Mededeling

**sp910** · 02-05-08, 14:11

Heb een scan gedaan met Avast! die heeft niks gevonden :

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:11:09, on 2-5-2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal

Running processes:
c:\windows\system32\smss.exe
c:\windows\system32\winlogon.exe
c:\windows\system32\services.exe
c:\windows\system32\lsass.exe
c:\windows\system32\svchost.exe
c:\program files\windows defender\msmpeng.exe
c:\windows\system32\svchost.exe
c:\windows\system32\svchost.exe
c:\program files\lavasoft\ad-aware 2007\aawservice.exe
c:\program files\alwil software\avast4\aswupdsv.exe
c:\program files\alwil software\avast4\ashserv.exe
c:\windows\system32\spoolsv.exe
c:\windows\explorer.exe
c:\program files\common files\microsoft shared\vs7debug\mdm.exe
c:\program files\nero\nero8\nero backitup\nbservice.exe
c:\windows\system32\nvsvc32.exe
c:\windows\system32\pnkbstra.exe
c:\program files\siteadvisor\6253\saservice.exe
c:\windows\system32\slserv.exe
c:\program files\alcohol soft\alcohol 120\starwind\starwindserviceae.exe
c:\windows\system32\rundll32.exe
c:\windows\system32\svchost.exe
c:\progra~1\alwils~1\avast4\ashdisp.exe
c:\windows\mixer.exe
c:\program files\lexmark 5200 series\lxbtbmgr.exe
c:\program files\lexmark 5200 series\lxbtbmon.exe
c:\program files\upc\bin\sprtcmd.exe
c:\windows\system32\taskmgr.exe
c:\program files\windows defender\msascui.exe
c:\program files\java\jre1.6.0_05\bin\jusched.exe
c:\program files\siteadvisor\6253\siteadv.exe
c:\windows\system32\ctfmon.exe
c:\program files\common files\nero\lib\nmbgmonitor.exe
c:\program files\windows live\messenger\msnmsgr.exe
c:\program files\alwil software\avast4\ashmaisv.exe
c:\program files\alwil software\avast4\ashwebsv.exe
c:\program files\common files\nero\lib\nmindexingservice.exe
c:\program files\common files\nero\lib\nmindexstoresvr.exe
c:\program files\windows live\contacts\wlcomm.exe
c:\program files\windows live\messenger\usnsvc.exe
c:\program files\internet explorer\iexplore.exe
c:\program files\common files\microsoft shared\windows live\wlloginproxy.exe
c:\program files\trend micro\hijackthis\hijackthis.exe
c:\windows\system32\notepad.exe

r0 - hkcu\software\microsoft\internet explorer\main,start page = http://www.startpagina.nl/
r1 - hklm\software\microsoft\internet explorer\main,default_page_url = http://go.microsoft.com/fwlink/?linkid=69157
r1 - hklm\software\microsoft\internet explorer\main,default_search_url = http://go.microsoft.com/fwlink/?linkid=54896
r1 - hklm\software\microsoft\internet explorer\main,search page = http://go.microsoft.com/fwlink/?linkid=54896
r0 - hklm\software\microsoft\internet explorer\main,start page = http://go.microsoft.com/fwlink/?linkid=69157
r0 - hklm\software\microsoft\internet explorer\search,searchassistant =
r0 - hklm\software\microsoft\internet explorer\search,customizesearch =
r0 - hkcu\software\microsoft\internet explorer\toolbar,linksfoldername = koppelingen
o1 - hosts: 127.255.255.255 serial.alcohol-soft.com
o2 - bho: adobe pdf reader link helper - {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\acroiehelper.dll
o2 - bho: (no name) - {089fd14d-132b-48fc-8861-0048ae113215} - c:\program files\siteadvisor\6253\siteadv.dll
o2 - bho: ssvhelper class - {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre1.6.0_05\bin\ssv.dll
o2 - bho: windows live sign-in helper - {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\windowslivelogin.dll
o2 - bho: google toolbar helper - {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\googletoolbar1.dll
o3 - toolbar: &google - {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\googletoolbar1.dll
o3 - toolbar: mcafee siteadvisor - {0bf43445-2f28-4351-9252-17fe6e806aa0} - c:\program files\siteadvisor\6253\siteadv.dll
o4 - hklm\..\run: [nvcpldaemon] rundll32.exe c:\windows\system32\nvcpl.dll,nvstartup
o4 - hklm\..\run: [nwiz] nwiz.exe /install
o4 - hklm\..\run: [sw20] c:\windows\system32\sw20.exe
o4 - hklm\..\run: [sw24] c:\windows\system32\sw24.exe
o4 - hklm\..\run: [nvmediacenter] rundll32.exe c:\windows\system32\nvmctray.dll,nvtaskbarinit
o4 - hklm\..\run: [nerofiltercheck] c:\program files\common files\nero\lib\nerocheck.exe
o4 - hklm\..\run: [nbkeyscan] c:\program files\nero\nero8\nero backitup\nbkeyscan.exe
o4 - hklm\..\run: [avast!] c:\progra~1\alwils~1\avast4\ashdisp.exe
o4 - hklm\..\run: [c-media mixer] mixer.exe /startup
o4 - hklm\..\run: [lexmark 5200 series] c:\program files\lexmark 5200 series\lxbtbmgr.exe
o4 - hklm\..\run: [lxbtcats] rundll32 c:\windows\system32\spool\drivers\w32x86\3\lxbttime.dll,[email protected]
o4 - hklm\..\run: [faxcenterserver] c:\program files\lexmark fax solutions\fm3032.exe /s
o4 - hklm\..\run: [upc] c:\program files\upc\bin\sprtcmd.exe /p upc
o4 - hklm\..\run: [windows defender] c:\program files\windows defender\msascui.exe -hide
o4 - hklm\..\run: [quicktime task] c:\program files\quicktime\qttask.exe -atboottime
o4 - hklm\..\run: [adobe reader speed launcher] c:\program files\adobe\reader 8.0\reader\reader_sl.exe
o4 - hklm\..\run: [sunjavaupdatesched] c:\program files\java\jre1.6.0_05\bin\jusched.exe
o4 - hklm\..\run: [siteadvisor] c:\program files\siteadvisor\6253\siteadv.exe
o4 - hkcu\..\run: [ctfmon.exe] c:\windows\system32\ctfmon.exe
o4 - hkcu\..\run: [bgmonitor_{79662e04-7c6c-4d9f-84c7-88d8a56b10aa}] c:\program files\common files\nero\lib\nmbgmonitor.exe
o4 - hkcu\..\run: [msnmsgr] c:\program files\windows live\messenger\msnmsgr.exe /background
o4 - hkcu\..\run: [alcoholautomount] c:\program files\alcohol soft\alcohol 120\axcmd.exe /automount
o4 - hkcu\..\run: [swg] c:\program files\google\googletoolbarnotifier\1.2.1128.5462\googletoolbarnotifier.exe
o4 - hkus\s-1-5-19\..\run: [ctfmon.exe] c:\windows\system32\ctfmon.exe (user 'lokale service')
o4 - hkus\s-1-5-20\..\run: [ctfmon.exe] c:\windows\system32\ctfmon.exe (user 'netwerkservice')
o4 - hkus\s-1-5-18\..\run: [ctfmon.exe] c:\windows\system32\ctfmon.exe (user 'system')
o4 - hkus\.default\..\run: [ctfmon.exe] c:\windows\system32\ctfmon.exe (user 'default user')
o8 - extra context menu item: &download with &dap - c:\program files\dap premium\dapextie.htm
o8 - extra context menu item: download &all with dap - c:\program files\dap premium\dapextie2.htm
o8 - extra context menu item: sothink swf catcher - c:\program files\common files\sourcetec\swf catcher\internetexplorer.htm
o9 - extra button: (no name) - {08b0e5c0-4fcb-11cf-aaa5-00401c608501} - c:\program files\java\jre1.6.0_05\bin\ssv.dll
o9 - extra 'tools' menuitem: sun java console - {08b0e5c0-4fcb-11cf-aaa5-00401c608501} - c:\program files\java\jre1.6.0_05\bin\ssv.dll
o9 - extra button: onderzoek - {92780b25-18cc-41c8-b9be-3c9c571a8263} - c:\progra~1\micros~2\office11\refiebar.dll
o9 - extra button: sothink swf catcher - {e19adc6e-3909-43e4-9a89-b7b676377ee3} - c:\program files\common files\sourcetec\swf catcher\internetexplorer.htm
o9 - extra 'tools' menuitem: sothink swf catcher - {e19adc6e-3909-43e4-9a89-b7b676377ee3} - c:\program files\common files\sourcetec\swf catcher\internetexplorer.htm
o9 - extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - c:\windows\network diagnostic\xpnetdiag.exe
o9 - extra 'tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - c:\windows\network diagnostic\xpnetdiag.exe
o9 - extra button: messenger - {fb5f1910-f110-11d2-bb9e-00c04f795683} - c:\program files\messenger\msmsgs.exe
o9 - extra 'tools' menuitem: windows messenger - {fb5f1910-f110-11d2-bb9e-00c04f795683} - c:\program files\messenger\msmsgs.exe
o16 - dpf: {20a60f0d-9afa-4515-a0fd-83bd84642501} (checkers class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
o16 - dpf: {4f1e5b1a-2a80-42ca-8532-2d05cb959537} (msn photo upload tool) - http://gfx2.hotmail.com/mail/w2/resources/msnpupld.cab
o16 - dpf: {55027008-315f-4f45-bbc3-8be119764741} (slide image uploader control) - http://static.slide.com/uploader/slideimageuploader.cab
o16 - dpf: {6414512b-b978-451d-a0d8-fcfdf33e833c} (wuwebcontrol class) - http://www.update.microsoft.com/windowsupdate/v6/v5controls/en/x86/client/wuweb_site.cab?1190385998125
o16 - dpf: {67a5f8dc-1a4b-4d66-9f24-a704ad929eee} (system requirements lab) - http://www.systemrequirementslab.com/sysreqlab2.cab
o16 - dpf: {67dabfbf-d0ab-41fa-9c46-cc0f21721616} (divxbrowserplugin object) - http://download.divx.com/player/divxbrowserplugin.cab
o16 - dpf: {6e32070a-766d-4ee6-879c-dc1fa91d2fc3} (muwebcontrol class) - http://www.update.microsoft.com/microsoftupdate/v6/v5controls/en/x86/client/muweb_site.cab?1206043704843
o16 - dpf: {745395c8-d0e1-4227-8586-624ca9a10a8d} (axismediacontrol class) - http://cam1.coloprovider.nl/activex/amc.cab
o16 - dpf: {7e980b9b-8ae5-466a-b6d6-da8cf814e78a} (mjlauncherctrl class) - http://messenger.zone.msn.com/en-us/a-luxr/mjolauncher.cab
o16 - dpf: {7fc1b346-83e6-4774-8d20-1a6b09b0e737} (windows live photo upload control) - http://cid-eb0b41d76bdc2ca7.spaces.live.com/photoupload/msnpupld.cab
o16 - dpf: {c3f79a2b-b9b4-4a66-b012-3ee46475b072} (messengerstatsclient class) - http://messenger.zone.msn.com/binary/messengerstatspaclient.cab56907.cab
o16 - dpf: {d27cdb6e-ae6d-11cf-96b8-444553540000} (shockwave flash object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
o16 - dpf: {f5a7706b-b9c0-4c89-a715-7a0c6b05dd48} (minesweeper flags class) - http://messenger.zone.msn.com/binary/minesweeper.cab56986.cab
o23 - service: ad-aware 2007 service (aawservice) - lavasoft - c:\program files\lavasoft\ad-aware 2007\aawservice.exe
o23 - service: adobe lm service - adobe systems - c:\program files\common files\adobe systems shared\service\adobelmsvc.exe
o23 - service: avast! iavs4 control service (aswupdsv) - alwil software - c:\program files\alwil software\avast4\aswupdsv.exe
o23 - service: avast! antivirus - alwil software - c:\program files\alwil software\avast4\ashserv.exe
o23 - service: avast! mail scanner - alwil software - c:\program files\alwil software\avast4\ashmaisv.exe
o23 - service: avast! web scanner - alwil software - c:\program files\alwil software\avast4\ashwebsv.exe
o23 - service: google updater service (gusvc) - google - c:\program files\google\common\google updater\googleupdaterservice.exe
o23 - service: installdriver table manager (idrivert) - macrovision corporation - c:\program files\common files\installshield\driver\1150\intel 32\idrivert.exe
o23 - service: lxbt_device - lexmark international, inc. - c:\windows\system32\lxbtcoms.exe
o23 - service: mscsptisrv - sony corporation - c:\program files\common files\sony shared\avlib\mscsptisrv.exe
o23 - service: nero backitup scheduler 3 - nero ag - c:\program files\nero\nero8\nero backitup\nbservice.exe
o23 - service: nmindexingservice - nero ag - c:\program files\common files\nero\lib\nmindexingservice.exe
o23 - service: nvidia display driver service (nvsvc) - nvidia corporation - c:\windows\system32\nvsvc32.exe
o23 - service: pacsptisvr - unknown owner - c:\program files\common files\sony shared\avlib\pacsptisvr.exe
o23 - service: pnkbstra - unknown owner - c:\windows\system32\pnkbstra.exe
o23 - service: servicelayer - nokia. - c:\program files\pc connectivity solution\servicelayer.exe
o23 - service: siteadvisor-service (siteadvisor service) - unknown owner - c:\program files\siteadvisor\6253\saservice.exe
o23 - service: smartlinkservice (slservice) - smart link - c:\windows\system32\slserv.exe
o23 - service: sony spti service (sptisrv) - sony corporation - c:\program files\common files\sony shared\avlib\sptisrv.exe
o23 - service: starwind ae service (starwindserviceae) - rocket division software - c:\program files\alcohol soft\alcohol 120\starwind\starwindserviceae.exe
--
end of file - 11962 bytes

**smeenk** · 02-05-08, 15:21

Logje is slecht leesbaar door die kleurtjes, het lijkt wel leuk, maar je doet ons daar in ieder geval geen plezier mee

Maar ik zie verder geen sporen van infecties in je logje, zijn er op dit moment nog problemen?

Groeten smeenk

**sp910** · 02-05-08, 15:22

Sorry voor die kleurtjes

maar tot nu toe geen problemen, heb gister wel weer dat berichtje gehad :/

**smeenk** · 02-05-08, 15:24

Volgens je plaatje zit het in je systeemherstel.

Schakel Systeemherstel uit. Herstart de computer. Schakel Systeemherstel weer in.
Kijk hier hoe je je systeemherstel moet uitschakelen.
Hiermee verwijder je eventuele restanten van de infecties uit je systeemherstel.

Dan denk ik dat het wel weer OK is

**sp910** · 02-05-08, 15:30

Oke bedankt, zal ik doen

**smeenk** · 02-05-08, 15:31

Graag gedaan hoor

Mededeling

Waarschuwing

Waarschuwing

Comment

Comment

Comment

Comment

Comment

Comment