe
    O9 - Extra button: (no name) - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - (no file)

    Sluit alle open vensters(behalve HijackThis), klik daarna op "Fix checked" en sluit HijackThis af.

    Herstart even je computer.

    Download dit bestand: Deljob.exe (mirror)
    Plaats het op je bureaublad.
    Indien je virusscanner de download van deljob.exe blokkeert,
    schakel dan tijdelijk je virusscanner uit of download de zip-versie
    deljob.zip en pak deze uit naar je Bureaublad.
    Dubbelklik Deljob.exe.
    Een logje(logit.txt) zal openen, het bestandje kan je ook terugvinden op je bureaublad.
    Post de inhoud van logit.txt in je volgende bericht.
    Post ook een nieuw logje van HijackThis

    Groeten smeenk

    Comment


    • #3
      Hallo Smeenk,
      Hier het logit.txt en daarna het nieuwe hijackthis logje.

      --------------------------------------------------------
      File(s) moved to C:\deljob

      AD6A964E93AD09AA.job
      --------------------------------------------------------
      Files remaining after cleaning

      Controleren op updates voor Windows Live Toolbar.job
      --------------------------------------------------------
      App data folders

      Het volume in station C heeft geen naam.
      Het volumenummer is 1053-530D

      Map van C:\Documents and Settings\Eigenaar\Application Data

      21-12-2007 19:42 <DIR> .
      21-12-2007 19:42 <DIR> ..
      09-12-2007 12:23 <DIR> ACOUST~1 Acoustica
      28-11-2007 22:27 <DIR> Adobe
      15-01-2007 18:06 <DIR> AdobeUM
      16-07-2006 18:02 <DIR> Ahead
      08-01-2006 15:59 <DIR> APPLEC~1 Apple Computer
      21-09-2005 21:28 <DIR> Atari
      30-11-2007 23:33 <DIR> Babylon
      14-09-2005 18:02 <DIR> CYBERL~1 CyberLink
      14-04-2006 23:11 <DIR> DETELE~1 De Telefoongids Professioneel
      25-03-2007 17:41 <DIR> DMCache
      20-04-2007 21:52 <DIR> Google
      26-12-2005 23:45 <DIR> Help
      22-04-2006 18:49 <DIR> IDENTI~1 Identities
      12-03-2006 16:45 <DIR> IDM
      19-02-2007 19:48 <DIR> INSTAL~1 InstallShield
      31-01-2006 21:47 <DIR> ISOLAT~1 IsolatedStorage
      25-02-2006 12:46 <DIR> JRIVER~1 J River
      24-09-2007 19:06 <DIR> KOALAF~1 KoalaFTDSearch
      19-11-2007 19:37 <DIR> Lavasoft
      22-12-2007 12:46 <DIR> LimeWire
      21-10-2007 17:56 <DIR> MACROM~1 Macromedia
      31-12-2006 19:06 <DIR> MAGIX
      08-01-2006 15:51 <DIR> MATCHW~1 MatchWare
      19-09-2007 19:31 <DIR> MICROS~1 Microsoft
      16-12-2007 11:50 <DIR> NewsBin
      09-07-2006 11:40 <DIR> PCTOOL~1 PC Tools
      06-01-2007 22:34 <DIR> PHOTOF~1 PhotoFrameShow
      11-12-2005 17:42 <DIR> ppStream
      09-04-2006 18:16 <DIR> PREVEN~1 Preventon
      04-12-2007 07:43 <DIR> PrevxCSI
      02-04-2006 14:03 <DIR> Real
      07-03-2007 18:53 <DIR> SCREEN~1 Screenshot Sender
      15-09-2005 22:24 <DIR> Shareaza
      16-01-2006 18:04 <DIR> Sun
      04-03-2006 12:54 <DIR> Symantec
      30-05-2007 06:41 <DIR> THINST~1 Thinstall
      18-12-2007 07:54 <DIR> TRUSTF~1 TRUST FUNK
      18-03-2007 12:43 <DIR> TUNEUP~1 TuneUp Software
      25-10-2007 22:49 <DIR> URSoft
      19-11-2007 22:12 <DIR> uTorrent
      27-11-2007 12:57 <DIR> WINDOW~1 Windows Live Writer
      22-04-2006 18:49 <DIR> Zylom
      0 bestand(en) 0 bytes
      44 map(pen) 1.656.164.352 bytes beschikbaar
      Het volume in station C heeft geen naam.
      Het volumenummer is 1053-530D

      Map van C:\Documents and Settings\All Users\Application Data

      21-12-2007 19:42 <DIR> .
      21-12-2007 19:42 <DIR> ..
      25-01-2007 19:13 <DIR> Adobe
      17-07-2007 18:27 <DIR> Ahead
      09-09-2007 08:09 <DIR> ANTIVI~1 AntiVir PersonalEdition classic
      08-01-2006 10:38 <DIR> APPLEC~1 Apple Computer
      08-10-2007 20:08 <DIR> AVG7
      10-10-2006 21:14 <DIR> Babylon
      10-03-2007 14:05 <DIR> BLUETO~1 Bluetooth
      28-10-2007 10:52 <DIR> BRODER~1 Broderbund Software
      20-11-2007 06:34 <DIR> CA
      18-03-2007 12:57 <DIR> clp
      19-09-2005 20:54 <DIR> CYBERL~1 CyberLink
      11-10-2005 18:15 <DIR> DVDSHR~1 DVD Shrink
      18-12-2007 07:54 <DIR> FRAGGR~1 Frag great bend logo
      31-12-2006 19:24 <DIR> FREEDB
      21-11-2005 20:24 <DIR> Goland
      16-12-2007 20:11 <DIR> Google
      29-09-2007 09:07 <DIR> Grisoft
      12-11-2005 18:19 <DIR> HP
      25-03-2006 12:51 <DIR> INTERV~1 InterVideo
      08-10-2007 20:50 <DIR> Lavasoft
      04-08-2007 18:56 <DIR> MAGIX
      30-10-2006 17:19 <DIR> McAfee
      30-10-2006 16:48 <DIR> McAfee.com
      30-03-2007 12:40 <DIR> MESSEN~1 Messenger Plus!
      19-11-2007 19:37 <DIR> MICROS~1 Microsoft
      09-12-2007 11:03 <DIR> MYPHOT~1 MyPhotoFun
      24-09-2007 20:04 <DIR> NewsBin
      14-09-2005 13:50 <DIR> Pinnacle
      26-10-2007 14:54 <DIR> Prevx
      19-11-2007 22:12 <DIR> Raxco
      02-11-2007 17:08 <DIR> Recisio
      21-12-2007 13:56 <DIR> SPYBOT~1 Spybot - Search & Destroy
      04-03-2006 12:57 <DIR> Symantec
      22-12-2007 20:11 <DIR> TEMP
      19-02-2007 19:50 <DIR> TomTom
      25-03-2007 20:53 <DIR> TUNEUP~1 TuneUp Software
      27-10-2006 10:31 <DIR> WHITEC~1 WhiteCap (Holiday Edition)
      05-10-2005 20:53 <DIR> WINDOW~1 Windows Genuine Advantage
      08-01-2007 09:50 <DIR> WINDOW~2 Windows Live Toolbar
      30-11-2007 14:50 <DIR> WLINST~1 WLInstaller
      16-07-2006 09:58 <DIR> XEMICO~1 XemiComputers
      25-04-2006 17:23 <DIR> YAHOO!~1 Yahoo! Companion
      22-04-2006 18:48 <DIR> Zylom
      0 bestand(en) 0 bytes
      45 map(pen) 1.656.160.256 bytes beschikbaar
      --------------------------------------------------------



      Logfile of Trend Micro HijackThis v2.0.2
      Scan saved at 20:21:56, on 22-12-2007
      Platform: Windows XP SP2 (WinNT 5.01.2600)
      MSIE: Internet Explorer v7.00 (7.00.6000.16574)
      Boot mode: Normal

      Running processes:
      C:\WINDOWS\System32\smss.exe
      C:\WINDOWS\system32\winlogon.exe
      C:\WINDOWS\system32\services.exe
      C:\WINDOWS\system32\lsass.exe
      C:\WINDOWS\system32\svchost.exe
      C:\WINDOWS\System32\svchost.exe
      C:\WINDOWS\system32\spoolsv.exe
      C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
      C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
      C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
      C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
      C:\WINDOWS\System32\svchost.exe
      C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
      C:\Program Files\mst software\mst Defrag\mstDfrgS.exe
      C:\Program Files\Eset\nod32krn.exe
      C:\Program Files\Symantec\Norton Ghost\Agent\PQV2iSvc.exe
      C:\WINDOWS\Explorer.EXE
      C:\Program Files\Raxco\PerfectDisk\PDAgent.exe
      C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
      C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe
      C:\Documents and Settings\Denise\tuEagles\EagleSvr.exe
      C:\Program Files\Common Files\Real\Update_OB\realsched.exe
      C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
      C:\WINDOWS\system32\DrvMon.exe
      C:\WINDOWS\system32\ctfmon.exe
      C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
      C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE
      C:\Program Files\Windows Media Player\WMPNSCFG.exe
      C:\WINDOWS\system32\HPZipm12.exe
      C:\Program Files\CyberLink\Shared Files\RichVideo.exe
      C:\Program Files\Delux\PS2 Keyboard English Edition 2.0\kb_2k.exe
      C:\Documents and Settings\Denise\tuEagles\EaglePrx.exe
      C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
      C:\Program Files\Raxco\PerfectDisk\PDEngine.exe
      C:\Program Files\Internet Explorer\iexplore.exe
      C:\WINDOWS\system32\svchost.exe
      C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
      C:\WINDOWS\system32\NOTEPAD.EXE
      C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

      R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.nl/
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
      R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com
      R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
      R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.nl/0SENLNL/SAOS01?FORM=TOOLBR
      R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
      R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
      R3 - URLSearchHook: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll
      O1 - Hosts: 127.255.255.255 195.137.236.101
      O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
      O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
      O2 - BHO: SWEETIE - {1A0AADCD-3A72-4b5f-900F-E3BB5A838E2A} - C:\PROGRA~1\MACROG~1\SWEETI~1\toolbar.dll
      O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
      O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
      O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
      O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
      O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
      O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
      O3 - Toolbar: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll
      O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
      O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
      O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
      O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
      O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min
      O4 - HKLM\..\Run: [EagleEye] C:\Documents and Settings\Denise\tuEagles\EagleSvr.exe
      O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
      O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
      O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
      O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD\Language\Language.exe"
      O4 - HKCU\..\Run: [DrvMon.exe] C:\WINDOWS\system32\DrvMon.exe
      O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
      O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
      O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE"
      O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
      O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Lokale service')
      O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Netwerkservice')
      O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
      O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
      O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
      O4 - Global Startup: PS2 Keyboard English Edition 2.0.lnk = ?
      O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
      O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
      O8 - Extra context menu item: Download all links using BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
      O8 - Extra context menu item: Download link using &BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
      O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office10\EXCEL.EXE/3000
      O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
      O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
      O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
      O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
      O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INETREPL.DLL
      O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INETREPL.DLL
      O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INETREPL.DLL
      O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
      O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
      O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?LinkID=39204
      O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
      O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1126730830750
      O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
      O16 - DPF: {AB86CE53-AC9F-449F-9399-D8ABCA09EC09} (Get_ActiveX Control) - https://h17000.www1.hp.com/ewfrf-JAVA/Secure/HPGetDownloadManager.ocx
      O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
      O16 - DPF: {DEB21AD3-FDA4-42F6-B57D-EE696A675EE8} (IP-Uploader Control) - http://asp02.photoprintit.de/microsite/1386/defaults/activex/ImageUploader3.cab
      O16 - DPF: {E55FD215-A32E-43FE-A777-A7E8F165F551} (Flatcast Viewer 4.15) - http://www.flatcast.com/de/download/NpFv415.dll
      O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
      O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
      O23 - Service: AntiVir Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
      O23 - Service: AntiVir PersonalEdition Classic Service (AntiVirService) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
      O23 - Service: pcAnywhere-hostservice (awhost32) - Symantec Corporation - C:\Program Files\Symantec\pcAnywhere\awhost32.exe
      O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
      O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - D:\Common\Database\bin\fbserver.exe
      O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
      O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
      O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
      O23 - Service: mst Defrag Service (mstDfrgS) - mst software, Martin Stiemerling, Germany - C:\Program Files\mst software\mst Defrag\mstDfrgS.exe
      O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
      O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
      O23 - Service: Norton Ghost - Symantec Corporation - C:\Program Files\Symantec\Norton Ghost\Agent\PQV2iSvc.exe
      O23 - Service: PDAgent - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk\PDAgent.exe
      O23 - Service: PDEngine - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk\PDEngine.exe
      O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
      O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
      O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe
      O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\svcntaux.exe
      O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\swdsvc.exe
      O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
      O23 - Service: TuneUp WinStyler Theme Service (TUWinStylerThemeSvc) - TuneUp Software GmbH - C:\Program Files\TuneUp Utilities 2006\WinStylerThemeSvc.exe
      O23 - Service: UPnPService - Magix AG - C:\Program Files\Common Files\MAGIX Shared\UPnPService\UPnPService.exe
      O24 - Desktop Component 1: (no name) - http://kopen.marktplaats.nl/c0.html

      --
      End of file - 12484 bytes

      Comment


      • #4
        Download en installeer dit programma: GV Killer.exe

        Dubbelklik het, er zal een text-bestand openen(input.txt)
        Verwijder eventueel de text die al in dat bestand staat en plaats de volgende vetgedrukte regels er weer in:

        C:\Documents and Settings\Eigenaar\Application Data\TRUST FUNK
        C:\Documents and Settings\All Users\Application Data\Frag great bend logo
        C:\Program Files\TRUST FUNK
        C:\deljob


        Sluit het textbestand en laat de wijzigingen opslaan
        Klik nu op de knop "Kill on reboot" en laat de PC herstarten.
        Na de herstart zal GV_Killer.exe opnieuw gestart worden, geef toestemming om de mappen te verwijderen.
        Als dat gelukt is mag je GV_Killer afsluiten.

        Post daarna een nieuw logje van Deljob.exe en meldt of de problemen voorbij zijn

        Comment


        • #5
          Hallo Smeenk,

          Hierbij een logje van Deljob.

          Ps zo te zien lijkt het dat de problemen met al die popups voorbij zijn hartelijk dan daarvoor.

          --------------------------------------------------------
          No LOP jobs found
          --------------------------------------------------------
          Files remaining after cleaning

          Controleren op updates voor Windows Live Toolbar.job
          --------------------------------------------------------
          App data folders

          Het volume in station C heeft geen naam.
          Het volumenummer is 1053-530D

          Map van C:\Documents and Settings\Eigenaar\Application Data

          23-12-2007 21:51 <DIR> .
          23-12-2007 21:51 <DIR> ..
          09-12-2007 12:23 <DIR> ACOUST~1 Acoustica
          28-11-2007 22:27 <DIR> Adobe
          15-01-2007 18:06 <DIR> AdobeUM
          16-07-2006 18:02 <DIR> Ahead
          08-01-2006 15:59 <DIR> APPLEC~1 Apple Computer
          21-09-2005 21:28 <DIR> Atari
          30-11-2007 23:33 <DIR> Babylon
          14-09-2005 18:02 <DIR> CYBERL~1 CyberLink
          14-04-2006 23:11 <DIR> DETELE~1 De Telefoongids Professioneel
          25-03-2007 17:41 <DIR> DMCache
          20-04-2007 21:52 <DIR> Google
          26-12-2005 23:45 <DIR> Help
          22-04-2006 18:49 <DIR> IDENTI~1 Identities
          12-03-2006 16:45 <DIR> IDM
          19-02-2007 19:48 <DIR> INSTAL~1 InstallShield
          31-01-2006 21:47 <DIR> ISOLAT~1 IsolatedStorage
          25-02-2006 12:46 <DIR> JRIVER~1 J River
          24-09-2007 19:06 <DIR> KOALAF~1 KoalaFTDSearch
          19-11-2007 19:37 <DIR> Lavasoft
          22-12-2007 12:46 <DIR> LimeWire
          21-10-2007 17:56 <DIR> MACROM~1 Macromedia
          31-12-2006 19:06 <DIR> MAGIX
          08-01-2006 15:51 <DIR> MATCHW~1 MatchWare
          19-09-2007 19:31 <DIR> MICROS~1 Microsoft
          16-12-2007 11:50 <DIR> NewsBin
          09-07-2006 11:40 <DIR> PCTOOL~1 PC Tools
          06-01-2007 22:34 <DIR> PHOTOF~1 PhotoFrameShow
          11-12-2005 17:42 <DIR> ppStream
          09-04-2006 18:16 <DIR> PREVEN~1 Preventon
          04-12-2007 07:43 <DIR> PrevxCSI
          02-04-2006 14:03 <DIR> Real
          07-03-2007 18:53 <DIR> SCREEN~1 Screenshot Sender
          15-09-2005 22:24 <DIR> Shareaza
          16-01-2006 18:04 <DIR> Sun
          04-03-2006 12:54 <DIR> Symantec
          30-05-2007 06:41 <DIR> THINST~1 Thinstall
          18-03-2007 12:43 <DIR> TUNEUP~1 TuneUp Software
          25-10-2007 22:49 <DIR> URSoft
          19-11-2007 22:12 <DIR> uTorrent
          27-11-2007 12:57 <DIR> WINDOW~1 Windows Live Writer
          22-04-2006 18:49 <DIR> Zylom
          0 bestand(en) 0 bytes
          43 map(pen) 1.849.987.072 bytes beschikbaar
          Het volume in station C heeft geen naam.
          Het volumenummer is 1053-530D

          Map van C:\Documents and Settings\All Users\Application Data

          23-12-2007 21:51 <DIR> .
          23-12-2007 21:51 <DIR> ..
          25-01-2007 19:13 <DIR> Adobe
          17-07-2007 18:27 <DIR> Ahead
          09-09-2007 08:09 <DIR> ANTIVI~1 AntiVir PersonalEdition classic
          08-01-2006 10:38 <DIR> APPLEC~1 Apple Computer
          08-10-2007 20:08 <DIR> AVG7
          10-10-2006 21:14 <DIR> Babylon
          10-03-2007 14:05 <DIR> BLUETO~1 Bluetooth
          28-10-2007 10:52 <DIR> BRODER~1 Broderbund Software
          20-11-2007 06:34 <DIR> CA
          18-03-2007 12:57 <DIR> clp
          19-09-2005 20:54 <DIR> CYBERL~1 CyberLink
          11-10-2005 18:15 <DIR> DVDSHR~1 DVD Shrink
          31-12-2006 19:24 <DIR> FREEDB
          21-11-2005 20:24 <DIR> Goland
          16-12-2007 20:11 <DIR> Google
          29-09-2007 09:07 <DIR> Grisoft
          12-11-2005 18:19 <DIR> HP
          25-03-2006 12:51 <DIR> INTERV~1 InterVideo
          08-10-2007 20:50 <DIR> Lavasoft
          04-08-2007 18:56 <DIR> MAGIX
          30-10-2006 17:19 <DIR> McAfee
          30-10-2006 16:48 <DIR> McAfee.com
          30-03-2007 12:40 <DIR> MESSEN~1 Messenger Plus!
          19-11-2007 19:37 <DIR> MICROS~1 Microsoft
          09-12-2007 11:03 <DIR> MYPHOT~1 MyPhotoFun
          24-09-2007 20:04 <DIR> NewsBin
          14-09-2005 13:50 <DIR> Pinnacle
          26-10-2007 14:54 <DIR> Prevx
          19-11-2007 22:12 <DIR> Raxco
          02-11-2007 17:08 <DIR> Recisio
          21-12-2007 13:56 <DIR> SPYBOT~1 Spybot - Search & Destroy
          04-03-2006 12:57 <DIR> Symantec
          23-12-2007 17:58 <DIR> TEMP
          19-02-2007 19:50 <DIR> TomTom
          25-03-2007 20:53 <DIR> TUNEUP~1 TuneUp Software
          27-10-2006 10:31 <DIR> WHITEC~1 WhiteCap (Holiday Edition)
          05-10-2005 20:53 <DIR> WINDOW~1 Windows Genuine Advantage
          08-01-2007 09:50 <DIR> WINDOW~2 Windows Live Toolbar
          30-11-2007 14:50 <DIR> WLINST~1 WLInstaller
          16-07-2006 09:58 <DIR> XEMICO~1 XemiComputers
          25-04-2006 17:23 <DIR> YAHOO!~1 Yahoo! Companion
          22-04-2006 18:48 <DIR> Zylom
          0 bestand(en) 0 bytes
          44 map(pen) 1.849.982.976 bytes beschikbaar
          --------------------------------------------------------

          Comment


          • #6
            Het logje is schoon

            Download ATF cleaner (mirror)(gemaakt door Atribune)

            Belangrijk: Sluit al je browservensters(IE en/of Firefox en/of Opera) om de tool goed te kunnen laten werken.

            Dubbelklik op ATF cleaner om het programma te starten.
            Op het tabblad "Main", plaats je een vinkje bij Select All.
            Klik op de knop Empty Selected.

            Het volgende doen als je ook FireFox als browser hebt:
            Klik op tabblad "Firefox", plaats een vinkje bij Select All.
            Wil je de door Firefox opgeslagen wachtwoorden behouden, dan klik je in het venster dat verschijnt op "No".
            (dit haalt het vinkje weer weg bij "Firefox saved passwords")
            Klik op de knop Empty Selected.

            Het volgende doen als je ook Opera als browser hebt:
            Klik op tabblad "Opera", plaats een vinkje bij Select All.
            Wil je de door Opera opgeslagen wachtwoorden behouden, dan klik je in het venster dat verschijnt op "No".
            Klik op de knop Empty Selected.
            Ga naar het tabblad "Main" en klik op de knop Exit om het programma af te sluiten.

            Schakel Systeemherstel uit. Herstart de computer. Schakel Systeemherstel weer in.
            Kijk hier hoe je je systeemherstel moet uitschakelen.
            Hiermee verwijder je eventuele restanten van de infecties uit je systeemherstel.

            Dan denk ik dat alles weer OK is

            Comment

            Sorry, you are not authorized to view this page
            Working...
            X
            😀
            🥰
            🤢
            😎
            😡
            👍
            👎