Mededeling

Collapse
No announcement yet.

Problemen met CID

Collapse
X
  •  
  • Filter
  • Tijd
  • Show
Clear All
new posts

  • Problemen met CID

    Hallo ,

    Ik heb een probleem met de CID pop ups
    ik krijg ze gewoonweg niet weg ik heb een log bestandje gemaakt met Hijackthis. Wie kan en wil mij helpen
    Alvast bedankt Patrick

    Logfile of Trend Micro HijackThis v2.0.0 (BETA)
    Scan saved at 22:09:40, on 31-1-2008
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
    C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
    C:\WINDOWS\system32\nvsvc32.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe
    C:\Program Files\QuickTime\QTTask.exe
    C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe
    C:\Program Files\Nokia\Nokia Software Launcher\NSLauncher.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
    C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
    C:\Program Files\Trust\MI-4500X WIRELESS OPTICAL MOUSE\Mouse32a.exe
    C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe
    C:\Program Files\Internet Explorer\IEXPLORE.EXE
    C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\WINDOWS\system32\atwtusb.exe
    C:\Program Files\Apoint2K\Apoint.exe
    C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
    C:\WINDOWS\AGRSMMSG.exe
    C:\Program Files\Apoint2K\Apntex.exe
    C:\Program Files\HP\hpcoretech\comp\hptskmgr.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    C:\Program Files\Java\jre1.5.0_11\bin\jucheck.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\BitComet\BitComet.exe
    C:\Downloads\HiJackThis_v2.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.az.nl/index.php
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=NL_NL&c=Q105&bd=presario&pf=laptop
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
    O2 - BHO: Adobe PDF Reader Help bij koppelingen - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.2.1.2.dll
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar4.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar4.dll
    O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe"
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
    O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup
    O4 - HKLM\..\Run: [Option Bib Logo Log] C:\Documents and Settings\All Users\Application Data\LICENSE ADMIN OPTION BIB\Five obj.exe
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [NSLauncher] C:\Program Files\Nokia\Nokia Software Launcher\NSLauncher.exe /startup
    O4 - HKLM\..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe
    O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
    O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
    O4 - HKLM\..\Run: [FLMOFFICE4DMOUSE] C:\Program Files\Trust\MI-4500X WIRELESS OPTICAL MOUSE\Mouse32a.exe
    O4 - HKLM\..\Run: [eabconfg.cpl] C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe /Start
    O4 - HKLM\..\Run: [DXDllRegExe] dxdllreg.exe
    O4 - HKLM\..\Run: [Cpqset] C:\Program Files\HPQ\Default Settings\cpqset.exe
    O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min
    O4 - HKLM\..\Run: [atwtusb] atwtusb.exe beta
    O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
    O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Lokale service')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Netwerkservice')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
    O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
    O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
    O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
    O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
    O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files\BitComet\tools\BitCometBHO_1.2.1.2.dll/206 (file missing)
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O14 - IERESET.INF: START_PAGE_URL=http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=NL_NL&c=Q105&bd=presario&pf=laptop
    O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by121fd.bay121.hotmail.msn.com/resources/MsnPUpld.cab
    O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
    O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
    O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
    O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
    O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
    O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - C:\Program Files\MAGIX\Common\Database\bin\fbserver.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: HP WMI Interface (hpqwmi) - Hewlett-Packard Development Company, L.P. - C:\Program Files\HPQ\SHARED\HPQWMI.exe
    O23 - Service: iPod-service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
    O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
    O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
    O23 - Service: UPnPService - Magix AG - C:\Program Files\Common Files\MAGIX Shared\UPnPService\UPnPService.exe

    --
    End of file - 9458 bytes

  • #2
    CiD bestanden ik word er gek van

    Hallo

    Ik heb sinds enkele dagen last van popups van allerlei aard echte komen ze van CiD echt heel vervelend wie heeft enig idee hoe dit voor eeuwig te verbannen.

    zie hieronder de Hijack fileLogfile of Trend Micro HijackThis v2.0.0 (BETA)
    Scan saved at 22:09:40, on 31-1-2008
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
    C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
    C:\WINDOWS\system32\nvsvc32.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe
    C:\Program Files\QuickTime\QTTask.exe
    C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe
    C:\Program Files\Nokia\Nokia Software Launcher\NSLauncher.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
    C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
    C:\Program Files\Trust\MI-4500X WIRELESS OPTICAL MOUSE\Mouse32a.exe
    C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe
    C:\Program Files\Internet Explorer\IEXPLORE.EXE
    C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\WINDOWS\system32\atwtusb.exe
    C:\Program Files\Apoint2K\Apoint.exe
    C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
    C:\WINDOWS\AGRSMMSG.exe
    C:\Program Files\Apoint2K\Apntex.exe
    C:\Program Files\HP\hpcoretech\comp\hptskmgr.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    C:\Program Files\Java\jre1.5.0_11\bin\jucheck.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\BitComet\BitComet.exe
    C:\Downloads\HiJackThis_v2.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.az.nl/index.php
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=NL_NL&c=Q105&bd=presario&pf=laptop
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
    O2 - BHO: Adobe PDF Reader Help bij koppelingen - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.2.1.2.dll
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar4.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar4.dll
    O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe"
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
    O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup
    O4 - HKLM\..\Run: [Option Bib Logo Log] C:\Documents and Settings\All Users\Application Data\LICENSE ADMIN OPTION BIB\Five obj.exe
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [NSLauncher] C:\Program Files\Nokia\Nokia Software Launcher\NSLauncher.exe /startup
    O4 - HKLM\..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe
    O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
    O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
    O4 - HKLM\..\Run: [FLMOFFICE4DMOUSE] C:\Program Files\Trust\MI-4500X WIRELESS OPTICAL MOUSE\Mouse32a.exe
    O4 - HKLM\..\Run: [eabconfg.cpl] C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe /Start
    O4 - HKLM\..\Run: [DXDllRegExe] dxdllreg.exe
    O4 - HKLM\..\Run: [Cpqset] C:\Program Files\HPQ\Default Settings\cpqset.exe
    O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min
    O4 - HKLM\..\Run: [atwtusb] atwtusb.exe beta
    O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
    O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Lokale service')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Netwerkservice')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
    O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
    O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
    O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
    O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
    O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files\BitComet\tools\BitCometBHO_1.2.1.2.dll/206 (file missing)
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O14 - IERESET.INF: START_PAGE_URL=http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=NL_NL&c=Q105&bd=presario&pf=laptop
    O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by121fd.bay121.hotmail.msn.com/resources/MsnPUpld.cab
    O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
    O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
    O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
    O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
    O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
    O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - C:\Program Files\MAGIX\Common\Database\bin\fbserver.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: HP WMI Interface (hpqwmi) - Hewlett-Packard Development Company, L.P. - C:\Program Files\HPQ\SHARED\HPQWMI.exe
    O23 - Service: iPod-service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
    O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
    O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
    O23 - Service: UPnPService - Magix AG - C:\Program Files\Common Files\MAGIX Shared\UPnPService\UPnPService.exe

    --
    End of file - 9458 bytes

    Comment


    • #3
      Hallo Patsy,

      Ik ga even voor je kijken...
      Spyware op je pc? Post een HijackThis log.
      Houd je Java software up-to-date!


      Comment


      • #4
        Hallo Patsy,

        1. Start HijackThis en kies voor 'Do a system scan only'.
        Als de scan compleet is vink dan alleen de onderstaande regels in HijackThis aan, indien aanwezig:
        O4 - HKLM\..\Run: [Option Bib Logo Log] C:\Documents and Settings\All Users\Application Data\LICENSE ADMIN OPTION BIB\Five obj.exe
        Sluit nu alle vensters behalve HijackThis zelf en klik op 'Fix checked'.
        Er zal een vraag komen over backups. Antwoord hierop met 'Ja', en sluit hierna HijackThis.

        2. Download dit bestand: Deljob.exe (mirror)
        Plaats het op je bureaublad.

        Indien je virusscanner de download van deljob.exe blokkeert,
        schakel dan tijdelijk je virusscanner uit of download de zip-versie
        deljob.zip en pak deze uit naar je Bureaublad.


        Dubbelklik Deljob.exe.
        Een logje (logit.txt) zal openen, het bestandje kan je ook terugvinden op je bureaublad.
        Post de inhoud van logit.txt in je volgende bericht, tesamen met een nieuwe log van HijackThis.

        - Niek
        Spyware op je pc? Post een HijackThis log.
        Houd je Java software up-to-date!


        Comment


        • #5
          2de Hijackthis logje en een logit logje

          Beste Niek
          wat erg aardig dat je me wilt helpen ik heb de gevraagde gegevens voor je verzameld
          ik hoop dat het goed genoeg is voor je Alvast bedankt Patrick



          Als eerste het logit bestandje :

          --------------------------------------------------------
          Backups created in C:\deljob

          A2BA2FA49189A02C.job
          --------------------------------------------------------
          Files in Windows Tasks folder

          User_Feed_Synchronization-{629328FE-840D-4278-B83D-A191C3C5FD43}.job
          XoftSpySE 2.job
          XoftSpySE.job
          --------------------------------------------------------
          Export App Data folders
          --------------------------------------------------------
          Het volume in station C heeft geen naam.
          Het volumenummer is 4B13-F5DA

          Map van C:\Documents and Settings\Patrick Minnesma\Application Data

          11-02-2008 21:22 <DIR> .
          11-02-2008 21:22 <DIR> ..
          10-11-2007 15:58 <DIR> Adobe
          06-05-2007 06:27 <DIR> AdobeUM
          27-05-2005 02:24 <DIR> APPLEC~1 Apple Computer
          30-01-2008 23:12 <DIR> CLOSEM~1 Closemess
          03-06-2005 19:24 <DIR> Corel
          02-11-2005 21:12 <DIR> dvdcss
          22-12-2005 20:43 <DIR> Google
          20-10-2005 13:30 <DIR> Help
          27-05-2005 02:24 <DIR> IDENTI~1 Identities
          28-05-2005 20:24 <DIR> INTERV~1 InterVideo
          09-07-2005 21:28 <DIR> KAZAAL~1 Kazaa Lite
          11-02-2008 21:21 <DIR> Lavasoft
          23-07-2005 12:22 <DIR> LEADER~1 Leadertech
          09-06-2005 19:18 <DIR> MACROM~1 Macromedia
          05-08-2007 08:35 <DIR> MEDIAP~1 Media Player Classic
          05-01-2007 19:32 <DIR> MICROS~1 Microsoft
          02-08-2007 09:24 <DIR> Nokia
          23-09-2007 18:52 <DIR> NOKIAM~1 Nokia Multimedia Player
          09-02-2008 22:55 <DIR> OPENOF~1.ORG OpenOffice.org2
          18-09-2007 20:34 <DIR> PCSUIT~1 PC Suite
          03-02-2008 15:41 <DIR> PCTOOL~1 PC Tools
          27-11-2007 19:24 <DIR> RipIt4Me
          18-09-2006 13:03 <DIR> Shareaza
          07-10-2007 21:11 <DIR> Skype
          28-11-2007 21:10 <DIR> SmartFTP
          27-05-2005 02:24 <DIR> Sonic
          27-05-2005 02:24 <DIR> Sun
          09-06-2005 19:25 <DIR> Symantec
          03-06-2005 19:04 <DIR> Template
          0 bestand(en) 0 bytes
          31 map(pen) 41.853.366.272 bytes beschikbaar
          Het volume in station C heeft geen naam.
          Het volumenummer is 4B13-F5DA

          Map van C:\Documents and Settings\All Users\Application Data

          11-02-2008 22:04 <DIR> .
          11-02-2008 22:04 <DIR> ..
          10-11-2007 15:54 <DIR> Adobe
          08-09-2007 11:14 <DIR> ANTIVI~2 AntiVir PersonalEdition Classic
          11-02-2006 15:59 <DIR> ANTIVI~1 AntiVir PersonalEdition classic(2)
          30-11-2007 22:12 <DIR> APPLEC~1 Apple Computer
          02-08-2007 08:42 <DIR> DOWNLO~1 Downloaded Installations
          20-11-2007 19:19 <DIR> DVDSHR~1 DVD Shrink
          12-09-2006 21:24 <DIR> Google
          24-11-2007 14:09 <DIR> INSTAL~1 Installations
          24-01-2008 18:45 <DIR> LICENS~1 LICENSE ADMIN OPTION BIB
          07-08-2007 07:57 <DIR> MAGIX
          03-02-2008 15:40 <DIR> MICROS~1 Microsoft
          05-06-2005 06:43 <DIR> OLYMPUS
          02-08-2007 08:50 <DIR> PCSUIT~1 PC Suite
          03-02-2008 15:29 <DIR> Prevx
          03-08-2005 14:04 <DIR> QUICKT~1 QuickTime
          27-05-2005 02:24 <DIR> SBSI
          02-09-2007 12:15 <DIR> Skype
          11-02-2008 21:21 <DIR> SPYBOT~1 Spybot - Search & Destroy
          03-02-2008 15:25 <DIR> SURFRI~1 SurfRight
          27-06-2005 20:48 <DIR> Symantec
          12-02-2008 21:00 <DIR> TEMP
          04-08-2005 21:05 <DIR> WINDOW~1 Windows Genuine Advantage
          05-01-2007 19:31 <DIR> WINDOW~2 Windows Live Toolbar
          0 bestand(en) 0 bytes
          25 map(pen) 41.853.362.176 bytes beschikbaar
          --------------------------------------------------------
          All User Accounts
          --------------------------------------------------------
          All Users
          Eigenaar
          Nancy Minnesma
          Patrick Minnesma
          --------------------------------------------------------


          Als 2de het Hijackthis logje :

          Logfile of Trend Micro HijackThis v2.0.0 (BETA)
          Scan saved at 22:11:15, on 12-2-2008
          Platform: Windows XP SP2 (WinNT 5.01.2600)
          Boot mode: Normal

          Running processes:
          C:\WINDOWS\System32\smss.exe
          C:\WINDOWS\system32\winlogon.exe
          C:\WINDOWS\system32\services.exe
          C:\WINDOWS\system32\lsass.exe
          C:\WINDOWS\system32\svchost.exe
          C:\WINDOWS\System32\svchost.exe
          C:\WINDOWS\system32\svchost.exe
          C:\WINDOWS\system32\spoolsv.exe
          C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
          C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
          C:\WINDOWS\System32\svchost.exe
          C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
          C:\WINDOWS\system32\nvsvc32.exe
          C:\WINDOWS\system32\svchost.exe
          C:\WINDOWS\Explorer.EXE
          C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe
          C:\Program Files\QuickTime\QTTask.exe
          C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe
          C:\Program Files\Internet Explorer\IEXPLORE.EXE
          C:\Program Files\Nokia\Nokia Software Launcher\NSLauncher.exe
          C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
          C:\Program Files\Trust\MI-4500X WIRELESS OPTICAL MOUSE\Mouse32a.exe
          C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe
          C:\WINDOWS\system32\atwtusb.exe
          C:\Program Files\Apoint2K\Apoint.exe
          C:\WINDOWS\AGRSMMSG.exe
          C:\Program Files\Spyware Doctor\pctsTray.exe
          C:\WINDOWS\system32\ctfmon.exe
          C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
          C:\Program Files\Messenger\msmsgs.exe
          C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
          C:\Program Files\Apoint2K\Apntex.exe
          C:\Program Files\HP\hpcoretech\comp\hptskmgr.exe
          C:\Program Files\Java\jre1.5.0_11\bin\jucheck.exe
          C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe
          C:\Program Files\Internet Explorer\iexplore.exe
          C:\Program Files\BitComet\BitComet.exe
          C:\Program Files\Internet Explorer\iexplore.exe
          C:\Downloads\HiJackThis_v2.exe

          R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
          R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
          R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=NL_NL&c=Q105&bd=presario&pf=laptop
          R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
          O2 - BHO: Adobe PDF Reader Help bij koppelingen - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
          O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.2.1.2.dll
          O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
          O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar4.dll
          O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
          O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar4.dll
          O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r
          O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe"
          O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
          O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup
          O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
          O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
          O4 - HKLM\..\Run: [NSLauncher] C:\Program Files\Nokia\Nokia Software Launcher\NSLauncher.exe /startup
          O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
          O4 - HKLM\..\Run: [FLMOFFICE4DMOUSE] C:\Program Files\Trust\MI-4500X WIRELESS OPTICAL MOUSE\Mouse32a.exe
          O4 - HKLM\..\Run: [eabconfg.cpl] C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe /Start
          O4 - HKLM\..\Run: [DXDllRegExe] dxdllreg.exe
          O4 - HKLM\..\Run: [Cpqset] C:\Program Files\HPQ\Default Settings\cpqset.exe
          O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min
          O4 - HKLM\..\Run: [atwtusb] atwtusb.exe beta
          O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
          O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
          O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
          O4 - HKLM\..\Run: [ISTray] "C:\Program Files\Spyware Doctor\pctsTray.exe"
          O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
          O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
          O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
          O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Lokale service')
          O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Netwerkservice')
          O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
          O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
          O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
          O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
          O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
          O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
          O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
          O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
          O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
          O9 - Extra button: (no name) - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - (no file)
          O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
          O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files\BitComet\tools\BitCometBHO_1.2.1.2.dll/206 (file missing)
          O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
          O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
          O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
          O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
          O14 - IERESET.INF: START_PAGE_URL=http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=NL_NL&c=Q105&bd=presario&pf=laptop
          O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by121fd.bay121.hotmail.msn.com/resources/MsnPUpld.cab
          O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
          O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
          O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
          O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
          O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
          O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
          O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
          O23 - Service: HP WMI Interface (hpqwmi) - Hewlett-Packard Development Company, L.P. - C:\Program Files\HPQ\SHARED\HPQWMI.exe
          O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
          O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
          O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
          O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe
          O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
          O23 - Service: UPnPService - Magix AG - C:\Program Files\Common Files\MAGIX Shared\UPnPService\UPnPService.exe

          --
          End of file - 8911 bytes




          Oorspronkelijk geplaatst door NiekR Bekijk Berichten
          Hallo Patsy,

          1. Start HijackThis en kies voor 'Do a system scan only'.
          Als de scan compleet is vink dan alleen de onderstaande regels in HijackThis aan, indien aanwezig:
          O4 - HKLM\..\Run: [Option Bib Logo Log] C:\Documents and Settings\All Users\Application Data\LICENSE ADMIN OPTION BIB\Five obj.exe
          Sluit nu alle vensters behalve HijackThis zelf en klik op 'Fix checked'.
          Er zal een vraag komen over backups. Antwoord hierop met 'Ja', en sluit hierna HijackThis.

          2. Download dit bestand: [url=http://home.hetnet.nl/~stefsmeenk/tools/deljob.exe]Deljob.exe ([url=http://members.lycos.nl/deljob/]mirror)
          Plaats het op je bureaublad.

          Indien je virusscanner de download van deljob.exe blokkeert,
          schakel dan tijdelijk je virusscanner uit of download de zip-versie
          [url=http://members.lycos.nl/deljob/deljob.zip]deljob.zip en pak deze uit naar je Bureaublad.


          Dubbelklik Deljob.exe.
          Een logje (logit.txt) zal openen, het bestandje kan je ook terugvinden op je bureaublad.
          Post de inhoud van logit.txt in je volgende bericht, tesamen met een nieuwe log van HijackThis.

          - Niek

          Comment


          • #6
            Hallo Patsy,

            Open een nieuw kladblok bestand, en plak daar de volgende (dikgedrukte) tekst in:
            @ECHO OFF
            IF EXIST showlog.txt DEL showlog.txt
            IF EXIST "C:\Program Files\Closemess" ECHO Map C:\Program Files\Closemess aanwezig >> showlog.txt
            DIR /b "C:\Documents and Settings\Patrick Minnesma\Application Data\Closemess" >> showlog.txt
            START NOTEPAD showlog.txt

            Ga naar Bestand -- Opslaan als. (Locatie: Bureaublad) Kies als naam: fix.bat en als Type: Alle bestanden *.*.
            Er wordt een .txt-bestand aangemaakt op je bureaublad. Post deze in een nieuwe reactie, tesamen met een nieuwe log van HijackThis.

            - Niek
            Spyware op je pc? Post een HijackThis log.
            Houd je Java software up-to-date!


            Comment


            • #7
              Hoi Niek

              Ik heb mijn best weer gedaan en hoop dat ik de goede gegevens voor je hebt
              Alvast reuze bedankt

              Gr Patrick

              Logfile of Trend Micro HijackThis v2.0.0 (BETA)
              Scan saved at 21:56:34, on 14-2-2008
              Platform: Windows XP SP2 (WinNT 5.01.2600)
              Boot mode: Normal

              Running processes:
              C:\WINDOWS\System32\smss.exe
              C:\WINDOWS\system32\winlogon.exe
              C:\WINDOWS\system32\services.exe
              C:\WINDOWS\system32\lsass.exe
              C:\WINDOWS\system32\svchost.exe
              C:\WINDOWS\System32\svchost.exe
              C:\WINDOWS\system32\svchost.exe
              C:\WINDOWS\system32\spoolsv.exe
              C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
              C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
              C:\WINDOWS\System32\svchost.exe
              C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
              C:\WINDOWS\system32\nvsvc32.exe
              C:\WINDOWS\system32\svchost.exe
              C:\WINDOWS\Explorer.EXE
              C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe
              C:\Program Files\QuickTime\QTTask.exe
              C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe
              C:\Program Files\Nokia\Nokia Software Launcher\NSLauncher.exe
              C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
              C:\Program Files\Trust\MI-4500X WIRELESS OPTICAL MOUSE\Mouse32a.exe
              C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe
              C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe
              C:\WINDOWS\system32\atwtusb.exe
              C:\Program Files\Apoint2K\Apoint.exe
              C:\WINDOWS\AGRSMMSG.exe
              C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
              C:\Program Files\Spyware Doctor\pctsTray.exe
              C:\WINDOWS\system32\ctfmon.exe
              C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
              C:\Program Files\Messenger\msmsgs.exe
              C:\Program Files\Apoint2K\Apntex.exe
              C:\Program Files\HP\hpcoretech\comp\hptskmgr.exe
              C:\Program Files\LimeWire\LimeWire.exe
              C:\Program Files\Java\jre1.5.0_11\bin\jucheck.exe
              C:\Program Files\Internet Explorer\iexplore.exe
              C:\WINDOWS\system32\notepad.exe
              C:\Program Files\BitComet\BitComet.exe
              C:\Downloads\HiJackThis_v2.exe

              R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
              R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
              R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=NL_NL&c=Q105&bd=presario&pf=laptop
              R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
              O2 - BHO: Adobe PDF Reader Help bij koppelingen - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
              O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.2.1.2.dll
              O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
              O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar4.dll
              O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
              O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar4.dll
              O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r
              O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe"
              O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
              O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup
              O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
              O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
              O4 - HKLM\..\Run: [NSLauncher] C:\Program Files\Nokia\Nokia Software Launcher\NSLauncher.exe /startup
              O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
              O4 - HKLM\..\Run: [FLMOFFICE4DMOUSE] C:\Program Files\Trust\MI-4500X WIRELESS OPTICAL MOUSE\Mouse32a.exe
              O4 - HKLM\..\Run: [eabconfg.cpl] C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe /Start
              O4 - HKLM\..\Run: [DXDllRegExe] dxdllreg.exe
              O4 - HKLM\..\Run: [Cpqset] C:\Program Files\HPQ\Default Settings\cpqset.exe
              O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min
              O4 - HKLM\..\Run: [atwtusb] atwtusb.exe beta
              O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
              O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
              O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
              O4 - HKLM\..\Run: [ISTray] "C:\Program Files\Spyware Doctor\pctsTray.exe"
              O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
              O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
              O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
              O4 - HKCU\..\RunOnce: [FlashPlayerUpdate] C:\WINDOWS\system32\Macromed\Flash\FlashUtil9b.exe
              O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Lokale service')
              O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Netwerkservice')
              O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
              O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
              O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
              O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
              O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
              O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
              O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
              O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
              O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
              O9 - Extra button: (no name) - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - (no file)
              O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
              O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files\BitComet\tools\BitCometBHO_1.2.1.2.dll/206 (file missing)
              O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
              O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
              O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
              O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
              O14 - IERESET.INF: START_PAGE_URL=http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=NL_NL&c=Q105&bd=presario&pf=laptop
              O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by121fd.bay121.hotmail.msn.com/resources/MsnPUpld.cab
              O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
              O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
              O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
              O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
              O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
              O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
              O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
              O23 - Service: HP WMI Interface (hpqwmi) - Hewlett-Packard Development Company, L.P. - C:\Program Files\HPQ\SHARED\HPQWMI.exe
              O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
              O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
              O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
              O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe
              O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
              O23 - Service: UPnPService - Magix AG - C:\Program Files\Common Files\MAGIX Shared\UPnPService\UPnPService.exe

              --
              End of file - 8980 bytes

              en ook nog de gegevens van het fix bestandje

              Map C:\Program Files\Closemess aanwezig

              Gr PAtrick




              Oorspronkelijk geplaatst door patsy Bekijk Berichten
              Beste Niek
              wat erg aardig dat je me wilt helpen ik heb de gevraagde gegevens voor je verzameld
              ik hoop dat het goed genoeg is voor je Alvast bedankt Patrick



              Als eerste het logit bestandje :

              --------------------------------------------------------
              Backups created in C:\deljob

              A2BA2FA49189A02C.job
              --------------------------------------------------------
              Files in Windows Tasks folder

              User_Feed_Synchronization-{629328FE-840D-4278-B83D-A191C3C5FD43}.job
              XoftSpySE 2.job
              XoftSpySE.job
              --------------------------------------------------------
              Export App Data folders
              --------------------------------------------------------
              Het volume in station C heeft geen naam.
              Het volumenummer is 4B13-F5DA

              Map van C:\Documents and Settings\Patrick Minnesma\Application Data

              11-02-2008 21:22 <DIR> .
              11-02-2008 21:22 <DIR> ..
              10-11-2007 15:58 <DIR> Adobe
              06-05-2007 06:27 <DIR> AdobeUM
              27-05-2005 02:24 <DIR> APPLEC~1 Apple Computer
              30-01-2008 23:12 <DIR> CLOSEM~1 Closemess
              03-06-2005 19:24 <DIR> Corel
              02-11-2005 21:12 <DIR> dvdcss
              22-12-2005 20:43 <DIR> Google
              20-10-2005 13:30 <DIR> Help
              27-05-2005 02:24 <DIR> IDENTI~1 Identities
              28-05-2005 20:24 <DIR> INTERV~1 InterVideo
              09-07-2005 21:28 <DIR> KAZAAL~1 Kazaa Lite
              11-02-2008 21:21 <DIR> Lavasoft
              23-07-2005 12:22 <DIR> LEADER~1 Leadertech
              09-06-2005 19:18 <DIR> MACROM~1 Macromedia
              05-08-2007 08:35 <DIR> MEDIAP~1 Media Player Classic
              05-01-2007 19:32 <DIR> MICROS~1 Microsoft
              02-08-2007 09:24 <DIR> Nokia
              23-09-2007 18:52 <DIR> NOKIAM~1 Nokia Multimedia Player
              09-02-2008 22:55 <DIR> OPENOF~1.ORG OpenOffice.org2
              18-09-2007 20:34 <DIR> PCSUIT~1 PC Suite
              03-02-2008 15:41 <DIR> PCTOOL~1 PC Tools
              27-11-2007 19:24 <DIR> RipIt4Me
              18-09-2006 13:03 <DIR> Shareaza
              07-10-2007 21:11 <DIR> Skype
              28-11-2007 21:10 <DIR> SmartFTP
              27-05-2005 02:24 <DIR> Sonic
              27-05-2005 02:24 <DIR> Sun
              09-06-2005 19:25 <DIR> Symantec
              03-06-2005 19:04 <DIR> Template
              0 bestand(en) 0 bytes
              31 map(pen) 41.853.366.272 bytes beschikbaar
              Het volume in station C heeft geen naam.
              Het volumenummer is 4B13-F5DA

              Map van C:\Documents and Settings\All Users\Application Data

              11-02-2008 22:04 <DIR> .
              11-02-2008 22:04 <DIR> ..
              10-11-2007 15:54 <DIR> Adobe
              08-09-2007 11:14 <DIR> ANTIVI~2 AntiVir PersonalEdition Classic
              11-02-2006 15:59 <DIR> ANTIVI~1 AntiVir PersonalEdition classic(2)
              30-11-2007 22:12 <DIR> APPLEC~1 Apple Computer
              02-08-2007 08:42 <DIR> DOWNLO~1 Downloaded Installations
              20-11-2007 19:19 <DIR> DVDSHR~1 DVD Shrink
              12-09-2006 21:24 <DIR> Google
              24-11-2007 14:09 <DIR> INSTAL~1 Installations
              24-01-2008 18:45 <DIR> LICENS~1 LICENSE ADMIN OPTION BIB
              07-08-2007 07:57 <DIR> MAGIX
              03-02-2008 15:40 <DIR> MICROS~1 Microsoft
              05-06-2005 06:43 <DIR> OLYMPUS
              02-08-2007 08:50 <DIR> PCSUIT~1 PC Suite
              03-02-2008 15:29 <DIR> Prevx
              03-08-2005 14:04 <DIR> QUICKT~1 QuickTime
              27-05-2005 02:24 <DIR> SBSI
              02-09-2007 12:15 <DIR> Skype
              11-02-2008 21:21 <DIR> SPYBOT~1 Spybot - Search & Destroy
              03-02-2008 15:25 <DIR> SURFRI~1 SurfRight
              27-06-2005 20:48 <DIR> Symantec
              12-02-2008 21:00 <DIR> TEMP
              04-08-2005 21:05 <DIR> WINDOW~1 Windows Genuine Advantage
              05-01-2007 19:31 <DIR> WINDOW~2 Windows Live Toolbar
              0 bestand(en) 0 bytes
              25 map(pen) 41.853.362.176 bytes beschikbaar
              --------------------------------------------------------
              All User Accounts
              --------------------------------------------------------
              All Users
              Eigenaar
              Nancy Minnesma
              Patrick Minnesma
              --------------------------------------------------------


              Als 2de het Hijackthis logje :

              Logfile of Trend Micro HijackThis v2.0.0 (BETA)
              Scan saved at 22:11:15, on 12-2-2008
              Platform: Windows XP SP2 (WinNT 5.01.2600)
              Boot mode: Normal

              Running processes:
              C:\WINDOWS\System32\smss.exe
              C:\WINDOWS\system32\winlogon.exe
              C:\WINDOWS\system32\services.exe
              C:\WINDOWS\system32\lsass.exe
              C:\WINDOWS\system32\svchost.exe
              C:\WINDOWS\System32\svchost.exe
              C:\WINDOWS\system32\svchost.exe
              C:\WINDOWS\system32\spoolsv.exe
              C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
              C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
              C:\WINDOWS\System32\svchost.exe
              C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
              C:\WINDOWS\system32\nvsvc32.exe
              C:\WINDOWS\system32\svchost.exe
              C:\WINDOWS\Explorer.EXE
              C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe
              C:\Program Files\QuickTime\QTTask.exe
              C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe
              C:\Program Files\Internet Explorer\IEXPLORE.EXE
              C:\Program Files\Nokia\Nokia Software Launcher\NSLauncher.exe
              C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
              C:\Program Files\Trust\MI-4500X WIRELESS OPTICAL MOUSE\Mouse32a.exe
              C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe
              C:\WINDOWS\system32\atwtusb.exe
              C:\Program Files\Apoint2K\Apoint.exe
              C:\WINDOWS\AGRSMMSG.exe
              C:\Program Files\Spyware Doctor\pctsTray.exe
              C:\WINDOWS\system32\ctfmon.exe
              C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
              C:\Program Files\Messenger\msmsgs.exe
              C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
              C:\Program Files\Apoint2K\Apntex.exe
              C:\Program Files\HP\hpcoretech\comp\hptskmgr.exe
              C:\Program Files\Java\jre1.5.0_11\bin\jucheck.exe
              C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe
              C:\Program Files\Internet Explorer\iexplore.exe
              C:\Program Files\BitComet\BitComet.exe
              C:\Program Files\Internet Explorer\iexplore.exe
              C:\Downloads\HiJackThis_v2.exe

              R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
              R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
              R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=NL_NL&c=Q105&bd=presario&pf=laptop
              R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
              O2 - BHO: Adobe PDF Reader Help bij koppelingen - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
              O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.2.1.2.dll
              O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
              O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar4.dll
              O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
              O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar4.dll
              O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r
              O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe"
              O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
              O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup
              O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
              O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
              O4 - HKLM\..\Run: [NSLauncher] C:\Program Files\Nokia\Nokia Software Launcher\NSLauncher.exe /startup
              O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
              O4 - HKLM\..\Run: [FLMOFFICE4DMOUSE] C:\Program Files\Trust\MI-4500X WIRELESS OPTICAL MOUSE\Mouse32a.exe
              O4 - HKLM\..\Run: [eabconfg.cpl] C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe /Start
              O4 - HKLM\..\Run: [DXDllRegExe] dxdllreg.exe
              O4 - HKLM\..\Run: [Cpqset] C:\Program Files\HPQ\Default Settings\cpqset.exe
              O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min
              O4 - HKLM\..\Run: [atwtusb] atwtusb.exe beta
              O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
              O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
              O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
              O4 - HKLM\..\Run: [ISTray] "C:\Program Files\Spyware Doctor\pctsTray.exe"
              O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
              O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
              O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
              O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Lokale service')
              O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Netwerkservice')
              O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
              O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
              O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
              O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
              O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
              O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
              O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
              O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
              O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
              O9 - Extra button: (no name) - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - (no file)
              O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
              O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files\BitComet\tools\BitCometBHO_1.2.1.2.dll/206 (file missing)
              O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
              O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
              O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
              O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
              O14 - IERESET.INF: START_PAGE_URL=http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=NL_NL&c=Q105&bd=presario&pf=laptop
              O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by121fd.bay121.hotmail.msn.com/resources/MsnPUpld.cab
              O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
              O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
              O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
              O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
              O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
              O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
              O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
              O23 - Service: HP WMI Interface (hpqwmi) - Hewlett-Packard Development Company, L.P. - C:\Program Files\HPQ\SHARED\HPQWMI.exe
              O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
              O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
              O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
              O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe
              O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
              O23 - Service: UPnPService - Magix AG - C:\Program Files\Common Files\MAGIX Shared\UPnPService\UPnPService.exe

              --
              End of file - 8911 bytes

              Comment


              • #8
                Hallo Patsy,

                1. Je gebruikt een oude versie van HijackThis, deze toont niet alles dat we nodig hebben om infecties te verwijderen. Download daarom de nieuwste versie hier, vervang je huidige versie van HijackThis daarmee en post daarna je volgende logje!

                2. Open Deze Computer en kies Extra -> Mapopties.
                Controleer onder Weergave de volgende instellingen:
                • Uitzetten: Beveiligde besturingssysteembestanden verbergen (aanbevolen)
                • Uitzetten: Extensies voor bekende bestandstypen verbergen

                • Selecteer: De inhoud van systeemmappen weergeven (alleen bij XP)
                • Selecteer: Verborgen bestanden en mappen weergeven


                Druk daarna op Toepassen gevolgd door Ok.

                3. Verwijder daarna de onderstaande (dikgedrukte) mappen:
                C:\Program Files\Closemess
                C:\Documents and Settings\Patrick Minnesma\Application Data\Closemess
                C:\Documents and Settings\All Users\Application Data\LICENSE ADMIN OPTION BIB
                C:\Deljob

                4. Je Java software is verouderd.
                Oudere versies hebben lekken die malware de kans geeft om zich te installeren op je systeem.
                Doe eerst deze stappen om Java te de-installeren en de nieuwere versie te installeren:

                Download Java Runtime Environment (JRE) 6u4.
                • Scroll omlaag naar : "Java Runtime Environment (JRE) 6u4".
                • Klik op de "Download" knop aan de rechterkant.
                • In het uitklapmenu rechts naast Platform, selecteer Windows
                • Vink aan: "I agree to the Java SE Runtime Environment 6 License Agreement", en klik op Continue.
                • De pagina zal herladen.
                • Klik op de jre-6u4-windows-i586-p.exe link ONDER Windows Offline Installation en bewaar het naar je Bureaublad.
                • Sluit alle programma's die eventueel open zijn - Zeker je web browser!
                • Ga dan naar Start > Configuratiescherm > Software en verwijder alle oudere versies van Java uit de Softwarelijst.
                • Vink alles aan met Java Runtime Environment (JRE of J2SE) in de naam.
                • Klik dan op Verwijderen of op de Wijzig/Verwijder knop.
                • Herhaal dit tot alle oudere versies verdwenen zijn.
                • Na het verwijderen van alle oudere versies, herstart je pc.
                • Dubbelklik vervolgens op jre-6u4-windows-i586-p.exe op je Bureaublad om de nieuwste versie van Java te installeren.


                5. Herstart je computer en maak een nieuwe log van HijackThis. Post deze vervolgens in een nieuwe reactie.

                Hoe gaat het met je problemen?

                - Niek
                Spyware op je pc? Post een HijackThis log.
                Houd je Java software up-to-date!


                Comment


                • #9
                  Al iets beter..

                  Hallo Niek,

                  Het gaat al iets beter wat betreft de problemen maar zo af en toe sneaken er nog een paar door.Maar ik heb er alle vertrouwen in dat dat ook opgelost wordt.


                  Ik heb mijn huiswerk weer gedaan en hoop dat ik het goed heb gedaan

                  zie het Hijackthis log file hieronder

                  Alvast weer bedankt groet Patsy


                  Logfile of Trend Micro HijackThis v2.0.2
                  Scan saved at 20:05:51, on 16-2-2008
                  Platform: Windows XP SP2 (WinNT 5.01.2600)
                  MSIE: Internet Explorer v7.00 (7.00.6000.16608)
                  Boot mode: Normal

                  Running processes:
                  C:\WINDOWS\System32\smss.exe
                  C:\WINDOWS\system32\winlogon.exe
                  C:\WINDOWS\system32\services.exe
                  C:\WINDOWS\system32\lsass.exe
                  C:\WINDOWS\system32\svchost.exe
                  C:\WINDOWS\System32\svchost.exe
                  C:\WINDOWS\system32\svchost.exe
                  C:\WINDOWS\system32\spoolsv.exe
                  C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
                  C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
                  C:\WINDOWS\System32\svchost.exe
                  C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
                  C:\WINDOWS\system32\nvsvc32.exe
                  C:\WINDOWS\system32\svchost.exe
                  C:\WINDOWS\Explorer.EXE
                  C:\Program Files\QuickTime\QTTask.exe
                  C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe
                  C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
                  C:\Program Files\Nokia\Nokia Software Launcher\NSLauncher.exe
                  C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
                  C:\Program Files\Trust\MI-4500X WIRELESS OPTICAL MOUSE\Mouse32a.exe
                  C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe
                  C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe
                  C:\WINDOWS\system32\atwtusb.exe
                  C:\Program Files\Apoint2K\Apoint.exe
                  C:\WINDOWS\AGRSMMSG.exe
                  C:\Program Files\Apoint2K\Apntex.exe
                  C:\Program Files\Spyware Doctor\pctsTray.exe
                  C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
                  C:\WINDOWS\system32\ctfmon.exe
                  C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
                  C:\Program Files\Messenger\msmsgs.exe
                  C:\Program Files\HP\hpcoretech\comp\hptskmgr.exe
                  C:\Program Files\Internet Explorer\iexplore.exe
                  C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

                  R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
                  R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
                  R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=NL_NL&c=Q105&bd=presario&pf=laptop
                  R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
                  O2 - BHO: Adobe PDF Reader Help bij koppelingen - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
                  O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.2.1.2.dll
                  O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
                  O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar4.dll
                  O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
                  O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar4.dll
                  O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r
                  O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
                  O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup
                  O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
                  O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
                  O4 - HKLM\..\Run: [NSLauncher] C:\Program Files\Nokia\Nokia Software Launcher\NSLauncher.exe /startup
                  O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
                  O4 - HKLM\..\Run: [FLMOFFICE4DMOUSE] C:\Program Files\Trust\MI-4500X WIRELESS OPTICAL MOUSE\Mouse32a.exe
                  O4 - HKLM\..\Run: [eabconfg.cpl] C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe /Start
                  O4 - HKLM\..\Run: [DXDllRegExe] dxdllreg.exe
                  O4 - HKLM\..\Run: [Cpqset] C:\Program Files\HPQ\Default Settings\cpqset.exe
                  O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min
                  O4 - HKLM\..\Run: [atwtusb] atwtusb.exe beta
                  O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
                  O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
                  O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
                  O4 - HKLM\..\Run: [ISTray] "C:\Program Files\Spyware Doctor\pctsTray.exe"
                  O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
                  O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
                  O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
                  O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
                  O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Lokale service')
                  O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Netwerkservice')
                  O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
                  O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
                  O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
                  O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
                  O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
                  O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
                  O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
                  O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
                  O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
                  O9 - Extra button: (no name) - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - (no file)
                  O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
                  O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files\BitComet\tools\BitCometBHO_1.2.1.2.dll/206 (file missing)
                  O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
                  O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
                  O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
                  O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
                  O14 - IERESET.INF: START_PAGE_URL=http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=NL_NL&c=Q105&bd=presario&pf=laptop
                  O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by121fd.bay121.hotmail.msn.com/resources/MsnPUpld.cab
                  O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://javadl-esd.sun.com/update/1.6.0/jinstall-6u3-windows-i586-jc.cab
                  O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
                  O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
                  O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
                  O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
                  O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
                  O23 - Service: HP WMI Interface (hpqwmi) - Hewlett-Packard Development Company, L.P. - C:\Program Files\HPQ\SHARED\HPQWMI.exe
                  O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
                  O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
                  O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
                  O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe
                  O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
                  O23 - Service: UPnPService - Magix AG - C:\Program Files\Common Files\MAGIX Shared\UPnPService\UPnPService.exe

                  --
                  End of file - 8650 bytes



                  Oorspronkelijk geplaatst door NiekR Bekijk Berichten
                  Hallo Patsy,

                  1. Je gebruikt een oude versie van HijackThis, deze toont niet alles dat we nodig hebben om infecties te verwijderen. [url=http://download.bleepingcomputer.com/hijackthis/HJTInstall.exe]Download daarom de nieuwste versie hier, vervang je huidige versie van HijackThis daarmee en post daarna je volgende logje!

                  2. Open Deze Computer en kies Extra -> Mapopties.
                  Controleer onder Weergave de volgende instellingen:
                  • Uitzetten: Beveiligde besturingssysteembestanden verbergen (aanbevolen)
                  • Uitzetten: Extensies voor bekende bestandstypen verbergen

                  • Selecteer: De inhoud van systeemmappen weergeven (alleen bij XP)
                  • Selecteer: Verborgen bestanden en mappen weergeven


                  Druk daarna op Toepassen gevolgd door Ok.

                  3. Verwijder daarna de onderstaande (dikgedrukte) mappen:
                  C:\Program Files\Closemess
                  C:\Documents and Settings\Patrick Minnesma\Application Data\Closemess
                  C:\Documents and Settings\All Users\Application Data\LICENSE ADMIN OPTION BIB
                  C:\Deljob

                  4. Je Java software is verouderd.
                  Oudere versies hebben lekken die malware de kans geeft om zich te installeren op je systeem.
                  Doe eerst deze stappen om Java te de-installeren en de nieuwere versie te installeren:

                  Download [url=http://java.sun.com/javase/downloads/index.jsp]Java Runtime Environment (JRE) 6u4.
                  • Scroll omlaag naar : "Java Runtime Environment (JRE) 6u4".
                  • Klik op de "Download" knop aan de rechterkant.
                  • In het uitklapmenu rechts naast Platform, selecteer Windows
                  • Vink aan: "I agree to the Java SE Runtime Environment 6 License Agreement", en klik op Continue.
                  • De pagina zal herladen.
                  • Klik op de jre-6u4-windows-i586-p.exe link ONDER Windows Offline Installation en bewaar het naar je Bureaublad.
                  • Sluit alle programma's die eventueel open zijn - Zeker je web browser!
                  • Ga dan naar Start > Configuratiescherm > Software en verwijder alle oudere versies van Java uit de Softwarelijst.
                  • Vink alles aan met Java Runtime Environment (JRE of J2SE) in de naam.
                  • Klik dan op Verwijderen of op de Wijzig/Verwijder knop.
                  • Herhaal dit tot alle oudere versies verdwenen zijn.
                  • Na het verwijderen van alle oudere versies, herstart je pc.
                  • Dubbelklik vervolgens op jre-6u4-windows-i586-p.exe op je Bureaublad om de nieuwste versie van Java te installeren.


                  5. Herstart je computer en maak een nieuwe log van HijackThis. Post deze vervolgens in een nieuwe reactie.

                  Hoe gaat het met je problemen?

                  - Niek

                  Comment


                  • #10
                    Hallo Patsy,

                    Hoe is het nu met je problemen?

                    Dubbelklik Deljob.exe.
                    Een logje (logit.txt) zal openen.
                    Post de inhoud van logit.txt in je volgende bericht, tesamen met een nieuwe log van HijackThis.

                    - Niek
                    Spyware op je pc? Post een HijackThis log.
                    Houd je Java software up-to-date!


                    Comment

                    Sorry, you are not authorized to view this page
                    Working...
                    X