Mededeling

Collapse
No announcement yet.

spyware?

Collapse
X
  •  
  • Filter
  • Tijd
  • Show
Clear All
new posts

  • spyware?

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 14:36:35, on 18-3-2008
    Platform: Windows Vista (WinNT 6.00.1904)
    MSIE: Internet Explorer v7.00 (7.00.6000.16575)
    Boot mode: Normal

    Running processes:
    C:\Windows\system32\taskeng.exe
    C:\Windows\system32\Dwm.exe
    C:\Program Files\Common Files\Intel\IntelDH\NMS\Support\IntelHCTAgent.exe
    C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
    C:\Windows\sttray.exe
    C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
    C:\Windows\System32\rundll32.exe
    C:\Windows\System32\rundll32.exe
    C:\Windows\System32\rundll32.exe
    C:\Program Files\Windows Sidebar\sidebar.exe
    C:\Windows\ehome\ehtray.exe
    C:\Program Files\Windows Media Player\wmpnscfg.exe
    C:\Windows\ehome\ehmsas.exe
    C:\Program Files\Windows Sidebar\sidebar.exe
    C:\Windows\system32\wbem\unsecapp.exe
    C:\Windows\system32\conime.exe
    C:\Windows\explorer.exe
    C:\Program Files\MSN Messenger\msnmsgr.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Windows\system32\SearchFilterHost.exe
    C:\Users\Ours\Desktop\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    O1 - Hosts: ::1 localhost
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
    O2 - BHO: GNX Rolex - {5908DD9F-AB4F-4244-9799-435AD9B55220} - C:\Windows\drnpfdxqvm.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O3 - Toolbar: etlrlws - {8853C284-DF46-469C-837F-6C9FDC2A3029} - C:\Windows\etlrlws.dll
    O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
    O4 - HKLM\..\Run: [NMSSupport] "C:\Program Files\Common Files\Intel\IntelDH\NMS\Support\IntelHCTAgent.exe" /startup
    O4 - HKLM\..\Run: [CCUTRAYICON] C:\Program Files\Intel\IntelDH\CCU\CCU_TrayIcon.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
    O4 - HKLM\..\Run: [SigmatelSysTrayApp] sttray.exe
    O4 - HKLM\..\Run: [VirtualCloneDrive] "C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
    O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [P17RunE] RunDll32 P17RunE.dll,RunDLLEntry
    O4 - HKLM\..\Run: [bm] "C:\Program Files\Common Files\AntiVirusScherm\bm.exe" dm=http://antivirusscherm.com ad=http://antivirusscherm.com sd=http://arettich.antivirusscherm.com
    O4 - HKLM\..\Run: [ptask] C:\Program Files\AntiVirusScherm\ptask.exe
    O4 - HKLM\..\RunOnce: [InnoSetupRegFile.0000000001] "C:\Windows\is-6CTD4.exe" /REG
    O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
    O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
    O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
    O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
    O4 - HKUS\S-1-5-21-1058003888-2058908936-2565841550-1001\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'IUSR_NMPR')
    O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
    O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
    O13 - Gopher Prefix:
    O21 - SSODL: bokpkov - {262D2BB1-4E42-4640-8F24-ACFAA8C34203} - C:\Windows\bokpkov.dll
    O21 - SSODL: altvxvm - {034698CB-BC11-4810-B475-7C1321208877} - C:\Windows\altvxvm.dll
    O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
    O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
    O23 - Service: Intel(R) Alert Service (AlertService) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\CCU\AlertService.exe
    O23 - Service: Intel(R) DHTrace Controller (DHTRACE) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\IntelDH\bin\DHTraceController.exe
    O23 - Service: DQLWinService - Unknown owner - C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe
    O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
    O23 - Service: Intel(R) Software Services Manager (ISSM) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\ISSM.exe
    O23 - Service: Intel(R) Viiv(TM) Media Server (M1 Server) - Unknown owner - C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\mediaserver.exe
    O23 - Service: Intel(R) Application Tracker (MCLServiceATL) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\MCLServiceATL.exe
    O23 - Service: Intel(R) NMSCore (NMSCore) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\IntelDH\NMS\NMSCore\NMSCore.exe
    O23 - Service: Intel(R) Quality Manager (QualityManager) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\qualitymanager.exe
    O23 - Service: Intel(R) Remoting Service (Remote UI Service) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\Remote UI Service.exe
    O23 - Service: SigmaTel Audio Service (STacSV) - SigmaTel, Inc. - C:\Program Files\SigmaTel\C-Major Audio\WDM\STacSV.exe
    O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe

    --
    End of file - 7267 bytes

  • #2
    Open een kladblokbestand.
    Kopieer onderstaande (alles wat vetgedrukt is) in dit kladblokbestand.

    @ECHO OFF
    IF EXIST log.txt DEL log.txt
    ren C:\Windows\drnpfdxqvm.dll drnpfdxqvm.bak
    ren C:\Windows\etlrlws.dll etlrlws.bak
    ren C:\Windows\bokpkov.dll bokpkov.bak
    ren C:\Windows\altvxvm.dll altvxvm.bak
    ren C:\WINDOWS\fmsxwqs.exe fmsxwqs.bak
    ECHO Deleting files>>log.txt
    FOR %%g in (
    C:\Windows\drnpfdxqvm.bak
    C:\Windows\etlrlws.bak
    C:\Windows\bokpkov.bak
    C:\Windows\altvxvm.bak
    C:\WINDOWS\fmsxwqs.bak
    C:\WINDOWS\fmsxwqs.exe
    C:\Windows\drnpfdxqvm.dll
    C:\Windows\etlrlws.dll
    C:\Windows\bokpkov.dll
    C:\Windows\altvxvm.dll) DO (
    IF EXIST %%g (
    ATTRIB -r -s -h %%g
    DEL %%g
    IF EXIST %%g (
    ECHO %%g not deleted>>log.txt
    ) ELSE (
    ECHO %%g deleted>>log.txt)
    ) ELSE (
    ECHO %%g not found>>log.txt))
    >>log.txt (
    ECHO.
    ECHO Deleting folders)
    FOR %%I in (
    C:\WINDOWS\privacy_danger
    "C:\Program Files\AntiVirusScherm") DO (
    IF EXIST %%I (
    RD /S /Q %%I
    IF EXIST %%I (
    ECHO %%I not deleted>>log.txt
    ) ELSE (
    ECHO %%I deleted>>log.txt)
    ) ELSE (
    ECHO %%I not found>>log.txt))
    START NOTEPAD.EXE log.txt

    Ga naar Bestand - Opslaan als.
    Bij "Opslaan in" kies je: Bureaublad
    Bij "Bestandsnaam" zet je: del.bat
    Bij "Opslaan als type" selecteer je: Alle bestanden (*.*).
    Klik op de knop Opslaan.

    Dubbelklik op del.bat

    Herstart de computer.

    Dubbelklik nogmaals op del.bat en post de inhoud van de logfile die opent.

    Comment


    • #3
      Deleting files
      C:\Windows\drnpfdxqvm.bak not found
      C:\Windows\etlrlws.bak not found
      C:\Windows\bokpkov.bak not found
      C:\Windows\altvxvm.bak not found
      C:\WINDOWS\fmsxwqs.bak not found
      C:\WINDOWS\fmsxwqs.exe not found
      C:\Windows\drnpfdxqvm.dll not found
      C:\Windows\etlrlws.dll not found
      C:\Windows\bokpkov.dll not found
      C:\Windows\altvxvm.dll not found

      Deleting folders
      C:\WINDOWS\privacy_danger not found
      "C:\Program Files\AntiVirusScherm" not found

      Comment


      • #4
        Download Deckard's System Scanner naar je Bureaublad.
        • Sluit alle toepassingen en vensters.
        • Dubbelklik op dss.exe om het te activeren, en volg de aanwijzingen.
        • Wanneer de scan volledig is, zal een tekstbestand - main.txt - openen.
        • Kopiëer (Ctrl+A gevolgd door Ctrl+C) en plak (Ctrl+V) de inhoud van main.txt in je volgende antwoord.

        Opmerking: Sommige firewalls kunnen waarschuwen dat sigcheck.exe probeert verbinding te maken met het internet
        - zorg dat sigcheck.exe toestemming krijgt om dit te doen !
        Tevens kan het gebeuren dat je Antivirus DSS als verdacht aangeeft, of zelfs probeert te verwijderen.
        Laat je Antivirus dit niet verwijderen ! (In dit geval is het misschien beter om tijdens de scan van DSS je Antivirus even uit te schakelen)

        Comment


        • #5
          Deckard's System Scanner v20071014.68
          Extra logfile - please post this as an attachment with your post.
          --------------------------------------------------------------------------------

          -- System Information ----------------------------------------------------------

          Microsoft® Windows Vista™ Ultimate (build 6000)
          Architecture: X86; Language: Dutch

          CPU 0: Intel(R) Core(TM)2 Duo CPU E6550 @ 2.33GHz
          Percentage of Memory in Use: 33%
          Physical Memory (total/avail): 2028.96 MiB / 1342.7 MiB
          Pagefile Memory (total/avail): 4276.43 MiB / 3444.17 MiB
          Virtual Memory (total/avail): 2047.88 MiB / 1915.79 MiB

          C: is Fixed (NTFS) - 37.27 GiB total, 7.7 GiB free.
          D: is Fixed (NTFS) - 189.92 GiB total, 56.54 GiB free.
          E: is CDROM (CDFS)
          F: is CDROM (No Media)

          \\.\PHYSICALDRIVE1 - MAXTOR 6L040J2 ATA Device - 37.28 GiB - 1 partition
          \PARTITION0 (bootable) - Installable File System - 37.27 GiB - C:

          \\.\PHYSICALDRIVE0 - Maxtor 6V200E0 - 189.92 GiB - 1 partition
          \PARTITION0 - Installable File System - 189.92 GiB - D:



          -- Security Center -------------------------------------------------------------

          AUOptions is disabled.
          Windows Internal Firewall is enabled.

          AntiVirusDisableNotify is set.
          AntivirusOverride is set.

          AS: Spyware Doctor v5.5.0.204 (PC Tools) Disabled
          AS: Windows Defender v1.1.1505.0 (Microsoft Corporation) Disabled Outdated

          [HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\Authoriz edApplications\List]

          [HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\Author izedApplications\List]
          "C:\\Program Files\\BitTorrent\\bittorrent.exe"="C:\\Program Files\\BitTorrent\\bittorrent.exe:*:Enabled:BitTorrent"


          -- Environment Variables -------------------------------------------------------

          ALLUSERSPROFILE=C:\ProgramData
          APPDATA=C:\Users\Ours\AppData\Roaming
          CommonProgramFiles=C:\Program Files\Common Files
          COMPUTERNAME=OURS-PC
          ComSpec=C:\Windows\system32\cmd.exe
          FP_NO_HOST_CHECK=NO
          HOMEDRIVE=C:
          HOMEPATH=\Users\Ours
          LOCALAPPDATA=C:\Users\Ours\AppData\Local
          LOGONSERVER=\\OURS-PC
          NUMBER_OF_PROCESSORS=2
          OS=Windows_NT
          Path=C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Program Files\Intel\DMIX;C:\Program Files\Common Files\Adobe\AGL
          PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
          PROCESSOR_ARCHITECTURE=x86
          PROCESSOR_IDENTIFIER=x86 Family 6 Model 15 Stepping 11, GenuineIntel
          PROCESSOR_LEVEL=6
          PROCESSOR_REVISION=0f0b
          ProgramData=C:\ProgramData
          ProgramFiles=C:\Program Files
          PROMPT=$P$G
          PUBLIC=C:\Users\Public
          SystemDrive=C:
          SystemRoot=C:\Windows
          TEMP=C:\Users\Ours\AppData\Local\Temp
          TMP=C:\Users\Ours\AppData\Local\Temp
          USERDOMAIN=Ours-PC
          USERNAME=Ours
          USERPROFILE=C:\Users\Ours
          windir=C:\Windows


          -- User Profiles ---------------------------------------------------------------

          Ours
          IUSR_NMPR
          natascha (new local, admin, net ready)


          -- Add/Remove Programs ---------------------------------------------------------

          --> MsiExec /X{45235788-142C-44BE-8A4D-DDE9A84492E5}
          --> MsiExec.exe /I{403EF592-953B-4794-BCEF-ECAB835C2095}
          --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{17E96A7F-AFE3-4171-87B1-583E376319E8}\setup.exe" -l0x9
          --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{700932B3-A964-4878-82A2-96054622A1F7}\setup.exe" -l0x9
          --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{700932B3-A964-4878-82A2-96054622A1F7}\setup.exe" -l0x9 /remove
          --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{AA9944C8-7D34-475E-8C90-2788685B2C47}\setup.exe" -l0x9
          --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{AA9944C8-7D34-475E-8C90-2788685B2C47}\setup.exe" -l0x9 /remove
          --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{AAEF329E-F353-46C9-933D-24A571986093}\setup.exe" -l0x9
          --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{AAEF329E-F353-46C9-933D-24A571986093}\setup.exe" -l0x9 /remove
          Aangifte inkomstenbelasting 2007 --> C:\Program Files\Belastingdienst\Aangifte inkomstenbelasting\2007\ib2007u.exe
          Adobe Acrobat 5.0 --> C:\WINDOWS\ISUNINST.EXE -f"C:\Program Files\Common Files\Adobe\Acrobat 5.0\NT\Uninst.isu" -c"C:\Program Files\Common Files\Adobe\Acrobat 5.0\NT\Uninst.dll"
          Adobe Bridge 1.0 --> MsiExec.exe /I{B74D4E10-1033-0000-0000-000000000001}
          Adobe Common File Installer --> MsiExec.exe /I{8EDBA74D-0686-4C99-BFDD-F894678E5B39}
          Adobe Flash Player ActiveX --> C:\Windows\system32\Macromed\Flash\uninstall_activeX.exe
          Adobe Help Center 1.0 --> MsiExec.exe /I{E9787678-1033-0000-8E67-000000000001}
          Adobe Photoshop CS2 --> msiexec /I {236BB7C4-4419-42FD-0409-1E257A25E34D}
          Adobe Stock Photos 1.0 --> MsiExec.exe /I{786C5747-1033-0000-B58E-000000000001}
          AGEIA PhysX v7.09.13 --> MsiExec.exe /X{45235788-142C-44BE-8A4D-DDE9A84492E5}
          AusLogics Disk Defrag --> "C:\Program Files\AusLogics Disk Defrag\unins000.exe"
          BitTorrent 6.0 --> C:\Program Files\BitTorrent\uninst.exe
          BitTorrent DNA --> "C:\Users\Ours\Program Files\BitTorrent_DNA\dna.exe" /UNINSTALL
          Context Free --> "C:\Program Files\OzoneSoft\ContextFree\uninst-contextfree.exe"
          Creative Audio Console --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{17E96A7F-AFE3-4171-87B1-583E376319E8}\setup.exe" -l0x9 /remove
          DivX Web Player --> C:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN
          Dolby Control Center Link --> MsiExec.exe /I{DCAF959E-BE84-4E56-91B1-3E962AED5BF4}
          EVE-ONLINE (remove only) --> D:\Games\CCP\EVE\Uninstall.exe
          EVEMon --> C:\Program Files\games\EVEMon\uninstall.exe
          Free Registry Cleaner for Vista 1.0 --> "C:\Program Files\Free Registry Cleaner for Vista\unins000.exe"
          Guild Wars --> "C:\Program Files\Games\Guild Wars\Gw.exe" -uninstall
          HijackThis 2.0.2 --> "C:\Users\Ours\AppData\Local\Temp\Temp1_HiJackThis[1].zip\HijackThis.exe" /uninstall
          Intel(R) IPP Run-Time Installer 5.3 Update 1 for Windows* on IA-32 --> MsiExec.exe /X{C21C30F2-521C-4F86-882E-60CDCE615FBD}
          Intel(R) Management Engine Interface --> C:\Windows\system32\heciudlg.exe -uninstall
          Intel(R) Matrix Storage Manager --> C:\Windows\System32\Imsmudlg.exe
          Intel(R) PRO Network Connections 12.1.12.0 --> MsiExec.exe /i{777CA40C-0206-4EF6-A0FC-618BF06BF8D0} ARPREMOVE=1
          Intel(R) PRO Network Connections 12.1.12.0 --> MsiExec.exe /i{777CA40C-0206-4EF6-A0FC-618BF06BF8D0} ARPREMOVE=1
          Intel® Viiv™ software --> MsiExec.exe /X{0DAA5653-60D4-44C1-AD10-EC7D4FA4D820} /qb!
          Java(TM) 6 Update 3 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160030}
          Java(TM) 6 Update 5 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160050}
          Macromedia Dreamweaver MX --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{8B4AB829-DFD3-436D-B808-D9733D76C590}\Setup.exe" -l0x9 mmUninstall
          Macromedia Extension Manager --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A5BA14E0-7384-11D4-BAE7-00409631A2C8}\setup.exe" -l0x9 mmUninstall
          Macromedia Fireworks MX --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{930B2432-43D4-11D5-9871-00C04F8EEB39}\Setup.exe" -l0x9 UNINSTALL
          Macromedia Flash MX --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{3BE480ED-E17A-431A-981C-5C2EDDBCD3BF}\Setup.exe" -l0x9 UNINSTALL
          Macromedia FreeHand 10 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{4D826618-59C6-11D4-976E-00C04F8EEB39}\Setup.exe" -l0x9 UNINSTALL
          Microsoft .NET Framework 1.1 --> msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
          Microsoft .NET Framework 1.1 --> MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
          Microsoft .NET Framework 1.1 Hotfix (KB929729) --> "C:\Windows\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\Windows\Microsoft.NET\Framework\v1.1.4322\Updates\M929729\M929729Uninstall.msp"
          Microsoft Office Access MUI (English) 2007 --> MsiExec.exe /X{90120000-0015-0409-0000-0000000FF1CE}
          Microsoft Office Access Setup Metadata MUI (English) 2007 --> MsiExec.exe /X{90120000-0117-0409-0000-0000000FF1CE}
          Microsoft Office Enterprise 2007 --> "C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall ENTERPRISE /dll OSETUP.DLL
          Microsoft Office Enterprise 2007 --> MsiExec.exe /X{90120000-0030-0000-0000-0000000FF1CE}
          Microsoft Office Excel MUI (English) 2007 --> MsiExec.exe /X{90120000-0016-0409-0000-0000000FF1CE}
          Microsoft Office Groove MUI (English) 2007 --> MsiExec.exe /X{90120000-00BA-0409-0000-0000000FF1CE}
          Microsoft Office Groove Setup Metadata MUI (English) 2007 --> MsiExec.exe /X{90120000-0114-0409-0000-0000000FF1CE}
          Microsoft Office InfoPath MUI (English) 2007 --> MsiExec.exe /X{90120000-0044-0409-0000-0000000FF1CE}
          Microsoft Office OneNote MUI (English) 2007 --> MsiExec.exe /X{90120000-00A1-0409-0000-0000000FF1CE}
          Microsoft Office Outlook MUI (English) 2007 --> MsiExec.exe /X{90120000-001A-0409-0000-0000000FF1CE}
          Microsoft Office PowerPoint MUI (English) 2007 --> MsiExec.exe /X{90120000-0018-0409-0000-0000000FF1CE}
          Microsoft Office Proof (English) 2007 --> MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
          Microsoft Office Proof (French) 2007 --> MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
          Microsoft Office Proof (Spanish) 2007 --> MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}
          Microsoft Office Proofing (English) 2007 --> MsiExec.exe /X{90120000-002C-0409-0000-0000000FF1CE}
          Microsoft Office Publisher MUI (English) 2007 --> MsiExec.exe /X{90120000-0019-0409-0000-0000000FF1CE}
          Microsoft Office Shared MUI (English) 2007 --> MsiExec.exe /X{90120000-006E-0409-0000-0000000FF1CE}
          Microsoft Office Shared Setup Metadata MUI (English) 2007 --> MsiExec.exe /X{90120000-0115-0409-0000-0000000FF1CE}
          Microsoft Office Word MUI (English) 2007 --> MsiExec.exe /X{90120000-001B-0409-0000-0000000FF1CE}
          Microsoft Visual C++ 2005 Redistributable --> MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
          MSXML 4.0 SP2 (KB936181) --> MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
          MSXML 4.0 SP2 (KB941833) --> MsiExec.exe /I{C523D256-313D-4866-B36A-F3DE528246EF}
          MSXML 4.0 SP2 Parser and SDK --> MsiExec.exe /I{716E0306-8318-4364-8B8F-0CC4E9376BAC}
          NVIDIA Drivers --> C:\Windows\system32\NVUNINST.EXE UninstallGUI
          PunkBuster Services --> C:\Windows\system32\pbsvc.exe -u
          SigmaTel Audio --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A462213D-EED4-42C2-9A60-7BDD4D4B0B17}\setup.exe" -l0x13 -remove -removeonly
          Spyware Doctor 5.5 --> C:\Program Files\Spyware Doctor\unins000.exe /LOG
          Steam --> MsiExec.exe /X{048298C9-A4D3-490B-9FF9-AB023A9238F3}
          System Requirements Lab --> C:\Program Files\SystemRequirementsLab\Uninstall.exe
          TeamSpeak 2 RC2 --> "C:\Program Files\Teamspeak2_RC2\unins000.exe"
          TopStyle Lite (Version 3.0) --> C:\Windows\unlite3.exe "C:\Program Files\Bradbury\TopStyle3\"
          Ventrilo Client --> MsiExec.exe /I{789289CA-F73A-4A16-A331-54D498CE069F}
          VideoLAN VLC media player 0.8.5 --> C:\Program Files\VideoLAN\VLC\uninstall.exe
          VirtualCloneDrive --> "C:\Program Files\Elaborate Bytes\VirtualCloneDrive\vcd-uninst.exe" /D="C:\Program Files\Elaborate Bytes\VirtualCloneDrive"
          WiLife Command Center 2.5 --> C:\Program Files\InstallShield Installation Information\{49143692-9C1E-4D35-8A82-9BE0378846CB}\setup.exe -runfromtemp -l0x0009 -removeonly
          WiLifeUSBDriver --> MsiExec.exe /X{B625C98E-8813-46F6-8855-2070126D5CF3}
          Winamp --> "C:\Program Files\Winamp\UninstWA.exe"
          Winbond Desktop SI/O with Consumer IR support --> MsiExec.exe /I{0D070C11-C7D6-4031-BC3D-D68650D63283}
          Windows Live aanmeldhulp --> MsiExec.exe /I{AFA4E5FD-ED70-4D92-99D0-162FD56DC986}
          Windows Live installer --> MsiExec.exe /X{A258173E-F308-475A-951B-F1BF76A4451B}
          Windows Live Messenger --> MsiExec.exe /X{A0C978B8-B82B-4FAD-8C31-EBEE8E57468A}
          Windows Media Encoder 9 Series --> msiexec.exe /I {E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}
          Windows Media Encoder 9 Series --> MsiExec.exe /I{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}
          WinRAR archiver --> C:\Program Files\WinRAR\uninstall.exe
          World of Warcraft --> C:\Program Files\Common Files\Blizzard Entertainment\World of Warcraft\Uninstall.exe


          -- Application Event Log -------------------------------------------------------

          Event Record #/Type25282 / Success
          Event Submitted/Written: 03/19/2008 06:43:18 PM
          Event ID/Source: 12001 / usnjsvc
          Event Description:
          The Messenger Sharing USN Journal Reader service started successfully.

          Event Record #/Type25279 / Error
          Event Submitted/Written: 03/19/2008 06:41:40 PM
          Event ID/Source: 1000 / Application Error
          Event Description:
          Faulting application msnmsgr.exe, version 8.5.1302.1018, time stamp 0x4717a53b, faulting module smumhook.dll_unloaded, version 0.0.0.0, time stamp 0x2a425e19, exception code 0xc0000005, fault offset 0x636f2572,
          process id 0xa80, application start time 0xmsnmsgr.exe0.

          Event Record #/Type25277 / Error
          Event Submitted/Written: 03/19/2008 06:41:37 PM
          Event ID/Source: 1000 / Application Error
          Event Description:
          Faulting application AlertService.exe, version 1.7.261.0, time stamp 0x4611d1c3, faulting module kernel32.dll, version 6.0.6000.16386, time stamp 0x4549bd80, exception code 0xc0000005, fault offset 0x0004737d,
          process id 0xb58, application start time 0xAlertService.exe0.

          Event Record #/Type25274 / Error
          Event Submitted/Written: 03/19/2008 06:41:33 PM
          Event ID/Source: 1000 / Application Error
          Event Description:
          Faulting application msnmsgr.exe, version 8.5.1302.1018, time stamp 0x4717a53b, faulting module smumhook.dll_unloaded, version 0.0.0.0, time stamp 0x2a425e19, exception code 0xc0000005, fault offset 0x636f257e,
          process id 0xa80, application start time 0xmsnmsgr.exe0.

          Event Record #/Type25272 / Error
          Event Submitted/Written: 03/19/2008 06:41:27 PM
          Event ID/Source: 1000 / Application Error
          Event Description:
          Faulting application AlertService.exe, version 1.7.261.0, time stamp 0x4611d1c3, faulting module kernel32.dll, version 6.0.6000.16386, time stamp 0x4549bd80, exception code 0xc0000005, fault offset 0x0004737d,
          process id 0x238, application start time 0xAlertService.exe0.



          -- Security Event Log ----------------------------------------------------------

          No Errors/Warnings found.


          -- System Event Log ------------------------------------------------------------

          Event Record #/Type45074 / Error
          Event Submitted/Written: 03/19/2008 06:41:41 PM
          Event ID/Source: 7034 / Service Control Manager
          Event Description:
          Intel(R) Alert Service2

          Event Record #/Type45065 / Error
          Event Submitted/Written: 03/19/2008 06:41:41 PM
          Event ID/Source: 7034 / Service Control Manager
          Event Description:
          Intel(R) Alert Service1

          Event Record #/Type44986 / Warning
          Event Submitted/Written: 03/19/2008 06:41:13 PM
          Event ID/Source: 2511 / Server
          Event Description:
          The server service was unable to recreate the share - The Zodiac (2007) because the directory D:\LAN\- The Zodiac (2007) no longer exists. Please run "net share - The Zodiac (2007) /delete" to delete the share, or recreate the directory D:\LAN\- The Zodiac (2007).

          Event Record #/Type44943 / Error
          Event Submitted/Written: 03/19/2008 06:28:40 PM
          Event ID/Source: 1002 / Dhcp
          Event Description:
          The IP address lease 192.168.1.100 for the Network Card with network address 0019D1B1B2AA has been denied by the DHCP server 192.168.1.1 (The DHCP Server sent a DHCPNACK message).

          Event Record #/Type44942 / Warning
          Event Submitted/Written: 03/19/2008 06:28:40 PM
          Event ID/Source: 1003 / Dhcp
          Event Description:
          Your computer was not able to renew its address from the network (from the DHCP Server) for the Network Card with network address 0019D1B1B2AA. The following error occurred:
          %%2163146757. Your computer will continue to try and obtain an address on its own from the network address (DHCP) server.



          -- End of Deckard's System Scanner: finished at 2008-03-19 18:48:55 ------------

          Comment


          • #6
            Post ook even main.txt(dat is het logje van Deckard's System Scanner

            Comment


            • #7
              *kuch* logje ?

              Volgens mij was dat main.txt. Ik heb het opnieuw gescanned en dit is nu van main.txt:

              Deckard's System Scanner v20071014.68
              Run by Ours on 2008-03-19 19:47:44
              Computer is in Normal Mode.
              --------------------------------------------------------------------------------



              -- HijackThis (run as Ours.exe) ------------------------------------------------

              Logfile of Trend Micro HijackThis v2.0.2
              Scan saved at 19:47:46, on 19-3-2008
              Platform: Windows Vista (WinNT 6.00.1904)
              MSIE: Internet Explorer v7.00 (7.00.6000.16575)
              Boot mode: Normal

              Running processes:
              C:\Windows\system32\taskeng.exe
              C:\Windows\system32\Dwm.exe
              C:\Windows\Explorer.EXE
              C:\Program Files\Windows Defender\MSASCui.exe
              C:\Program Files\Common Files\Intel\IntelDH\NMS\Support\IntelHCTAgent.exe
              C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
              C:\Windows\sttray.exe
              C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
              C:\Windows\System32\rundll32.exe
              C:\Windows\System32\rundll32.exe
              C:\Windows\ehome\ehtray.exe
              C:\Program Files\Windows Media Player\wmpnscfg.exe
              C:\Windows\System32\rundll32.exe
              C:\Windows\ehome\ehmsas.exe
              C:\Windows\system32\wbem\unsecapp.exe
              C:\Program Files\Internet Explorer\IEUser.exe
              C:\Windows\system32\conime.exe
              C:\Program Files\Windows Live\Messenger\msnmsgr.exe
              C:\Users\Ours\Desktop\dss.exe
              C:\Windows\system32\SearchFilterHost.exe
              C:\Users\Ours\Desktop\Ours.exe

              R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
              R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
              R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
              R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
              R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
              R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
              R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
              R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
              R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
              O1 - Hosts: ::1 localhost
              O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
              O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
              O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
              O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
              O3 - Toolbar: etlrlws - {8853C284-DF46-469C-837F-6C9FDC2A3029} - C:\Windows\etlrlws.dll (file missing)
              O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
              O4 - HKLM\..\Run: [NMSSupport] "C:\Program Files\Common Files\Intel\IntelDH\NMS\Support\IntelHCTAgent.exe" /startup
              O4 - HKLM\..\Run: [CCUTRAYICON] C:\Program Files\Intel\IntelDH\CCU\CCU_TrayIcon.exe
              O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
              O4 - HKLM\..\Run: [SigmatelSysTrayApp] sttray.exe
              O4 - HKLM\..\Run: [VirtualCloneDrive] "C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
              O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
              O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
              O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
              O4 - HKLM\..\Run: [P17RunE] RunDll32 P17RunE.dll,RunDLLEntry
              O4 - HKLM\..\Run: [bm] "C:\Program Files\Common Files\AntiVirusScherm\bm.exe" dm=http://antivirusscherm.com ad=http://antivirusscherm.com sd=http://arettich.antivirusscherm.com
              O4 - HKLM\..\Run: [ptask] C:\Program Files\AntiVirusScherm\ptask.exe
              O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
              O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
              O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
              O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
              O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
              O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
              O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
              O4 - HKUS\S-1-5-21-1058003888-2058908936-2565841550-1001\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'IUSR_NMPR')
              O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
              O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
              O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
              O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
              O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
              O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
              O13 - Gopher Prefix:
              O21 - SSODL: bokpkov - {262D2BB1-4E42-4640-8F24-ACFAA8C34203} - C:\Windows\bokpkov.dll (file missing)
              O21 - SSODL: altvxvm - {034698CB-BC11-4810-B475-7C1321208877} - C:\Windows\altvxvm.dll (file missing)
              O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
              O23 - Service: Intel(R) Alert Service (AlertService) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\CCU\AlertService.exe
              O23 - Service: Intel(R) DHTrace Controller (DHTRACE) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\IntelDH\bin\DHTraceController.exe
              O23 - Service: DQLWinService - Unknown owner - C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe
              O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
              O23 - Service: Intel(R) Software Services Manager (ISSM) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\ISSM.exe
              O23 - Service: Intel(R) Viiv(TM) Media Server (M1 Server) - Unknown owner - C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\mediaserver.exe
              O23 - Service: Intel(R) Application Tracker (MCLServiceATL) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\MCLServiceATL.exe
              O23 - Service: Intel(R) NMSCore (NMSCore) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\IntelDH\NMS\NMSCore\NMSCore.exe
              O23 - Service: Intel(R) Quality Manager (QualityManager) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\qualitymanager.exe
              O23 - Service: Intel(R) Remoting Service (Remote UI Service) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\Remote UI Service.exe
              O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
              O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe
              O23 - Service: SigmaTel Audio Service (STacSV) - SigmaTel, Inc. - C:\Program Files\SigmaTel\C-Major Audio\WDM\STacSV.exe
              O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe

              --
              End of file - 7497 bytes

              -- Files created between 2008-02-19 and 2008-03-19 -----------------------------

              2008-03-19 18:29:38 0 dr------- C:\Users\natascha\Searches
              2008-03-19 18:29:22 0 dr------- C:\Users\natascha\Contacts
              2008-03-19 18:29:15 0 d--hs---- C:\Users\natascha\Sjablonen
              2008-03-19 18:29:15 0 d--hs---- C:\Users\natascha\Menu Start
              2008-03-19 18:29:15 0 d--hs---- C:\Users\natascha\Local Settings
              2008-03-19 18:29:14 0 d--hs---- C:\Users\natascha\SendTo
              2008-03-19 18:29:14 0 d--hs---- C:\Users\natascha\Recent
              2008-03-19 18:29:14 0 d--hs---- C:\Users\natascha\Netwerkprinteromgeving
              2008-03-19 18:29:14 0 d--hs---- C:\Users\natascha\NetHood
              2008-03-19 18:29:14 0 d--hs---- C:\Users\natascha\Mijn documenten
              2008-03-19 18:29:14 0 d--hs---- C:\Users\natascha\Cookies
              2008-03-19 18:29:14 0 d--hs---- C:\Users\natascha\Application Data
              2008-03-19 18:29:13 0 dr------- C:\Users\natascha\Videos
              2008-03-19 18:29:13 0 dr------- C:\Users\natascha\Saved Games
              2008-03-19 18:29:13 0 dr------- C:\Users\natascha\Pictures
              2008-03-19 18:29:13 786432 --ahs---- C:\Users\natascha\NTUSER.DAT
              2008-03-19 18:29:13 0 dr------- C:\Users\natascha\Music
              2008-03-19 18:29:13 0 dr------- C:\Users\natascha\Links
              2008-03-19 18:29:13 0 dr------- C:\Users\natascha\Favorites
              2008-03-19 18:29:13 0 dr------- C:\Users\natascha\Downloads
              2008-03-19 18:29:13 0 dr------- C:\Users\natascha\Documents
              2008-03-19 18:29:13 0 dr------- C:\Users\natascha\Desktop
              2008-03-19 18:29:13 0 d--h----- C:\Users\natascha\AppData
              2008-03-18 22:21:52 0 d-------- C:\Program Files\Enigma Software Group
              2008-03-18 18:23:09 0 d--hs--c- C:\Program Files\Common Files\WindowsLiveInstaller
              2008-03-18 18:22:59 0 d-------- C:\Program Files\Windows Live
              2008-03-18 18:22:41 0 d-------- C:\Users\All Users\WLInstaller
              2008-03-18 16:14:08 0 d-------- C:\Program Files\Spyware Doctor
              2008-03-18 14:46:07 0 d-a------ C:\Users\All Users\TEMP
              2008-03-18 08:52:34 0 d-------- C:\Users\All Users\Lavasoft
              2008-03-18 08:52:34 0 d-------- C:\Program Files\Lavasoft
              2008-03-18 02:19:41 0 d-------- C:\Users\Ours\.housecall6.6
              2008-03-18 02:11:10 0 dr------- C:\Users\Public\Application Data
              2008-03-18 02:11:10 0 dr------- C:\Users\Public\Application Data\SalesMon
              2008-03-18 02:11:06 0 d-------- C:\Program Files\Common Files\AntiVirusScherm
              2008-03-17 18:51:35 0 d-------- C:\Windows\RegisteredPackages
              2008-03-17 18:51:33 0 d--h----- C:\Windows\msdownld.tmp
              2008-03-17 18:51:26 0 d-------- C:\Program Files\Windows Media Components
              2008-03-17 18:49:59 0 d-------- C:\Program Files\WiLife Command Center
              2008-03-17 18:49:27 0 d-------- C:\Users\All Users\WiLife
              2008-03-02 19:38:29 0 d-------- C:\Program Files\Belastingdienst


              -- Find3M Report ---------------------------------------------------------------

              2008-03-18 22:36:50 0 d-------- C:\Program Files\Google
              2008-03-18 18:23:09 0 d-------- C:\Program Files\Common Files
              2008-03-18 16:14:08 0 d-------- C:\Users\Ours\AppData\Roaming\PC Tools
              2008-03-18 16:09:38 0 d-------- C:\Users\Ours\AppData\Roaming\BitTorrent
              2008-03-18 14:59:40 0 d-------- C:\Users\Ours\AppData\Roaming\Google
              2008-03-18 14:49:28 0 d-------- C:\Program Files\Common Files\Wise Installation Wizard
              2008-03-18 14:47:34 15222 --a------ C:\Windows\system32\perfh013.dat
              2008-03-18 14:47:34 5028 --a------ C:\Windows\system32\perfc013.dat
              2008-03-18 08:36:18 249360 --a------ C:\Users\Ours\AppData\Roaming\install_nl[1].exe <Not Verified; Magic Gloves Lab; Magic Installer>
              2008-03-17 18:52:20 0 d--h----- C:\Program Files\InstallShield Installation Information
              2008-03-09 10:58:47 0 d-------- C:\Program Files\Java
              2008-03-07 15:17:27 0 d-------- C:\Users\Ours\AppData\Roaming\Beyond
              2008-03-06 21:58:46 0 d-------- C:\Users\Ours\AppData\Roaming\EVEMon
              2008-02-21 11:33:06 0 d-------- C:\Program Files\AruaROSE
              2008-02-18 21:41:46 0 d-------- C:\Users\Ours\AppData\Roaming\Ventrilo
              2008-02-18 21:34:59 0 d-------- C:\Program Files\Ventrilo
              2008-02-14 00:53:17 0 d-------- C:\Program Files\Creative
              2008-02-14 00:51:49 409600 --a------ C:\Windows\system32\wrap_oal.dll <Not Verified; Creative Labs; Creative Labs OpenAL32>
              2008-02-14 00:51:49 114688 --a------ C:\Windows\system32\OpenAL32.dll <Not Verified; Portions (C) Creative Labs Inc. and NVIDIA Corp.; Standard OpenAL(TM) Library>
              2008-02-09 00:18:30 0 d-------- C:\Users\Ours\AppData\Roaming\Adobe
              2008-02-06 09:20:19 0 d-------- C:\Users\Ours\AppData\Roaming\Winamp
              2008-02-05 22:21:09 0 d-------- C:\Program Files\Winamp
              2008-02-05 22:16:37 0 d-------- C:\Program Files\DFX
              2008-02-04 19:03:42 174 --a------ C:\nvidia.bat
              2008-02-04 18:32:44 0 d-------- C:\Program Files\SystemRequirementsLab
              2008-01-24 00:12:09 0 d-------- C:\Program Files\Teamspeak2_RC2
              2008-01-20 19:17:08 0 d-------- C:\Program Files\Common Files\Blizzard Entertainment


              -- Registry Dump ---------------------------------------------------------------

              *Note* empty entries & legit default entries are not shown


              [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
              "Windows Defender"="C:\Program Files\Windows Defender\MSASCui.exe" [24-10-2007 15:44]
              "NMSSupport"="C:\Program Files\Common Files\Intel\IntelDH\NMS\Support\IntelHCTAgent.exe" [06-04-2007 13:07]
              "CCUTRAYICON"="C:\Program Files\Intel\IntelDH\CCU\CCU_TrayIcon.exe" [06-04-2007 13:11]
              "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [22-02-2008 04:25]
              "SigmatelSysTrayApp"="sttray.exe" [08-06-2007 03:56 C:\Windows\sttray.exe]
              "VirtualCloneDrive"="C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" [29-04-2006 14:21]
              "NvSvc"="C:\Windows\system32\nvsvc.dll" [11-12-2007 17:06]
              "NvCplDaemon"="C:\Windows\system32\NvCpl.dll" [11-12-2007 17:06]
              "NvMediaCenter"="C:\Windows\system32\NvMcTray.dll" [11-12-2007 17:06]
              "P17RunE"="P17RunE.dll" [09-04-2007 09:40 C:\Windows\System32\P17RunE.dll]
              "bm"="C:\Program Files\Common Files\AntiVirusScherm\bm.exe"
              "ptask"="C:\Program Files\AntiVirusScherm\ptask.exe"

              [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
              "Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe" [02-11-2006 13:33]
              "ehTray.exe"="C:\Windows\ehome\ehTray.exe" [02-11-2006 13:34]
              "WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" [02-11-2006 13:33]
              "MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.exe" [18-10-2007 11:34]

              C:\Users\Ours\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
              Adobe Gamma.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [16-3-2005 19:16:50]

              [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
              "ConsentPromptBehaviorAdmin"=2 (0x2)

              [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
              "DisableTaskMgr"=1 (0x1)

              [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
              "bokpkov"= {262D2BB1-4E42-4640-8F24-ACFAA8C34203} - C:\Windows\bokpkov.dll [ ]
              "altvxvm"= {034698CB-BC11-4810-B475-7C1321208877} - C:\Windows\altvxvm.dll [ ]

              [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppInfo]
              @="Service"

              [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\KeyIso]
              @="Service"

              [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NTDS]
              @="Service"

              [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ProfSvc]
              @="Service"

              [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sacsvr]
              @="Service"

              [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdauxservice"

              [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdcoreservice"

              [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SWPRV]
              @="Service"

              [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TabletInputService]
              @="Service"

              [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TBS]
              @="Service"

              [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TrustedInstaller]
              @="Service"

              [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\VDS]
              @="Service"

              [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgr.sys]
              @="Driver"

              [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgrx.sys]
              @="Driver"

              [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]
              @="Volume shadow copy"

              [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}]
              @="IEEE 1394 Bus host controllers"

              [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}]
              @="SBP2 IEEE 1394 Devices"

              [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}]
              @="SecurityDevices"

              [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IAAnotif]
              "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"

              [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TotalRecorderScheduler]
              "C:\Program Files\HighCriteria\TotalRecorder\TotRecSched.exe"


              [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{8fc397c4-8223-11dc-8fca-806e6f6e6963}]
              AutoRun\command- E:\autorun.exe


              [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}]
              C:\Windows\system32\unregmp2.exe /ShowWMP

              [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]
              %SystemRoot%\system32\unregmp2.exe /FirstLogon /Shortcuts /RegBrowsers /ResetMUI



              -- End of Deckard's System Scanner: finished at 2008-03-19 19:48:15 ------------

              Comment


              • #8
                Verwijder dit bestand:
                C:\Users\Ours\AppData\Roaming\install_nl[1].exe

                Maak dan je prullenbak leeg.

                Rechtsklik Hijackthis.exe en kies voor "Run as Administrator"
                Start HijackThis nog een keer en plaats alleen een vinkje voor de volgende regels:
                O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
                O3 - Toolbar: etlrlws - {8853C284-DF46-469C-837F-6C9FDC2A3029} - C:\Windows\etlrlws.dll (file missing)
                O4 - HKLM\..\Run: [bm] "C:\Program Files\Common Files\AntiVirusScherm\bm.exe" dm=http://antivirusscherm.com ad=http://antivirusscherm.com sd=http://arettich.antivirusscherm.com
                O4 - HKLM\..\Run: [ptask] C:\Program Files\AntiVirusScherm\ptask.exe
                O21 - SSODL: bokpkov - {262D2BB1-4E42-4640-8F24-ACFAA8C34203} - C:\Windows\bokpkov.dll (file missing)
                O21 - SSODL: altvxvm - {034698CB-BC11-4810-B475-7C1321208877} - C:\Windows\altvxvm.dll (file missing)

                Sluit alle open vensters(behalve HijackThis), klik daarna op "Fix checked" en sluit HijackThis af.

                Herstart je computer.

                Post na de herstart een nieuw logje van Hijackthis en vertel of je nog problemen ondervindt

                Comment


                • #9
                  Logfile of Trend Micro HijackThis v2.0.2
                  Scan saved at 1:40:20, on 20-3-2008
                  Platform: Windows Vista (WinNT 6.00.1904)
                  MSIE: Internet Explorer v7.00 (7.00.6000.16575)
                  Boot mode: Normal

                  Running processes:
                  C:\Windows\system32\taskeng.exe
                  C:\Windows\system32\Dwm.exe
                  C:\Windows\Explorer.EXE
                  C:\Program Files\Windows Defender\MSASCui.exe
                  C:\Program Files\Common Files\Intel\IntelDH\NMS\Support\IntelHCTAgent.exe
                  C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
                  C:\Windows\sttray.exe
                  C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
                  C:\Windows\System32\rundll32.exe
                  C:\Windows\System32\rundll32.exe
                  C:\Program Files\Windows Sidebar\sidebar.exe
                  C:\Windows\ehome\ehtray.exe
                  C:\Program Files\Windows Media Player\wmpnscfg.exe
                  C:\Windows\System32\rundll32.exe
                  C:\Windows\ehome\ehmsas.exe
                  C:\Program Files\Windows Live\Messenger\msnmsgr.exe
                  C:\Program Files\Windows Sidebar\sidebar.exe
                  C:\Windows\system32\wbem\unsecapp.exe
                  C:\Windows\system32\SearchProtocolHost.exe
                  C:\Program Files\Internet Explorer\IEUser.exe
                  C:\Program Files\Internet Explorer\iexplore.exe
                  C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
                  C:\Users\Ours\Desktop\HijackThis.exe

                  R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
                  R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
                  R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
                  R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
                  R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
                  R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
                  R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
                  R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
                  R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
                  O1 - Hosts: ::1 localhost
                  O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
                  O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
                  O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
                  O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
                  O4 - HKLM\..\Run: [NMSSupport] "C:\Program Files\Common Files\Intel\IntelDH\NMS\Support\IntelHCTAgent.exe" /startup
                  O4 - HKLM\..\Run: [CCUTRAYICON] C:\Program Files\Intel\IntelDH\CCU\CCU_TrayIcon.exe
                  O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
                  O4 - HKLM\..\Run: [SigmatelSysTrayApp] sttray.exe
                  O4 - HKLM\..\Run: [VirtualCloneDrive] "C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
                  O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
                  O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
                  O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
                  O4 - HKLM\..\Run: [P17RunE] RunDll32 P17RunE.dll,RunDLLEntry
                  O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
                  O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
                  O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
                  O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
                  O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
                  O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
                  O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
                  O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
                  O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
                  O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
                  O13 - Gopher Prefix:
                  O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
                  O23 - Service: Intel(R) Alert Service (AlertService) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\CCU\AlertService.exe
                  O23 - Service: Intel(R) DHTrace Controller (DHTRACE) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\IntelDH\bin\DHTraceController.exe
                  O23 - Service: DQLWinService - Unknown owner - C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe
                  O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
                  O23 - Service: Intel(R) Software Services Manager (ISSM) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\ISSM.exe
                  O23 - Service: Intel(R) Viiv(TM) Media Server (M1 Server) - Unknown owner - C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\mediaserver.exe
                  O23 - Service: Intel(R) Application Tracker (MCLServiceATL) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\MCLServiceATL.exe
                  O23 - Service: Intel(R) NMSCore (NMSCore) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\IntelDH\NMS\NMSCore\NMSCore.exe
                  O23 - Service: Intel(R) Quality Manager (QualityManager) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\qualitymanager.exe
                  O23 - Service: Intel(R) Remoting Service (Remote UI Service) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\Remote UI Service.exe
                  O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
                  O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe
                  O23 - Service: SigmaTel Audio Service (STacSV) - SigmaTel, Inc. - C:\Program Files\SigmaTel\C-Major Audio\WDM\STacSV.exe
                  O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe

                  --
                  End of file - 6529 bytes


                  ziet er goed uit
                  geen sporen van spyware of malware.
                  Ik krijg nog wel een melding van alert @ service maar ik vermoed dat het een andere oorzaak heeft

                  Comment


                  • #10
                    Logje ziet er schoon uit

                    Wat voor melding krijg je precies?

                    Comment


                    • #11


                      effe kijken of image verschijnt .. zo ja dan is dit de melding die ik blijf terugkrijgen wat ik ook doe

                      Comment


                      • #12
                        Misschien dat dit werkt:

                        Open een klablokbestand.
                        Kopieer onderstaande code in dit kladblokbestand.
                        Ga naar Bestand - Opslaan als.
                        Bij "Opslaan in" kies je: Bureaublad
                        Bij "Bestandsnaam" zet je: del.bat
                        Bij "Opslaan als type" selecteer je: Alle bestanden (*.*).
                        Klik op de knop Opslaan.
                        Code:
                        sc stop AlertService
                        sc config AlertService start= disabled
                        Dubbelklik daarna op del.bat

                        Herstart je computer.

                        Post een nieuw logje ter controle

                        Comment


                        • #13
                          Het blijft nog steeds terug komen

                          Comment


                          • #14
                            Probleem is niet malwaregerelateerd.
                            Stel je vraag in de volgende sectie:


                            Misschien dat daar iemand de oplossing weet

                            Comment


                            • #15
                              Dank!

                              Comment

                              Sorry, you are not authorized to view this page
                              Working...
                              X