Mededeling

Collapse
No announcement yet.

zeer vervuilde pc....

Collapse
X
Collapse
  •  
  • Page of 1
  • Tijd
  • Show
Clear All
new posts
Vorige template Volgende
  • #1

    zeer vervuilde pc....

    Graag u hulp! Allerlei nieuwe ongevraagde werkbalken en ontelbare pop-ups.....Zeer irritant. Bij voorbaat dank.

    Logfile of HijackThis v1.99.0
    Scan saved at 17:35:06, on 2-1-2005
    Platform: Windows XP SP1 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
    C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\System32\drivers\CDAC11BA.EXE
    C:\Program Files\Norton AntiVirus\navapsvc.exe
    C:\Program Files\Norton AntiVirus\AdvTools\NPROTECT.EXE
    C:\Program Files\Norton AntiVirus\SAVScan.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\System32\igfxtray.exe
    C:\WINDOWS\System32\hkcmd.exe
    C:\Program Files\Common Files\Symantec Shared\ccApp.exe
    C:\Program Files\QuickTime\qttask.exe
    C:\Program Files\MSN Apps\Updater\01.02.3000.1001\nl\msnappau.exe
    C:\PROGRA~1\AQUATI~1\AQ3HEL~1.EXE
    C:\windows\system32\sp2ctr.exe
    C:\windows\system32\evthtm.exe
    C:\windows\system32\sncntr.exe
    C:\WINDOWS\gcjvoec.exe
    C:\windows\system32\msdmxm.exe
    C:\Program Files\Znbzf\Chaeyr.exe
    C:\Program Files\Messenger\msmsgs.exe
    C:\Program Files\MSN Messenger\MsnMsgr.Exe
    C:\WINDOWS\System32\ctfmon.exe
    C:\WINDOWS\System32\rundll32.exe
    C:\Program Files\Internet Explorer\ixplore.exe
    C:\PROGRA~1\COMMON~1\tsa\tsm2.exe
    C:\WINDOWS\System32\wuauclt.exe
    C:\Program Files\Internet Explorer\IEXPLORE.EXE
    c:\docume~1\arno\locals~1\temp\wnk151.exe
    C:\Program Files\ISTsvc\istsvc.exe
    C:\Program Files\Admilli Service\AdmilliServ.exe
    C:\Program Files\Admilli Service\AdmilliKeep.exe
    C:\Program Files\Mirjam\Hijackthis\hijackthis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.richfind.com/ie/
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.richfind.com/ie/
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.richfind.com/home/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.richfind.com/ie/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.richfind.com/ie/
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.richfind.com/home/
    R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.richfind.com/ie/
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.richfind.com/ie/
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak = http://www.richfind.com/home/
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    R3 - URLSearchHook: (no name) - _{F432013E-2DF3-4D50-A5A7-6A3AEBEC793D} - (no file)
    R3 - URLSearchHook: (no name) - _{5383C79D-DB87-4678-BBC9-A0AC7B33195A} - (no file)
    R3 - URLSearchHook: Richfind - {5383C79D-DB87-4678-BBC9-A0AC7B33195A} - C:\WINDOWS\System32\Q1773312.dll
    O1 - Hosts: 69.20.16.183 search.netscape.com
    O2 - BHO: Search Relevancy - {1D7E3B41-23CE-469B-BE1B-A64B877923E1} - C:\PROGRA~1\SEARCH~1\SEARCH~1.DLL (file missing)
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
    O2 - BHO: Richfind - {710590B2-AF48-44B3-8199-D4B8F5416224} - C:\WINDOWS\System32\Q1773312.dll
    O2 - BHO: Saristar - {C68AE9C0-0909-4DDC-B661-C1AFB9F5AE50} - C:\WINDOWS\System32\saristar.dll
    O2 - BHO: Richfind - {D6ABBB3D-2CC8-4D24-B83D-1A9E9201ECE0} - C:\WINDOWS\System32\Q1773312.dll
    O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.3000.1001\nl\msntb.dll
    O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
    O3 - Toolbar: (no name) - {00000000-0000-0000-0000-000000000000} - (no file)
    O3 - Toolbar: Richfind - {969A39D0-CE5F-4A6E-8A88-502FD2FD31A9} - C:\WINDOWS\System32\Q1773312.dll
    O3 - Toolbar: Richfind - {AE3A82EC-2970-4E9C-9945-1C83FFB22342} - C:\WINDOWS\System32\Q1773312.dll
    O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
    O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
    O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
    O4 - HKLM\..\Run: [NAV CfgWiz] C:\Program Files\Common Files\Symantec Shared\CfgWiz.exe /GUID NAV /CMDLINE "REBOOT"
    O4 - HKLM\..\Run: [Advanced Tools Check] C:\PROGRA~1\NORTON~1\AdvTools\ADVCHK.EXE
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [msnappau] "C:\Program Files\MSN Apps\Updater\01.02.3000.1001\nl\msnappau.exe"
    O4 - HKLM\..\Run: [SSC_UserPrompt] C:\Program Files\Common Files\Symantec Shared\Security Center\UsrPrmpt.exe
    O4 - HKLM\..\Run: [xvqawv] C:\WINDOWS\System32\xpqbmob.exe
    O4 - HKLM\..\Run: [Create A Monster] "C:\Program Files\Kudd.com\createAMonster.exe" -run
    O4 - HKLM\..\Run: [AQ3HelperStartUp] C:\PROGRA~1\AQUATI~1\AQ3HEL~1.EXE /partner AQ3
    O4 - HKLM\..\Run: [sp2ctr] c:\windows\system32\sp2ctr.exe /nocomm
    O4 - HKLM\..\Run: [EvtHtm] c:\windows\system32\evthtm.exe /nocomm
    O4 - HKLM\..\Run: [sncntr] c:\windows\system32\sncntr.exe /nocomm
    O4 - HKLM\..\Run: [DK2OSZEC] C:\WINDOWS\gcjvoec.exe
    O4 - HKLM\..\Run: [¢‰¸K0¨4W
    }ïÁzî[8C:\Program Files\ISTsvc\istsvc.exe] C:\WINDOWS\gcjvoec.exe
    O4 - HKLM\..\Run: [¢‰¸K0Ô@ÔÁß]§ú"ü‰üžiC:\Program Files\ISTsvc\istsvc.exe] C:\WINDOWS\gcjvoec.exe
    O4 - HKLM\..\Run: [¢‰¸K0Ô@ÔÁß]§ú"ü‰¸K0C:\Program Files\ISTsvc\istsvc.exe] C:\WINDOWS\gcjvoec.exe
    O4 - HKLM\..\Run: [zango] c:\program files\zango\showtimes\zango.exe
    O4 - HKLM\..\Run: [Msdmxm] c:\windows\system32\msdmxm.exe /nocomm
    O4 - HKLM\..\Run: [¢‰¸K0¨4W
    }ïÁzîžigÝC:\Program Files\ISTsvc\istsvc.exe] C:\WINDOWS\gcjvoec.exe
    O4 - HKLM\..\Run: [Admilli Service] C:\Program Files\Admilli Service\AdmilliServ.exe
    O4 - HKLM\..\Run: [Tmzrvh] C:\Program Files\Znbzf\Chaeyr.exe
    O4 - HKLM\..\Run: [IST Service] C:\Program Files\ISTsvc\istsvc.exe
    O4 - HKLM\..\RunOnce: [Ad-aware] "C:\Program Files\Mirjam\Lavasoft\Ad-aware 6\Ad-aware.exe" "+b1"
    O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
    O4 - HKCU\..\Run: [Instant Access] rundll32.exe p2esocks_1030.dll,InstantAccess
    O4 - HKCU\..\Run: [ixplore] "C:\Program Files\Internet Explorer\ixplore.exe"
    O4 - HKCU\..\Run: [Tsa2] C:\PROGRA~1\COMMON~1\tsa\tsm2.exe
    O4 - Startup: DLHelperEXE.exe
    O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
    O9 - Extra button: Richfind - {00000000-0000-0000-0000-000000000000} - C:\WINDOWS\System32\shdocvw.dll
    O9 - Extra button: Richfind - {969A39D0-CE5F-4A6E-8A88-502FD2FD31A9} - C:\WINDOWS\System32\Q1773312.dll
    O9 - Extra button: Richfind - {AE3A82EC-2970-4E9C-9945-1C83FFB22342} - C:\WINDOWS\System32\Q1773312.dll
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
    O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
    O18 - Filter: text/html - {9242F168-9392-4208-BF61-784D23A9C98D} - C:\WINDOWS\System32\Q1773312.dll
    O18 - Filter: text/plain - {9242F168-9392-4208-BF61-784D23A9C98D} - C:\WINDOWS\System32\Q1773312.dll
    O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\System32\drivers\CDAC11BA.EXE
    O23 - Service: Symantec Event Manager - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
    O23 - Service: Symantec Password Validation - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
    O23 - Service: Symantec Settings Manager - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
    O23 - Service: Norton AntiVirus Auto-Protect - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
    O23 - Service: Norton Unerase Protection - Symantec Corporation - C:\Program Files\Norton AntiVirus\AdvTools\NPROTECT.EXE
    O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
    O23 - Service: ScriptBlocking Service - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
    O23 - Service: SymWMI Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
    Labels: Geen
      • Citaat
    • #2
      Hoi Mirjam,

      Leuke collectie alvast. Ik wil wel even dat je het volgende voor me doet vooraleer we beginnen te fixen in hijackthis.
      Download Registrar Lite: http://www.resplendence.com/download/reglite.exe en installeer het.
      Open het programma en bovenaan zal je een adresvenster zien.

      Kopieer en plak volgende code in het adresvenster en klik op dat pijltje die ervan rechts staat.

      Code:
      HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
      Dan zal je een paars mapje zien met de naam 'run' links. Rechtsklik op dat mapje en kies voor export.
      Sla dit op op een plaats waar je het snel terugvindt.
      Wil je dat regbestandje dan even naar me doorsturen als je wil? Ik zal mijn mailadres via PM naar je sturen.

      We zullen dit waarschijnlijk in verschillende stappen moeten doen, maar eerst de grootste troep opruimen.

      * Download en installeer CCleaner
      Nog niet gebruiken

      * Download Adaware se, installeer het, laat het updaten, maar nog niet laten scannen!!!

      *Download Ad-Aware VX2 Cleaner Plug-In 1.03

      * Start hijackthis en vink volgende items aan indien nog aanwezig:

      R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.richfind.com/ie/
      R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.richfind.com/ie/
      R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.richfind.com/home/
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.richfind.com/ie/
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.richfind.com/ie/
      R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.richfind.com/home/
      R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.richfind.com/ie/
      R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.richfind.com/ie/
      R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak = http://www.richfind.com/home/

      R3 - URLSearchHook: (no name) - _{F432013E-2DF3-4D50-A5A7-6A3AEBEC793D} - (no file)
      R3 - URLSearchHook: (no name) - _{5383C79D-DB87-4678-BBC9-A0AC7B33195A} - (no file)
      R3 - URLSearchHook: Richfind - {5383C79D-DB87-4678-BBC9-A0AC7B33195A} - C:\WINDOWS\System32\Q1773312.dll

      O1 - Hosts: 69.20.16.183 search.netscape.com

      O2 - BHO: Search Relevancy - {1D7E3B41-23CE-469B-BE1B-A64B877923E1} - C:\PROGRA~1\SEARCH~1\SEARCH~1.DLL (file missing)
      O2 - BHO: Richfind - {710590B2-AF48-44B3-8199-D4B8F5416224} - C:\WINDOWS\System32\Q1773312.dll
      O2 - BHO: Saristar - {C68AE9C0-0909-4DDC-B661-C1AFB9F5AE50} - C:\WINDOWS\System32\saristar.dll
      O2 - BHO: Richfind - {D6ABBB3D-2CC8-4D24-B83D-1A9E9201ECE0} - C:\WINDOWS\System32\Q1773312.dll

      O3 - Toolbar: (no name) - {00000000-0000-0000-0000-000000000000} - (no file)
      O3 - Toolbar: Richfind - {969A39D0-CE5F-4A6E-8A88-502FD2FD31A9} - C:\WINDOWS\System32\Q1773312.dll
      O3 - Toolbar: Richfind - {AE3A82EC-2970-4E9C-9945-1C83FFB22342} - C:\WINDOWS\System32\Q1773312.dll

      O4 - HKLM\..\Run: [xvqawv] C:\WINDOWS\System32\xpqbmob.exe
      O4 - HKLM\..\Run: [Create A Monster] "C:\Program Files\Kudd.com\createAMonster.exe" -run
      O4 - HKLM\..\Run: [sp2ctr] c:\windows\system32\sp2ctr.exe /nocomm
      O4 - HKLM\..\Run: [EvtHtm] c:\windows\system32\evthtm.exe /nocomm
      O4 - HKLM\..\Run: [sncntr] c:\windows\system32\sncntr.exe /nocomm
      O4 - HKLM\..\Run: [DK2OSZEC] C:\WINDOWS\gcjvoec.exe
      O4 - HKLM\..\Run: [¢‰¸K0¨4W}ïÁzî[8C:\Program Files\ISTsvc\istsvc.exe] C:\WINDOWS\gcjvoec.exe
      O4 - HKLM\..\Run: [¢‰¸K0Ô@ÔÁß]§ú"ü‰üžiC:\Program Files\ISTsvc\istsvc.exe] C:\WINDOWS\gcjvoec.exe
      O4 - HKLM\..\Run: [¢‰¸K0Ô@ÔÁß]§ú"ü‰¸K0C:\Program Files\ISTsvc\istsvc.exe] C:\WINDOWS\gcjvoec.exe
      O4 - HKLM\..\Run: [zango] c:\program files\zango\showtimes\zango.exe
      O4 - HKLM\..\Run: [Msdmxm] c:\windows\system32\msdmxm.exe /nocomm
      O4 - HKLM\..\Run: [¢‰¸K0¨4W}ïÁzîžigÝC:\Program Files\ISTsvc\istsvc.exe] C:\WINDOWS\gcjvoec.exe
      O4 - HKLM\..\Run: [Admilli Service] C:\Program Files\Admilli Service\AdmilliServ.exe
      O4 - HKLM\..\Run: [Tmzrvh] C:\Program Files\Znbzf\Chaeyr.exe
      O4 - HKLM\..\Run: [IST Service] C:\Program Files\ISTsvc\istsvc.exe
      O4 - HKCU\..\Run: [Instant Access] rundll32.exe p2esocks_1030.dll,InstantAccess
      O4 - HKCU\..\Run: [ixplore] "C:\Program Files\Internet Explorer\ixplore.exe"
      O4 - HKCU\..\Run: [Tsa2] C:\PROGRA~1\COMMON~1\tsa\tsm2.exe
      O4 - Startup: DLHelperEXE.exe

      O9 - Extra button: Richfind - {969A39D0-CE5F-4A6E-8A88-502FD2FD31A9} - C:\WINDOWS\System32\Q1773312.dll
      O9 - Extra button: Richfind - {AE3A82EC-2970-4E9C-9945-1C83FFB22342} - C:\WINDOWS\System32\Q1773312.dll

      O18 - Filter: text/html - {9242F168-9392-4208-BF61-784D23A9C98D} - C:\WINDOWS\System32\Q1773312.dll
      O18 - Filter: text/plain - {9242F168-9392-4208-BF61-784D23A9C98D} - C:\WINDOWS\System32\Q1773312.dll


      * Sluit nu alle vensters behalve hijackthis en klik op 'fix checked'

      * Start nu je pc op in VEILIGE MODE. Hoe start ik in veilige mode op.

      * Zorg ervoor dat je verborgen mappen en bestanden weergegeven zijn. Hoe deze weer te geven.

      * Ga via configuratiescherm naar software > programma's wijzigen/verwijderen en kijk of volgende programma's aanwezig zijn en de-installeer die:

      TSA
      ISTsvc
      Znbzf
      Admilli Service
      Zango
      Kudd.com
      SearchRelevancy

      * Zoek daarna via verkenner volgende items en verwijder deze manueel (de vetgedrukte items):

      C:\WINDOWS\System32\Q1773312.dll
      C:\WINDOWS\System32\saristar.dll
      C:\PROGRAM FILES\COMMON FILES\tsa <==deze map
      C:\Program Files\Internet Explorer\ixplore.exe <==Let op de spelling!! Pas op dat je iexplore.exe niet wist!!
      C:\Program Files\ISTsvc <==deze map
      C:\Program Files\Znbzf <==deze map
      C:\Program Files\Admilli Service <==deze map
      C:\WINDOWS\gcjvoec.exe
      c:\windows\system32\msdmxm.exe
      c:\program files\zango
      c:\windows\system32\sncntr.exe
      c:\windows\system32\evthtm.exe
      c:\windows\system32\sp2ctr.exe
      C:\Program Files\Kudd.com <==deze map
      C:\PROGRAM FILES\SEARCHRELEVANCY <==deze map
      C:\WINDOWS\System32\xpqbmob.exe

      * Start CCleaner en klik op Run Cleaner rechts onderaan.

      *Gebruik de VX2 Cleaner van adaware:
      *Hoe Lavasoft’s VX2 Cleaner add-on te gebruiken:

      Installeer de VX2 Cleaner
      Start Ad-Aware
      Ga naar “Add-ons”
      Kies VX2 Cleaner add-on en klik “Run Tool”
      Kies “Clean System”
      Reboot je computer
      Scan je computer volledig met Ad-Aware
      Laat het ieder gevonden VX2 object verwijderen
      Reboot je computer opnieuw
      Laat Adaware nog eens scannen om er zeker van te zijn dat alles weg is.

      Post daarna een nieuw hijackthislogje.
      Microsoft MVP - Consumer Security
      Director of Research @ Malwarebytes
      Mijn Blog
        • Citaat

        Comment

        • #3
          op verzoek van

          Heb de volledige handleiding doorgewerkt. Als het goed is is nu e.e.a. verwijderd.



          Logfile of HijackThis v1.99.0
          Scan saved at 20:04:45, on 3-1-2005
          Platform: Windows XP SP1 (WinNT 5.01.2600)
          MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

          Running processes:
          C:\WINDOWS\System32\smss.exe
          C:\WINDOWS\system32\winlogon.exe
          C:\WINDOWS\system32\services.exe
          C:\WINDOWS\system32\lsass.exe
          C:\WINDOWS\system32\svchost.exe
          C:\WINDOWS\system32\svchost.exe
          C:\WINDOWS\Explorer.EXE
          C:\Program Files\Mirjam\Hijackthis\hijackthis.exe

          R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
          O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
          O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.3000.1001\nl\msntb.dll
          O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
          O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
          O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
          O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
          O4 - HKLM\..\Run: [NAV CfgWiz] C:\Program Files\Common Files\Symantec Shared\CfgWiz.exe /GUID NAV /CMDLINE "REBOOT"
          O4 - HKLM\..\Run: [Advanced Tools Check] C:\PROGRA~1\NORTON~1\AdvTools\ADVCHK.EXE
          O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
          O4 - HKLM\..\Run: [msnappau] "C:\Program Files\MSN Apps\Updater\01.02.3000.1001\nl\msnappau.exe"
          O4 - HKLM\..\Run: [SSC_UserPrompt] C:\Program Files\Common Files\Symantec Shared\Security Center\UsrPrmpt.exe
          O4 - HKLM\..\Run: [AQ3HelperStartUp] C:\PROGRA~1\AQUATI~1\AQ3HEL~1.EXE /partner AQ3
          O4 - HKLM\..\Run: [¢‰¸K0Ô@ÔÁß]§ú"ü‰üžiC:\Program Files\ISTsvc\istsvc.exe] C:\WINDOWS\gcjvoec.exe
          O4 - HKLM\..\Run: [¢‰¸K0Ô@ÔÁß]§ú"ü‰¸K0C:\Program Files\ISTsvc\istsvc.exe] C:\WINDOWS\gcjvoec.exe
          O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
          O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
          O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
          O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
          O9 - Extra button: Richfind - {00000000-0000-0000-0000-000000000000} - C:\WINDOWS\System32\shdocvw.dll
          O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
          O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
          O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
          O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\System32\drivers\CDAC11BA.EXE
          O23 - Service: Symantec Event Manager - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
          O23 - Service: Symantec Password Validation - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
          O23 - Service: Symantec Settings Manager - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
          O23 - Service: Norton AntiVirus Auto-Protect - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
          O23 - Service: Norton Unerase Protection - Symantec Corporation - C:\Program Files\Norton AntiVirus\AdvTools\NPROTECT.EXE
          O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
          O23 - Service: ScriptBlocking Service - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
          O23 - Service: SymWMI Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
            • Citaat

            Comment

            • #4
              Hoi Mirjam70,

              Je had een nieuwe thread geopend voor dit antwoord. Dat is niet de bedoeling. Reageer in het vervolg in deze thread door de knop "Post Reply" te gebruiken.
              Ik heb je antwoord nu even voor je op de juiste plaats gezet.
                • Citaat

                Comment

                • #5
                  sorry...

                  Sorry voor het verkeerd plaatsen van mijn reactie. Ik had erg veel haast en wilde toch snel reageren. 'k Zal in het vervolg beter de gebruiksaanwijzing lezen.
                    • Citaat

                    Comment

                    • #6
                      Mirjam, dat ziet er al stukken beter uit!! Well done!! Maar kan je eens een logje plaatsen in normale mode? Want dit logje heb je in veilige mode gemaakt.
                      Microsoft MVP - Consumer Security
                      Director of Research @ Malwarebytes
                      Mijn Blog
                        • Citaat

                        Comment

                        Vorige template Volgende
                        Sorry, you are not authorized to view this page
                        Working...
                        X
                        😀
                        🥰
                        🤢
                        😎
                        😡
                        👍
                        👎