Mededeling

Collapse
No announcement yet.

CiD reclame wegkrijgen

Collapse
X
  •  
  • Filter
  • Tijd
  • Show
Clear All
new posts

  • CiD reclame wegkrijgen

    Ik hoop dat iemand kan helpen want ik word echt doodziek van ongewenste CiD reclame. Heb alle spyware-progjes er al op los gelaten, maar helaas.....Ondanks dat ik niet veel computer ervaring heb is het me gelukt om een hijackthis verslag te maken. Hieronder komt deze:

    Logfile of HijackThis v1.99.1
    Scan saved at 21:33:08, on 27-3-2008
    Platform: Unknown Windows (WinNT 6.00.1904)
    MSIE: Internet Explorer v7.00 (7.00.6000.16609)

    Running processes:
    C:\Windows\system32\taskeng.exe
    C:\Windows\system32\Dwm.exe
    C:\Windows\Explorer.EXE
    C:\Program Files\Windows Defender\MSASCui.exe
    C:\Windows\RtHDVCpl.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\Windows\System32\igfxtray.exe
    C:\Windows\System32\hkcmd.exe
    C:\Windows\System32\igfxpers.exe
    C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
    C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\Program Files\KPN\bin\sprtcmd.exe
    C:\Program Files\Windows Sidebar\sidebar.exe
    C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
    C:\Program Files\Google\Google Desktop Search\GoogleDesktopIndex.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Google\Google Updater\GoogleUpdater.exe
    C:\Program Files\Nikon\NkView6\NkvMon.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
    C:\Program Files\Google\Google Desktop Search\GoogleDesktopCrawl.exe
    C:\Program Files\Windows Sidebar\sidebar.exe
    C:\Windows\system32\wbem\unsecapp.exe
    C:\Program Files\Internet Explorer\IEUser.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Users\Joki\AppData\Local\Temp\Temp1_hijackthis[1].zip\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.nl/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.medion.com/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    O1 - Hosts: ::1 localhost
    O2 - BHO: Adobe PDF Reader Help bij koppelingen - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
    O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
    O4 - HKLM\..\Run: [NeroFilterCheck] "C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe"
    O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
    O4 - HKLM\..\Run: [SynTPEnh] "C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
    O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
    O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
    O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
    O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
    O4 - HKLM\..\Run: [QuickFinder Scheduler] "C:\Program Files\WordPerfect Office X3\Programs\QFSCHD130.EXE"
    O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
    O4 - HKLM\..\Run: [toolbar_eula_launcher] "C:\Program Files\GoogleEULA\EULALauncher.exe"
    O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [KPN] "C:\Program Files\KPN\bin\sprtcmd.exe" /P KPN
    O4 - HKCU\..\Run: [Sidebar] "C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
    O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
    O4 - HKCU\..\Run: [first readme] "C:\ProgramData\Send active active.j9q02tx"
    O4 - HKCU\..\Run: [blue delete title meow] "C:\ProgramData\Corn Thunk Lite.21ahm"
    O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    O4 - Global Startup: Google Updater.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
    O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
    O4 - Global Startup: NkvMon.exe.lnk = C:\Program Files\Nikon\NkView6\NkvMon.exe
    O8 - Extra context menu item: Open with WordPerfect - C:\Program Files\WordPerfect Office X3\Programs\WPLauncher.hta
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
    O10 - Unknown file in Winsock LSP: c:\windows\system32\nlaapi.dll
    O10 - Unknown file in Winsock LSP: c:\windows\system32\napinsp.dll
    O11 - Options group: [INTERNATIONAL] International*
    O13 - Gopher Prefix:
    O16 - DPF: {149E45D8-163E-4189-86FC-45022AB2B6C9} (SpinTop DRM Control) - file:///C:/Program%20Files/Mahjong%20Escape%20-%20Ancient%20Japan/Images/stg_drm.ocx
    O16 - DPF: {CC450D71-CC90-424C-8638-1F2DBAC87A54} (ArmHelper Control) - file:///C:/Program%20Files/Mahjong%20Escape%20-%20Ancient%20Japan/Images/armhelper.ocx
    O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL
    O20 - Winlogon Notify: igfxcui - C:\Windows\SYSTEM32\igfxdev.dll
    O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
    O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: @%SystemRoot%\ehome\ehstart.dll,-101 (ehstart) - Unknown owner - %windir%\system32\svchost.exe (file missing)
    O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktopManager.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
    O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
    O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
    O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
    O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - %windir%\system32\svchost.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - %windir%\system32\svchost.exe (file missing)
    O23 - Service: SupportSoft Sprocket Service (KPN) (sprtsvc_KPN) - Unknown owner - C:\Program Files\KPN\bin\sprtsvc.exe" /service /p KPN (file missing)
    O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - %ProgramFiles%\Windows Media Player\wmpnetwk.exe (file missing)
    O23 - Service: XAudioService - Unknown owner - C:\Windows\system32\DRIVERS\xaudio.exe (file missing)

    Groet, Floor

  • #2
    Installeer hijackthis.exe bijv. in C:\Program Files\Hijackthis
    Dit in verband met de backups die dit programma maakt.

    Start HijackThis

    Klik op "Open the Misc Tools section".
    Klik nu op "Open Uninstall Manager"
    Daarna klik je aan de rechterkant op "Save list..."
    Sla het bestand op en post daarna de inhoud van het kladblokbestand dat verschijnt.
    Last edited by Steggel; 28-03-08, 17:57.

    Comment


    • #3
      Hier komt het:
      Ad-Aware 2007
      Adobe Flash Player ActiveX
      Adobe Reader 8.1.2 - Nederlands
      ADSL Support Wizard
      Apple Mobile Device Support
      Apple Software Update
      ArcSoft Panorama Maker 3.0
      AVG Anti-Spyware 7.5
      Camera Suite
      CCleaner (remove only)
      ClearSkinFX for Digital Cameras
      Google Desktop
      Google Earth
      Google Toolbar for Internet Explorer
      Google Toolbar for Internet Explorer
      Google Updater
      HijackThis 2.0.2
      Intel(R) Graphics Media Accelerator Driver
      iTunes
      J2SE Runtime Environment 5.0 Update 10
      Java(TM) 6 Update 3
      Java(TM) 6 Update 5
      Microsoft Office 2000 SR-1 Standard
      Microsoft Visual C++ 2005 Redistributable
      Mozilla Firefox (2.0.0.13)
      Mozilla Thunderbird (2.0.0.12)
      Nero 7 Essentials
      Nikon View 6
      NOD32 Antivirus System
      QuickTime
      Realtek 8139 and 8139C+ Ethernet Network Card Driver for Windows Vista
      Realtek High Definition Audio Driver
      Spybot - Search & Destroy 1.4
      Synaptics Pointing Device Driver
      Update Manager
      WordPerfect Office X3

      Comment


      • #4
        Ik kan geen boosdoener vinden in het lijstje van geinstalleerde software.

        Klik met de rechtermuis op het programma Hijackthis en kies voor "Uitvoeren als Administrator"
        Kies voor 'Do a system scan only'
        Selecteer alleen de items die hieronder zijn genoemd:

        R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
        R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
        R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
        O4 - HKCU\..\Run: [first readme] "C:\ProgramData\Send active active.j9q02tx"
        O4 - HKCU\..\Run: [blue delete title meow] "C:\ProgramData\Corn Thunk Lite.21ahm"

        Klik op 'Fix checked' om de items te verwijderen.

        Sluit hijackthis.

        Open de verkenner ("Deze Computer") en kies Extra -> Mapopties...
        Controleer onder Weergave de volgende instellingen:

        Uitzetten: Beveiligde besturingssysteembestanden verbergen (aanbevolen)
        Uitzetten: Extensies voor bekende bestandstypen verbergen

        Selecteer: Verborgen bestanden en mappen weergeven

        Druk daarna op Toepassen gevolgd door Ok.

        Verwijder de volgende bestanden:
        C:\ProgramData\Send active active.j9q02tx
        C:\ProgramData\Corn Thunk Lite.21ahm

        Post ter controle een nieuw log van Hijackthis.

        Comment


        • #5
          Hoi Steggel,
          Ik heb alles gedaan wat je schreef, behalve:

          Open de verkenner ("Deze Computer") en kies Extra -> Mapopties...
          Controleer onder Weergave de volgende instellingen:

          Uitzetten: Beveiligde besturingssysteembestandenverbergen (aanbevolen)

          Hier kreeg ik de volgende melding en durfde niet door te gaan Deze bestanden zijn nodig om windows te starten en kunnen uitvoeren. Als u deze bestanden verwijderd of bewerkt, werkt uw computer mogelijk niet meer. Weet u zeker dat u deze bestanden wilt weergeven?
          Heb dus maar op "nee"geklikt.....

          Het volgende hijackThis bestand:




          Logfile of Trend Micro HijackThis v2.0.2
          Scan saved at 18:16:13, on 28-3-2008
          Platform: Windows Vista (WinNT 6.00.1904)
          MSIE: Internet Explorer v7.00 (7.00.6000.16609)
          Boot mode: Normal

          Running processes:
          C:\Windows\system32\Dwm.exe
          C:\Windows\system32\taskeng.exe
          C:\Windows\Explorer.EXE
          C:\Program Files\Windows Defender\MSASCui.exe
          C:\Windows\RtHDVCpl.exe
          C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
          C:\Windows\System32\igfxtray.exe
          C:\Windows\System32\hkcmd.exe
          C:\Windows\System32\igfxpers.exe
          C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
          C:\Program Files\iTunes\iTunesHelper.exe
          C:\Program Files\KPN\bin\sprtcmd.exe
          C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
          C:\Program Files\Windows Sidebar\sidebar.exe
          C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
          C:\Program Files\Google\Google Updater\GoogleUpdater.exe
          C:\Program Files\Nikon\NkView6\NkvMon.exe
          C:\Program Files\Internet Explorer\iexplore.exe
          C:\Program Files\Google\Google Desktop Search\GoogleDesktopIndex.exe
          C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
          C:\Program Files\Internet Explorer\iexplore.exe
          C:\Program Files\Google\Google Desktop Search\GoogleDesktopCrawl.exe
          C:\Program Files\Windows Sidebar\sidebar.exe
          C:\Program Files\Eset\nod32kui.exe
          C:\Windows\system32\wbem\unsecapp.exe
          C:\Program Files\Internet Explorer\ieuser.exe
          C:\Program Files\Internet Explorer\iexplore.exe
          C:\Windows\system32\SearchFilterHost.exe
          C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

          R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.nl/
          R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.medion.com/
          R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
          R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
          R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
          O1 - Hosts: ::1 localhost
          O2 - BHO: Adobe PDF Reader Help bij koppelingen - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
          O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
          O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
          O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
          O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll
          O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
          O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
          O4 - HKLM\..\Run: [NeroFilterCheck] "C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe"
          O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
          O4 - HKLM\..\Run: [SynTPEnh] "C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
          O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
          O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
          O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
          O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
          O4 - HKLM\..\Run: [QuickFinder Scheduler] "C:\Program Files\WordPerfect Office X3\Programs\QFSCHD130.EXE"
          O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
          O4 - HKLM\..\Run: [toolbar_eula_launcher] "C:\Program Files\GoogleEULA\EULALauncher.exe"
          O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
          O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
          O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
          O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
          O4 - HKLM\..\Run: [KPN] "C:\Program Files\KPN\bin\sprtcmd.exe" /P KPN
          O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
          O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
          O4 - HKCU\..\Run: [Sidebar] "C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
          O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
          O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
          O4 - HKCU\..\Run: [first readme] "C:\ProgramData\Send active active.jscu7"
          O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
          O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
          O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
          O4 - Global Startup: Google Updater.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
          O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
          O4 - Global Startup: NkvMon.exe.lnk = C:\Program Files\Nikon\NkView6\NkvMon.exe
          O8 - Extra context menu item: Open with WordPerfect - C:\Program Files\WordPerfect Office X3\Programs\WPLauncher.hta
          O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
          O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
          O13 - Gopher Prefix:
          O16 - DPF: {149E45D8-163E-4189-86FC-45022AB2B6C9} (SpinTop DRM Control) - file:///C:/Program%20Files/Mahjong%20Escape%20-%20Ancient%20Japan/Images/stg_drm.ocx
          O16 - DPF: {193C772A-87BE-4B19-A7BB-445B226FE9A1} (ewidoOnlineScan Control) - http://downloads.ewido.net/ewidoOnlineScan.cab
          O16 - DPF: {CC450D71-CC90-424C-8638-1F2DBAC87A54} (ArmHelper Control) - file:///C:/Program%20Files/Mahjong%20Escape%20-%20Ancient%20Japan/Images/armhelper.ocx
          O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL
          O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
          O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
          O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
          O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktopManager.exe
          O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
          O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
          O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
          O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
          O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
          O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
          O23 - Service: SupportSoft Sprocket Service (KPN) (sprtsvc_KPN) - SupportSoft, Inc. - C:\Program Files\KPN\bin\sprtsvc.exe
          O23 - Service: XAudioService - Unknown owner - C:\Windows\system32\DRIVERS\xaudio.exe (file missing)

          --
          End of file - 7769 bytes

          Comment


          • #6
            Schakel tijdelijk Windows Defender uit
            Want deze kan voor stoorzender spelen bij het fixen met HJT (de fix terug ongedaan maken)
            * Open Windows Defender > Klik Tools
            * Klik "General Settings"
            * Scroll naar "Real Time Protection Options"
            * Haal het vinkje weg bij "Turn on Real Time Protection (recommended)" > Klik "Save"
            * Sluit Windows Defender
            (als de problemen over zijn, logje weer schoon verklaard is, kan je 'm weer aanzetten)

            Klik met de rechtermuis op het programma Hijackthis en kies voor "Uitvoeren als Administrator"
            Kies voor 'Do a system scan only'
            Selecteer alleen de items die hieronder zijn genoemd:

            O4 - HKCU\..\Run: [first readme] "C:\ProgramData\Send active active.jscu7"

            Klik op 'Fix checked' om de items te verwijderen.

            Lukt het wel om de bestanden te verwijderen met de verkenner?

            C:\ProgramData\Send active active.j9q02tx
            C:\ProgramData\Send active active.jscu7
            C:\ProgramData\Corn Thunk Lite.21ahm

            Comment


            • #7
              Ja, het is wel gelukt om bestanden te verwijderen via verkenner.
              Heb verder alles gedaan zoals je hebt omschreven.
              Helaas gaan de reclames gewoon door......
              Herinner me opeens dat ik gisteren ook een scan heb laten doen door spyware docter. Volgens deze was er sprake van een trojan-downloader.agent.DUJ. Maar omdat ik vervolgens moest betalen om deze te laten verwijderen, vertrouwde ik het niet helemaal.
              Wel fijn dat je me helpt, ik leer er ook nog eens wat van, groet, Floor

              Comment


              • #8
                post nog eens een nieuw log van hijackthis.

                Comment


                • #9
                  hier komt ie......(durf niet te vroeg te juichen, maar ik heb al een minuut of 5 geen reclame gezien......)

                  Logfile of Trend Micro HijackThis v2.0.2
                  Scan saved at 19:32:39, on 28-3-2008
                  Platform: Windows Vista (WinNT 6.00.1904)
                  MSIE: Internet Explorer v7.00 (7.00.6000.16609)
                  Boot mode: Normal

                  Running processes:
                  C:\Windows\system32\Dwm.exe
                  C:\Windows\system32\taskeng.exe
                  C:\Windows\Explorer.EXE
                  C:\Program Files\Windows Defender\MSASCui.exe
                  C:\Windows\RtHDVCpl.exe
                  C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
                  C:\Windows\System32\igfxtray.exe
                  C:\Windows\System32\hkcmd.exe
                  C:\Windows\System32\igfxpers.exe
                  C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
                  C:\Program Files\iTunes\iTunesHelper.exe
                  C:\Program Files\KPN\bin\sprtcmd.exe
                  C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
                  C:\Program Files\Windows Sidebar\sidebar.exe
                  C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
                  C:\Program Files\Google\Google Updater\GoogleUpdater.exe
                  C:\Program Files\Nikon\NkView6\NkvMon.exe
                  C:\Program Files\Internet Explorer\iexplore.exe
                  C:\Program Files\Google\Google Desktop Search\GoogleDesktopIndex.exe
                  C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
                  C:\Program Files\Internet Explorer\iexplore.exe
                  C:\Program Files\Google\Google Desktop Search\GoogleDesktopCrawl.exe
                  C:\Program Files\Windows Sidebar\sidebar.exe
                  C:\Program Files\Eset\nod32kui.exe
                  C:\Windows\system32\wbem\unsecapp.exe
                  C:\Program Files\Internet Explorer\ieuser.exe
                  C:\Windows\system32\Macromed\Flash\FlashUtil9e.exe
                  C:\Program Files\Internet Explorer\iexplore.exe
                  C:\Users\Joki\AppData\Local\Zylom Games\Bookworm Deluxe\Bookworm.exe
                  C:\Users\Joki\AppData\Local\Zylom Games\Bookworm Deluxe\Bookworm.dll
                  C:\Program Files\Internet Explorer\iexplore.exe
                  C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

                  R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.nl/
                  R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.medion.com/
                  R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
                  R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
                  R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
                  O1 - Hosts: ::1 localhost
                  O2 - BHO: Adobe PDF Reader Help bij koppelingen - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
                  O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
                  O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
                  O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
                  O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll
                  O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
                  O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
                  O4 - HKLM\..\Run: [NeroFilterCheck] "C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe"
                  O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
                  O4 - HKLM\..\Run: [SynTPEnh] "C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
                  O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
                  O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
                  O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
                  O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
                  O4 - HKLM\..\Run: [QuickFinder Scheduler] "C:\Program Files\WordPerfect Office X3\Programs\QFSCHD130.EXE"
                  O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
                  O4 - HKLM\..\Run: [toolbar_eula_launcher] "C:\Program Files\GoogleEULA\EULALauncher.exe"
                  O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
                  O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
                  O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
                  O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
                  O4 - HKLM\..\Run: [KPN] "C:\Program Files\KPN\bin\sprtcmd.exe" /P KPN
                  O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
                  O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
                  O4 - HKCU\..\Run: [Sidebar] "C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
                  O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
                  O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
                  O4 - HKCU\..\Run: [first readme] "C:\ProgramData\Send active active.oynm3"
                  O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
                  O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
                  O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
                  O4 - Global Startup: Google Updater.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
                  O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
                  O4 - Global Startup: NkvMon.exe.lnk = C:\Program Files\Nikon\NkView6\NkvMon.exe
                  O8 - Extra context menu item: Open with WordPerfect - C:\Program Files\WordPerfect Office X3\Programs\WPLauncher.hta
                  O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
                  O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
                  O13 - Gopher Prefix:
                  O16 - DPF: {149E45D8-163E-4189-86FC-45022AB2B6C9} (SpinTop DRM Control) - file:///C:/Program%20Files/Mahjong%20Escape%20-%20Ancient%20Japan/Images/stg_drm.ocx
                  O16 - DPF: {193C772A-87BE-4B19-A7BB-445B226FE9A1} (ewidoOnlineScan Control) - http://downloads.ewido.net/ewidoOnlineScan.cab
                  O16 - DPF: {CC450D71-CC90-424C-8638-1F2DBAC87A54} (ArmHelper Control) - file:///C:/Program%20Files/Mahjong%20Escape%20-%20Ancient%20Japan/Images/armhelper.ocx
                  O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL
                  O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
                  O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
                  O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
                  O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktopManager.exe
                  O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
                  O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
                  O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
                  O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
                  O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
                  O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
                  O23 - Service: SupportSoft Sprocket Service (KPN) (sprtsvc_KPN) - SupportSoft, Inc. - C:\Program Files\KPN\bin\sprtsvc.exe
                  O23 - Service: XAudioService - Unknown owner - C:\Windows\system32\DRIVERS\xaudio.exe (file missing)

                  --
                  End of file - 7968 bytes

                  Comment


                  • #10
                    Toch te vroeg gejuigd.......

                    Comment


                    • #11
                      "first readme" komt steeds terug met een ander bestand.

                      Maar eens iets anders proberen.

                      Volg de instructies zoals beschreven op de volgende pagina: hoe-dient-combofix-gebruikt-te-worden

                      Gebruik je Vista, dan hoeft de Recovery Console niet te worden geinstalleerd.
                      Is er iets niet duidelijk, dan vraag je het.
                      Als het tooltje klaar is, opent er een logfile (C:\combofix.txt).
                      Post de inhoud van dit bestandje samen met een nieuwe hijackthislog.

                      Comment


                      • #12
                        Hier de combofix resultaten:

                        ComboFix 08-03-27.1 - Joki 2008-03-28 20:39:18.1 - NTFSx86
                        Microsoft® Windows Vista™ Home Premium 6.0.6000.0.1252.1.1043.18.309 [GMT 1:00]
                        Gestart vanuit: C:\Users\Joki\Desktop\ComboFix.exe
                        * Nieuw herstelpunt werd aangemaakt
                        * Resident AV is active

                        .

                        (((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
                        .

                        D:\Autorun.inf

                        .
                        (((((((((((((((((((( Bestanden Gemaakt van 2008-02-28 to 2008-03-28 ))))))))))))))))))))))))))))))
                        .

                        2008-03-28 16:30 . 2008-03-28 16:30 <DIR> d-------- C:\Program Files\Trend Micro
                        2008-03-28 14:55 . 2008-03-28 14:55 <DIR> d-------- C:\Users\Joki\AppData\Roaming\Grisoft
                        2008-03-28 14:55 . 2008-03-28 14:55 <DIR> d-------- C:\Users\All Users\Grisoft
                        2008-03-28 14:55 . 2008-03-28 14:55 <DIR> d-------- C:\ProgramData\Grisoft
                        2008-03-28 14:55 . 2007-05-30 13:10 10,872 --a------ C:\Windows\System32\drivers\AvgAsCln.sys
                        2008-03-27 19:51 . 2008-03-27 19:51 0 --ah----- C:\ProgramData.LOG2
                        2008-03-27 19:51 . 2008-03-27 19:51 0 --ah----- C:\ProgramData.LOG1
                        2008-03-27 18:58 . 2008-03-27 18:58 164 --a------ C:\install.dat
                        2008-03-27 17:02 . 2008-03-27 19:52 <DIR> d-------- C:\Program Files\Spyware Doctor
                        2008-03-27 16:35 . 2008-03-28 18:35 <DIR> d-------- C:\Users\All Users\Google Updater
                        2008-03-27 16:35 . 2008-03-28 18:35 <DIR> d-------- C:\ProgramData\Google Updater
                        2008-03-27 14:38 . 2008-03-27 14:38 156,674,811 --a------ C:\Windows\MEMORY.DMP
                        2008-03-26 17:30 . 2008-03-26 17:41 <DIR> d-------- C:\Users\All Users\Spybot - Search & Destroy
                        2008-03-26 17:30 . 2008-03-26 17:41 <DIR> d-------- C:\ProgramData\Spybot - Search & Destroy
                        2008-03-26 17:30 . 2008-03-26 17:33 <DIR> d-------- C:\Program Files\Spybot - Search & Destroy
                        2008-03-26 13:12 . 2008-03-26 13:13 <DIR> d-------- C:\Users\All Users\Lavasoft
                        2008-03-26 13:12 . 2008-03-26 13:13 <DIR> d-------- C:\ProgramData\Lavasoft
                        2008-03-26 13:12 . 2008-03-26 13:12 <DIR> d-------- C:\Program Files\Lavasoft
                        2008-03-26 13:11 . 2008-03-26 13:11 <DIR> d-------- C:\Program Files\Common Files\Wise Installation Wizard
                        2008-03-26 12:51 . 2008-03-26 13:01 <DIR> d-------- C:\Program Files\Hitman Pro
                        2008-03-25 17:41 . 2008-03-25 17:41 <DIR> d-------- C:\Program Files\CCleaner
                        2008-03-24 19:14 . 2008-03-24 19:14 <DIR> d-------- C:\Users\All Users\up hold blue delete
                        2008-03-24 19:14 . 2008-03-24 19:14 <DIR> d-------- C:\Users\All Users\MoveHoldCopy
                        2008-03-24 19:14 . 2008-03-24 19:14 <DIR> d-------- C:\ProgramData\up hold blue delete
                        2008-03-24 19:14 . 2008-03-24 19:14 <DIR> d-------- C:\ProgramData\MoveHoldCopy
                        2008-03-24 18:56 . 2008-03-27 19:17 <DIR> d-------- C:\Users\Joki\Incomplete
                        2008-03-24 18:56 . 2008-03-24 20:55 <DIR> d-------- C:\Users\Joki\AppData\Roaming\LimeWirePlus
                        2008-03-24 17:09 . 2008-03-24 18:48 <DIR> d-------- C:\Program Files\Kyodai Mahjongg 2006
                        2008-03-24 16:17 . 2008-03-24 16:59 <DIR> d-------- C:\Program Files\Kyodai
                        2008-03-23 19:24 . 2008-03-23 19:24 <DIR> d-------- C:\Users\Joki\AppData\Roaming\SpinTop
                        2008-03-23 19:24 . 2008-03-27 19:50 <DIR> d-a------ C:\Users\All Users\TEMP
                        2008-03-23 19:24 . 2008-03-27 19:50 <DIR> d-a------ C:\ProgramData\TEMP
                        2008-03-11 19:28 . 2008-03-11 19:28 <DIR> d-------- C:\Users\Joki\AppData\Roaming\DAEMON Tools
                        2008-03-11 19:09 . 2008-03-11 19:31 716,272 --a------ C:\Windows\System32\drivers\sptd.sys
                        2008-03-05 13:03 . 2008-03-05 13:03 <DIR> d-------- C:\Users\All Users\SupportSoft
                        2008-03-05 13:03 . 2008-03-05 13:03 <DIR> d-------- C:\ProgramData\SupportSoft
                        2008-03-05 13:02 . 2008-03-05 13:03 <DIR> d-------- C:\Program Files\KPN
                        2008-03-05 13:02 . 2008-03-05 13:03 261 --a------ C:\Windows\{B0CDD92B-588D-475B-A77C-DD674ED537D8}_WiseFW.ini
                        2008-03-05 12:33 . 2008-03-05 12:33 <DIR> d-------- C:\Program Files\Common Files\SupportSoft
                        2008-03-04 16:29 . 2008-03-04 16:30 <DIR> d-------- C:\Program Files\Common Files\Adobe
                        2008-03-01 19:27 . 2008-03-01 19:27 54,156 --ah----- C:\Windows\QTFont.qfn
                        2008-03-01 19:27 . 2008-03-01 19:27 1,409 --a------ C:\Windows\QTFont.for
                        2008-03-01 19:26 . 2008-03-01 19:26 <DIR> d-------- C:\Program Files\iTunes
                        2008-03-01 19:26 . 2008-03-01 19:26 <DIR> d-------- C:\Program Files\iPod
                        2008-03-01 19:24 . 2008-03-01 19:24 <DIR> d-------- C:\Program Files\QuickTime

                        .
                        ((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
                        .
                        2008-03-27 21:07 --------- d-----w C:\Program Files\Java
                        2008-03-27 15:35 --------- d-----w C:\Program Files\Google
                        2008-03-24 15:15 --------- d-----w C:\Program Files\PopCap Games
                        2008-03-11 18:35 --------- d-----w C:\Program Files\ESET
                        2008-03-01 18:26 --------- d-----w C:\ProgramData\Apple Computer
                        2008-02-27 19:00 --------- d-----w C:\Program Files\Mozilla Thunderbird
                        2008-02-13 16:36 194,560 ----a-w C:\Windows\System32\WebClnt.dll
                        2008-02-13 16:36 110,080 ----a-w C:\Windows\system32\drivers\mrxdav.sys
                        2008-02-13 16:35 613,888 ----a-w C:\Windows\System32\wpd_ci.dll
                        2008-02-13 16:35 6,656 ----a-w C:\Windows\System32\kbd106n.dll
                        2008-02-13 16:35 260,096 ----a-w C:\Windows\System32\dpx.dll
                        2008-02-13 16:35 224,824 ----a-w C:\Windows\System32\clfs.sys
                        2008-02-13 16:35 221,696 ----a-w C:\Windows\System32\umpnpmgr.dll
                        2008-02-13 16:35 19,456 ----a-w C:\Windows\System32\cfgmgr32.dll
                        2008-02-13 16:35 101,888 ----a-w C:\Windows\System32\drvinst.exe
                        2008-02-13 16:32 803,328 ----a-w C:\Windows\system32\drivers\tcpip.sys
                        2008-02-13 16:32 24,064 ----a-w C:\Windows\System32\netcfg.exe
                        2008-02-13 16:32 22,016 ----a-w C:\Windows\System32\netiougc.exe
                        2008-02-13 16:32 216,632 ----a-w C:\Windows\system32\drivers\netio.sys
                        2008-02-13 16:32 167,424 ----a-w C:\Windows\System32\tcpipcfg.dll
                        2008-02-13 16:30 824,832 ----a-w C:\Windows\System32\wininet.dll
                        2008-02-13 16:30 52,736 ----a-w C:\Windows\AppPatch\iebrshim.dll
                        2008-02-13 16:30 26,624 ----a-w C:\Windows\System32\ieUnatt.exe
                        2008-02-13 16:29 56,320 ----a-w C:\Windows\System32\iesetup.dll
                        2008-01-30 20:28 --------- d--h--w C:\Program Files\InstallShield Installation Information
                        2008-01-30 20:28 --------- d-----w C:\Program Files\ArcSoft
                        2008-01-11 15:23 9,282 ----a-w C:\Program Files\INSTALL.LOG
                        2008-01-09 17:27 11,776 ----a-w C:\Windows\System32\sbunattend.exe
                        2008-01-03 12:09 28,672 ----a-w C:\Windows\System32\qttask.exe
                        2008-01-03 07:55 298,104 ----a-w C:\Windows\System32\imon.dll
                        2008-01-02 21:03 87,040 ----a-w C:\Windows\System32\msoert2.dll
                        2008-01-02 21:03 39,424 ----a-w C:\Windows\System32\ACCTRES.dll
                        2008-01-02 21:03 205,824 ----a-w C:\Windows\System32\msoeacct.dll
                        2008-01-02 21:02 49,664 ----a-w C:\Windows\System32\csrsrv.dll
                        2008-01-02 21:02 376,320 ----a-w C:\Windows\System32\winsrv.dll
                        2008-01-02 21:01 414,208 ----a-w C:\Windows\System32\msscp.dll
                        2008-01-02 21:01 374,456 ----a-w C:\Windows\System32\mcupdate_GenuineIntel.dll
                        2008-01-02 21:00 86,016 ----a-w C:\Windows\System32\icfupgd.dll
                        2008-01-02 21:00 8,147,968 ----a-w C:\Windows\System32\wmploc.DLL
                        2008-01-02 21:00 7,680 ----a-w C:\Windows\System32\spwmp.dll
                        2008-01-02 21:00 61,952 ----a-w C:\Windows\System32\cmifw.dll
                        2008-01-02 21:00 4,096 ----a-w C:\Windows\System32\dxmasf.dll
                        2008-01-02 21:00 396,800 ----a-w C:\Windows\System32\MPSSVC.dll
                        2008-01-02 21:00 392,192 ----a-w C:\Windows\System32\FirewallAPI.dll
                        2008-01-02 21:00 178,688 ----a-w C:\Windows\System32\iphlpsvc.dll
                        2008-01-02 21:00 16,896 ----a-w C:\Windows\System32\wfapigp.dll
                        2008-01-02 21:00 1,191,936 ----a-w C:\Windows\System32\msxml3.dll
                        2008-01-02 20:59 9,728 ----a-w C:\Windows\System32\LAPRXY.DLL
                        2008-01-02 20:59 223,232 ----a-w C:\Windows\System32\WMASF.DLL
                        2008-01-02 20:59 1,327,104 ----a-w C:\Windows\System32\quartz.dll
                        2008-01-02 20:58 84,480 ----a-w C:\Windows\System32\INETRES.dll
                        2008-01-02 20:58 737,792 ----a-w C:\Windows\System32\inetcomm.dll
                        2008-01-02 20:58 1,335,296 ----a-w C:\Windows\System32\msxml6.dll
                        2008-01-02 20:55 788,992 ----a-w C:\Windows\System32\rpcrt4.dll
                        2008-01-02 20:55 5,120 ----a-w C:\Windows\System32\wmi.dll
                        2008-01-02 20:55 3,504,824 ----a-w C:\Windows\System32\ntkrnlpa.exe
                        2008-01-02 20:55 3,470,520 ----a-w C:\Windows\System32\ntoskrnl.exe
                        2008-01-02 20:55 152,576 ----a-w C:\Windows\System32\imagehlp.dll
                        2008-01-02 20:54 750,080 ----a-w C:\Windows\System32\qmgr.dll
                        2008-01-02 20:54 633,856 ----a-w C:\Windows\System32\user32.dll
                        2008-01-02 20:54 2,026,496 ----a-w C:\Windows\System32\win32k.sys
                        2008-01-02 20:40 53,080 ----a-w C:\Windows\System32\wuauclt.exe
                        2008-01-02 20:40 43,352 ----a-w C:\Windows\System32\wups2.dll
                        2008-01-02 20:40 1,712,984 ----a-w C:\Windows\System32\wuaueng.dll
                        2008-01-02 20:40 1,524,224 ----a-w C:\Windows\System32\wucltux.dll
                        2008-01-02 20:39 80,896 ----a-w C:\Windows\System32\wudriver.dll
                        2008-01-02 20:39 549,720 ----a-w C:\Windows\System32\wuapi.dll
                        2008-01-02 20:39 33,624 ----a-w C:\Windows\System32\wups.dll
                        2008-01-02 20:39 31,232 ----a-w C:\Windows\System32\wuapp.exe
                        2008-01-02 20:39 163,000 ----a-w C:\Windows\System32\wuwebv.dll
                        2006-11-02 12:50 174 --sha-w C:\Program Files\desktop.ini
                        2001-05-24 10:59 162,304 ----a-w C:\Program Files\UNWISE.EXE
                        .

                        ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
                        .
                        .
                        REGEDIT4
                        *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

                        [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
                        "Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe" [2008-01-09 18:27 1232896]
                        "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe" [2006-12-23 17:05 143360]
                        "swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-03-27 16:35 68856]
                        "first readme"="C:\ProgramData\Send active active.oynm3" [2008-03-28 18:52 143376]

                        [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
                        "Windows Defender"="C:\Program Files\Windows Defender\MSASCui.exe" [2006-11-02 13:34 1004136]
                        "NeroFilterCheck"="C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe" [2006-01-12 14:40 155648]
                        "RtHDVCpl"="RtHDVCpl.exe" [2006-11-20 14:13 4018176 C:\Windows\RtHDVCpl.exe]
                        "SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [2006-10-23 11:00 815104]
                        "IgfxTray"="C:\Windows\system32\igfxtray.exe" [2006-11-28 20:14 98304]
                        "HotKeysCmds"="C:\Windows\system32\hkcmd.exe" [2006-11-28 20:17 106496]
                        "Persistence"="C:\Windows\system32\igfxpers.exe" [2006-11-28 20:13 81920]
                        "ISUSScheduler"="C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" [2005-08-11 15:30 81920]
                        "QuickFinder Scheduler"="C:\Program Files\WordPerfect Office X3\Programs\QFSCHD130.EXE" [2006-07-04 23:01 77892]
                        "Google Desktop Search"="C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" [2007-04-10 14:51 220160]
                        "toolbar_eula_launcher"="C:\Program Files\GoogleEULA\EULALauncher.exe" [2007-02-09 15:54 16896]
                        "nod32kui"="C:\Program Files\Eset\nod32kui.exe" [2008-01-03 08:55 949376]
                        "QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [2008-01-31 23:13 385024]
                        "iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2008-02-19 13:10 267048]
                        "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 22:16 39792]
                        "KPN"="C:\Program Files\KPN\bin\sprtcmd.exe" [2007-10-23 11:36 198184]
                        "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [2008-02-22 04:25 144784]
                        "!AVG Anti-Spyware"="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [2007-06-11 10:25 6731312]

                        C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\
                        Google Updater.lnk - C:\Program Files\Google\Google Updater\GoogleUpdater.exe [2008-03-27 16:35:40 124400]
                        Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office\OSA9.EXE [2000-01-21 17:15:56 65588]
                        NkvMon.exe.lnk - C:\Program Files\Nikon\NkView6\NkvMon.exe [2008-01-03 13:09:56 233472]

                        [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
                        "AppInit_DLLs"=C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL

                        [HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
                        "AntiVirusOverride"=dword:00000001

                        [HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
                        "TCP Query User{2B60A73C-45F5-4D0A-998E-57ED37958B37}C:\\program files\\internet explorer\\iexplore.exe"= UDP:C:\program files\internet explorer\iexplore.exe:Internet Explorer
                        "UDP Query User{671B219B-EB53-407C-97F3-455ABE2619FE}C:\\program files\\internet explorer\\iexplore.exe"= TCP:C:\program files\internet explorer\iexplore.exe:Internet Explorer
                        "{86B4F626-052B-472F-8BB3-048B63560E61}"= UDP:C:\Program Files\iTunes\iTunes.exe:iTunes
                        "{B895D58E-0005-41BF-BB05-F28B3338DEB5}"= TCP:C:\Program Files\iTunes\iTunes.exe:iTunes
                        "{58A2A86E-671E-442F-B6BE-B02E30B4B926}"= UDP:C:\Program Files\KPN\agent\bin\bcont.exe:bcont.exe
                        "{5B0919BD-9601-4A4E-89FD-18558FB8585D}"= TCP:C:\Program Files\KPN\agent\bin\bcont.exe:bcont.exe
                        "TCP Query User{0F0A2A1A-F257-4A9A-98F0-5799810F4A3E}C:\\program files\\limewire plus\\limewire.exe"= UDP:C:\program files\limewire plus\limewire.exe:LimeWire
                        "UDP Query User{2388B1BA-DB97-4495-A737-953DDD62BA56}C:\\program files\\limewire plus\\limewire.exe"= TCP:C:\program files\limewire plus\limewire.exe:LimeWire

                        [HKLM\~\services\sharedaccess\parameters\firewallpolicy\PublicProfile]
                        "EnableFirewall"= 0 (0x0)

                        [HKLM\~\services\sharedaccess\parameters\firewallpolicy\RestrictedServices\Static\System]
                        "DFSR-1"= RPort=5722|UDP:%SystemRoot%\system32\svchost.exe|Svc=DFSR:Allow inbound TCP traffic|

                        R2 sprtsvc_KPN;SupportSoft Sprocket Service (KPN);"C:\Program Files\KPN\bin\sprtsvc.exe" /service /p KPN
                        R3 athrusb;Atheros Wireless LAN USB device driver;C:\Windows\system32\DRIVERS\athrusb.sys [2006-12-22 20:05]
                        R3 igfx;igfx;C:\Windows\system32\DRIVERS\igdkmd32.sys [2006-11-28 21:39]
                        S3 R300;R300;C:\Windows\system32\DRIVERS\atikmdag.sys [2006-11-02 08:36]

                        *Newly Created Service* - AVG_ANTI-SPYWARE_DRIVER
                        .
                        **************************************************************************

                        catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
                        Rootkit scan 2008-03-28 20:42:02
                        Windows 6.0.6000 NTFS

                        scannen van verborgen processen ...

                        scannen van verborgen autostart items ...

                        scannen van verborgen bestanden ...

                        Scan succesvol afgerond
                        verborgen bestanden: 0

                        **************************************************************************
                        .
                        Voltooingstijd: 2008-03-28 20:42:44
                        ComboFix-quarantined-files.txt 2008-03-28 19:42:40
                        Pre-Run: 91,958,161,408 bytes beschikbaar
                        Post-Run: 91,933,667,328 bytes beschikbaar
                        .
                        2008-03-28 12:51:09 --- E O F ---


                        En dan hier nog een keer de hijackThis:

                        Logfile of Trend Micro HijackThis v2.0.2
                        Scan saved at 20:46:06, on 28-3-2008
                        Platform: Windows Vista (WinNT 6.00.1904)
                        MSIE: Internet Explorer v7.00 (7.00.6000.16609)
                        Boot mode: Normal

                        Running processes:
                        C:\Windows\system32\Dwm.exe
                        C:\Windows\system32\taskeng.exe
                        C:\Program Files\Windows Defender\MSASCui.exe
                        C:\Windows\RtHDVCpl.exe
                        C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
                        C:\Windows\System32\igfxtray.exe
                        C:\Windows\System32\hkcmd.exe
                        C:\Windows\System32\igfxpers.exe
                        C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
                        C:\Program Files\iTunes\iTunesHelper.exe
                        C:\Program Files\KPN\bin\sprtcmd.exe
                        C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
                        C:\Program Files\Windows Sidebar\sidebar.exe
                        C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
                        C:\Program Files\Google\Google Updater\GoogleUpdater.exe
                        C:\Program Files\Nikon\NkView6\NkvMon.exe
                        C:\Program Files\Google\Google Desktop Search\GoogleDesktopIndex.exe
                        C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
                        C:\Program Files\Google\Google Desktop Search\GoogleDesktopCrawl.exe
                        C:\Program Files\Windows Sidebar\sidebar.exe
                        C:\Windows\system32\wbem\unsecapp.exe
                        C:\Windows\system32\conime.exe
                        C:\Windows\Explorer.exe
                        C:\Windows\system32\notepad.exe
                        C:\Windows\system32\SearchFilterHost.exe
                        C:\Program Files\Internet Explorer\ieuser.exe
                        C:\Program Files\Internet Explorer\iexplore.exe
                        C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

                        R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.nl/
                        R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
                        R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
                        R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
                        R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
                        O1 - Hosts: ::1 localhost
                        O2 - BHO: Adobe PDF Reader Help bij koppelingen - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
                        O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
                        O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
                        O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
                        O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll
                        O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
                        O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
                        O4 - HKLM\..\Run: [NeroFilterCheck] "C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe"
                        O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
                        O4 - HKLM\..\Run: [SynTPEnh] "C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
                        O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
                        O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
                        O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
                        O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
                        O4 - HKLM\..\Run: [QuickFinder Scheduler] "C:\Program Files\WordPerfect Office X3\Programs\QFSCHD130.EXE"
                        O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
                        O4 - HKLM\..\Run: [toolbar_eula_launcher] "C:\Program Files\GoogleEULA\EULALauncher.exe"
                        O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
                        O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
                        O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
                        O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
                        O4 - HKLM\..\Run: [KPN] "C:\Program Files\KPN\bin\sprtcmd.exe" /P KPN
                        O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
                        O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
                        O4 - HKCU\..\Run: [Sidebar] "C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
                        O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
                        O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
                        O4 - HKCU\..\Run: [first readme] "C:\ProgramData\Send active active.oynm3"
                        O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
                        O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
                        O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
                        O4 - Global Startup: Google Updater.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
                        O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
                        O4 - Global Startup: NkvMon.exe.lnk = C:\Program Files\Nikon\NkView6\NkvMon.exe
                        O8 - Extra context menu item: Open with WordPerfect - C:\Program Files\WordPerfect Office X3\Programs\WPLauncher.hta
                        O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
                        O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
                        O13 - Gopher Prefix:
                        O16 - DPF: {149E45D8-163E-4189-86FC-45022AB2B6C9} (SpinTop DRM Control) - file:///C:/Program%20Files/Mahjong%20Escape%20-%20Ancient%20Japan/Images/stg_drm.ocx
                        O16 - DPF: {193C772A-87BE-4B19-A7BB-445B226FE9A1} (ewidoOnlineScan Control) - http://downloads.ewido.net/ewidoOnlineScan.cab
                        O16 - DPF: {CC450D71-CC90-424C-8638-1F2DBAC87A54} (ArmHelper Control) - file:///C:/Program%20Files/Mahjong%20Escape%20-%20Ancient%20Japan/Images/armhelper.ocx
                        O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL
                        O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
                        O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
                        O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
                        O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktopManager.exe
                        O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
                        O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
                        O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
                        O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
                        O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
                        O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
                        O23 - Service: SupportSoft Sprocket Service (KPN) (sprtsvc_KPN) - SupportSoft, Inc. - C:\Program Files\KPN\bin\sprtsvc.exe
                        O23 - Service: XAudioService - Unknown owner - C:\Windows\system32\DRIVERS\xaudio.exe (file missing)

                        --
                        End of file - 7722 bytes

                        Krijg zo bezoek, weet niet of ik dan vanavond nog kan reageren. Groet, Floor

                        Comment


                        • #13
                          Ik wil toch nog informatie van een ander programma.

                          Download dit bestand:
                          Deljob.exe(mirror)

                          Plaats het op je bureaublad.

                          Dubbelklik Deljob.exe.
                          Een logje(logit.txt) zal openen, het bestandje kan je ook terugvinden op je bureaublad.
                          Post de inhoud van logit.txt in je volgende bericht.

                          Comment


                          • #14
                            Komtie dan :

                            --------------------------------------------------------
                            No LOP job-files found
                            --------------------------------------------------------
                            Files in Windows Tasks folder

                            --------------------------------------------------------
                            Export App Data folders
                            --------------------------------------------------------
                            De volumenaam van station C is BOOT
                            Het volumenummer is 3A76-ECD8

                            Map van C:\ProgramData

                            04-03-2008 16:30 <DIR> Adobe
                            11-01-2008 20:25 <DIR> Apple
                            01-03-2008 19:26 <DIR> APPLEC~1 Apple Computer
                            10-04-2007 08:07 <DIR> Borland
                            03-01-2008 12:05 <DIR> Corel
                            10-04-2007 14:51 <DIR> Google
                            28-03-2008 18:35 <DIR> GOOGLE~1 Google Updater
                            28-03-2008 14:55 <DIR> Grisoft
                            10-04-2007 08:06 <DIR> INSTAL~1 InstallShield
                            26-03-2008 13:13 <DIR> Lavasoft
                            24-03-2008 19:14 <DIR> MOVEHO~1 MoveHoldCopy
                            05-04-2007 08:34 <DIR> Nero
                            03-01-2008 13:09 <DIR> QUICKT~1 QuickTime
                            24-03-2008 19:14 94.224 SENDAC~1.4L2 Send active active.4l2ie
                            28-03-2008 18:52 143.376 SENDAC~1.OYN Send active active.oynm3
                            26-03-2008 17:41 <DIR> SPYBOT~1 Spybot - Search & Destroy
                            05-03-2008 13:03 <DIR> SUPPOR~1 SupportSoft
                            27-03-2008 19:50 <DIR> TEMP
                            24-03-2008 19:14 <DIR> UPHOLD~1 up hold blue delete
                            2 bestand(en) 237.600 bytes
                            17 map(pen) 91.981.869.056 bytes beschikbaar
                            --------------------------------------------------------
                            All User Accounts
                            --------------------------------------------------------

                            --------------------------------------------------------

                            Comment


                            • #15
                              Download OTMoveIt2.exe en plaats het op je bureaublad:
                              • Start OTMoveIt2 door dubbel te klikken op OTMoveIt2.exe
                              • Kopi?er (selecteren en druk Ctrl-C) de onderstaande, vetgedrukte tekst:

                                C:\ProgramData\Send active active.oynm3
                                C:\ProgramData\Send active active.4l2ie
                                C:\ProgramData\up hold blue delete
                                C:\ProgramData\MoveHoldCopy
                              • Plak de gekopi?erde tekst (druk Ctrl-V) in het "Paste List of Files/Folders to be moved" venster.
                              • Klik daarna op de rode knop MoveIt onderaan.
                              • Wanneer voltooid zal het een log aanmaken (********_******.log -- de * staat voor datum en tijd) in de volgende map: C:\_OTMoveIt\MovedFiles.
                              • Post de inhoud daarvan in je volgende bericht.


                              Post dan ook nog een nieuw log van deljob.exe

                              Comment

                              Sorry, you are not authorized to view this page
                              Working...
                              X