Mededeling

Collapse
No announcement yet.

vensters willen automatisch afsluiten

Collapse
X
Collapse
  •  
  • Page of 1
  • Filter
  • Tijd
  • Show
Clear All
new posts
Vorige template Volgende
  • #1

    vensters willen automatisch afsluiten

    Hallo,

    normaal ben ik wel wat duidelijker in mijn titels, maar ik heb een beetje vreemd probleem en ik weet ook niet zeker of het een spyware probleem is.

    Het probleem ziet er, bijvoorbeeld, als volgt uit:

    op de PC heb ik het eerste seizoen van een televisie serie genaamd Heroes, deze map kan ik zonder problemen openen, maar zodra ik een aflevering selecteer dan wordt het volgende probleem van windows explorer weergeven:

    Windows Explorer has encounterd a problem and needs to close. Vervolgens het gebruikelijke verhaaltje of je het rapport wilt verzenden of niet.

    Als ik dit venster negeer kan ik gewoon mijn afleveringen bekijken, maar het is gewoon vervelend.

    Als ik don't send kies in het venster dan 'refreshed' het bureaublad.

    De PC draait op Windows XP Pro. Ad-Aware, Spybot Search and Destroy en AVG Antispyware heb ik al gedraaid, zonder succes.

    Hieronder volgt het Hijackthis logje:

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 16:02, on 2008-02-29
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16608)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
    C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
    C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    I:\Anti\AVG Anti-Spyware 7.5\guard.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\VTTimer.exe
    C:\WINDOWS\system32\VTtrayp.exe
    C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe
    C:\Program Files\VIA\RAID\raid_tool.exe
    C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
    C:\Program Files\Analog Devices\SoundMAX\Smax4.exe
    C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
    I:\Anti\AVG Anti-Spyware 7.5\avgas.exe
    C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe
    C:\Program Files\K-Lite Codec Pack\QuickTime\QTTask.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\Program Files\Messenger\msmsgs.exe
    C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe
    I:\Downloads\utorrent.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\SAGEM WiFi manager\WLANUTL.EXE
    C:\Program Files\iPod\bin\iPodService.exe
    C:\WINDOWS\explorer.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    I:\Anti\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.nl/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
    O4 - HKLM\..\Run: [VTTrayp] VTtrayp.exe
    O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe"
    O4 - HKLM\..\Run: [RaidTool] C:\Program Files\VIA\RAID\raid_tool.exe
    O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
    O4 - HKLM\..\Run: [SoundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
    O4 - HKLM\..\Run: [!AVG Anti-Spyware] "I:\Anti\AVG Anti-Spyware 7.5\avgas.exe" /minimized
    O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min
    O4 - HKLM\..\Run: [mnu] C:\Program Files\Orange\GLOBAL\Mnu\igomnu.exe /S:T
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\K-Lite Codec Pack\QuickTime\QTTask.exe" -atboottime
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
    O4 - HKCU\..\Run: [BitTorrent] "C:\Program Files\BitTorrent\bittorrent.exe" --force_start_minimized
    O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe"
    O4 - HKCU\..\Run: [eMuleAutoStart] C:\Program Files\eMule\emule.exe -AutoStart
    O4 - HKCU\..\Run: [OPENLOCKS] C:\DOCUME~1\Bob\APPLIC~1\gridsect\Corn bash.exe
    O4 - HKCU\..\Run: [µTorrent] "I:\Downloads\utorrent.exe"
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - Global Startup: SAGEM Wi-Fi 11g USB adapter LAN Utility.lnk = C:\Program Files\SAGEM WiFi manager\WLANUTL.EXE
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: PartyCasino.com - {B4B52284-A248-4c51-9F7C-F0A0C67FCC9D} - C:\Program Files\PartyGaming\PartyCasino\RunCasino.exe (file missing)
    O9 - Extra 'Tools' menuitem: PartyCasino.com - {B4B52284-A248-4c51-9F7C-F0A0C67FCC9D} - C:\Program Files\PartyGaming\PartyCasino\RunCasino.exe (file missing)
    O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe (file missing)
    O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe (file missing)
    O9 - Extra button: Unibet Poker - {C53BFCFC-7A54-4627-AEBA-2CD4871FCA97} - C:\Program Files\UnibetpokerMPP\MPPoker.exe (file missing)
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
    O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
    O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1135958123751
    O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
    O16 - DPF: {91F52A42-C10D-49A7-B941-882C657C604F} (Installation Helper Object) - http://kitcentral.wanadoo.nl/download/install/win32/nl/instwact/instwact.dll
    O16 - DPF: {B64F4A7C-97C9-11DA-8BDE-F66BAD1E3F3A} - http://locator1.cdn.imagesrvr.com/sites/errorsafe.com/www/pages/scanner/ErrorSafeNewReleaseInstall.cab
    O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab47946.cab
    O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab31267.cab
    O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
    O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
    O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - I:\Anti\AVG Anti-Spyware 7.5\guard.exe
    O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe

    --
    End of file - 8548 bytes
    Labels: Geen
    • Citaat
  • #2
    Start Hijackthis, kies voor 'Do a system scan only' en vink onderstaande regels aan:

    O4 - HKCU\..\Run: [OPENLOCKS] C:\DOCUME~1\Bob\APPLIC~1\gridsect\Corn bash.exe

    Sluit nu alle openstaande vensters, behalve Hijackthis en klik op Fix Checked.

    Download Deljob.exe (mirror) naar je Bureaublad.
    Indien je virusscanner de download van deljob.exe blokkeert,
    schakel dan tijdelijk je virusscanner uit of download de zip-versie deljob.zip en pak deze uit naar je Bureaublad.

    Dubbelklik op Deljob.exe.
    Een logje(logit.txt) zal openen, het bestandje kan je ook terugvinden op je Bureaublad.
    Post de inhoud van logit.txt in je volgende bericht samen met een nieuw Hijackhis logje.
    Groet,
    Pimmerd
    • Citaat

    Comment

    • #3
      bedankt voor je reactie Pimmerd. Hieronder volgt een nieuw Hijackthis logje en het logje van Deljob.

      Logfile of Trend Micro HijackThis v2.0.2
      Scan saved at 14:20, on 2008-03-08
      Platform: Windows XP SP2 (WinNT 5.01.2600)
      MSIE: Internet Explorer v7.00 (7.00.6000.16608)
      Boot mode: Normal

      Running processes:
      C:\WINDOWS\System32\smss.exe
      C:\WINDOWS\system32\winlogon.exe
      C:\WINDOWS\system32\services.exe
      C:\WINDOWS\system32\lsass.exe
      C:\WINDOWS\system32\svchost.exe
      C:\WINDOWS\System32\svchost.exe
      C:\WINDOWS\system32\spoolsv.exe
      C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
      C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
      C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
      I:\Anti\AVG Anti-Spyware 7.5\guard.exe
      C:\Program Files\Bonjour\mDNSResponder.exe
      C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
      C:\WINDOWS\system32\svchost.exe
      C:\WINDOWS\Explorer.EXE
      C:\WINDOWS\system32\VTTimer.exe
      C:\WINDOWS\system32\VTtrayp.exe
      C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe
      C:\Program Files\VIA\RAID\raid_tool.exe
      C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
      C:\Program Files\Analog Devices\SoundMAX\Smax4.exe
      C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
      I:\Anti\AVG Anti-Spyware 7.5\avgas.exe
      C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe
      C:\Program Files\K-Lite Codec Pack\QuickTime\QTTask.exe
      C:\Program Files\iTunes\iTunesHelper.exe
      C:\Program Files\Messenger\msmsgs.exe
      C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe
      I:\Downloads\utorrent.exe
      C:\WINDOWS\system32\ctfmon.exe
      C:\Program Files\SAGEM WiFi manager\WLANUTL.EXE
      C:\Program Files\iPod\bin\iPodService.exe
      C:\Program Files\TeamViewer3\TeamViewer.exe
      C:\Program Files\Mozilla Firefox\firefox.exe
      C:\WINDOWS\system32\notepad.exe
      I:\Anti\HijackThis.exe

      R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.nl/
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
      R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
      R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
      O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
      O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
      O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
      O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
      O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
      O4 - HKLM\..\Run: [VTTrayp] VTtrayp.exe
      O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe"
      O4 - HKLM\..\Run: [RaidTool] C:\Program Files\VIA\RAID\raid_tool.exe
      O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
      O4 - HKLM\..\Run: [SoundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray
      O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
      O4 - HKLM\..\Run: [!AVG Anti-Spyware] "I:\Anti\AVG Anti-Spyware 7.5\avgas.exe" /minimized
      O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min
      O4 - HKLM\..\Run: [mnu] C:\Program Files\Orange\GLOBAL\Mnu\igomnu.exe /S:T
      O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
      O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\K-Lite Codec Pack\QuickTime\QTTask.exe" -atboottime
      O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
      O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
      O4 - HKCU\..\Run: [BitTorrent] "C:\Program Files\BitTorrent\bittorrent.exe" --force_start_minimized
      O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe"
      O4 - HKCU\..\Run: [eMuleAutoStart] C:\Program Files\eMule\emule.exe -AutoStart
      O4 - HKCU\..\Run: [µTorrent] "I:\Downloads\utorrent.exe"
      O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
      O4 - Global Startup: SAGEM Wi-Fi 11g USB adapter LAN Utility.lnk = C:\Program Files\SAGEM WiFi manager\WLANUTL.EXE
      O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
      O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
      O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
      O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
      O9 - Extra button: PartyCasino.com - {B4B52284-A248-4c51-9F7C-F0A0C67FCC9D} - C:\Program Files\PartyGaming\PartyCasino\RunCasino.exe (file missing)
      O9 - Extra 'Tools' menuitem: PartyCasino.com - {B4B52284-A248-4c51-9F7C-F0A0C67FCC9D} - C:\Program Files\PartyGaming\PartyCasino\RunCasino.exe (file missing)
      O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe (file missing)
      O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe (file missing)
      O9 - Extra button: Unibet Poker - {C53BFCFC-7A54-4627-AEBA-2CD4871FCA97} - C:\Program Files\UnibetpokerMPP\MPPoker.exe (file missing)
      O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
      O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
      O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
      O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
      O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
      O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
      O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
      O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1135958123751
      O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
      O16 - DPF: {91F52A42-C10D-49A7-B941-882C657C604F} (Installation Helper Object) - http://kitcentral.wanadoo.nl/download/install/win32/nl/instwact/instwact.dll
      O16 - DPF: {B64F4A7C-97C9-11DA-8BDE-F66BAD1E3F3A} - http://locator1.cdn.imagesrvr.com/sites/errorsafe.com/www/pages/scanner/ErrorSafeNewReleaseInstall.cab
      O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab47946.cab
      O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab31267.cab
      O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
      O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
      O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
      O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - I:\Anti\AVG Anti-Spyware 7.5\guard.exe
      O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
      O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
      O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
      O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe

      --
      End of file - 8623 bytes

      --------------------------------------------------------
      No LOP job-files found
      --------------------------------------------------------
      Files in Windows Tasks folder

      AppleSoftwareUpdate.job
      --------------------------------------------------------
      Export App Data folders
      --------------------------------------------------------
      Volume in drive C has no label.
      Volume Serial Number is 2433-7DED

      Directory of C:\Documents and Settings\Bob\Application Data

      2008-03-03 22:03 <DIR> .
      2008-03-03 22:03 <DIR> ..
      2006-04-02 08:20 <DIR> BITTOR~1 .BitTornado
      2007-12-18 20:44 <DIR> Adobe
      2006-03-26 21:27 <DIR> AdobeUM
      2007-11-21 16:24 <DIR> Ahead
      2007-08-22 15:58 <DIR> APPLEC~1 Apple Computer
      2007-03-25 15:00 <DIR> BITTOR~2 BitTorrent
      2007-08-07 23:03 <DIR> CYBERL~1 Cyberlink
      2007-08-07 23:18 <DIR> DivX
      2007-05-29 18:37 <DIR> Google
      2007-08-10 11:42 <DIR> gridsect
      2008-02-29 11:03 <DIR> Grisoft
      2006-07-22 00:13 <DIR> Help
      2007-06-09 17:59 <DIR> IDENTI~1 Identities
      2006-11-13 20:43 <DIR> INTERT~1 InterTrust
      2007-04-18 08:07 <DIR> Lavasoft
      2007-09-22 16:22 <DIR> LGSync
      2007-12-18 12:12 <DIR> LimeWire
      2006-01-03 20:18 <DIR> MACROM~1 Macromedia
      2006-01-06 21:41 <DIR> MEDIAP~1 Media Player Classic
      2006-11-30 22:47 <DIR> MICROG~1 Microgaming
      2007-08-08 22:56 <DIR> MICROS~1 Microsoft
      2006-01-03 20:04 <DIR> Mozilla
      2007-01-07 12:30 <DIR> PREVEN~1 Preventon
      2006-11-28 19:29 <DIR> Samsung
      2006-01-04 18:46 <DIR> SMARTP~1 Smart Panel
      2006-01-14 13:40 <DIR> Sun
      2006-01-03 20:05 <DIR> Talkback
      2008-02-28 18:28 <DIR> TEAMVI~1 TeamViewer
      2008-03-08 14:15 <DIR> uTorrent
      2006-12-02 18:23 <DIR> Wanadoo
      2007-06-09 17:59 <DIR> Zylom
      0 File(s) 0 bytes
      33 Dir(s) 4,593,807,360 bytes free
      Volume in drive C has no label.
      Volume Serial Number is 2433-7DED

      Directory of C:\Documents and Settings\All Users\Application Data

      2008-03-03 18:23 <DIR> .
      2008-03-03 18:23 <DIR> ..
      2005-12-30 19:41 <DIR> Adobe
      2007-04-23 07:24 <DIR> ANTIVI~1 AntiVir PersonalEdition classic
      2007-07-10 20:20 <DIR> Apple
      2007-08-07 23:04 <DIR> APPLEC~1 Apple Computer
      2007-08-07 16:35 <DIR> clp
      2005-12-30 19:23 <DIR> CYBERL~1 CyberLink
      2008-02-29 11:03 <DIR> Grisoft
      2006-11-13 21:08 <DIR> MICROS~1 Microsoft
      2006-12-01 21:37 <DIR> Orange
      2006-10-28 15:18 <DIR> SPYBOT~1 Spybot - Search & Destroy
      2007-04-22 19:08 <DIR> TEMP
      2006-01-04 18:36 <DIR> UDL
      2007-12-24 16:16 <DIR> WINDOW~1 Windows Genuine Advantage
      2008-03-03 18:23 <DIR> WLINST~1 WLInstaller
      2007-11-12 22:12 <DIR> Zylom
      0 File(s) 0 bytes
      17 Dir(s) 4,593,807,360 bytes free
      --------------------------------------------------------
      All User Accounts
      --------------------------------------------------------
      Administrator
      All Users
      Bob
      Ed
      Incomplete
      Patricia
      --------------------------------------------------------
      • Citaat

      Comment

      • #4
        Start Hijackthis, kies voor 'Do a system scan only' en vink onderstaande regels aan:

        O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
        O9 - Extra button: PartyCasino.com - {B4B52284-A248-4c51-9F7C-F0A0C67FCC9D} - C:\Program Files\PartyGaming\PartyCasino\RunCasino.exe (file missing)
        O9 - Extra 'Tools' menuitem: PartyCasino.com - {B4B52284-A248-4c51-9F7C-F0A0C67FCC9D} - C:\Program Files\PartyGaming\PartyCasino\RunCasino.exe (file missing)
        O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe (file missing)
        O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe (file missing)
        O9 - Extra button: Unibet Poker - {C53BFCFC-7A54-4627-AEBA-2CD4871FCA97} - C:\Program Files\UnibetpokerMPP\MPPoker.exe (file missing)

        Sluit nu alle openstaande vensters, behalve Hijackthis en klik op Fix Checked.

        Zorg ervoor dat verborgen mappen en bestanden worden weergeven
        Hoe verborgen mappen en bestanden weer te geven

        Verwijder onderstaande mappen:
        C:\Documents and Settings\Bob\Application Data\gridsect
        C:\Deljob

        Plaats een Hijackthis logje ter controle.
        Nog problemen?
        Groet,
        Pimmerd
        • Citaat

        Comment

        • #5
          Hey Pimmerd,

          ik heb helaas nog steeds het probleem.

          Hijackthis log:

          Logfile of Trend Micro HijackThis v2.0.2
          Scan saved at 17:06, on 2008-03-08
          Platform: Windows XP SP2 (WinNT 5.01.2600)
          MSIE: Internet Explorer v7.00 (7.00.6000.16608)
          Boot mode: Normal

          Running processes:
          C:\WINDOWS\System32\smss.exe
          C:\WINDOWS\system32\winlogon.exe
          C:\WINDOWS\system32\services.exe
          C:\WINDOWS\system32\lsass.exe
          C:\WINDOWS\system32\svchost.exe
          C:\WINDOWS\System32\svchost.exe
          C:\WINDOWS\system32\spoolsv.exe
          C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
          C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
          C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
          I:\Anti\AVG Anti-Spyware 7.5\guard.exe
          C:\Program Files\Bonjour\mDNSResponder.exe
          C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
          C:\WINDOWS\system32\svchost.exe
          C:\WINDOWS\Explorer.EXE
          C:\WINDOWS\system32\VTTimer.exe
          C:\WINDOWS\system32\VTtrayp.exe
          C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe
          C:\Program Files\VIA\RAID\raid_tool.exe
          C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
          C:\Program Files\Analog Devices\SoundMAX\Smax4.exe
          C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
          I:\Anti\AVG Anti-Spyware 7.5\avgas.exe
          C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe
          C:\Program Files\K-Lite Codec Pack\QuickTime\QTTask.exe
          C:\Program Files\iTunes\iTunesHelper.exe
          C:\Program Files\Messenger\msmsgs.exe
          C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe
          I:\Downloads\utorrent.exe
          C:\WINDOWS\system32\ctfmon.exe
          C:\Program Files\SAGEM WiFi manager\WLANUTL.EXE
          C:\Program Files\iPod\bin\iPodService.exe
          C:\Program Files\TeamViewer3\TeamViewer.exe
          C:\Program Files\Mozilla Firefox\firefox.exe
          I:\Anti\HijackThis.exe

          R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.nl/
          R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
          R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
          R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
          R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
          R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
          O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
          O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
          O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
          O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
          O4 - HKLM\..\Run: [VTTrayp] VTtrayp.exe
          O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe"
          O4 - HKLM\..\Run: [RaidTool] C:\Program Files\VIA\RAID\raid_tool.exe
          O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
          O4 - HKLM\..\Run: [SoundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray
          O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
          O4 - HKLM\..\Run: [!AVG Anti-Spyware] "I:\Anti\AVG Anti-Spyware 7.5\avgas.exe" /minimized
          O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min
          O4 - HKLM\..\Run: [mnu] C:\Program Files\Orange\GLOBAL\Mnu\igomnu.exe /S:T
          O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
          O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\K-Lite Codec Pack\QuickTime\QTTask.exe" -atboottime
          O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
          O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
          O4 - HKCU\..\Run: [BitTorrent] "C:\Program Files\BitTorrent\bittorrent.exe" --force_start_minimized
          O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe"
          O4 - HKCU\..\Run: [eMuleAutoStart] C:\Program Files\eMule\emule.exe -AutoStart
          O4 - HKCU\..\Run: [µTorrent] "I:\Downloads\utorrent.exe"
          O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
          O4 - Global Startup: SAGEM Wi-Fi 11g USB adapter LAN Utility.lnk = C:\Program Files\SAGEM WiFi manager\WLANUTL.EXE
          O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
          O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
          O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
          O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
          O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
          O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
          O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
          O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
          O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
          O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
          O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
          O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1135958123751
          O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
          O16 - DPF: {91F52A42-C10D-49A7-B941-882C657C604F} (Installation Helper Object) - http://kitcentral.wanadoo.nl/download/install/win32/nl/instwact/instwact.dll
          O16 - DPF: {B64F4A7C-97C9-11DA-8BDE-F66BAD1E3F3A} - http://locator1.cdn.imagesrvr.com/sites/errorsafe.com/www/pages/scanner/ErrorSafeNewReleaseInstall.cab
          O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab47946.cab
          O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab31267.cab
          O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
          O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
          O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
          O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - I:\Anti\AVG Anti-Spyware 7.5\guard.exe
          O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
          O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
          O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
          O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe

          --
          End of file - 7775 bytes
          • Citaat

          Comment

          • #6
            in het toegevoegde Word document zit een printscreen van het probleem, misschien kan je er wat mee.
            Bijgevoegde Bestanden
            • Citaat

            Comment

            • #7
              Heb je het alleen in die map? Dat seisoen is gedownload of geript? Mogelijk is deze corrupt. Ik denk ook niet dat je probleem malware gerelateerd is, om zeker te zijn.

              Download MBAM (Malwarebytes' Anti-Malware) via hier of hier.
              • Dubbelklik op mbam-setup.exe om het programma te installeren.
                • Zorg ervoor dat er een vinkje geplaatst is voor Update Malwarebytes' Anti-Malware en Start Malwarebytes' Anti-Malware, Klik daarna op "Voltooien".
                • Indien een update gevonden werd, zal die gedownload en geïnstalleerd worden.
                • Wanneer het programma volledig up to date is, selecteer dan in het tabblad Scanner : "Snelle Scan", daarna klik op Scan.
                • Het scannen kan een tijdje duren, dus wees geduldig.
                • Wanneer de scan voltooid is, klik op OK, daarna "Bekijk Resultaten" om de resultaten te zien.
                • Zorg ervoor dat daar alles aangevinkt is, daarna klik op: Verwijder geselecteerde.
                • Na het verwijderen zal een log openen en zal er gevraagd worden om de computer opnieuw op te starten. (Zie verder)
                • De log wordt automatisch bewaard door MBAM en kan je terugvinden door op de "Logs" tab te klikken in MBAM.
                • Kopieer en plak de inhoud van het logje in je volgend antwoord, samen met een nieuw HijackThis log.

                Indien MBAM moeilijkheden heeft met het verwijderen van bepaalde bestanden zal het enkele meldingen geven waar je OK moet klikken.
                Daarna zal het vragen om de Computer opnieuw op te starten... dus sta toe dat MBAM de computer opnieuw opstart.
              Groet,
              Pimmerd
              • Citaat

              Comment

              • #8
                hallo Pimmerd,

                ik denk niet dat de files corrupted zijn aangezien ik dan moeilijkheden zal moeten hebben met afspelen. Zolang ik het venster, wat ik in mijn vorige bericht had bijgevoegd, niet afsluit kan ik de afleveringen afspelen en zal de desktop niet refreshed worden. Hieronder volgen de logjes:

                Malwarebytes' Anti-Malware 1.08
                Database version: 474

                Scan type: Quick Scan
                Objects scanned: 33807
                Time elapsed: 4 minute(s), 36 second(s)

                Memory Processes Infected: 0
                Memory Modules Infected: 0
                Registry Keys Infected: 1
                Registry Values Infected: 0
                Registry Data Items Infected: 0
                Folders Infected: 1
                Files Infected: 0

                Memory Processes Infected:
                (No malicious items detected)

                Memory Modules Infected:
                (No malicious items detected)

                Registry Keys Infected:
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{b64f4a7c-97c9-11da-8bde-f66bad1e3f3a} (Rogue.WinAntivirus) -> Quarantined and deleted successfully.

                Registry Values Infected:
                (No malicious items detected)

                Registry Data Items Infected:
                (No malicious items detected)

                Folders Infected:
                C:\Program Files\3wPlayer (Trojan.Downloader) -> Quarantined and deleted successfully.

                Files Infected:
                (No malicious items detected)

                Hijackthis                :

                Logfile of Trend Micro HijackThis v2.0.2
                Scan saved at 12:12, on 2008-03-10
                Platform: Windows XP SP2 (WinNT 5.01.2600)
                MSIE: Internet Explorer v7.00 (7.00.6000.16608)
                Boot mode: Normal

                Running processes:
                C:\WINDOWS\System32\smss.exe
                C:\WINDOWS\system32\winlogon.exe
                C:\WINDOWS\system32\services.exe
                C:\WINDOWS\system32\lsass.exe
                C:\WINDOWS\system32\svchost.exe
                C:\WINDOWS\System32\svchost.exe
                C:\WINDOWS\system32\spoolsv.exe
                C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
                C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
                C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
                I:\Anti\AVG Anti-Spyware 7.5\guard.exe
                C:\Program Files\Bonjour\mDNSResponder.exe
                C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
                C:\WINDOWS\system32\svchost.exe
                C:\WINDOWS\Explorer.EXE
                C:\WINDOWS\system32\VTTimer.exe
                C:\WINDOWS\system32\VTtrayp.exe
                C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe
                C:\Program Files\VIA\RAID\raid_tool.exe
                C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
                C:\Program Files\Analog Devices\SoundMAX\Smax4.exe
                C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
                I:\Anti\AVG Anti-Spyware 7.5\avgas.exe
                C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe
                C:\Program Files\K-Lite Codec Pack\QuickTime\QTTask.exe
                C:\Program Files\iTunes\iTunesHelper.exe
                C:\Program Files\Messenger\msmsgs.exe
                C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe
                I:\Downloads\utorrent.exe
                C:\WINDOWS\system32\ctfmon.exe
                C:\Program Files\SAGEM WiFi manager\WLANUTL.EXE
                C:\Program Files\iPod\bin\iPodService.exe
                C:\Program Files\Mozilla Firefox\firefox.exe
                I:\Anti\HijackThis.exe

                R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.nl/
                R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
                R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
                R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
                R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
                R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
                O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
                O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
                O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
                O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
                O4 - HKLM\..\Run: [VTTrayp] VTtrayp.exe
                O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe"
                O4 - HKLM\..\Run: [RaidTool] C:\Program Files\VIA\RAID\raid_tool.exe
                O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
                O4 - HKLM\..\Run: [SoundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray
                O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
                O4 - HKLM\..\Run: [!AVG Anti-Spyware] "I:\Anti\AVG Anti-Spyware 7.5\avgas.exe" /minimized
                O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min
                O4 - HKLM\..\Run: [mnu] C:\Program Files\Orange\GLOBAL\Mnu\igomnu.exe /S:T
                O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
                O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\K-Lite Codec Pack\QuickTime\QTTask.exe" -atboottime
                O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
                O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
                O4 - HKCU\..\Run: [BitTorrent] "C:\Program Files\BitTorrent\bittorrent.exe" --force_start_minimized
                O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe"
                O4 - HKCU\..\Run: [eMuleAutoStart] C:\Program Files\eMule\emule.exe -AutoStart
                O4 - HKCU\..\Run: [µTorrent] "I:\Downloads\utorrent.exe"
                O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
                O4 - Global Startup: SAGEM Wi-Fi 11g USB adapter LAN Utility.lnk = C:\Program Files\SAGEM WiFi manager\WLANUTL.EXE
                O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
                O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
                O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
                O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
                O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
                O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
                O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
                O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
                O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
                O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
                O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
                O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1135958123751
                O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
                O16 - DPF: {91F52A42-C10D-49A7-B941-882C657C604F} (Installation Helper Object) - http://kitcentral.wanadoo.nl/download/install/win32/nl/instwact/instwact.dll
                O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab47946.cab
                O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab31267.cab
                O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
                O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
                O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
                O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - I:\Anti\AVG Anti-Spyware 7.5\guard.exe
                O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
                O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
                O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
                O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe

                --
                End of file - 7574 bytes
                • Citaat

                Comment

                • #9
                  Je probleem is i.i.g. niet malware gerelateerd, je zou dit nog eens kunnen proberen.

                  Download DAFT naar je Bureaublad
                  • Dubbelklik op het groene daft.exe icoon.
                  • Lees de disclaimer en klik op OK.
                  • Klik op de Scan knop.
                  • Vink (indien foutieve associaties worden aangetroffen) alle weergegeven items aan.
                  • Klik op de Fix knop.
                  • Herhaal de scan en klik op "Save log".
                    Standaard wordt dit op je Bureaublad opgeslagen als daft.txt.
                  Post het resultaat in je volgende antwoord.
                  Groet,
                  Pimmerd
                  • Citaat

                  Comment

                  • #10
                    DAFT Log saved on 2008-03-10 14:33:38
                    -----------------------------------------------------------------------
                    All associations okay!
                    • Citaat

                    Comment

                    • #11
                      Je probleem ligt i.i.g. niet aan malware, indien je nog problemen hebt zou ik eens proberen in onze Windows sectie
                      Groet,
                      Pimmerd
                      • Citaat

                      Comment

                      • #12
                        Oke, dat zal ik doen. Ik wil je i.i.g. bedanken voor de moeite die je voor me gedaan hebt Pimmerd!
                        • Citaat

                        Comment

                        • #13
                          Graag gedaan hoor
                          Groet,
                          Pimmerd
                          • Citaat

                          Comment

                          Vorige template Volgende
                          Sorry, you are not authorized to view this page
                          Working...
                          X