Mededeling

Collapse
No announcement yet.

CiD Probleem!

Collapse
X
Collapse
  •  
  • Page of 1
  • Tijd
  • Show
Clear All
new posts
Vorige template Volgende
  • #1

    CiD Probleem!

    Hallo Allen!

    Via, via op deze site terecht gekomen, ik hoop dat jullie mij kunnen helpen met mijn CID probleem.

    Ik heb dus last van CiD popups wanneer ik werk in inet explorer 7.
    Inmiddels de benodige spyware prog. laten scannen en tot dusver geen resultaat. Nu ik op dit forum verschillende posts heb gelezen begrijp ik waarom.

    Ik heb 2 logjes gemaakt, ik hoop dat jullie hiernaar kunnen kijken!

    Hijack This Log
    --
    Logfile of HijackThis v1.99.1
    Scan saved at 15:02:55, on 5-1-2008
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16574)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
    C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
    C:\WINDOWS\system32\dlcfcoms.exe
    C:\WINDOWS\eHome\ehRecvr.exe
    C:\WINDOWS\eHome\ehSched.exe
    C:\WINDOWS\system32\dllhost.exe
    C:\PROGRA~1\COMMON~1\SYMANT~1\CCPD-LC\symlcsvc.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\ehome\ehtray.exe
    C:\WINDOWS\stsystra.exe
    C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
    C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exe
    C:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe
    C:\WINDOWS\system32\hkcmd.exe
    C:\WINDOWS\system32\igfxpers.exe
    C:\WINDOWS\eHome\ehmsas.exe
    C:\Program Files\DAEMON Tools\daemon.exe
    C:\WINDOWS\system32\DeltTray.exe
    C:\Program Files\QuickTime\qttask.exe
    C:\Program Files\Philips\Philips Device Manager\Bin\DeviceManager.exe
    C:\Program Files\Novation\USB Audio Driver\nvnusbaudiolog.exe
    C:\Program Files\Winamp\winampa.exe
    C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
    C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
    C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Internet Explorer\IEXPLORE.EXE
    C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    C:\Program Files\Common Files\Microsoft Shared\Works Shared\wkcalrem.exe
    C:\Program Files\MSN Messenger\usnsvc.exe
    C:\WINDOWS\system32\igfxsrvc.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\DOCUME~1\Sjefke\LOCALS~1\Temp\Rar$EX00.688\HijackThis.exe
    C:\Program Files\WinRAR\WinRAR.exe
    C:\DOCUME~1\Sjefke\LOCALS~1\Temp\Rar$EX00.485\deljob.exe
    C:\WINDOWS\system32\cmd.exe
    C:\Program Files\MSN Messenger\msnmsgr.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.planet.nl/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.alcatel.com/consumer/dsl/
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.0\coIEPlg.dll
    O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\PROGRA~1\COMMON~1\SYMANT~1\IDS\IPSBHO.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
    O3 - Toolbar: Norton-werkbalk weergeven - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.0\CoIEPlg.dll
    O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
    O4 - HKLM\..\Run: [SigmatelSysTrayApp] stsystra.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
    O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exe
    O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\\NeroCheck.exe
    O4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe" /icon
    O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
    O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
    O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
    O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
    O4 - HKLM\..\Run: [DeltTray] DeltTray.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [PhilipsDM] "C:\Program Files\Philips\Philips Device Manager\Bin\DeviceManager.exe"
    O4 - HKLM\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions
    O4 - HKLM\..\Run: [NvnUsbAudioLogger] "C:\Program Files\Novation\USB Audio Driver\nvnusbaudiolog.exe"
    O4 - HKLM\..\Run: [DLCFCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\DLCFtime.dll,_RunDLLEntry@16
    O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
    O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
    O4 - HKLM\..\Run: [osCheck] "C:\Program Files\Norton Internet Security\osCheck.exe"
    O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
    O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe"
    O4 - HKLM\..\Run: [MATH DOES FIRST MODE] C:\Documents and Settings\All Users\Application Data\live 64 math does\this log.exe
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [BitTorrent] "C:\Program Files\BitTorrent\bittorrent.exe" --force_start_minimized
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_9
    O4 - HKCU\..\Run: [ares] "C:\Program Files\Ares\Ares.exe" -h
    O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    O4 - Global Startup: Adobe Reader Snelle start.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
    O4 - Global Startup: Microsoft Works Agenda-herinneringen.lnk = ?
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O11 - Options group: [INTERNATIONAL] International*
    O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by116w.bay116.mail.live.com/mail/resources/MsnPUpld.cab
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1161717139562
    O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
    O16 - DPF: {A18962F6-E6ED-40B1-97C9-1FB36F38BFA8} (Aurigma Image Uploader 3.5 Control) - http://www.famipix.com/ImageUploader3.cab
    O16 - DPF: {C45B1500-7B63-47C2-AB25-C28CB46AFDEE} (Music Manager) - http://img.od2.com/installation/pluginname/music%20manager/MusicManagerPlugin.CAB
    O17 - HKLM\System\CCS\Services\Tcpip\..\{F48E481E-9266-480A-8909-2F4CEC0890E3}: NameServer = 195.121.1.34 195.121.1.66
    O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
    O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxdev.dll
    O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
    O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
    O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
    O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
    O23 - Service: Symantec Event Manager (ccEvtMgr) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon (file missing)
    O23 - Service: Symantec Settings Manager (ccSetMgr) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon (file missing)
    O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon (file missing)
    O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
    O23 - Service: dlcf_device - - C:\WINDOWS\system32\dlcfcoms.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE
    O23 - Service: LiveUpdate Notice - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon (file missing)
    O23 - Service: Planner voor Automatische LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
    O23 - Service: Symantec Core LC - Unknown owner - C:\PROGRA~1\COMMON~1\SYMANT~1\CCPD-LC\symlcsvc.exe


    Deljob Log

    11-08-2007 13:42 <DIR> .
    11-08-2007 13:42 <DIR> ..
    04-08-2007 14:15 <DIR> Ableton
    15-01-2007 18:12 <DIR> Adobe
    16-01-2007 13:54 <DIR> AdobeUM
    24-10-2006 21:21 <DIR> BITTOR~1 BitTorrent
    04-06-2007 12:51 <DIR> Corel
    22-11-2006 14:20 <DIR> Google
    11-11-2006 15:53 <DIR> Help
    24-10-2006 17:34 <DIR> IDENTI~1 Identities
    04-06-2007 13:23 <DIR> JASCSO~1 Jasc Software Inc
    30-10-2007 15:18 <DIR> Lavasoft
    31-05-2007 10:43 <DIR> MACROM~1 Macromedia
    16-01-2007 20:27 <DIR> MCMPEG~1 MCMPEGEnc
    06-10-2007 20:57 <DIR> MICROS~1 Microsoft
    24-10-2006 19:31 <DIR> MICROS~2 Microsoft Web Folders
    30-01-2007 17:27 <DIR> Mozilla
    01-11-2006 15:02 <DIR> PROPEL~1 Propellerhead Software
    12-12-2006 18:36 <DIR> Real
    04-06-2007 12:55 <DIR> SECOND~1 SecondLife
    11-08-2007 13:42 <DIR> SecuROM
    20-03-2007 14:40 <DIR> Skype
    01-11-2006 15:43 <DIR> STEINB~1 Steinberg
    24-10-2006 18:44 <DIR> Sun
    02-11-2007 21:09 <DIR> Symantec
    17-03-2007 14:45 <DIR> Teleca
    31-10-2006 16:25 <DIR> vlc
    19-09-2007 17:17 <DIR> Winamp
    0 bestand(en) 0 bytes
    28 map(pen) 55.937.003.520 bytes beschikbaar
    Het volume in station C heeft geen naam.
    Het volumenummer is 0446-B421

    Map van C:\Documents and Settings\All Users\Application Data

    04-01-2008 19:39 <DIR> .
    04-01-2008 19:39 <DIR> ..
    15-11-2006 12:02 <DIR> Ableton
    15-01-2007 18:16 <DIR> Adobe
    04-06-2007 12:47 <DIR> Corel
    04-06-2007 12:58 <DIR> Google
    04-06-2007 13:24 <DIR> INSTAL~1 InstallShield
    05-10-2007 16:31 <DIR> iolo
    04-01-2008 19:39 <DIR> Lavasoft
    03-01-2008 22:06 <DIR> LIVE64~1 live 64 math does
    05-10-2007 16:32 <DIR> MAILFR~1 MailFrontier
    30-10-2007 15:18 <DIR> MICROS~1 Microsoft
    30-10-2006 11:30 <DIR> PROPEL~1 Propellerhead Software
    25-10-2006 13:38 <DIR> QUICKT~1 QuickTime
    16-01-2007 21:31 <DIR> Skype
    17-03-2007 14:14 <DIR> SONYER~1 Sony Ericsson
    05-01-2008 15:00 <DIR> Symantec
    17-03-2007 14:14 <DIR> Teleca
    24-10-2006 20:54 <DIR> WINDOW~1 Windows Genuine Advantage
    0 bestand(en) 0 bytes
    19 map(pen) 55.937.003.520 bytes beschikbaar
    Het volume in station C heeft geen naam.
    Het volumenummer is 0446-B421

    Map van C:\WINDOWS

    -------------------

    Alvast bedankt!
    Labels: Geen
      • Citaat
    • #2
      Gebruik je nog software van Symantec?

      1. Je gebruikt een veroudere versie van Hijackthis, download de nieuwste versie en werk
      vanaf nu daarmee: http://www.nucia.eu/forum/showthread.php?t=28820

      2. Start Hijackthis, kies voor 'Do a system scan only' en vink onderstaande regels aan:

      O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
      O4 - HKLM\..\Run: [MATH DOES FIRST MODE] C:\Documents and Settings\All Users\Application Data\live 64 math does\this log.exe
      O16 - DPF: {C45B1500-7B63-47C2-AB25-C28CB46AFDEE} (Music Manager) - http://img.od2.com/installation/plug...agerPlugin.CAB


      Sluit nu alle openstaande vensters, behalve Hijackthis en klik op Fix Checked.

      3. Download dit programma: GV Killer.exe

      Dubbelklik het, er zal een text-bestand openen. (input.txt)
      Verwijder de text die in dat bestand staat en plaats de volgende vetgedrukte regels er weer in:

      C:\Documents and Settings\All Users\Application Data\live 64 math does

      Sluit het textbestand en laat de wijzigingen opslaan
      Klik nu op de knop "Kill on reboot" en laat de PC herstarten.
      Na de herstart zal GV_Killer.exe opnieuw gestart worden, geef toestemming om de mappen te verwijderen.
      Als dat gelukt is mag je GV_Killer afsluiten.

      Post daarna een nieuw logje van Hijackthis.
      Groet,
      Pimmerd
        • Citaat

        Comment

        • #3
          Dankjewel voor je reactie pim!

          GV_killer gaf uiteindelijk geen optie tot het verwijderen van mappen.
          Hier is het nieuwe logje.

          Logfile of Trend Micro HijackThis v2.0.2
          Scan saved at 15:34:41, on 13-1-2008
          Platform: Windows XP SP2 (WinNT 5.01.2600)
          MSIE: Internet Explorer v7.00 (7.00.6000.16574)
          Boot mode: Normal

          Running processes:
          C:\WINDOWS\System32\smss.exe
          C:\WINDOWS\system32\winlogon.exe
          C:\WINDOWS\system32\services.exe
          C:\WINDOWS\system32\lsass.exe
          C:\WINDOWS\system32\svchost.exe
          C:\WINDOWS\System32\svchost.exe
          C:\WINDOWS\system32\svchost.exe
          C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
          C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
          C:\WINDOWS\system32\spoolsv.exe
          C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
          C:\WINDOWS\Explorer.EXE
          C:\WINDOWS\system32\dlcfcoms.exe
          C:\WINDOWS\eHome\ehRecvr.exe
          C:\WINDOWS\eHome\ehSched.exe
          C:\WINDOWS\system32\dllhost.exe
          C:\WINDOWS\system32\wuauclt.exe
          C:\WINDOWS\ehome\ehtray.exe
          C:\WINDOWS\stsystra.exe
          C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
          C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exe
          C:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe
          C:\WINDOWS\system32\hkcmd.exe
          C:\WINDOWS\system32\igfxpers.exe
          C:\WINDOWS\eHome\ehmsas.exe
          C:\Program Files\DAEMON Tools\daemon.exe
          C:\WINDOWS\system32\DeltTray.exe
          C:\Program Files\QuickTime\qttask.exe
          C:\Program Files\Philips\Philips Device Manager\Bin\DeviceManager.exe
          C:\Program Files\Common Files\Teleca Shared\CapabilityManager.exe
          C:\Program Files\Novation\USB Audio Driver\nvnusbaudiolog.exe
          C:\Program Files\Winamp\winampa.exe
          C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
          C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
          C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
          C:\WINDOWS\system32\ctfmon.exe
          C:\Program Files\MSN Messenger\MsnMsgr.Exe
          C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
          C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
          C:\Program Files\Common Files\Microsoft Shared\Works Shared\wkcalrem.exe
          C:\Program Files\Internet Explorer\iexplore.exe
          C:\Program Files\MSN Messenger\usnsvc.exe
          C:\Documents and Settings\Sjefke\Local Settings\Temporary Internet Files\Content.IE5\ZYDBLPPL\HiJackThis[1].exe

          R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.planet.nl/
          R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
          R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
          R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
          R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
          R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.alcatel.com/consumer/dsl/
          R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
          O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
          O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
          O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.0\coIEPlg.dll
          O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\PROGRA~1\COMMON~1\SYMANT~1\IDS\IPSBHO.dll
          O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
          O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
          O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
          O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
          O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
          O3 - Toolbar: Norton-werkbalk weergeven - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.0\CoIEPlg.dll
          O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
          O4 - HKLM\..\Run: [SigmatelSysTrayApp] stsystra.exe
          O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
          O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exe
          O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\\NeroCheck.exe
          O4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe" /icon
          O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
          O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
          O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
          O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
          O4 - HKLM\..\Run: [DeltTray] DeltTray.exe
          O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
          O4 - HKLM\..\Run: [PhilipsDM] "C:\Program Files\Philips\Philips Device Manager\Bin\DeviceManager.exe"
          O4 - HKLM\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions
          O4 - HKLM\..\Run: [NvnUsbAudioLogger] "C:\Program Files\Novation\USB Audio Driver\nvnusbaudiolog.exe"
          O4 - HKLM\..\Run: [DLCFCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\DLCFtime.dll,_RunDLLEntry@16
          O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
          O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
          O4 - HKLM\..\Run: [osCheck] "C:\Program Files\Norton Internet Security\osCheck.exe"
          O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
          O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe"
          O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
          O4 - HKCU\..\Run: [BitTorrent] "C:\Program Files\BitTorrent\bittorrent.exe" --force_start_minimized
          O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
          O4 - HKCU\..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_9
          O4 - HKCU\..\Run: [ares] "C:\Program Files\Ares\Ares.exe" -h
          O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
          O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Lokale service')
          O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Netwerkservice')
          O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
          O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
          O4 - Global Startup: Adobe Reader Snelle start.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
          O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
          O4 - Global Startup: Microsoft Works Agenda-herinneringen.lnk = ?
          O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
          O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
          O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
          O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
          O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
          O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
          O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
          O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
          O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by116w.bay116.mail.live.com/mail/resources/MsnPUpld.cab
          O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1161717139562
          O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
          O16 - DPF: {A18962F6-E6ED-40B1-97C9-1FB36F38BFA8} (Aurigma Image Uploader 3.5 Control) - http://www.famipix.com/ImageUploader3.cab
          O17 - HKLM\System\CCS\Services\Tcpip\..\{F48E481E-9266-480A-8909-2F4CEC0890E3}: NameServer = 195.121.1.34 195.121.1.66
          O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
          O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
          O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
          O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
          O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
          O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
          O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
          O23 - Service: dlcf_device - - C:\WINDOWS\system32\dlcfcoms.exe
          O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
          O23 - Service: LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE
          O23 - Service: LiveUpdate Notice - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
          O23 - Service: Planner voor Automatische LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
          O23 - Service: Symantec Core LC - Unknown owner - C:\PROGRA~1\COMMON~1\SYMANT~1\CCPD-LC\symlcsvc.exe

          --
          End of file - 10511 bytes
            • Citaat

            Comment

            • #4
              Ik zie geen sporen meer van de infectie in je logje

              Post voor de zekerheid even een nieuw deljob logje, aangezien je aangeeft dat de stap met GVkiller niet helemaal is goed gegaan.
              Groet,
              Pimmerd
                • Citaat

                Comment

                • #5
                  Hier 't deljob logje.

                  11-08-2007 13:42 <DIR> .
                  11-08-2007 13:42 <DIR> ..
                  04-08-2007 14:15 <DIR> Ableton
                  15-01-2007 18:12 <DIR> Adobe
                  16-01-2007 13:54 <DIR> AdobeUM
                  24-10-2006 21:21 <DIR> BITTOR~1 BitTorrent
                  04-06-2007 12:51 <DIR> Corel
                  22-11-2006 14:20 <DIR> Google
                  11-11-2006 15:53 <DIR> Help
                  24-10-2006 17:34 <DIR> IDENTI~1 Identities
                  04-06-2007 13:23 <DIR> JASCSO~1 Jasc Software Inc
                  30-10-2007 15:18 <DIR> Lavasoft
                  31-05-2007 10:43 <DIR> MACROM~1 Macromedia
                  16-01-2007 20:27 <DIR> MCMPEG~1 MCMPEGEnc
                  06-10-2007 20:57 <DIR> MICROS~1 Microsoft
                  24-10-2006 19:31 <DIR> MICROS~2 Microsoft Web Folders
                  30-01-2007 17:27 <DIR> Mozilla
                  01-11-2006 15:02 <DIR> PROPEL~1 Propellerhead Software
                  12-12-2006 18:36 <DIR> Real
                  04-06-2007 12:55 <DIR> SECOND~1 SecondLife
                  11-08-2007 13:42 <DIR> SecuROM
                  20-03-2007 14:40 <DIR> Skype
                  01-11-2006 15:43 <DIR> STEINB~1 Steinberg
                  24-10-2006 18:44 <DIR> Sun
                  02-11-2007 21:09 <DIR> Symantec
                  17-03-2007 14:45 <DIR> Teleca
                  31-10-2006 16:25 <DIR> vlc
                  19-09-2007 17:17 <DIR> Winamp
                  0 bestand(en) 0 bytes
                  28 map(pen) 50.352.214.016 bytes beschikbaar
                  Het volume in station C heeft geen naam.
                  Het volumenummer is 0446-B421

                  Map van C:\Documents and Settings\All Users\Application Data

                  13-01-2008 15:30 <DIR> .
                  13-01-2008 15:30 <DIR> ..
                  15-11-2006 12:02 <DIR> Ableton
                  15-01-2007 18:16 <DIR> Adobe
                  04-06-2007 12:47 <DIR> Corel
                  04-06-2007 12:58 <DIR> Google
                  04-06-2007 13:24 <DIR> INSTAL~1 InstallShield
                  05-10-2007 16:31 <DIR> iolo
                  04-01-2008 19:39 <DIR> Lavasoft
                  05-10-2007 16:32 <DIR> MAILFR~1 MailFrontier
                  30-10-2007 15:18 <DIR> MICROS~1 Microsoft
                  30-10-2006 11:30 <DIR> PROPEL~1 Propellerhead Software
                  25-10-2006 13:38 <DIR> QUICKT~1 QuickTime
                  16-01-2007 21:31 <DIR> Skype
                  17-03-2007 14:14 <DIR> SONYER~1 Sony Ericsson
                  05-01-2008 17:01 <DIR> SPYBOT~1 Spybot - Search & Destroy
                  13-01-2008 16:14 <DIR> Symantec
                  17-03-2007 14:14 <DIR> Teleca
                  24-10-2006 20:54 <DIR> WINDOW~1 Windows Genuine Advantage
                  0 bestand(en) 0 bytes
                  19 map(pen) 50.352.214.016 bytes beschikbaar
                  Het volume in station C heeft geen naam.
                  Het volumenummer is 0446-B421

                  Map van C:\WINDOWS
                    • Citaat

                    Comment

                    • #6
                      Ziet er weer goed uit!

                      Download ATF Cleaner (by Atribune)

                      Dubbelklik op ATF cleaner om het programma te starten.
                      Op het tabblad "Main", plaats je een vinkje bij Select All.
                      Klik op de knop Empty Selected.

                      Het volgende doen als je ook FireFox als browser hebt:
                      Klik op tabblad "Firefox", plaats een vinkje bij Select All.
                      Wil je de door Firefox opgeslagen wachtwoorden behouden, dan klik je in het venster dat verschijnt op "No".
                      (dit haalt het vinkje weer weg bij "Firefox saved passwords")
                      Klik op de knop Empty Selected.

                      Het volgende doen als je ook Opera als browser hebt:
                      Klik op tabblad "Opera", plaats een vinkje bij Select All.
                      Wil je de door Opera opgeslagen wachtwoorden behouden, dan klik je in het venster dat verschijnt op "No".
                      Klik op de knop Empty Selected.
                      Ga naar het tabblad "Main" en klik op de knop Exit om het programma af te sluiten.

                      Lees om herhaling te voorkomen deze beveiligingstips nog eens door:
                      Jawwi.nl - Jawwi Startpagina
                      http://www.jawwi.nl/nederlands/tips/beveiligen/beveiligen.html
                      Jawwi.nl is een startpagina. Wij bieden een overzicht van alle handige links, en dat op 1 startpagina.
                      Groet,
                      Pimmerd
                        • Citaat

                        Comment

                        • #7
                          Tnx Pim!

                          Heb nergens meer last van! Dankjewel!
                            • Citaat

                            Comment

                            • #8
                              Graag gedaan

                              Ik zet de status van deze tread op opgelost
                              Groet,
                              Pimmerd
                                • Citaat

                                Comment

                                Vorige template Volgende
                                Sorry, you are not authorized to view this page
                                Working...
                                X
                                😀
                                🥰
                                🤢
                                😎
                                😡
                                👍
                                👎