SSL-certificaat van Xolphin Powered by Cloud VPS - High Availability Cloud Servers Steun Nucia, doneer!
Resultaten 1 tot 14 van de 14
  1. #1

    Technische vaardigheid
    2.
    Besturingssysteem
    Windows XP Home/Pro
    Firewall
    Berichten
    103

    Computer hangt vas bij opstarten

    (vals alarm ik heb het zelf kunnen repareren. Ik stoor me er wel aan dat antivir een virus niet kon weg krijgen. Is dit erg. Als je toch nog even snel zou willen kijken graag. (hoeft niet ik hoor het wel)



    Hallo mijn pc hangt vast als ik wil opstarte. Hij laad wel eventjes dan laad hij een programma van mijn beeldscherm. Dit gaat weg en als ik dan in de start balk ga staan zit een zandloper. Meestal stopt hij ook met dingen opstarten hierna. Het laatste gekke wat ik heb gedaan is een virus scanner downloaden genaamd avira of antivir.

    Ik heb uiteraard ook gescant !



    Avira AntiVir Premium
    Report file date: dinsdag 20 oktober 2009 18:02

    Scanning for 1807480 virus strains and unwanted programs.

    Licensee : mark pennings
    Serial number : 2204198735-PEPWE-0001
    Platform : Windows XP
    Windows version : (Service Pack 2) [5.1.2600]
    Boot mode : Save mode with network
    Username : Mark
    Computer name : MARK-80YGD7NCA1

    Version information:
    BUILD.DAT : 9.0.0.447 21381 Bytes 26-8-2009 16:30:00
    AVSCAN.EXE : 9.0.3.7 466689 Bytes 19-10-2009 21:43:28
    AVSCAN.DLL : 9.0.3.0 40705 Bytes 19-10-2009 21:43:28
    LUKE.DLL : 9.0.3.2 209665 Bytes 19-10-2009 21:43:41
    LUKERES.DLL : 9.0.2.0 12033 Bytes 19-10-2009 21:43:41
    ANTIVIR0.VDF : 7.1.0.0 15603712 Bytes 27-10-2008 21:42:57
    ANTIVIR1.VDF : 7.1.4.132 5707264 Bytes 24-6-2009 21:43:05
    ANTIVIR2.VDF : 7.1.6.112 4833792 Bytes 15-10-2009 21:43:12
    ANTIVIR3.VDF : 7.1.6.128 134656 Bytes 20-10-2009 13:24:15
    Engineversion : 8.2.1.35
    AEVDF.DLL : 8.1.1.2 106867 Bytes 19-10-2009 21:43:18
    AESCRIPT.DLL : 8.1.2.35 483707 Bytes 19-10-2009 21:43:18
    AESCN.DLL : 8.1.2.5 127346 Bytes 19-10-2009 21:43:17
    AERDL.DLL : 8.1.3.2 479604 Bytes 19-10-2009 21:43:17
    AEPACK.DLL : 8.2.0.0 422261 Bytes 19-10-2009 21:43:17
    AEOFFICE.DLL : 8.1.0.38 196987 Bytes 19-10-2009 21:43:16
    AEHEUR.DLL : 8.1.0.167 2011511 Bytes 19-10-2009 21:43:16
    AEHELP.DLL : 8.1.7.0 237940 Bytes 19-10-2009 21:43:14
    AEGEN.DLL : 8.1.1.67 364916 Bytes 19-10-2009 21:43:14
    AEEMU.DLL : 8.1.1.0 393587 Bytes 19-10-2009 21:43:13
    AECORE.DLL : 8.1.8.1 184693 Bytes 19-10-2009 21:43:13
    AEBB.DLL : 8.1.0.3 53618 Bytes 19-10-2009 21:43:12
    AVWINLL.DLL : 9.0.0.3 18177 Bytes 19-10-2009 21:43:30
    AVPREF.DLL : 9.0.3.0 44289 Bytes 19-10-2009 21:43:27
    AVREP.DLL : 8.0.0.3 155905 Bytes 19-10-2009 21:43:54
    AVREG.DLL : 9.0.0.0 36609 Bytes 19-10-2009 21:43:28
    AVARKT.DLL : 9.0.0.3 292609 Bytes 19-10-2009 21:43:21
    AVEVTLOG.DLL : 9.0.0.7 167169 Bytes 19-10-2009 21:43:24
    SQLITE3.DLL : 3.6.1.0 326401 Bytes 19-10-2009 21:43:45
    SMTPLIB.DLL : 9.2.0.25 28417 Bytes 19-10-2009 21:43:45
    NETNT.DLL : 9.0.0.0 11521 Bytes 19-10-2009 21:43:42
    RCIMAGE.DLL : 9.0.0.28 2623745 Bytes 19-10-2009 21:42:34
    RCTEXT.DLL : 9.0.37.0 90369 Bytes 19-10-2009 21:42:34

    Configuration settings for the scan:
    Jobname.............................: Complete system scan
    Configuration file..................: c:\program files\avira\antivir desktop\sysscan.avp
    Logging.............................: low
    Primary action......................: interactive
    Secondary action....................: ignore
    Scan master boot sector.............: on
    Scan boot sector....................: on
    Boot sectors........................: C:,
    Process scan........................: on
    Scan registry.......................: on
    Search for rootkits.................: on
    Integrity checking of system files..: off
    Scan all files......................: All files
    Scan archives.......................: on
    Recursion depth.....................: 20
    Smart extensions....................: on
    Macro heuristic.....................: on
    File heuristic......................: medium
    Deviating risk categories...........: +APPL,+GAME,+JOKE,+PCK,+PFS,+SPR,

    Start of the scan: dinsdag 20 oktober 2009 18:02

    Starting search for hidden objects.
    The driver could not be initialized.

    The scan of running processes will be started
    Scan process 'avscan.exe' - '1' Module(s) have been scanned
    Scan process 'msnmsgr.exe' - '1' Module(s) have been scanned
    Scan process 'avcenter.exe' - '1' Module(s) have been scanned
    Scan process 'firefox.exe' - '1' Module(s) have been scanned
    Scan process 'explorer.exe' - '1' Module(s) have been scanned
    Scan process 'SpySweeper.exe' - '1' Module(s) have been scanned
    Scan process 'aawservice.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'lsass.exe' - '1' Module(s) have been scanned
    Scan process 'services.exe' - '1' Module(s) have been scanned
    Scan process 'winlogon.exe' - '1' Module(s) have been scanned
    Scan process 'csrss.exe' - '1' Module(s) have been scanned
    Scan process 'smss.exe' - '1' Module(s) have been scanned
    17 processes with 17 modules were scanned

    Starting master boot sector scan:
    Master boot sector HD0
    [INFO] No virus was found!

    Start scanning boot sectors:
    Boot sector 'C:\'
    [INFO] No virus was found!

    Starting to scan executable files (registry).
    The registry was scanned ( '68' files ).


    Starting the file scan:

    Begin scan in 'C:\' <XP>
    C:\pagefile.sys
    [WARNING] The file could not be opened!
    [NOTE] This file is a Windows system file.
    [NOTE] This file cannot be opened for scanning.
    C:\Documents and Settings\Mark\Local Settings\Temp\GnBpzRkN.rar.part
    [0] Archive type: RAR
    --> v1.21a Loader\Files\Warcraft III.exe
    [DETECTION] Is the TR/Agent.149926.A Trojan
    --> v1.21a Loader\Files\World Editor.exe
    [DETECTION] Is the TR/Spy.149934.A Trojan
    C:\Documents and Settings\Mark\Local Settings\Temporary Internet Files\Content.IE5\SP6V0X2R\getpromo[1].htm
    [DETECTION] Contains recognition pattern of the HTML/Crypted.Gen HTML script virus
    C:\Documents and Settings\Mark\RVAXO\RVAXO3
    [DETECTION] Contains recognition pattern of the SPR/Tool.Hardoff.A program
    C:\RECYCLER\S-1-5-21-789336058-492894223-725345543-1004\Dc550.exe
    [DETECTION] Is the TR/Agent.AG.520 Trojan
    C:\System Volume Information\_restore{5B33635B-2ADE-4077-9A04-406733D9D94C}\RP604\A0279762.exe
    [DETECTION] Contains recognition pattern of the SPR/Tool.Hardoff.A program
    C:\WINDOWS\NirCmd.exe
    [DETECTION] Contains recognition pattern of the APPL/NirCmd.3 application

    Beginning disinfection:
    C:\Documents and Settings\Mark\Local Settings\Temp\GnBpzRkN.rar.part
    [NOTE] The file was moved to '4b1ffd84.qua'!
    C:\Documents and Settings\Mark\Local Settings\Temporary Internet Files\Content.IE5\SP6V0X2R\getpromo[1].htm
    [DETECTION] Contains recognition pattern of the HTML/Crypted.Gen HTML script virus
    [NOTE] The file was moved to '4b51fd7b.qua'!
    C:\Documents and Settings\Mark\RVAXO\RVAXO3
    [DETECTION] Contains recognition pattern of the SPR/Tool.Hardoff.A program
    [NOTE] The file was moved to '4b1efd6c.qua'!
    C:\RECYCLER\S-1-5-21-789336058-492894223-725345543-1004\Dc550.exe
    [DETECTION] Is the TR/Agent.AG.520 Trojan
    [NOTE] The file was moved to '4b12fd79.qua'!
    C:\System Volume Information\_restore{5B33635B-2ADE-4077-9A04-406733D9D94C}\RP604\A0279762.exe
    [DETECTION] Contains recognition pattern of the SPR/Tool.Hardoff.A program
    [NOTE] The file was moved to '4b0ffd46.qua'!
    C:\WINDOWS\NirCmd.exe
    [DETECTION] Contains recognition pattern of the APPL/NirCmd.3 application
    [NOTE] The file was moved to '4b4ffd7f.qua'!


    End of the scan: dinsdag 20 oktober 2009 20:10
    Used time: 2:07:39 Hour(s)

    The scan has been canceled!

    13643 Scanned directories
    570432 Files were scanned
    7 Viruses and/or unwanted programs were found
    0 Files were classified as suspicious
    0 files were deleted
    0 Viruses and unwanted programs were repaired
    6 Files were moved to quarantine
    0 Files were renamed
    1 Files cannot be scanned
    570424 Files not concerned
    4274 Archives were scanned
    1 Warnings
    7 Notes

    Hier is de hijack this log

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 23:02:54, on 20-10-2009
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
    Boot mode: Safe mode with network support

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
    C:\Program Files\Windows Live\Messenger\msnmsgr.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Documents and Settings\Mark\Bureaublad\HijackThis(2).exe

    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
    R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
    O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
    O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
    O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
    O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll
    O3 - Toolbar: StylerToolBar - {D2F8F919-690B-4EA2-9FA7-A203D1E04F75} - C:\Program Files\Styler\TB\StylerTB.dll
    O3 - Toolbar: Veoh Browser Plug-in - {D0943516-5076-4020-A3B5-AEFAF26AB263} - C:\Program Files\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll
    O3 - Toolbar: Veoh Web Player Video Finder - {0FBB9689-D3D7-4f7a-A2E2-585B10099BFC} - C:\Program Files\Veoh Networks\VeohWebPlayer\VeohIEToolbar.dll
    O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
    O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
    O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
    O4 - HKLM\..\Run: [Monitor] C:\WINDOWS\PixArt\PAC207\Monitor.exe
    O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe -startup
    O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [PAC7302_Monitor] C:\WINDOWS\PixArt\PAC7302\Monitor.exe
    O4 - HKLM\..\Run: [winlog] winlog.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
    O4 - HKLM\..\Run: [DT PHL] C:\Program Files\Philips Display\SmartControl II\DTHtml.exe -startup_folder
    O4 - HKLM\..\Run: [COMODO Internet Security] "C:\Program Files\Comodo\Firewall\cfp.exe" -h
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [LClock] C:\Program Files\LClock\LClock.exe
    O4 - HKCU\..\Run: [ISUSPM] "C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -scheduler
    O4 - HKCU\..\Run: [BoostSpeed] "C:\Program Files\AusLogics BoostSpeed\BoostSpeed.exe" /Q
    O4 - HKCU\..\Run: [VeohPlugin] "C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe"
    O4 - HKCU\..\Run: [viwc] C:\WINDOWS\system32\viwc.exe
    O4 - HKCU\..\Run: [Vista Sidebar] C:\Program Files\Vista Sidebar\sidebar.exe
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
    O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Lokale service')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Netwerkservice')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
    O4 - Startup: -
    O4 - Global Startup: -
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
    O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
    O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
    O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
    O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
    O18 - Protocol: alaplaya - {60E6FD61-FA26-4706-BF07-C55B3A49E66C} - C:\WINDOWS\system32\alading.dll
    O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
    O20 - AppInit_DLLs:
    O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
    O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
    O23 - Service: Avira AntiVir MailGuard (AntiVirMailService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avmailc.exe
    O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
    O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
    O23 - Service: Avira AntiVir WebGuard (AntiVirWebService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE
    O23 - Service: Asset Management Daemon - Unknown owner - C:\Program Files\Common Files\Portrait Displays\Plugins\AM\dtsslsrv.exe
    O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - (no file)
    O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - (no file)
    O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: Portrait Displays Display Tune Service (DTSRVC) - Unknown owner - C:\Program Files\Common Files\Portrait Displays\Shared\DTSRVC.exe
    O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
    O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
    O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
    O23 - Service: FsUsbExService - Teruten - C:\WINDOWS\system32\FsUsbExService.Exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\WINDOWS\system32\GameMon.des.exe (file missing)
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
    O23 - Service: ProtexisLicensing - Unknown owner - C:\WINDOWS\system32\PSIService.exe
    O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
    O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
    O23 - Service: Webroot Spy Sweeper Engine (WebrootSpySweeperService) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
    O23 - Service: Yahoo! Updater (YahooAUService) - Yahoo! Inc. - C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe

    --
    End of file - 9549 bytes
    Laatst gewijzigd door meemai; 20-10-09 om 22:15.

  2. #2
    Hoofd consumentenbeveiliging Schermafbeelding van Marckie
    Technische vaardigheid
    5. Expert
    Besturingssysteem
    Windows 8 64
    Antivirus
    NOD32 Security Suite
    Firewall
    NOD32 Security Suite
    Berichten
    38.344
    De´nstalleer eerst ÚÚn van beide virusscanners.
    Meerdere actieve virusscanners gaan elkaar dwarszitten en de computer onnodig traag maken.


    Download MBAM (Malwarebytes' Anti-Malware) hier of hier.
    • Dubbelklik op mbam-setup.exe om het programma te installeren.
      • Zorg ervoor dat er een vinkje geplaatst is voor Update Malwarebytes' Anti-Malware en Start Malwarebytes' Anti-Malware, Klik daarna op "Voltooien".
      • Indien een update gevonden werd, zal die gedownload en ge´nstalleerd worden.
      • Wanneer het programma volledig up to date is, selecteer dan in het tabblad Scanner : "Snelle Scan", daarna klik op Scan.
      • Het scannen kan een tijdje duren, dus wees geduldig.
      • Wanneer de scan voltooid is, klik op OK, daarna "Bekijk Resultaten" om de resultaten te zien.
      • Zorg ervoor dat daar alles aangevinkt is, daarna klik op: Verwijder geselecteerde.
      • Na het verwijderen zal een log openen en zal er gevraagd worden om de computer opnieuw op te starten. (Zie verder)
      • De log wordt automatisch bewaard door MBAM en kan je terugvinden door op de "Logs" tab te klikken in MBAM.
      • Kopieer en plak de inhoud van het logje in je volgend antwoord, samen met een nieuw HijackThis log.
      Indien MBAM moeilijkheden heeft met het verwijderen van bepaalde bestanden zal het enkele meldingen geven waar je OK moet klikken.
      Daarna zal het vragen om de Computer opnieuw op te starten... dus sta toe dat MBAM de computer opnieuw opstart.

    Geef een update van de problemen.

  3. #3

    Technische vaardigheid
    2.
    Besturingssysteem
    Windows XP Home/Pro
    Firewall
    Berichten
    103
    Malwarebytes' Anti-Malware 1.41
    Database versie: 3005
    Windows 5.1.2600 Service Pack 2

    21-10-2009 21:37:56
    mbam-log-2009-10-21 (21-37-50).txt

    Scan type: Snelle Scan
    Objecten gescand: 136908
    Verstreken tijd: 22 minute(s), 14 second(s)

    Geheugenprocessen ge´nfecteerd: 0
    Geheugenmodulen ge´nfecteerd: 0
    Registersleutels ge´nfecteerd: 18
    Registerwaarden ge´nfecteerd: 8
    Registerdata bestanden ge´nfecteerd: 4
    Mappen ge´nfecteerd: 1
    Bestanden ge´nfecteerd: 7

    Geheugenprocessen ge´nfecteerd:
    (Geen kwaadaardige items gevonden)

    Geheugenmodulen ge´nfecteerd:
    (Geen kwaadaardige items gevonden)

    Registersleutels ge´nfecteerd:
    HKEY_CLASSES_ROOT\Interface\{f7d09218-46d7-4d3d-9b7f-315204cd0836} (Trojan.BHO) -> No action taken.
    HKEY_CLASSES_ROOT\Typelib\{e63648f7-3933-440e-b4f6-a8584dd7b7eb} (Trojan.BHO) -> No action taken.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{daed9266-8c28-4c1c-8b58-5c66eff1d302} (Search.Hijacker) -> No action taken.
    HKEY_CLASSES_ROOT\e404.e404mgr (Trojan.BHO) -> No action taken.
    HKEY_CLASSES_ROOT\e404.e404mgr.1 (Trojan.BHO) -> No action taken.
    HKEY_CLASSES_ROOT\e405.e405mgr (Trojan.BHO) -> No action taken.
    HKEY_CLASSES_ROOT\e405.e405mgr.1 (Trojan.BHO) -> No action taken.
    HKEY_CLASSES_ROOT\CLSID\e405.e405mgr (Trojan.Zlob) -> No action taken.
    HKEY_CLASSES_ROOT\homeview (Trojan.DNSChanger) -> No action taken.
    HKEY_CLASSES_ROOT\multimediaControls.chl (Trojan.Zlob) -> No action taken.
    HKEY_CURRENT_USER\SOFTWARE\advantage (Adware.Vomba) -> No action taken.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\affltid (Malware.Trace) -> No action taken.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\DomainService (Trojan.Agent) -> No action taken.
    HKEY_CURRENT_USER\SOFTWARE\NetProject (Trojan.Zlob) -> No action taken.
    HKEY_CURRENT_USER\SOFTWARE\NordBull (Malware.Trace) -> No action taken.
    HKEY_CURRENT_USER\SOFTWARE\XML (Trojan.FakeAlert) -> No action taken.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\affltid (Malware.Trace) -> No action taken.
    HKEY_CURRENT_USER\SOFTWARE\poprock (Trojan.Downloader) -> No action taken.

    Registerwaarden ge´nfecteerd:
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Main\searchmigrateddefaulturl (Trojan.Zlob) -> No action taken.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\New Windows\Allow\*.safetyincludes.com (Trojan.Zlob) -> No action taken.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\New Windows\Allow\*.securemanaging.com (Trojan.Zlob) -> No action taken.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\New Windows\Allow\*.securewebinfo.com (Trojan.Zlob) -> No action taken.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchUrl\w\(default) (Trojan.Zlob) -> No action taken.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\searchmigrateddefaulturl (Trojan.Zlob) -> No action taken.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchUrl\w\(default) (Trojan.Zlob) -> No action taken.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\winlog (Trojan.Agent) -> No action taken.

    Registerdata bestanden ge´nfecteerd:
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Main\SearchMigratedDefaultURL (Hijack.SearchPage) -> Bad: (http://internetsearchservice.com/search?q={searchTerms}) Good: (http://www.Google.com/) -> No action taken.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchUrl\w\(default) (Hijack.SearchPage) -> Bad: (http://internetsearchservice.com/search?q=%s) Good: (http://www.Google.com/) -> No action taken.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\SearchMigratedDefaultURL (Hijack.SearchPage) -> Bad: (http://internetsearchservice.com/search?q={searchTerms}) Good: (http://www.Google.com/) -> No action taken.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchUrl\w\(default) (Hijack.SearchPage) -> Bad: (http://internetsearchservice.com/search?q=%s) Good: (http://www.Google.com/) -> No action taken.

    Mappen ge´nfecteerd:
    C:\resycled (Trojan.DNSChanger) -> No action taken.

    Bestanden ge´nfecteerd:
    C:\resycled\boot.com (Trojan.DNSChanger) -> No action taken.
    C:\Documents and Settings\Mark\Application Data\Microsoft\svchost.exe (Backdoor.Bot) -> No action taken.
    C:\Documents and Settings\Mark\Application Data\Microsoft\winlog.exe (Trojan.Agent) -> No action taken.
    C:\WINDOWS\system32\msxml71.dll (Trojan.FakeAlert) -> No action taken.
    C:\WINDOWS\msa.exe (Trojan.Agent) -> No action taken.
    C:\WINDOWS\Tasks\{7B02EF0B-A410-4938-8480-9BA26420A627}.job (Trojan.Downloader) -> No action taken.
    C:\WINDOWS\winlog.exe (Trojan.Agent) -> No action taken.


    Das niet al te best of wel xD ?

  4. #4
    Hoofd consumentenbeveiliging Schermafbeelding van Marckie
    Technische vaardigheid
    5. Expert
    Besturingssysteem
    Windows 8 64
    Antivirus
    NOD32 Security Suite
    Firewall
    NOD32 Security Suite
    Berichten
    38.344
    Volg aub de instructies die ik gegeven heb.
    Jouw logje geeft aan "No action". Je moet MBAM alles laten verwijderen en die log posten samen met een nieuwe hijackthislog.

  5. #5

    Technische vaardigheid
    2.
    Besturingssysteem
    Windows XP Home/Pro
    Firewall
    Berichten
    103
    Sorry sorry ik dacht dat je daarvoor betalen moest. =( Ik doe het opnieuw sorry nogmaals.


    alwarebytes' Anti-Malware 1.41
    Database versie: 3005
    Windows 5.1.2600 Service Pack 2

    21-10-2009 22:49:37
    mbam-log-2009-10-21 (22-49-37).txt

    Scan type: Snelle Scan
    Objecten gescand: 136978
    Verstreken tijd: 21 minute(s), 11 second(s)

    Geheugenprocessen ge´nfecteerd: 0
    Geheugenmodulen ge´nfecteerd: 0
    Registersleutels ge´nfecteerd: 18
    Registerwaarden ge´nfecteerd: 8
    Registerdata bestanden ge´nfecteerd: 4
    Mappen ge´nfecteerd: 1
    Bestanden ge´nfecteerd: 7

    Geheugenprocessen ge´nfecteerd:
    (Geen kwaadaardige items gevonden)

    Geheugenmodulen ge´nfecteerd:
    (Geen kwaadaardige items gevonden)

    Registersleutels ge´nfecteerd:
    HKEY_CLASSES_ROOT\Interface\{f7d09218-46d7-4d3d-9b7f-315204cd0836} (Trojan.BHO) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Typelib\{e63648f7-3933-440e-b4f6-a8584dd7b7eb} (Trojan.BHO) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{daed9266-8c28-4c1c-8b58-5c66eff1d302} (Search.Hijacker) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\e404.e404mgr (Trojan.BHO) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\e404.e404mgr.1 (Trojan.BHO) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\e405.e405mgr (Trojan.BHO) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\e405.e405mgr.1 (Trojan.BHO) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\e405.e405mgr (Trojan.Zlob) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\homeview (Trojan.DNSChanger) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\multimediaControls.chl (Trojan.Zlob) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\advantage (Adware.Vomba) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\affltid (Malware.Trace) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\DomainService (Trojan.Agent) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\NetProject (Trojan.Zlob) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\NordBull (Malware.Trace) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\XML (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\affltid (Malware.Trace) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\poprock (Trojan.Downloader) -> Quarantined and deleted successfully.

    Registerwaarden ge´nfecteerd:
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Main\searchmigrateddefaulturl (Trojan.Zlob) -> Delete on reboot.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\New Windows\Allow\*.safetyincludes.com (Trojan.Zlob) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\New Windows\Allow\*.securemanaging.com (Trojan.Zlob) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\New Windows\Allow\*.securewebinfo.com (Trojan.Zlob) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchUrl\w\(default) (Trojan.Zlob) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\searchmigrateddefaulturl (Trojan.Zlob) -> Delete on reboot.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchUrl\w\(default) (Trojan.Zlob) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\winlog (Trojan.Agent) -> Quarantined and deleted successfully.

    Registerdata bestanden ge´nfecteerd:
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Main\SearchMigratedDefaultURL (Hijack.SearchPage) -> Bad: (http://internetsearchservice.com/search?q={searchTerms}) Good: (http://www.Google.com/) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchUrl\w\(default) (Hijack.SearchPage) -> Bad: (http://internetsearchservice.com/search?q=%s) Good: (http://www.Google.com/) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\SearchMigratedDefaultURL (Hijack.SearchPage) -> Bad: (http://internetsearchservice.com/search?q={searchTerms}) Good: (http://www.Google.com/) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchUrl\w\(default) (Hijack.SearchPage) -> Bad: (http://internetsearchservice.com/search?q=%s) Good: (http://www.Google.com/) -> Quarantined and deleted successfully.

    Mappen ge´nfecteerd:
    C:\resycled (Trojan.DNSChanger) -> Quarantined and deleted successfully.

    Bestanden ge´nfecteerd:
    C:\resycled\boot.com (Trojan.DNSChanger) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Mark\Application Data\Microsoft\svchost.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Mark\Application Data\Microsoft\winlog.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\msxml71.dll (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\WINDOWS\msa.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\WINDOWS\Tasks\{7B02EF0B-A410-4938-8480-9BA26420A627}.job (Trojan.Downloader) -> Quarantined and deleted successfully.
    C:\WINDOWS\winlog.exe (Trojan.Agent) -> Delete on reboot.
    Laatst gewijzigd door meemai; 21-10-09 om 21:50.

  6. #6
    Hoofd consumentenbeveiliging Schermafbeelding van Marckie
    Technische vaardigheid
    5. Expert
    Besturingssysteem
    Windows 8 64
    Antivirus
    NOD32 Security Suite
    Firewall
    NOD32 Security Suite
    Berichten
    38.344
    Volg de instructies die ik geef aub, je vergeet de hijackthislog.

  7. #7

    Technische vaardigheid
    2.
    Besturingssysteem
    Windows XP Home/Pro
    Firewall
    Berichten
    103
    Sory ik was er gisteren niet zo bij. Sorry =(

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 18:44:53, on 22-10-2009
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
    C:\Program Files\Common Files\Portrait Displays\Plugins\AM\dtsslsrv.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\Program Files\Common Files\Portrait Displays\Shared\DTSRVC.exe
    C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
    C:\WINDOWS\system32\FsUsbExService.Exe
    C:\WINDOWS\system32\nvsvc32.exe
    C:\WINDOWS\system32\PSIService.exe
    C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
    C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
    C:\WINDOWS\RTHDCPL.EXE
    C:\WINDOWS\PixArt\PAC207\Monitor.exe
    C:\Program Files\Common Files\Real\Update_OB\realsched.exe
    C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
    C:\WINDOWS\system32\RUNDLL32.EXE
    C:\WINDOWS\PixArt\PAC7302\Monitor.exe
    C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
    C:\Program Files\Philips Display\SmartControl II\DTHtml.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\LClock\LClock.exe
    C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe
    C:\Program Files\AusLogics BoostSpeed\BoostSpeed.exe
    C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\Program Files\Windows Live\Messenger\msnmsgr.exe
    C:\Program Files\Common Files\Portrait Displays\Shared\HookManager.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
    C:\Program Files\Windows Media Player\wmplayer.exe
    C:\Program Files\Java\jre1.6.0_03\bin\jucheck.exe

    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
    R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
    O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
    O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
    O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
    O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll
    O3 - Toolbar: StylerToolBar - {D2F8F919-690B-4EA2-9FA7-A203D1E04F75} - C:\Program Files\Styler\TB\StylerTB.dll
    O3 - Toolbar: Veoh Browser Plug-in - {D0943516-5076-4020-A3B5-AEFAF26AB263} - C:\Program Files\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll
    O3 - Toolbar: Veoh Web Player Video Finder - {0FBB9689-D3D7-4f7a-A2E2-585B10099BFC} - C:\Program Files\Veoh Networks\VeohWebPlayer\VeohIEToolbar.dll
    O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
    O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
    O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
    O4 - HKLM\..\Run: [Monitor] C:\WINDOWS\PixArt\PAC207\Monitor.exe
    O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe -startup
    O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [PAC7302_Monitor] C:\WINDOWS\PixArt\PAC7302\Monitor.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
    O4 - HKLM\..\Run: [DT PHL] C:\Program Files\Philips Display\SmartControl II\DTHtml.exe -startup_folder
    O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [LClock] C:\Program Files\LClock\LClock.exe
    O4 - HKCU\..\Run: [ISUSPM] "C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -scheduler
    O4 - HKCU\..\Run: [BoostSpeed] "C:\Program Files\AusLogics BoostSpeed\BoostSpeed.exe" /Q
    O4 - HKCU\..\Run: [VeohPlugin] "C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe"
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
    O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Lokale service')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Netwerkservice')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
    O4 - Startup: -
    O4 - Global Startup: -
    O8 - Extra context menu item: Add to AMV/AVI Video Converter... - C:\Program Files\Media Player Utilities 4.25\AMVConverter\grab.html
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
    O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
    O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
    O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
    O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
    O18 - Protocol: alaplaya - {60E6FD61-FA26-4706-BF07-C55B3A49E66C} - C:\WINDOWS\system32\alading.dll
    O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
    O20 - AppInit_DLLs:
    O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
    O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
    O23 - Service: Asset Management Daemon - Unknown owner - C:\Program Files\Common Files\Portrait Displays\Plugins\AM\dtsslsrv.exe
    O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - (no file)
    O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - (no file)
    O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: Portrait Displays Display Tune Service (DTSRVC) - Unknown owner - C:\Program Files\Common Files\Portrait Displays\Shared\DTSRVC.exe
    O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
    O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
    O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
    O23 - Service: FsUsbExService - Teruten - C:\WINDOWS\system32\FsUsbExService.Exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\WINDOWS\system32\GameMon.des.exe (file missing)
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
    O23 - Service: ProtexisLicensing - Unknown owner - C:\WINDOWS\system32\PSIService.exe
    O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
    O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
    O23 - Service: Webroot Spy Sweeper Engine (WebrootSpySweeperService) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
    O23 - Service: Yahoo! Updater (YahooAUService) - Yahoo! Inc. - C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe

    --
    End of file - 10506 bytes

  8. #8
    Hoofd consumentenbeveiliging Schermafbeelding van Marckie
    Technische vaardigheid
    5. Expert
    Besturingssysteem
    Windows 8 64
    Antivirus
    NOD32 Security Suite
    Firewall
    NOD32 Security Suite
    Berichten
    38.344
    Ik zie dat je nog steeds 2 virusscanners gebruikt, dat is er nog eentje te veel.
    Zie de opmerking die ik eerder gaf: Meerdere scanners zitten elkaar dwars, maken je systeem traag. De´nstalleer ÚÚn van beiden.

    Geef een update van de problemen.

  9. #9

    Technische vaardigheid
    2.
    Besturingssysteem
    Windows XP Home/Pro
    Firewall
    Berichten
    103
    Citaat Oorspronkelijk geplaatst door Marckie Bekijk Berichten
    Ik zie dat je nog steeds 2 virusscanners gebruikt, dat is er nog eentje te veel.
    Zie de opmerking die ik eerder gaf: Meerdere scanners zitten elkaar dwars, maken je systeem traag. De´nstalleer ÚÚn van beiden.

    Geef een update van de problemen.
    Oei dan ben ik me daar onbewust van ik weet dat ik Nod32 heb. Maar welke is die tweede dan als ik vragen mag ?

  10. #10
    Hoofd consumentenbeveiliging Schermafbeelding van Marckie
    Technische vaardigheid
    5. Expert
    Besturingssysteem
    Windows 8 64
    Antivirus
    NOD32 Security Suite
    Firewall
    NOD32 Security Suite
    Berichten
    38.344
    Ik denk dat ik er vanavond niet goed bij ben
    Het zijn restjes die ik zag.

    Geef even een update van de problemen.

  11. #11

    Technische vaardigheid
    2.
    Besturingssysteem
    Windows XP Home/Pro
    Firewall
    Berichten
    103
    Haha dat maakt niet uit misschien heb ik je aangestoken. =p
    Uhm nouja hij gaat wel weer wat sneller. Hij kon juist wat dingen niet verwijderen met malaware bits geloof ik ik weet niet of dat schadelijk is. Maar zolang ik veilig zit. vind ik het prima. En bedankt. Hij gaat weer wat sneller. =)

  12. #12
    Hoofd consumentenbeveiliging Schermafbeelding van Marckie
    Technische vaardigheid
    5. Expert
    Besturingssysteem
    Windows 8 64
    Antivirus
    NOD32 Security Suite
    Firewall
    NOD32 Security Suite
    Berichten
    38.344
    Kan je even aangeven wat er niet verwijderd kon worden?

  13. #13

    Technische vaardigheid
    2.
    Besturingssysteem
    Windows XP Home/Pro
    Firewall
    Berichten
    103
    Citaat Oorspronkelijk geplaatst door Marckie Bekijk Berichten
    Kan je even aangeven wat er niet verwijderd kon worden?
    sorry mijn fout die werde verwijderd bij reboot dom dom dom >.< Heel erg bedankt voor je hulp =)

  14. #14
    Hoofd consumentenbeveiliging Schermafbeelding van Marckie
    Technische vaardigheid
    5. Expert
    Besturingssysteem
    Windows 8 64
    Antivirus
    NOD32 Security Suite
    Firewall
    NOD32 Security Suite
    Berichten
    38.344
    Graag gedaan.

    Schakel Systeemherstel uit. Herstart de computer. Schakel Systeemherstel weer in.
    Systeemherstel uitschakelen.


    Meer info over hoe je een nieuwe infectie kan voorkomen vind je hier.
    Lees ook dit artikel even door: Niets voor niets.
    Ga naar de website van Secunia ( http://secunia.com/vulnerability_scanning/online/ ) en laat de Secunia Online Software Inspector (OSI) je computer scannen.
    De Secunia Online Software Inspector scant de computer op programma's die niet geupdate zijn en daardoor ook mogelijke beveiligingslekken kunnen bevatten die ondermeer door malware misbruikt kunnen worden.
    Plaats voor je de scan start eventueel ook een vinkje bij 'Enable thorough system inspection'. Hierdoor kan OSI ook de programma's vinden indien deze niet op de standaardlocatie ge´nstalleerd zijn.
    Wordt een niet-up-to-date programma gevonden dan wordt deze in het rood als 'insecure' weergegeven en krijg je de mogelijk om via de 'download-link' de meest recente versie te downloaden.

    De status van deze thread staat op opgelost.
    Indien er niet meer gereageerd wordt, zal binnen een 3-tal dagen deze thread automatisch verplaatst worden naar de sectie Opgeloste hijackthislogs en is een reactie niet meer mogelijk. Dit om het forum netjes en overzichtelijk te houden.
    Blijkt dat er toch nog problemen zijn, en je wil weer reageren in dit topic, dan stuur je me een privÚ bericht met verzoek om heropening.

    Happy surfing again.

Forum Rechten

  • Je mag geen nieuwe onderwerpen plaatsen
  • Je mag geen reacties plaatsen
  • Je mag geen bijlagen toevoegen
  • Je mag jouw berichten niet wijzigen