Mededeling

Collapse
No announcement yet.

aub help blijf steets maar last hebben van adserver

Collapse
X
  •  
  • Filter
  • Tijd
  • Show
Clear All
new posts

  • aub help blijf steets maar last hebben van adserver

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 12:25:17, on 20-4-2008
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16640)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Windows Defender\MsMpEng.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\Explorer.exe
    C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    C:\Program Files\Alwil Software\Avast4\ashServ.exe
    C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    C:\WINDOWS\System32\svchost.exe
    F:\iWin Games\iWinGamesInstaller.exe
    C:\WINDOWS\system32\HPZipm12.exe
    D:\Alcohol 120\StarWind\StarWindServiceAE.exe
    C:\WINDOWS\smrs.exe
    C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    C:\Program Files\Windows Media Player\WMPNSCFG.exe
    C:\Program Files\Windows Live\Messenger\msnmsgr.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Internet Explorer\IEXPLORE.EXE
    C:\Program Files\Internet Explorer\IEXPLORE.EXE
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Windows Live\Messenger\usnsvc.exe
    C:\WINDOWS\System32\Rundll32.exe
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Internet Explorer\IEXPLORE.EXE
    D:\Office12\OUTLOOK.EXE
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.nl/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
    R3 - URLSearchHook: (no name) - - (no file)
    F2 - REG:system.ini: Shell=Explorer.exe C:\WINDOWS\smrs.exe
    O2 - BHO: Adobe PDF Reader Help bij koppelingen - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: (no name) - {4E1C70A1-3016-4CDC-8DB8-953ADF40B612} - C:\WINDOWS\system32\at.dll
    O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - I:\Spybot - Search & Destroy\SDHelper.dll
    O2 - BHO: Search Assistant MySidesearch - {6156A32A-C512-4e23-AA9A-2315F4265681} - C:\WINDOWS\system32\myss_sb.dll
    O2 - BHO: GamesBar - {6F282B65-56BF-4BD1-A8B2-A4449A05863D} - C:\Program Files\GamesBar\oberontb.dll
    O2 - BHO: cpmsky browser optimizer - {709556e6-9207-b9f3-034a-5d6a8ad9b7a1} - C:\WINDOWS\system32\{c7c73b18-a4c4-0c9b-409f-0b386e4f8ba5}.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
    O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: adzgalore - {994B5FB4-0103-44A6-B6B3-C73572B362BC} - C:\WINDOWS\system32\nsv10.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll
    O3 - Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - (no file)
    O3 - Toolbar: (no name) - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - (no file)
    O3 - Toolbar: GamesBar - {6F282B65-56BF-4BD1-A8B2-A4449A05863D} - C:\Program Files\GamesBar\oberontb.dll
    O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKLM\..\Run: [spa_start] C:\WINDOWS\System32\Rundll32.exe "C:\WINDOWS\system32\{c7c73b18-a4c4-0c9b-409f-0b386e4f8ba5}.dll" DllInit
    O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
    O4 - HKCU\..\Run: [MSMSGS] C:\Program Files\Messenger\msmsgs.exe
    O4 - HKCU\..\Run: [dog blah] C:\DOCUME~1\ikke\APPLIC~1\VIEWMA~1\bat comp.exe
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Lokale service')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Netwerkservice')
    O4 - Startup: iWin Desktop Alerts.lnk = C:\Documents and Settings\All Users\Application Data\iWin Games\DesktopAlerts\DesktopAlerts.exe
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
    O9 - Extra button: (no name) - {1A93C934-025B-4c3a-B38E-9654A7003239} - C:\Program Files\GamesBar\oberontb.dll
    O9 - Extra 'Tools' menuitem: GamesBar - {1A93C934-025B-4c3a-B38E-9654A7003239} - C:\Program Files\GamesBar\oberontb.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\Office12\REFIEBAR.DLL
    O9 - Extra button: (no name) - {AEF9B8DB-0DEF-4c0b-8209-661C9E82B8C3} - C:\Program Files\WinSysClean 2008 Trial\UDManager\UDManager.exe (file missing)
    O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - I:\Spybot - Search & Destroy\SDHelper.dll
    O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - I:\Spybot - Search & Destroy\SDHelper.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: CabBuilder - http://kiw.imgag.com/imgag/kiw/toolbar/download/InstallerControl.cab
    O16 - DPF: {149E45D8-163E-4189-86FC-45022AB2B6C9} (SpinTop DRM Control) - file:///C:/Program%20Files/Mystery%20P.I.%20-%20The%20Vegas%20Heist/Images/stg_drm.ocx
    O16 - DPF: {193C772A-87BE-4B19-A7BB-445B226FE9A1} (ewidoOnlineScan Control) - http://downloads.ewido.net/ewidoOnlineScan.cab
    O16 - DPF: {CC450D71-CC90-424C-8638-1F2DBAC87A54} - file:///C:/Program%20Files/Cate%20West%20-%20The%20Vanishing%20Files/Images/armhelper.ocx
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    O23 - Service: Boonty Games - BOONTY - C:\Program Files\Common Files\BOONTY Shared\Service\Boonty.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: HP Port Resolver - Hewlett-Packard Company - C:\WINDOWS\system32\spool\drivers\w32x86\3\HPBPRO.EXE
    O23 - Service: HP Status Server - Hewlett-Packard Company - C:\WINDOWS\system32\spool\drivers\w32x86\3\HPBOID.EXE
    O23 - Service: iWinGamesInstaller - iWin Inc. - F:\iWin Games\iWinGamesInstaller.exe
    O23 - Service: NBService - Nero AG - D:\Nero 7\Nero BackItUp\NBService.exe
    O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
    O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - D:\Alcohol 120\StarWind\StarWindServiceAE.exe
    O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe

    --
    End of file - 8426 bytes

  • #2
    Probeer dit programma eens: LOP-uninstall.exe
    Voer bij “Uninstall verification“ de zevencijferige code in en klik “Uninstall“
    Klik bij “Legal notice” OK
    Sluit alle vensters en klik OK
    Wacht .......en klik bij “Uninstall complete for all users“ OK.

    Download: RVAXO.exe
    • Sla het bestand op je bureaublad op, dubbelklik het en kies voor "Unzip" om het uit te pakken.
    • Start de computer in veilige modus.
    • Open nu de map RVAXO op je bureaublad en dubbeklik RunMe.cmd
      Er zal een cmd-schermpje openen, daarin zullen snel enkele regels over niet gevonden bestanden voorbijkomen, dit is normaal.
    • Mogelijk start er ook een uninstaller van een rogue scanner op, sluit deze niet af maar volg eventuele aanwijzingen en laat deze gewoon zijn werk doen.
    • Daarna zal je PC herstarten, laat hem nu weer in normale modus starten. Na de herstart opent het cmd-venster van RVAXO opnieuw.
      Laat deze lopen en wacht tot er een logfile opent: C:\RVAXO-results.log
    • Herstart je computer niet vanzelf, of start de tool niet na de reboot, doe dit dan handmatig.
    • Post de inhoud van de logfile in je volgende bericht.

    Download Deckard's System Scanner naar je Bureaublad.
    • Sluit alle toepassingen en vensters.
    • Dubbelklik op dss.exe om het te activeren, en volg de aanwijzingen.
    • Wanneer de scan volledig is, zal een tekstbestand - main.txt - openen.
    • Kopieer (Ctrl+A gevolgd door Ctrl+C) en plak (Ctrl+V) de inhoud van main.txt in je volgende antwoord evenals extra.txt.

    Opmerking: Sommige firewalls kunnen waarschuwen dat sigcheck.exe probeert verbinding te maken met het internet
    - zorg dat sigcheck.exe toestemming krijgt om dit te doen !
    Tevens kan het gebeuren dat je Antivirus DSS als verdacht aangeeft, of zelfs probeert te verwijderen.
    Laat je Antivirus dit niet verwijderen ! (In dit geval is het misschien beter om tijdens de scan van DSS je Antivirus even uit te schakelen)

    Comment


    • #3
      hallo dank u dat u mij wil helpen
      alvast bedankt
      maar ik kan t progamma rvaxo.exe. niet binnen krijgen
      ook t progamma deckard,system scanner niet
      wat doe ik verkeerd
      gr,willie
      Last edited by willie55; 20-04-08, 19:09.

      Comment


      • #4
        Probeer rvaxo eens via deze link te downloaden.

        Comment


        • #5
          RVAXO.exe Updated: 2008-04-20---first run---
          Uninstallers:

          Files found:
          C:\WINDOWS\system32\mysidesearch_sidebar_uninstall.exe
          C:\WINDOWS\wininit.ini
          C:\WINDOWS\smrs.exe
          C:\WINDOWS\system32\mysidesearch_sidebar_uninstall.exe
          C:\WINDOWS\system32\myss_sb_uninstall.exe
          C:\WINDOWS\system32\cpmsky-uninst.exe
          C:\WINDOWS\system32\at.dll
          C:\WINDOWS\system32\adzgalore-remove.exe
          C:\WINDOWS\system32\rightonadz-uninst.exe

          Folders Found:
          C:\Program Files\Adzgalore Games Collection

          Hosts-file was reset, If you use a custom hosts file please replace it...

          --------------RVAXO.exe last run---------------
          Not deleted items:

          --------------RVAXO.exe finished----------------

          Comment


          • #6
            ook deze is mij gelukt

            Deckard's System Scanner v20071014.68
            Run by ikke on 2008-04-20 22:01:33
            Computer is in Normal Mode.
            --------------------------------------------------------------------------------

            -- System Restore --------------------------------------------------------------

            Successfully created a Deckard's System Scanner Restore Point.


            -- Last 4 Restore Point(s) --
            4: 2008-04-20 20:01:43 UTC - RP4 - Deckard's System Scanner Restore Point
            3: 2008-04-20 12:32:25 UTC - RP3 - Windows Defender Checkpoint
            2: 2008-04-20 10:06:02 UTC - RP2 - Configured Microsoft Office Professional Plus 2007
            1: 2008-04-20 08:22:31 UTC - RP1 - Controlepunt van systeem


            Backed up registry hives.
            Performed disk cleanup.

            Total Physical Memory: 256 MiB (512 MiB recommended).


            -- HijackThis (run as ikke.exe) ------------------------------------------------

            Logfile of Trend Micro HijackThis v2.0.2
            Scan saved at 22:03:46, on 20-4-2008
            Platform: Windows XP SP2 (WinNT 5.01.2600)
            MSIE: Internet Explorer v7.00 (7.00.6000.16640)
            Boot mode: Normal

            Running processes:
            C:\WINDOWS\System32\smss.exe
            C:\WINDOWS\system32\winlogon.exe
            C:\WINDOWS\system32\services.exe
            C:\WINDOWS\system32\lsass.exe
            C:\WINDOWS\system32\svchost.exe
            C:\Program Files\Windows Defender\MsMpEng.exe
            C:\WINDOWS\System32\svchost.exe
            C:\WINDOWS\system32\spoolsv.exe
            C:\WINDOWS\Explorer.EXE
            C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
            C:\Program Files\Alwil Software\Avast4\ashServ.exe
            C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
            C:\WINDOWS\System32\svchost.exe
            F:\iWin Games\iWinGamesInstaller.exe
            C:\WINDOWS\system32\HPZipm12.exe
            D:\Alcohol 120\StarWind\StarWindServiceAE.exe
            C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
            C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
            C:\WINDOWS\system32\WgaTray.exe
            C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
            C:\Program Files\Windows Media Player\WMPNSCFG.exe
            C:\Program Files\Windows Live\Messenger\msnmsgr.exe
            C:\WINDOWS\system32\ctfmon.exe
            C:\Program Files\Windows Live\Messenger\usnsvc.exe
            C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
            C:\Documents and Settings\ikke\Local Settings\Temporary Internet Files\Content.IE5\PNPAOD87\dss[1].exe
            C:\PROGRA~1\TRENDM~1\HIJACK~1\ikke.exe

            R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.nl/
            R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
            R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
            R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
            R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
            R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
            R3 - URLSearchHook: (no name) - - (no file)
            O2 - BHO: Adobe PDF Reader Help bij koppelingen - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
            O2 - BHO: (no name) - {4E1C70A1-3016-4CDC-8DB8-953ADF40B612} - C:\WINDOWS\system32\at.dll (file missing)
            O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - I:\Spybot - Search & Destroy\SDHelper.dll
            O2 - BHO: GamesBar - {6F282B65-56BF-4BD1-A8B2-A4449A05863D} - C:\Program Files\GamesBar\oberontb.dll
            O2 - BHO: cpmsky browser optimizer - {709556e6-9207-b9f3-034a-5d6a8ad9b7a1} - C:\WINDOWS\system32\{c7c73b18-a4c4-0c9b-409f-0b386e4f8ba5}.dll (file missing)
            O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
            O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
            O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll
            O3 - Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - (no file)
            O3 - Toolbar: (no name) - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - (no file)
            O3 - Toolbar: GamesBar - {6F282B65-56BF-4BD1-A8B2-A4449A05863D} - C:\Program Files\GamesBar\oberontb.dll
            O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
            O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
            O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
            O4 - HKCU\..\Run: [MSMSGS] C:\Program Files\Messenger\msmsgs.exe
            O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
            O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Lokale service')
            O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Netwerkservice')
            O4 - Startup: iWin Desktop Alerts.lnk = C:\Documents and Settings\All Users\Application Data\iWin Games\DesktopAlerts\DesktopAlerts.exe
            O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
            O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
            O9 - Extra button: (no name) - {1A93C934-025B-4c3a-B38E-9654A7003239} - C:\Program Files\GamesBar\oberontb.dll
            O9 - Extra 'Tools' menuitem: GamesBar - {1A93C934-025B-4c3a-B38E-9654A7003239} - C:\Program Files\GamesBar\oberontb.dll
            O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\Office12\REFIEBAR.DLL
            O9 - Extra button: (no name) - {AEF9B8DB-0DEF-4c0b-8209-661C9E82B8C3} - C:\Program Files\WinSysClean 2008 Trial\UDManager\UDManager.exe (file missing)
            O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
            O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - I:\Spybot - Search & Destroy\SDHelper.dll
            O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - I:\Spybot - Search & Destroy\SDHelper.dll
            O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
            O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
            O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
            O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
            O16 - DPF: CabBuilder - http://kiw.imgag.com/imgag/kiw/toolbar/download/InstallerControl.cab
            O16 - DPF: {149E45D8-163E-4189-86FC-45022AB2B6C9} (SpinTop DRM Control) - file:///C:/Program%20Files/Mystery%20P.I.%20-%20The%20Vegas%20Heist/Images/stg_drm.ocx
            O16 - DPF: {193C772A-87BE-4B19-A7BB-445B226FE9A1} (ewidoOnlineScan Control) - http://downloads.ewido.net/ewidoOnlineScan.cab
            O16 - DPF: {CC450D71-CC90-424C-8638-1F2DBAC87A54} - file:///C:/Program%20Files/Cate%20West%20-%20The%20Vanishing%20Files/Images/armhelper.ocx
            O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
            O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
            O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
            O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
            O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
            O23 - Service: HP Port Resolver - Hewlett-Packard Company - C:\WINDOWS\system32\spool\drivers\w32x86\3\HPBPRO.EXE
            O23 - Service: HP Status Server - Hewlett-Packard Company - C:\WINDOWS\system32\spool\drivers\w32x86\3\HPBOID.EXE
            O23 - Service: iWinGamesInstaller - iWin Inc. - F:\iWin Games\iWinGamesInstaller.exe
            O23 - Service: NBService - Nero AG - D:\Nero 7\Nero BackItUp\NBService.exe
            O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
            O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - D:\Alcohol 120\StarWind\StarWindServiceAE.exe
            O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe

            --
            End of file - 7551 bytes

            -- File Associations -----------------------------------------------------------

            All associations okay.


            -- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------

            R0 BootScreen - c:\windows\\systemroot\system32\drivers\vidstub.sys (file missing)
            R1 SiSkp - c:\windows\system32\drivers\srvkp.sys <Not Verified; Silicon Integrated Systems Corporation; SiS (R) WindowsXP Display Manager>
            R2 irda (IrDA Protocol) - c:\windows\system32\drivers\irda.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
            R3 cmuda (C-Media WDM Audio Interface) - c:\windows\system32\drivers\cmuda.sys <Not Verified; C-Media Inc; C-Media Audio Driver (WDM)>
            R3 Rasirda (WAN-minipoort (IrDA)) - c:\windows\system32\drivers\rasirda.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
            R3 SISNIC (Stuurprogramma voor SiS PCI snelle ethernet-adapter) - c:\windows\system32\drivers\sisnic.sys <Not Verified; SiS Corporation; NDIS 5.1 NIC Driver>

            S3 irsir (Microsoft-stuurprogramma voor serieel infraroodapparaat) - c:\windows\system32\drivers\irsir.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
            S3 pcouffin (VSO Software pcouffin) - c:\windows\system32\drivers\pcouffin.sys <Not Verified; VSO Software; Patin couffin engine>
            S3 SE30bus (Sony Ericsson Device 048 Driver driver (WDM)) - c:\windows\system32\drivers\se30bus.sys <Not Verified; MCCI; Sony Ericsson Device 048 Driver>
            S3 SE30mdfl (Sony Ericsson Device 048 USB WMC Modem Filter) - c:\windows\system32\drivers\se30mdfl.sys <Not Verified; MCCI; Sony Ericsson Device 048 USB WMC Modem Filter Driver>
            S3 SE30mdm (Sony Ericsson Device 048 USB WMC Modem Driver) - c:\windows\system32\drivers\se30mdm.sys <Not Verified; MCCI; Sony Ericsson Device 048 USB WMC Data Modem>
            S3 SE30mgmt (Sony Ericsson Device 048 USB WMC Device Management Drivers (WDM)) - c:\windows\system32\drivers\se30mgmt.sys <Not Verified; MCCI; Sony Ericsson Device 048 USB WMC Device Management>
            S3 se30nd5 (Sony Ericsson Device 048 USB Ethernet Emulation SEMC48 (NDIS)) - c:\windows\system32\drivers\se30nd5.sys <Not Verified; MCCI; Sony Ericsson Device 048 USB Ethernet Emulation>
            S3 SE30obex (Sony Ericsson Device 048 USB WMC OBEX Interface) - c:\windows\system32\drivers\se30obex.sys <Not Verified; MCCI; Sony Ericsson Device 048 USB WMC OBEX Interface>
            S3 se30unic (Sony Ericsson Device 048 USB Ethernet Emulation SEMC48 (WDM)) - c:\windows\system32\drivers\se30unic.sys <Not Verified; MCCI; Sony Ericsson Device 048 USB Ethernet Emulation>
            S3 SiS315 - c:\windows\system32\drivers\sisgrp.sys <Not Verified; Silicon Integrated Systems Corporation; SiS (R) Compatible Super VGA Miniport Driver for Windows XP>


            -- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------

            R2 StarWindServiceAE (StarWind AE Service) - d:\alcohol 120\starwind\starwindserviceae.exe <Not Verified; Rocket Division Software; StarWind Alcohol Edition>
            R2 UxTuneUp (TuneUp Thema-uitbreiding) - c:\windows\system32\svchost.exe -k netsvcs <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>

            S3 HP Port Resolver - c:\windows\system32\spool\drivers\w32x86\3\hpbpro.exe <Not Verified; Hewlett-Packard Company; PortResolver Module>
            S3 HP Status Server - c:\windows\system32\spool\drivers\w32x86\3\hpboid.exe <Not Verified; Hewlett-Packard Company; HP Status Server>
            S3 Irmon (Infraroodmonitor) - c:\windows\system32\svchost.exe -k netsvcs <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
            S3 NBService - d:\nero 7\nero backitup\nbservice.exe


            -- Device Manager: Disabled ----------------------------------------------------

            No disabled devices found.


            -- Scheduled Tasks -------------------------------------------------------------

            2008-04-20 21:57:11 330 --ah----- C:\WINDOWS\Tasks\MP Scheduled Scan.job
            2008-04-20 21:00:00 430 --a------ C:\WINDOWS\Tasks\Easy Onderhoud.job


            -- Files created between 2008-03-20 and 2008-04-20 -----------------------------

            2008-04-20 21:54:12 0 d-------- C:\RVAXO
            2008-04-20 21:52:12 797916 --a------ C:\WINDOWS\system32\RVAXO.bat
            2008-04-20 21:52:12 69632 --a------ C:\WINDOWS\system32\remove.exe
            2008-04-20 21:48:55 0 d--hs---- C:\Documents and Settings\ikke\Onlangs geopend
            2008-04-20 01:28:15 0 d-------- C:\Program Files\Hidden Mysteries - Civil War
            2008-04-19 14:10:28 0 d-------- C:\Program Files\Trend Micro
            2008-04-19 09:48:49 396288 --a------ C:\HijackThis.exe <Not Verified; Trend Micro Inc.; HijackThis>
            2008-04-19 09:42:03 0 d-------- C:\Program Files\GV_Killer
            2008-04-17 11:58:34 0 d-------- C:\Program Files\bfgclient
            2008-04-17 11:55:22 0 d------c- C:\Documents and Settings\All Users\Application Data\BigFishGamesCache
            2008-04-15 23:26:39 0 d-------- C:\Documents and Settings\ikke\Application Data\iWinArcade
            2008-04-15 13:58:46 0 d-------- C:\Documents and Settings\ikke\Application Data\Runes of Avalon 2
            2008-04-14 12:28:36 0 d-------- C:\Documents and Settings\ikke\Application Data\StoneLoopsBF
            2008-04-13 20:10:28 0 d-------- C:\Program Files\BitDownload
            2008-04-13 18:40:30 0 d-------- C:\Documents and Settings\ikke\Application Data\LimeWire
            2008-04-13 12:36:07 0 d-------- C:\My Games
            2008-04-13 12:35:34 0 d------c- C:\Documents and Settings\All Users\Application Data\AlawarGameBox
            2008-04-13 12:31:20 0 d------c- C:\Documents and Settings\All Users\Application Data\3 Blokes Studios
            2008-04-13 07:55:19 0 d-------- C:\Program Files\Common Files\Wise Installation Wizard
            2008-04-13 07:42:21 0 d------c- C:\Documents and Settings\All Users\Application Data\Google Updater
            2008-04-12 19:11:26 0 d------c- C:\Documents and Settings\All Users\Application Data\Lavasoft
            2008-04-12 00:01:28 0 d------c- C:\Documents and Settings\All Users\Application Data\Awem
            2008-04-11 22:55:33 0 d------c- C:\Documents and Settings\All Users\Application Data\Intenium
            2008-04-11 19:43:40 0 d-------- C:\Documents and Settings\ikke\Application Data\PCToolsFirewallPlus
            2008-04-11 13:14:32 233472 --a------ C:\WINDOWS\system32\nsv10.dll
            2008-04-07 18:04:23 0 d-------- C:\WINDOWS\system32\LogFiles
            2008-04-06 19:26:28 0 d------c- C:\Documents and Settings\All Users\Application Data\Grisoft
            2008-04-06 10:03:57 0 d-------- C:\UDManager Downloads
            2008-04-03 00:01:32 0 d-------- C:\Documents and Settings\ikke\Application Data\Jane s Hotel Family Hero
            2008-03-30 16:17:22 0 d-------- C:\WINDOWS\Dream Day - First Home
            2008-03-29 01:41:38 0 d-------- C:\Documents and Settings\ikke\Application Data\Meridian93
            2008-03-28 01:38:38 0 d-------- C:\Documents and Settings\ikke\Application Data\Ludia
            2008-03-28 01:38:38 0 d------c- C:\Documents and Settings\All Users\Application Data\Ludia
            2008-03-26 00:56:13 0 d------c- C:\Documents and Settings\All Users\Application Data\Fashion Solitaire 1.2
            2008-03-23 01:29:24 0 d------c- C:\Documents and Settings\All Users\Application Data\NeptunesAdve
            2008-03-22 16:32:02 0 d-------- C:\Program Files\uTorrent
            2008-03-22 16:31:59 0 d-------- C:\Documents and Settings\ikke\Application Data\uTorrent
            2008-03-22 10:07:40 716272 --a------ C:\WINDOWS\system32\drivers\sptd.sys
            2008-03-21 00:39:30 0 d-------- C:\Documents and Settings\ikke\Application Data\Friday's games


            -- Find3M Report ---------------------------------------------------------------

            2008-04-20 14:24:45 75528 --a----c- C:\WINDOWS\system32\GDIPFONTCACHEV1.DAT
            2008-04-19 00:17:35 0 d-------- C:\Program Files\iWin.com
            2008-04-18 23:55:01 0 d-------- C:\Documents and Settings\ikke\Application Data\iWin
            2008-04-14 22:09:12 0 d-------- C:\Documents and Settings\ikke\Application Data\PlayFirst
            2008-04-13 23:03:00 0 d-------- C:\Program Files\Alawar
            2008-04-13 20:20:13 0 d-------- C:\Program Files\Movie Maker
            2008-04-13 16:56:46 0 d-------- C:\Documents and Settings\ikke\Application Data\Gaijin Ent
            2008-04-13 08:48:42 0 d-------- C:\Program Files\Google
            2008-04-13 07:55:19 0 d-------- C:\Program Files\Common Files
            2008-04-12 06:09:42 489686 --a----c- C:\WINDOWS\system32\perfh013.dat
            2008-04-12 06:09:42 91696 --a----c- C:\WINDOWS\system32\perfc013.dat
            2008-04-12 01:06:28 0 d-------- C:\Program Files\Zylom Games
            2008-04-12 00:01:20 0 d-------- C:\Documents and Settings\ikke\Application Data\Identities
            2008-04-12 00:01:19 0 d-------- C:\Documents and Settings\ikke\Application Data\Zylom
            2008-04-09 19:04:47 0 d-------- C:\Documents and Settings\ikke\Application Data\Desktop Sidebar
            2008-04-08 19:10:37 0 d-------- C:\Documents and Settings\ikke\Application Data\Uniblue
            2008-04-07 18:37:00 0 d-------- C:\Program Files\Desktop Sidebar
            2008-04-04 02:08:20 0 d-------- C:\Program Files\Gamenext
            2008-03-30 02:24:52 0 d-------- C:\Program Files\GamesBar
            2008-03-23 10:13:15 0 d-------- C:\Documents and Settings\ikke\Application Data\Azureus
            2008-03-22 01:52:44 0 d-------- C:\Documents and Settings\ikke\Application Data\funkitron
            2008-03-19 18:01:43 0 d-------- C:\Program Files\Windows Live
            2008-03-19 18:00:13 0 d--hs--c- C:\Program Files\Common Files\WindowsLiveInstaller
            2008-03-16 13:28:24 0 d-------- C:\Documents and Settings\ikke\Application Data\Jane s Hotel
            2008-03-16 13:28:23 0 d-------- C:\Documents and Settings\ikke\Application Data\Incredible Ink
            2008-03-16 13:28:15 0 d-------- C:\Documents and Settings\ikke\Application Data\Help
            2008-03-16 13:28:03 0 d-------- C:\Documents and Settings\ikke\Application Data\GameHouse
            2008-03-16 13:28:02 0 d-------- C:\Documents and Settings\ikke\Application Data\ForgottenRiddles
            2008-03-16 13:28:00 0 d-------- C:\Documents and Settings\ikke\Application Data\EvidenceEraser
            2008-03-16 13:27:59 0 d-------- C:\Documents and Settings\ikke\Application Data\DVD Shrink
            2008-03-16 13:27:58 0 d-------- C:\Documents and Settings\ikke\Application Data\DiVision Studios - Escaping Atlantis
            2008-03-16 13:27:57 0 d-------- C:\Documents and Settings\ikke\Application Data\Chicken Chase
            2008-03-16 13:27:53 0 d-------- C:\Documents and Settings\ikke\Application Data\CaribbeanHideaway
            2008-03-16 13:27:53 0 d-------- C:\Documents and Settings\ikke\Application Data\BloodTies
            2008-03-16 13:27:51 0 d-------- C:\Documents and Settings\ikke\Application Data\Aveyond II
            2008-03-16 13:27:51 0 d-------- C:\Documents and Settings\ikke\Application Data\Arctic
            2008-03-16 13:27:50 0 d-------- C:\Documents and Settings\ikke\Application Data\Ahead
            2008-03-16 13:27:48 0 d-------- C:\Documents and Settings\ikke\Application Data\AdobeUM
            2008-03-16 13:27:43 0 d-------- C:\Documents and Settings\ikke\Application Data\Abra Academy2
            2008-03-10 16:14:35 0 d-------- C:\Program Files\Microsoft CAPICOM 2.1.0.2
            2008-03-09 18:41:43 0 d-------- C:\Program Files\Windows Live Safety Center
            2008-03-09 11:52:28 0 d-------- C:\Program Files\Common Files\Webroot Shared
            2008-03-09 02:03:36 0 d-------- C:\Documents and Settings\ikke\Application Data\cerasus.media
            2008-03-08 02:00:30 0 d-------- C:\Documents and Settings\ikke\Application Data\SprillBermudeEng
            2008-03-04 15:43:40 0 d-------- C:\Documents and Settings\ikke\Application Data\Spandex Force
            2008-03-02 11:57:43 0 d-------- C:\Documents and Settings\ikke\Application Data\PrevxCSI
            2008-03-02 10:58:35 0 d-------- C:\Program Files\Registry Helper
            2008-02-28 01:33:29 0 d-------- C:\Program Files\Oberon Media
            2008-02-27 01:23:56 0 --a----c- C:\Program Files\temp01
            2008-02-26 01:52:22 0 d-------- C:\Program Files\PlayFirst
            2008-02-23 23:48:46 0 d-------- C:\Program Files\ToniArts
            2008-02-23 01:37:30 0 d-------- C:\Documents and Settings\ikke\Application Data\Cat's Eye Games
            2008-02-21 22:06:23 0 d--h----- C:\Program Files\WindowsUpdate
            2008-02-18 22:10:24 10084 --a----c- C:\WINDOWS\msvrc20.dll


            -- Registry Dump ---------------------------------------------------------------

            *Note* empty entries & legit default entries are not shown


            [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{4E1C70A1-3016-4CDC-8DB8-953ADF40B612}]
            C:\WINDOWS\system32\at.dll

            [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{6F282B65-56BF-4BD1-A8B2-A4449A05863D}]
            19-06-2007 17:09 380928 --a--c--- C:\Program Files\GamesBar\oberontb.dll

            [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{709556e6-9207-b9f3-034a-5d6a8ad9b7a1}]
            C:\WINDOWS\system32\{c7c73b18-a4c4-0c9b-409f-0b386e4f8ba5}.dll

            [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
            "avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [29-03-2008 19:37]

            [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
            "WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" [02-11-2006 22:53]
            "msnmsgr"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [18-10-2007 12:34]
            "MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [13-10-2004 18:24]
            "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [04-08-2004 10:03]

            C:\Documents and Settings\ikke\Menu Start\Programma's\Opstarten\
            iWin Desktop Alerts.lnk - C:\Documents and Settings\All Users\Application Data\iWin Games\DesktopAlerts\DesktopAlerts.exe [15-4-2008 23:26:25]

            [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
            "LinkResolveIgnoreLinkInfo"=0 (0x0)
            "NoResolveSearch"=1 (0x1)

            [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
            "LinkResolveIgnoreLinkInfo"=0 (0x0)
            "ClearRecentDocsOnExit"=1 (0x1)

            [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vds]
            @="Service"

            [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]
            @="Volume shadow copy"

            HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
            UxTuneUp




            -- End of Deckard's System Scanner: finished at 2008-04-20 22:04:17 ------------

            Comment


            • #7
              hier is nog een extra.txt

              Deckard's System Scanner v20071014.68
              Extra logfile - please post this as an attachment with your post.
              --------------------------------------------------------------------------------

              -- System Information ----------------------------------------------------------

              Microsoft Windows XP Professional (build 2600) SP 2.0
              Architecture: X86; Language: Dutch

              CPU 0: AMD Athlon(tm) XP 2500+
              Percentage of Memory in Use: 70%
              Physical Memory (total/avail): 255.48 MiB / 75.62 MiB
              Pagefile Memory (total/avail): 617.7 MiB / 344.31 MiB
              Virtual Memory (total/avail): 2047.88 MiB / 1932.54 MiB

              C: is Fixed (NTFS) - 19.53 GiB total, 8.73 GiB free.
              D: is Fixed (NTFS) - 9.77 GiB total, 8.1 GiB free.
              E: is Fixed (NTFS) - 9.77 GiB total, 5.03 GiB free.
              F: is Fixed (NTFS) - 9.77 GiB total, 9.48 GiB free.
              G: is Fixed (NTFS) - 4.88 GiB total, 4.73 GiB free.
              H: is Fixed (NTFS) - 12.84 GiB total, 12.76 GiB free.
              I: is Fixed (NTFS) - 9.77 GiB total, 9.59 GiB free.
              J: is CDROM (No Media)
              K: is CDROM (No Media)
              P: is Removable (No Media)

              \\.\PHYSICALDRIVE0 - Maxtor 6Y080P0 - 76.33 GiB - 7 partitions
              \PARTITION0 (bootable) - Installable File System - 9.77 GiB - E:
              \PARTITION1 - Extended w/Extended Int 13 - 66.55 GiB - C: - D: - F: - G: - H: - I:

              \\.\PHYSICALDRIVE1 - HP Photosmart C5180 USB Device



              -- Security Center -------------------------------------------------------------

              AUOptions is scheduled to auto-install.
              Windows Internal Firewall is enabled.

              AV: avast! antivirus 4.8.1169 [VPS 080420-0] v4.8.1169 (ALWIL Software)

              [HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\Authoriz edApplications\List]
              "%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabledxpsp2res.dll,-22019"

              [HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\Author izedApplications\List]
              "C:\\Program Files\\Alwil Software\\Avast4\\ashAvast.exe"="C:\\Program Files\\Alwil Software\\Avast4\\ashAvast.exe:*:Enabled:avast! Antivirus"
              "C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
              "C:\\Program Files\\uTorrent\\uTorrent.exe"="C:\\Program Files\\uTorrent\\uTorrent.exe:*:Enabled:µTorrent"
              "D:\\Office12\\OUTLOOK.EXE"="D:\\Office12\\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
              "C:\\WINDOWS\\smrs.exe"="C:\\WINDOWS\\smrs.exe"
              "F:\\BitDownload\\BitDownload.exe"="F:\\BitDownload\\BitDownload.exe:*:Enabled:Warez3"
              "C:\\Program Files\\BitDownload\\BitDownload.exe"="C:\\Program Files\\BitDownload\\BitDownload.exe:*:Enabled:Warez3"
              "F:\\iWin Games\\iWinGames.exe"="F:\\iWin Games\\iWinGames.exe:*:Enabled:iWin Games application."
              "F:\\iWin Games\\WebUpdater.exe"="F:\\iWin Games\\WebUpdater.exe:*:Enabled:iWin Games updater."
              "C:\\WINDOWS\\system32\\sessmgr.exe"="C:\\WINDOWS\\system32\\sessmgr.exe:*:Enabledxpsp2res.dll,-22019"


              -- Environment Variables -------------------------------------------------------

              ALLUSERSPROFILE=C:\Documents and Settings\All Users
              APPDATA=C:\Documents and Settings\ikke\Application Data
              AV_APPDATA=C:\DOCUME~1\ikke\APPLIC~1
              CLIENTNAME=Console
              CommonProgramFiles=C:\Program Files\Common Files
              COMPUTERNAME=CP190985-D
              ComSpec=C:\WINDOWS\system32\cmd.exe
              FP_NO_HOST_CHECK=NO
              HOMEDRIVE=C:
              HOMEPATH=\Documents and Settings\ikke
              LOGONSERVER=\\CP190985-D
              NUMBER_OF_PROCESSORS=1
              OS=Windows_NT
              Path=C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem
              PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
              PROCESSOR_ARCHITECTURE=x86
              PROCESSOR_IDENTIFIER=x86 Family 6 Model 10 Stepping 0, AuthenticAMD
              PROCESSOR_LEVEL=6
              PROCESSOR_REVISION=0a00
              ProgramFiles=C:\Program Files
              PROMPT=$P$G
              SESSIONNAME=Console
              SystemDrive=C:
              SystemRoot=C:\WINDOWS
              TEMP=C:\DOCUME~1\ikke\LOCALS~1\Temp
              TMP=C:\DOCUME~1\ikke\LOCALS~1\Temp
              USERDOMAIN=CP190985-D
              USERNAME=ikke
              USERPROFILE=C:\Documents and Settings\ikke
              windir=C:\WINDOWS


              -- User Profiles ---------------------------------------------------------------

              ikke (admin)


              -- Add/Remove Programs ---------------------------------------------------------

              --> C:\WINDOWS\UNNeroBackItUp.exe /UNINSTALL
              --> C:\WINDOWS\UNNeroMediaHome.exe /UNINSTALL
              --> C:\WINDOWS\UNNeroShowTime.exe /UNINSTALL
              --> C:\WINDOWS\UNNeroVision.exe /UNINSTALL
              --> C:\WINDOWS\UNRecode.exe /UNINSTALL
              --> D:\Nero 7\nero\uninstall\UNNERO.exe /UNINSTALL
              --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{88E5FCB8-5F25-11D5-B16F-0800460222F0}\setup.exe" -l0x9 UNINSTALL
              --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D76298C2-E532-4A11-BCFF-76F3F19DA84D}\setup.exe" UNINSTALL
              --> rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
              2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {BEE75E01-DD3F-4D5F-B96C-609E6538D419}
              2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-0015-0413-0000-0000000FF1CE} /uninstall {4059772C-68BA-4FE4-9B6E-3EC37C0C4624}
              2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-0016-0413-0000-0000000FF1CE} /uninstall {4059772C-68BA-4FE4-9B6E-3EC37C0C4624}
              2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-0018-0413-0000-0000000FF1CE} /uninstall {4059772C-68BA-4FE4-9B6E-3EC37C0C4624}
              2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-0019-0413-0000-0000000FF1CE} /uninstall {4059772C-68BA-4FE4-9B6E-3EC37C0C4624}
              2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-001A-0413-0000-0000000FF1CE} /uninstall {4059772C-68BA-4FE4-9B6E-3EC37C0C4624}
              2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-001B-0413-0000-0000000FF1CE} /uninstall {4059772C-68BA-4FE4-9B6E-3EC37C0C4624}
              2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-001F-0407-0000-0000000FF1CE} /uninstall {2AB528A5-BB1B-4EBE-8E51-AD0C4CD33CA9}
              2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {3EC77D26-799B-4CD8-914F-C1565E796173}
              2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-001F-040C-0000-0000000FF1CE} /uninstall {430971B1-C31E-45DA-81E0-72C095BAB72C}
              2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-001F-0413-0000-0000000FF1CE} /uninstall {B3F4DC34-7F60-4B7C-A79F-1C13012D99D4}
              2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-0044-0413-0000-0000000FF1CE} /uninstall {4059772C-68BA-4FE4-9B6E-3EC37C0C4624}
              2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-006E-0413-0000-0000000FF1CE} /uninstall {1120A001-69F4-43D2-83CE-716B2DC4366F}
              A-B-O-O (remove only) --> "C:\Program Files\iWin.com\A-B-O-O\Uninstall.exe"
              Adobe Flash Player ActiveX --> C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
              Adobe Reader 8.1.2 - Nederlands --> MsiExec.exe /I{AC76BA86-7AD7-1043-7B44-A81200000003}
              Adobe® Photoshop® Album Starter Edition 3.2 --> MsiExec.exe /I{A654A805-41D9-40C7-AA46-4AF04F044D61}
              Alawar Game Box --> C:\Program Files\Alawar\AlawarGameBox\Uninstall.exe
              ArcSoft PhotoImpression --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6C5D7191-140A-11D6-B5A0-0050DA208A93}\setup.exe" -l0x13 -uninst
              µTorrent --> "C:\Program Files\uTorrent\uTorrent.exe" /UNINSTALL
              avast! Antivirus --> C:\Program Files\Alwil Software\Avast4\aswRunDll.exe "C:\Program Files\Alwil Software\Avast4\Setup\setiface.dll",RunSetup
              Beveiligingsupdate voor Windows XP (KB941693) --> "C:\WINDOWS\$NtUninstallKB941693$\spuninst\spuninst.exe"
              Beveiligingsupdate voor Windows XP (KB945553) --> "C:\WINDOWS\$NtUninstallKB945553$\spuninst\spuninst.exe"
              Beveiligingsupdate voor Windows XP (KB948590) --> "C:\WINDOWS\$NtUninstallKB948590$\spuninst\spuninst.exe"
              Beveiligingsupdate voor Windows XP (KB948881) --> "C:\WINDOWS\$NtUninstallKB948881$\spuninst\spuninst.exe"
              Big Fish Games Client --> C:\Program Files\bfgclient\Uninstall.exe
              Burger Shop (remove only) --> "C:\Program Files\iWin.com\Burger Shop\Uninstall.exe"
              C-Media 3D Audio --> C:\WINDOWS\CMIUnInstall.exe
              Compatibiliteitspakket voor het 2007 Microsoft Office system --> MsiExec.exe /X{90120000-0020-0413-0000-0000000FF1CE}
              Dream Day - First Home --> "C:\WINDOWS\Dream Day - First Home\uninstall.exe" "/U:F:\\Uninstall\uninstall.xml"
              DVD Shrink 3.2 --> "C:\Program Files\DVD Shrink\unins000.exe"
              EasyCleaner --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F5346614-B7C4-4E94-826A-E2363155233D}\setup.exe" -l0x9 -removeonly
              Farm Frenzy (remove only) --> "C:\Program Files\iWin.com\Farm Frenzy\Uninstall.exe"
              GamesBar 1.1.0.5 --> C:\Program Files\GamesBar\uninst.exe
              Google Updater --> "C:\Program Files\Google\Google Updater\GoogleUpdater.exe" -uninstall
              Hidden Mysteries - Civil War --> "C:\Program Files\Hidden Mysteries - Civil War\Uninstall.exe"
              HijackThis 2.0.2 --> "C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
              HP Customer Participation Program 7.0 --> C:\Program Files\HP\Digital Imaging\ExtCapUninstall\hpzscr01.exe -datfile hpqhsc01.dat
              HP Document Viewer 7.0 --> C:\Program Files\HP\Digital Imaging\DocumentViewer\hpzscr01.exe -datfile hpqbud04.dat
              HP Imaging Device Functions 7.0 --> C:\Program Files\HP\Digital Imaging\DeviceManagement\hpzscr01.exe -datfile hpqbud01.dat
              HP Photosmart Premier Software 6.5 --> C:\Program Files\HP\Digital Imaging\uninstall\hpzscr01.exe -datfile hpqscr01.dat
              HP Photosmart, Officejet and Deskjet 7.0.A --> C:\Program Files\HP\Digital Imaging\{BDBE2F3E-42DB-4d4a-8CB1-19BA765DBC6C}\setup\hpzscr01.exe -datfile hposcr11.dat
              HP Software Update --> MsiExec.exe /X{BB85ED9C-AFC9-43BD-B8DC-258C3C7DF72E}
              HP Solution Center 7.0 --> C:\Program Files\HP\Digital Imaging\eSupport\hpzscr01.exe -datfile hpqbud05.dat
              iWin Games (remove only) --> "F:\iWin Games\Uninstall.exe"
              Microsoft Office Access MUI (Dutch) 2007 --> MsiExec.exe /X{90120000-0015-0413-0000-0000000FF1CE}
              Microsoft Office Excel MUI (Dutch) 2007 --> MsiExec.exe /X{90120000-0016-0413-0000-0000000FF1CE}
              Microsoft Office InfoPath MUI (Dutch) 2007 --> MsiExec.exe /X{90120000-0044-0413-0000-0000000FF1CE}
              Microsoft Office Outlook MUI (Dutch) 2007 --> MsiExec.exe /X{90120000-001A-0413-0000-0000000FF1CE}
              Microsoft Office PowerPoint MUI (Dutch) 2007 --> MsiExec.exe /X{90120000-0018-0413-0000-0000000FF1CE}
              Microsoft Office PowerPoint Viewer 2003 --> MsiExec.exe /X{90AF0413-6000-11D3-8CFE-0150048383C9}
              Microsoft Office Professional Plus 2007 --> "C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall PROPLUS
              Microsoft Office Professional Plus 2007 --> MsiExec.exe /X{90120000-0011-0000-0000-0000000FF1CE}
              Microsoft Office Proof (Dutch) 2007 --> MsiExec.exe /X{90120000-001F-0413-0000-0000000FF1CE}
              Microsoft Office Proof (English) 2007 --> MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
              Microsoft Office Proof (French) 2007 --> MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
              Microsoft Office Proof (German) 2007 --> MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}
              Microsoft Office Proofing (Dutch) 2007 --> MsiExec.exe /X{90120000-002C-0413-0000-0000000FF1CE}
              Microsoft Office Publisher MUI (Dutch) 2007 --> MsiExec.exe /X{90120000-0019-0413-0000-0000000FF1CE}
              Microsoft Office Shared MUI (Dutch) 2007 --> MsiExec.exe /X{90120000-006E-0413-0000-0000000FF1CE}
              Microsoft Office Word MUI (Dutch) 2007 --> MsiExec.exe /X{90120000-001B-0413-0000-0000000FF1CE}
              Microsoft User-Mode Driver Framework Feature Pack 1.0 --> "C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
              MySidesearch Search Assistant Adzgalore --> C:\WINDOWS\system32\myss_sb_uninstall.exe
              Nero 7 Ultra Edition --> MsiExec.exe /I{235BBFC6-D863-4066-A01A-3BD504C31043}
              OCR Software by I.R.I.S 7.0 --> C:\Program Files\HP\Digital Imaging\OCR\hpzscr01.exe -datfile hpqbud11.dat
              RealArcade --> C:\Program Files\Real\RealArcade\Update\rnuninst.exe RealNetworks|RealArcade|1.2
              Security Update for CAPICOM (KB931906) --> MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
              Security Update for CAPICOM (KB931906) --> MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
              Security Update for Excel 2007 (KB946974) --> msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {85E83E2E-AF9B-439B-B4F9-EB9B7EF6A00E}
              Security Update for Office 2007 (KB947801) --> msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {02B5A17B-01BE-4BA6-95F1-1CBB46EBC76E}
              Security Update for Outlook 2007 (KB946983) --> msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {66B9496E-C0C3-4065-9868-85CCA92126C3}
              Security Update for Visio 2007 (KB947590) --> msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {6BAD036C-261F-4BEF-96CF-C20678D07A41}
              Sproink (remove only) --> "C:\Program Files\iWin.com\Sproink\Uninstall.exe"
              Spybot - Search & Destroy --> "I:\Spybot - Search & Destroy\unins000.exe"
              TuneUp Utilities 2008 --> MsiExec.exe /I{5888428E-699C-4E71-BF71-94EE06B497DA}
              Update for Office 2007 (KB946691) --> msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {A420F522-7395-4872-9882-C591B4B92278}
              Update for Outlook 2007 Junk Email Filter (kb949037) --> msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {B4F188C6-6DBF-42A5-A8A3-3086D1A384F2}
              Windows Live aanmeldhulp --> MsiExec.exe /I{AFA4E5FD-ED70-4D92-99D0-162FD56DC986}
              Windows Live installer --> MsiExec.exe /X{A258173E-F308-475A-951B-F1BF76A4451B}
              Windows Live Messenger --> MsiExec.exe /X{A0C978B8-B82B-4FAD-8C31-EBEE8E57468A}
              Windows Live OneCare safety scanner --> RunDll32.exe "C:\Program Files\Windows Live Safety Center\wlscCore.dll",UninstallFunction WLSC_SCANNER_PRODUCT
              Windows Media Format 11 runtime --> "C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
              WinRAR --> C:\Program Files\WinRAR\uninstall.exe


              -- Application Event Log -------------------------------------------------------

              Event Record #/Type5982 / Success
              Event Submitted/Written: 04/20/2008 09:57:22 PM
              Event ID/Source: 12001 / usnjsvc
              Event Description:
              The Messenger Sharing USN Journal Reader service started successfully.

              Event Record #/Type5978 / Warning
              Event Submitted/Written: 04/20/2008 09:49:02 PM
              Event ID/Source: 1524 / Userenv
              Event Description:
              Windows kan het klassenregisterbestand niet uit het geheugen verwijderen omdat het momenteel door een andere toepassing of service wordt gebruikt. Het bestand wordt uit het geheugen verwijderd als het niet meer wordt gebruikt.

              Event Record #/Type5976 / Error
              Event Submitted/Written: 04/20/2008 02:39:40 PM
              Event ID/Source: 2000 / Microsoft Office 12
              Event Description:
              Accepted Safe Mode action : Microsoft Office Outlook.

              Event Record #/Type5966 / Success
              Event Submitted/Written: 04/20/2008 02:38:41 PM
              Event ID/Source: 12001 / usnjsvc
              Event Description:
              The Messenger Sharing USN Journal Reader service started successfully.

              Event Record #/Type5962 / Warning
              Event Submitted/Written: 04/20/2008 02:33:51 PM
              Event ID/Source: 1524 / Userenv
              Event Description:
              Windows kan het klassenregisterbestand niet uit het geheugen verwijderen omdat het momenteel door een andere toepassing of service wordt gebruikt. Het bestand wordt uit het geheugen verwijderd als het niet meer wordt gebruikt.



              -- Security Event Log ----------------------------------------------------------

              No Errors/Warnings found.


              -- System Event Log ------------------------------------------------------------

              Event Record #/Type17225 / Error
              Event Submitted/Written: 04/20/2008 09:57:02 PM
              Event ID/Source: 7001 / Service Control Manager
              Event Description:
              De Windows Media Player Network Sharing-service-service is afhankelijk van de Universele Plug en Play-apparaathost-service, die vanwege de volgende fout niet kan worden gestart:
              %%1068

              Event Record #/Type17224 / Error
              Event Submitted/Written: 04/20/2008 09:57:02 PM
              Event ID/Source: 7001 / Service Control Manager
              Event Description:
              De Universele Plug en Play-apparaathost-service is afhankelijk van de SSDP Discovery-service-service, die vanwege de volgende fout niet kan worden gestart:
              %%1058

              Event Record #/Type17207 / Error
              Event Submitted/Written: 04/20/2008 09:54:32 PM
              Event ID/Source: 7001 / Service Control Manager
              Event Description:
              De Windows Media Player Network Sharing-service-service is afhankelijk van de Universele Plug en Play-apparaathost-service, die vanwege de volgende fout niet kan worden gestart:
              %%1068

              Event Record #/Type17206 / Error
              Event Submitted/Written: 04/20/2008 09:54:32 PM
              Event ID/Source: 7001 / Service Control Manager
              Event Description:
              De Universele Plug en Play-apparaathost-service is afhankelijk van de SSDP Discovery-service-service, die vanwege de volgende fout niet kan worden gestart:
              %%1058

              Event Record #/Type17203 / Error
              Event Submitted/Written: 04/20/2008 09:52:00 PM
              Event ID/Source: 7026 / Service Control Manager
              Event Description:
              De volgende opstartstuurprogramma's zijn niet geladen:
              Aavmker4
              AFD
              AmdK7
              aswSP
              aswTdi
              Fips
              IPSec
              MRxSmb
              NetBIOS
              NetBT
              RasAcd
              Rdbss
              Tcpip



              -- End of Deckard's System Scanner: finished at 2008-04-20 22:04:17 ------------

              Comment


              • #8
                ik heb inmiddels ook het progamma van
                spyware blaster geinstaleert
                en t progamma firefox i.p.v internet explorer
                Last edited by willie55; 20-04-08, 23:09.

                Comment


                • #9
                  Verwijder dit bestand:
                  C:\WINDOWS\system32\nsv10.dll

                  Start Hijackthis en vink alleen de volgende regels aan:
                  R3 - URLSearchHook: (no name) - - (no file)
                  O2 - BHO: (no name) - {4E1C70A1-3016-4CDC-8DB8-953ADF40B612} - C:\WINDOWS\system32\at.dll (file missing)
                  O2 - BHO: cpmsky browser optimizer - {709556e6-9207-b9f3-034a-5d6a8ad9b7a1} - C:\WINDOWS\system32\{c7c73b18-a4c4-0c9b-409f-0b386e4f8ba5}.dll (file missing)
                  O3 - Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - (no file)
                  O3 - Toolbar: (no name) - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - (no file)
                  O9 - Extra button: (no name) - {AEF9B8DB-0DEF-4c0b-8209-661C9E82B8C3} - C:\Program Files\WinSysClean 2008 Trial\UDManager\UDManager.exe (file missing)
                  O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)

                  Sluit alle openstaande vensters(behalve Hijackthis) en klik op "Fix checked".

                  Herstart de computer.

                  Post na de herstart een nieuw logje van Hijackthis en vertel of er nog problemen zijn

                  Comment


                  • #10
                    Logfile of Trend Micro HijackThis v2.0.2
                    Scan saved at 23:57:09, on 20-4-2008
                    Platform: Windows XP SP2 (WinNT 5.01.2600)
                    MSIE: Internet Explorer v7.00 (7.00.6000.16640)
                    Boot mode: Normal

                    Running processes:
                    C:\WINDOWS\System32\smss.exe
                    C:\WINDOWS\system32\winlogon.exe
                    C:\WINDOWS\system32\services.exe
                    C:\WINDOWS\system32\lsass.exe
                    C:\WINDOWS\system32\svchost.exe
                    C:\Program Files\Windows Defender\MsMpEng.exe
                    C:\WINDOWS\System32\svchost.exe
                    C:\WINDOWS\system32\spoolsv.exe
                    C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
                    C:\Program Files\Alwil Software\Avast4\ashServ.exe
                    C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
                    C:\WINDOWS\System32\svchost.exe
                    F:\iWin Games\iWinGamesInstaller.exe
                    C:\WINDOWS\system32\HPZipm12.exe
                    D:\Alcohol 120\StarWind\StarWindServiceAE.exe
                    C:\WINDOWS\Explorer.EXE
                    C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
                    C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
                    C:\WINDOWS\system32\WgaTray.exe
                    C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
                    C:\Program Files\Windows Media Player\WMPNSCFG.exe
                    C:\Program Files\Windows Live\Messenger\msnmsgr.exe
                    C:\WINDOWS\system32\ctfmon.exe
                    C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
                    C:\WINDOWS\system32\wuauclt.exe
                    C:\Program Files\Windows Live\Messenger\usnsvc.exe
                    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

                    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.nl/
                    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
                    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
                    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
                    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
                    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
                    O2 - BHO: Adobe PDF Reader Help bij koppelingen - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
                    O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - I:\Spybot - Search & Destroy\SDHelper.dll
                    O2 - BHO: GamesBar - {6F282B65-56BF-4BD1-A8B2-A4449A05863D} - C:\Program Files\GamesBar\oberontb.dll
                    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
                    O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
                    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll
                    O3 - Toolbar: GamesBar - {6F282B65-56BF-4BD1-A8B2-A4449A05863D} - C:\Program Files\GamesBar\oberontb.dll
                    O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
                    O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
                    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
                    O4 - HKCU\..\Run: [MSMSGS] C:\Program Files\Messenger\msmsgs.exe
                    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
                    O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
                    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Lokale service')
                    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Netwerkservice')
                    O4 - Startup: iWin Desktop Alerts.lnk = C:\Documents and Settings\All Users\Application Data\iWin Games\DesktopAlerts\DesktopAlerts.exe
                    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\Office12\REFIEBAR.DLL
                    O9 - Extra button: (no name) - {AEF9B8DB-0DEF-4c0b-8209-661C9E82B8C3} - C:\Program Files\WinSysClean 2008 Trial\UDManager\UDManager.exe (file missing)
                    O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
                    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - I:\Spybot - Search & Destroy\SDHelper.dll
                    O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - I:\Spybot - Search & Destroy\SDHelper.dll
                    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
                    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
                    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
                    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
                    O16 - DPF: CabBuilder - http://kiw.imgag.com/imgag/kiw/toolbar/download/InstallerControl.cab
                    O16 - DPF: {149E45D8-163E-4189-86FC-45022AB2B6C9} (SpinTop DRM Control) - file:///C:/Program%20Files/Mystery%20P.I.%20-%20The%20Vegas%20Heist/Images/stg_drm.ocx
                    O16 - DPF: {193C772A-87BE-4B19-A7BB-445B226FE9A1} (ewidoOnlineScan Control) - http://downloads.ewido.net/ewidoOnlineScan.cab
                    O16 - DPF: {CC450D71-CC90-424C-8638-1F2DBAC87A54} - file:///C:/Program%20Files/Cate%20West%20-%20The%20Vanishing%20Files/Images/armhelper.ocx
                    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
                    O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
                    O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
                    O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
                    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
                    O23 - Service: HP Port Resolver - Hewlett-Packard Company - C:\WINDOWS\system32\spool\drivers\w32x86\3\HPBPRO.EXE
                    O23 - Service: HP Status Server - Hewlett-Packard Company - C:\WINDOWS\system32\spool\drivers\w32x86\3\HPBOID.EXE
                    O23 - Service: iWinGamesInstaller - iWin Inc. - F:\iWin Games\iWinGamesInstaller.exe
                    O23 - Service: NBService - Nero AG - D:\Nero 7\Nero BackItUp\NBService.exe
                    O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
                    O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - D:\Alcohol 120\StarWind\StarWindServiceAE.exe
                    O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe

                    --
                    End of file - 6635 bytes


                    heel hartelijk bedankt heb er nog geen last van gehad
                    mocht t nog terug komen mag ik dan nog een beroep op u doen
                    vriendelijke groeten willie55 uit erp

                    Comment


                    • #11
                      Graag gedaan hoor

                      Doe dit nog:

                      Download Java Runtime Environment (JRE) 6u6.
                      • Scroll omlaag naar : "Java Runtime Environment (JRE) 6 Update 6".
                      • Klik op de "Download" knop aan de rechterkant.
                      • Vink aan: "Accept License Agreement", en klik op Continue.
                      • De pagina zal herladen.
                      • Klik op de Windows Offline Installation, Multi-language link ONDER Windows Platform - Java SE Runtime Environment 6 Update 6 en bewaar het op je Bureaublad.
                      • Sluit alle programma's die eventueel open zijn - Zeker je web browser!
                      • Ga dan naar Start > Configuratiescherm > Software en verwijder alle oudere versies van Java uit de Softwarelijst. (met Java Runtime Environment (JRE of J2SE) in de naam.
                      • Herhaal dit tot alle oudere versies verdwenen zijn.
                      • Na het verwijderen van alle oudere versies, herstart je pc.
                      • Dubbelklik vervolgens op jre-6u6-windows-i586-p.exe op je Bureaublad om de nieuwste versie van Java te installeren.


                      Download ATF cleaner (mirror)(gemaakt door Atribune)

                      Belangrijk: Sluit al je browservensters(IE en/of Firefox en/of Opera) om de tool goed te kunnen laten werken.

                      Dubbelklik op ATF cleaner om het programma te starten.
                      Op het tabblad "Main", plaats je een vinkje bij Select All.
                      Klik op de knop Empty Selected.

                      Het volgende doen als je ook FireFox als browser hebt:
                      Klik op tabblad "Firefox", plaats een vinkje bij Select All.
                      Wil je de door Firefox opgeslagen wachtwoorden behouden, dan klik je in het venster dat verschijnt op "No".
                      (dit haalt het vinkje weer weg bij "Firefox saved passwords")
                      Klik op de knop Empty Selected.

                      Het volgende doen als je ook Opera als browser hebt:
                      Klik op tabblad "Opera", plaats een vinkje bij Select All.
                      Wil je de door Opera opgeslagen wachtwoorden behouden, dan klik je in het venster dat verschijnt op "No".
                      Klik op de knop Empty Selected.
                      Ga naar het tabblad "Main" en klik op de knop Exit om het programma af te sluiten.

                      Schakel Systeemherstel uit. Herstart de computer. Schakel Systeemherstel weer in.
                      Kijk hier hoe je je systeemherstel moet uitschakelen.
                      Hiermee verwijder je eventuele restanten van de infecties uit je systeemherstel.

                      Verder mag je alle gebruikte programma's verwijderen

                      Comment


                      • #12
                        dit doe ik morgen welterusten en tot morgen

                        groeten willie55

                        Comment


                        • #13
                          beste smeenk hartelijk dank voor de snelle en goede uitleg
                          de pc heeft de hele dag aan gestaan maar nog steets geen reclame
                          een probleem de pc geeft aan dat dit geen orginele windouws is
                          ik heb de 25 code numering in gevoert maar hij zegt dat er een andere versie
                          op staat
                          maar al met al toch hartelijk dank
                          Last edited by willie55; 21-04-08, 16:07.

                          Comment


                          • #14
                            Graag gedaan hoor

                            Ik heb geen idee waarom je die melding m.b.t. een niet-legitieme versie krijgt, misschien even contact opnemen met Microsoft

                            Comment

                            Sorry, you are not authorized to view this page
                            Working...
                            X