Mededeling

Collapse
No announcement yet.

Spywareguard hyperactief, help!!!!!

Collapse
X
  •  
  • Filter
  • Tijd
  • Show
Clear All
new posts

  • Spywareguard hyperactief, help!!!!!

    Na het installeren van msnplus is spywareguard doorgedraaid: om de paar seconden een melding dat er een of andere ''debiel'' mijn internetinstellingen wil wijzigen of heeft gewijzigd....

    Hier een Hijackthis logfile:

    Logfile of HijackThis v1.99.0
    Scan saved at 15:47:48, on 23-12-2004
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\McAfee\McAfee VirusScan\Avsynmgr.exe
    C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
    C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\McAfee\McAfee VirusScan\VsStat.exe
    C:\Program Files\McAfee\McAfee VirusScan\Vshwin32.exe
    C:\Program Files\McAfee\McAfee Firewall\CPD.EXE
    C:\Program Files\Common Files\Network Associates\McShield\Mcshield.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\McAfee\McAfee Firewall\CPD.EXE
    C:\Program Files\McAfee\McAfee VirusScan\Avconsol.exe
    C:\Program Files\Apoint2K\Apoint.exe
    C:\WINDOWS\System32\sistray.EXE
    C:\WINDOWS\System32\khooker.exe
    C:\WINDOWS\AGRSMMSG.exe
    C:\Program Files\McAfee\McAfee Shared Components\Guardian\CMGrdian.exe
    C:\Program Files\Common Files\Real\Update_OB\realsched.exe
    C:\Program Files\Java\j2re1.4.2_06\bin\jusched.exe
    C:\Program Files\Apoint2K\Apntex.exe
    C:\Program Files\Apoint2K\HidFind.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\McAfee\McAfee Shared Components\Instant Updater\RuLaunch.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    c:\progra~1\intern~1\iexplore.exe
    C:\Program Files\Linksys\Wireless-G Notebook Adapter\WPC54CFG.exe
    C:\Program Files\SpywareGuard\sgmain.exe
    C:\Program Files\SpywareGuard\sgbhp.exe
    C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
    C:\Program Files\Lavasoft\Ad-Aware SE Personal\Ad-Aware.exe
    C:\Documents and Settings\Ozzie\Mijn documenten\hijackthis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://web.lnzqeizdyhyildqsf.com/dUsIW0X/DLyfjosRSxN1SqFP3MzD9/93fy36qROHjJIXc2Dcgwsf/v9VTDiCeXfZ.htm
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\apps\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
    O2 - BHO: SpywareGuard Download Protection - {4A368E80-174F-4872-96B5-0B27DDD11DB2} - C:\Program Files\SpywareGuard\dlprotect.dll
    O3 - Toolbar: McAfee VirusScan - {ACB1E670-3217-45C4-A021-6B829A8A27CB} - C:\Program Files\McAfee\McAfee VirusScan\VSCShellExtension.dll
    O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
    O4 - HKLM\..\Run: [SiSUSBRG] C:\WINDOWS\SiSUSBrg.exe
    O4 - HKLM\..\Run: [SiS Tray] C:\WINDOWS\System32\sistray.EXE
    O4 - HKLM\..\Run: [SiS KHooker] C:\WINDOWS\System32\khooker.exe
    O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
    O4 - HKLM\..\Run: [UpdateManager] "c:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r
    O4 - HKLM\..\Run: [McAfee Guardian] "C:\Program Files\McAfee\McAfee Shared Components\Guardian\CMGrdian.exe" /SU
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_06\bin\jusched.exe
    O4 - HKLM\..\Run: [Gramthislicenseobj] C:\Documents and Settings\All Users\Application Data\less stupid gram this\Bits bore.exe
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [McAfee.InstantUpdate.Monitor] "C:\Program Files\McAfee\McAfee Shared Components\Instant Updater\RuLaunch.exe" /STARTMONITOR
    O4 - HKCU\..\Run: [Antepeak] C:\DOCUME~1\Ozzie\APPLIC~1\ACTIVE~1\way loud.exe
    O4 - Startup: MRU-Blaster Scheduler.lnk = C:\Program Files\MRU-Blaster\scheduler.exe
    O4 - Startup: MRU-Blaster Silent Clean.lnk = C:\Program Files\MRU-Blaster\mrublaster.exe
    O4 - Startup: SpywareGuard.lnk = C:\Program Files\SpywareGuard\sgmain.exe
    O4 - Global Startup: Wireless-G Notebook Adapter Utility.lnk = C:\Program Files\Linksys\Wireless-G Notebook Adapter\WPC54CFG.exe
    O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
    O14 - IERESET.INF: START_PAGE_URL=file://C:\APPS\IE\offline\nl.htm
    O16 - DPF: {80DD2229-B8E4-4C77-B72F-F22972D723EA} (AvxScanOnline Control) - http://www.bitdefender.com/scan/Msie/bitdefender.cab
    O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.nl/download/msnmessengersetupdownloader.cab
    O23 - Service: AVSync Manager - Network Associates, Inc. - C:\Program Files\McAfee\McAfee VirusScan\Avsynmgr.exe
    O23 - Service: McAfee Firewall - Network Associates, Inc. - C:\Program Files\McAfee\McAfee Firewall\CPD.EXE
    O23 - Service: McShield - Unknown - C:\Program Files\Common Files\Network Associates\McShield\Mcshield.exe
    O23 - Service: NICSer_WPC54G - Unknown - C:\Program Files\Linksys\Wireless-G Notebook Adapter\NICServ.exe
    O23 - Service: SoundMAX Agent Service - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe

    HELP!!Q

  • #2
    Oorspronkelijk geplaatst door gigabit
    * Start hijackthis en vink volgende items aan:

    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)

    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)


    * Sluit alle open vensters behalve hijackthis en klik: Fix Checked.

    Reboot!! Post daarna een nieuw hijackthislogje
    Nog steeds geen verandering....die meldingen van spywareguard blijven komen, kheb een nieuwe log gemaakt:

    Logfile of HijackThis v1.99.0
    Scan saved at 16:57:56, on 23-12-2004
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\McAfee\McAfee VirusScan\Avsynmgr.exe
    C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
    C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\McAfee\McAfee VirusScan\VsStat.exe
    C:\Program Files\McAfee\McAfee VirusScan\Vshwin32.exe
    C:\Program Files\McAfee\McAfee Firewall\CPD.EXE
    C:\Program Files\Common Files\Network Associates\McShield\Mcshield.exe
    C:\Program Files\McAfee\McAfee VirusScan\Avconsol.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\McAfee\McAfee Firewall\CPD.EXE
    C:\Program Files\Apoint2K\Apoint.exe
    C:\WINDOWS\System32\sistray.EXE
    C:\WINDOWS\System32\khooker.exe
    C:\WINDOWS\AGRSMMSG.exe
    C:\Program Files\Apoint2K\Apntex.exe
    C:\Program Files\Apoint2K\HidFind.exe
    C:\Program Files\McAfee\McAfee Shared Components\Guardian\CMGrdian.exe
    C:\Program Files\Common Files\Real\Update_OB\realsched.exe
    C:\Program Files\Java\j2re1.4.2_06\bin\jusched.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\McAfee\McAfee Shared Components\Instant Updater\RuLaunch.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    c:\progra~1\intern~1\iexplore.exe
    C:\Program Files\Linksys\Wireless-G Notebook Adapter\WPC54CFG.exe
    C:\Program Files\MRU-Blaster\scheduler.exe
    C:\Program Files\SpywareGuard\sgmain.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\Program Files\SpywareGuard\sgbhp.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Documents and Settings\Ozzie\Mijn documenten\hijackthis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://pivuthnuzzhcaikaslrjjcij.com/dUsIW0X/DLyfjosRSxN1SqFP3MzD9/93fy36qROHjJLE4/0L/oflRf9VTDiCeXfZ.html
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\apps\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
    O2 - BHO: SpywareGuard Download Protection - {4A368E80-174F-4872-96B5-0B27DDD11DB2} - C:\Program Files\SpywareGuard\dlprotect.dll
    O3 - Toolbar: McAfee VirusScan - {ACB1E670-3217-45C4-A021-6B829A8A27CB} - C:\Program Files\McAfee\McAfee VirusScan\VSCShellExtension.dll
    O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
    O4 - HKLM\..\Run: [SiSUSBRG] C:\WINDOWS\SiSUSBrg.exe
    O4 - HKLM\..\Run: [SiS Tray] C:\WINDOWS\System32\sistray.EXE
    O4 - HKLM\..\Run: [SiS KHooker] C:\WINDOWS\System32\khooker.exe
    O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
    O4 - HKLM\..\Run: [UpdateManager] "c:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r
    O4 - HKLM\..\Run: [McAfee Guardian] "C:\Program Files\McAfee\McAfee Shared Components\Guardian\CMGrdian.exe" /SU
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_06\bin\jusched.exe
    O4 - HKLM\..\Run: [Gramthislicenseobj] C:\Documents and Settings\All Users\Application Data\less stupid gram this\Bits bore.exe
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [McAfee.InstantUpdate.Monitor] "C:\Program Files\McAfee\McAfee Shared Components\Instant Updater\RuLaunch.exe" /STARTMONITOR
    O4 - HKCU\..\Run: [Antepeak] C:\DOCUME~1\Ozzie\APPLIC~1\ACTIVE~1\way loud.exe
    O4 - Startup: MRU-Blaster Scheduler.lnk = C:\Program Files\MRU-Blaster\scheduler.exe
    O4 - Startup: MRU-Blaster Silent Clean.lnk = C:\Program Files\MRU-Blaster\mrublaster.exe
    O4 - Startup: SpywareGuard.lnk = C:\Program Files\SpywareGuard\sgmain.exe
    O4 - Global Startup: Wireless-G Notebook Adapter Utility.lnk = C:\Program Files\Linksys\Wireless-G Notebook Adapter\WPC54CFG.exe
    O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
    O14 - IERESET.INF: START_PAGE_URL=file://C:\APPS\IE\offline\nl.htm
    O16 - DPF: {80DD2229-B8E4-4C77-B72F-F22972D723EA} (AvxScanOnline Control) - http://www.bitdefender.com/scan/Msie/bitdefender.cab
    O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.nl/download/msnmessengersetupdownloader.cab
    O23 - Service: AVSync Manager - Network Associates, Inc. - C:\Program Files\McAfee\McAfee VirusScan\Avsynmgr.exe
    O23 - Service: McAfee Firewall - Network Associates, Inc. - C:\Program Files\McAfee\McAfee Firewall\CPD.EXE
    O23 - Service: McShield - Unknown - C:\Program Files\Common Files\Network Associates\McShield\Mcshield.exe
    O23 - Service: NICSer_WPC54G - Unknown - C:\Program Files\Linksys\Wireless-G Notebook Adapter\NICServ.exe
    O23 - Service: SoundMAX Agent Service - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe

    Zou je alsjeblieft nog even willen kijken waar het anders aan kan liggen

    Comment


    • #3
      ik heb die dingen aangevinkt en gewist, maar probleem is niet opgelost.Spywareguard blijft meldingen geven:
      _______________________________________________________________
      ''(!)An attempt to change Internet Explorer settings has been detected''
      WARNING! Your IE search bar has been changed!

      Your Internet Explorer current user search bar has been changed from
      <none>
      to
      http:www.tpsccsuvnmrwx.uk/..........................................

      What would you like to do?

      restore old value keep new value
      _______________________________________________________________
      (bij de puntjes een hele vage letter/cijfercombinatie, heel lang)

      Deze melding krijg ik dus steeds. Als ik op ''restore old value'' druk, krijg ik melding ''old IE search bar restored''-->druk op Ok en:

      Een seconde later krijg ik weer een dezelfde melding, maar dit keer een ander internetadres.

      Het blijft zo doorgaan


      Wat is er aan de hand?
      weer een hijacthislog dan maar:

      Logfile of HijackThis v1.99.0
      Scan saved at 18:10:30, on 23-12-2004
      Platform: Windows XP SP2 (WinNT 5.01.2600)
      MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

      Running processes:
      C:\WINDOWS\System32\smss.exe
      C:\WINDOWS\system32\winlogon.exe
      C:\WINDOWS\system32\services.exe
      C:\WINDOWS\system32\lsass.exe
      C:\WINDOWS\system32\svchost.exe
      C:\WINDOWS\System32\svchost.exe
      C:\WINDOWS\system32\spoolsv.exe
      C:\Program Files\McAfee\McAfee VirusScan\Avsynmgr.exe
      C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
      C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
      C:\WINDOWS\System32\svchost.exe
      C:\Program Files\McAfee\McAfee VirusScan\VsStat.exe
      C:\Program Files\McAfee\McAfee VirusScan\Vshwin32.exe
      C:\Program Files\McAfee\McAfee Firewall\CPD.EXE
      C:\Program Files\Common Files\Network Associates\McShield\Mcshield.exe
      C:\Program Files\McAfee\McAfee VirusScan\Avconsol.exe
      C:\WINDOWS\Explorer.EXE
      C:\Program Files\McAfee\McAfee Firewall\CPD.EXE
      C:\Program Files\Apoint2K\Apoint.exe
      C:\WINDOWS\System32\sistray.EXE
      C:\WINDOWS\System32\khooker.exe
      C:\WINDOWS\AGRSMMSG.exe
      C:\Program Files\McAfee\McAfee Shared Components\Guardian\CMGrdian.exe
      C:\Program Files\Common Files\Real\Update_OB\realsched.exe
      C:\Program Files\Apoint2K\Apntex.exe
      C:\Program Files\Java\j2re1.4.2_06\bin\jusched.exe
      C:\Program Files\Apoint2K\HidFind.exe
      C:\WINDOWS\system32\ctfmon.exe
      C:\Program Files\McAfee\McAfee Shared Components\Instant Updater\RuLaunch.exe
      C:\Program Files\Internet Explorer\iexplore.exe
      c:\progra~1\intern~1\iexplore.exe
      C:\Program Files\Linksys\Wireless-G Notebook Adapter\WPC54CFG.exe
      C:\Program Files\MRU-Blaster\scheduler.exe
      C:\Program Files\SpywareGuard\sgmain.exe
      C:\Program Files\SpywareGuard\sgbhp.exe
      C:\Program Files\Screenshot Utility\ScreenshotUtility.exe
      C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
      C:\WINDOWS\system32\NOTEPAD.EXE
      C:\Documents and Settings\Ozzie\Mijn documenten\hijackthis.exe

      R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.vhdktyykwfbt.net/dUsIW0X/DLyfjosRSxN1SqFP3MzD9/93fy36qROHjJLmVEd4ybt2kP9VTDiCeXfZ.htm
      O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\apps\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
      O2 - BHO: SpywareGuard Download Protection - {4A368E80-174F-4872-96B5-0B27DDD11DB2} - C:\Program Files\SpywareGuard\dlprotect.dll
      O3 - Toolbar: McAfee VirusScan - {ACB1E670-3217-45C4-A021-6B829A8A27CB} - C:\Program Files\McAfee\McAfee VirusScan\VSCShellExtension.dll
      O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
      O4 - HKLM\..\Run: [SiSUSBRG] C:\WINDOWS\SiSUSBrg.exe
      O4 - HKLM\..\Run: [SiS Tray] C:\WINDOWS\System32\sistray.EXE
      O4 - HKLM\..\Run: [SiS KHooker] C:\WINDOWS\System32\khooker.exe
      O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
      O4 - HKLM\..\Run: [UpdateManager] "c:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r
      O4 - HKLM\..\Run: [McAfee Guardian] "C:\Program Files\McAfee\McAfee Shared Components\Guardian\CMGrdian.exe" /SU
      O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
      O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_06\bin\jusched.exe
      O4 - HKLM\..\Run: [Gramthislicenseobj] C:\Documents and Settings\All Users\Application Data\less stupid gram this\Bits bore.exe
      O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
      O4 - HKCU\..\Run: [McAfee.InstantUpdate.Monitor] "C:\Program Files\McAfee\McAfee Shared Components\Instant Updater\RuLaunch.exe" /STARTMONITOR
      O4 - HKCU\..\Run: [Antepeak] C:\DOCUME~1\Ozzie\APPLIC~1\ACTIVE~1\way loud.exe
      O4 - Startup: MRU-Blaster Scheduler.lnk = C:\Program Files\MRU-Blaster\scheduler.exe
      O4 - Startup: SpywareGuard.lnk = C:\Program Files\SpywareGuard\sgmain.exe
      O4 - Global Startup: Wireless-G Notebook Adapter Utility.lnk = C:\Program Files\Linksys\Wireless-G Notebook Adapter\WPC54CFG.exe
      O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
      O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
      O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
      O16 - DPF: {80DD2229-B8E4-4C77-B72F-F22972D723EA} (AvxScanOnline Control) - http://www.bitdefender.com/scan/Msie/bitdefender.cab
      O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.nl/download/msnmessengersetupdownloader.cab
      O23 - Service: AVSync Manager - Network Associates, Inc. - C:\Program Files\McAfee\McAfee VirusScan\Avsynmgr.exe
      O23 - Service: McAfee Firewall - Network Associates, Inc. - C:\Program Files\McAfee\McAfee Firewall\CPD.EXE
      O23 - Service: McShield - Unknown - C:\Program Files\Common Files\Network Associates\McShield\Mcshield.exe
      O23 - Service: NICSer_WPC54G - Unknown - C:\Program Files\Linksys\Wireless-G Notebook Adapter\NICServ.exe
      O23 - Service: SoundMAX Agent Service - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe


      Comment


      • #4
        Gigabit hou AUB op met antwoorden op Hijackthis log's

        Zie:


        Meld je anders aan bij "Helper in opleiding":
        Grtz Lex.

        Kijk ook even naar ==> de huisregels <==, dit kan zeer verhelderend werken.
        Moederbord / Processor; Gigabyte GA-X58 Extreme / Core i7 920 2,66GHz @3,67GHz.
        Koeler; Thermal right 120 Ultra Extreme met Sharkoon 120x120x25mm fan.
        Geheugen / Harddisks; Dominator GT 6GB 1600MHz in Triple-channel / OCZ Agility 2 60GB (SSD), OCZ Agility 2 120GB (SSD).
        Videokaarten / Monitoren; 2x Club3d GTX460 Overclocked Edition in SLI / 2x Samsung 2253BW (22 inch).
        Branders; Plextor 820SA.
        Speakers; Logitech z5500.
        Toetsenbord / Muis; Logitech G15 / G5.

        Comment


        • #5
          Hoi AntiSpaaiwehr,

          Gigabit is niet bevoegd om hier te helpen, dus ik neem het even over.


          1. Scan met HijackThis en vink de volgende items aan:
          R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.vhdktyykwfbt.net/dUsIW0X/...9VTDiCeXfZ.htm

          O4 - HKLM\..\Run: [Gramthislicenseobj] C:\Documents and Settings\All Users\Application Data\less stupid gram this\Bits bore.exe
          O4 - HKCU\..\Run: [Antepeak] C:\DOCUME~1\Ozzie\APPLIC~1\ACTIVE~1\way loud.exe
          Sluit alle vensters behalve HijackThis zelf en klik op "Fix checked".

          2. Herstart de pc in veilige modus.
          Mocht je niet weten hoe dat moet, kijk dan hier even: http://www.virushelp.nl/veilige_modus.htm

          Zorg ervoor dat verborgen bestanden en mappen worden weergegeven.
          Hier kun je lezen hoe dat moet: http://users.telenet.be/marcvn/spyware/1117602.htm

          Verwijder nu, in veilige modus dus, de volgende mappen:

          C:\Documents and Settings\All Users\Application Data\less stupid gram this <- die map
          C:\Documents and Settings\Ozzie\Application Data\ACTIVE~1 <- dat is die map waar "way loud.exe" in zit

          3. Herstart de pc in 'normale modus'.

          4. Maak een nieuw log en plaats dat hier.

          Comment


          • #6
            lekker is dat!!

            Wil er iemand checken of ik door hem verkeerde dingen heb verwijderd??

            en mijn probleem oplossen...aub

            Comment


            • #7
              wooowww, ik ga t proberen, be right back....

              Comment


              • #8
                RESPECT!!! probleem opgelost

                Log :

                Logfile of HijackThis v1.99.0
                Scan saved at 19:04:01, on 23-12-2004
                Platform: Windows XP SP2 (WinNT 5.01.2600)
                MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

                Running processes:
                C:\WINDOWS\System32\smss.exe
                C:\WINDOWS\system32\winlogon.exe
                C:\WINDOWS\system32\services.exe
                C:\WINDOWS\system32\lsass.exe
                C:\WINDOWS\system32\svchost.exe
                C:\WINDOWS\System32\svchost.exe
                C:\WINDOWS\system32\spoolsv.exe
                C:\Program Files\McAfee\McAfee VirusScan\Avsynmgr.exe
                C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
                C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
                C:\WINDOWS\System32\svchost.exe
                C:\Program Files\McAfee\McAfee VirusScan\VsStat.exe
                C:\Program Files\McAfee\McAfee VirusScan\Vshwin32.exe
                C:\Program Files\McAfee\McAfee Firewall\CPD.EXE
                C:\Program Files\Common Files\Network Associates\McShield\Mcshield.exe
                C:\Program Files\McAfee\McAfee VirusScan\Avconsol.exe
                C:\WINDOWS\Explorer.EXE
                C:\Program Files\McAfee\McAfee Firewall\CPD.EXE
                C:\Program Files\Apoint2K\Apoint.exe
                C:\WINDOWS\System32\sistray.EXE
                C:\WINDOWS\System32\khooker.exe
                C:\WINDOWS\AGRSMMSG.exe
                C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe
                C:\Program Files\McAfee\McAfee Shared Components\Guardian\CMGrdian.exe
                C:\Program Files\Common Files\Real\Update_OB\realsched.exe
                C:\Program Files\Apoint2K\HidFind.exe
                C:\Program Files\Java\j2re1.4.2_06\bin\jusched.exe
                C:\Program Files\Apoint2K\Apntex.exe
                C:\WINDOWS\system32\ctfmon.exe
                C:\Program Files\McAfee\McAfee Shared Components\Instant Updater\RuLaunch.exe
                C:\Program Files\Linksys\Wireless-G Notebook Adapter\WPC54CFG.exe
                C:\Program Files\MRU-Blaster\scheduler.exe
                C:\Program Files\SpywareGuard\sgmain.exe
                C:\WINDOWS\system32\wuauclt.exe
                C:\Program Files\SpywareGuard\sgbhp.exe
                C:\Documents and Settings\Ozzie\Mijn documenten\hijackthis.exe

                O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\apps\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
                O2 - BHO: SpywareGuard Download Protection - {4A368E80-174F-4872-96B5-0B27DDD11DB2} - C:\Program Files\SpywareGuard\dlprotect.dll
                O3 - Toolbar: McAfee VirusScan - {ACB1E670-3217-45C4-A021-6B829A8A27CB} - C:\Program Files\McAfee\McAfee VirusScan\VSCShellExtension.dll
                O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
                O4 - HKLM\..\Run: [SiSUSBRG] C:\WINDOWS\SiSUSBrg.exe
                O4 - HKLM\..\Run: [SiS Tray] C:\WINDOWS\System32\sistray.EXE
                O4 - HKLM\..\Run: [SiS KHooker] C:\WINDOWS\System32\khooker.exe
                O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
                O4 - HKLM\..\Run: [UpdateManager] "c:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r
                O4 - HKLM\..\Run: [McAfee Guardian] "C:\Program Files\McAfee\McAfee Shared Components\Guardian\CMGrdian.exe" /SU
                O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
                O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_06\bin\jusched.exe
                O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
                O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
                O4 - HKCU\..\Run: [McAfee.InstantUpdate.Monitor] "C:\Program Files\McAfee\McAfee Shared Components\Instant Updater\RuLaunch.exe" /STARTMONITOR
                O4 - HKCU\..\Run: [Antepeak] C:\DOCUME~1\Ozzie\APPLIC~1\ACTIVE~1\way loud.exe
                O4 - Startup: MRU-Blaster Scheduler.lnk = C:\Program Files\MRU-Blaster\scheduler.exe
                O4 - Startup: SpywareGuard.lnk = C:\Program Files\SpywareGuard\sgmain.exe
                O4 - Global Startup: Wireless-G Notebook Adapter Utility.lnk = C:\Program Files\Linksys\Wireless-G Notebook Adapter\WPC54CFG.exe
                O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
                O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
                O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
                O16 - DPF: {80DD2229-B8E4-4C77-B72F-F22972D723EA} (AvxScanOnline Control) - http://www.bitdefender.com/scan/Msie/bitdefender.cab
                O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.nl/download/msnmessengersetupdownloader.cab
                O23 - Service: AVSync Manager - Network Associates, Inc. - C:\Program Files\McAfee\McAfee VirusScan\Avsynmgr.exe
                O23 - Service: McAfee Firewall - Network Associates, Inc. - C:\Program Files\McAfee\McAfee Firewall\CPD.EXE
                O23 - Service: McShield - Unknown - C:\Program Files\Common Files\Network Associates\McShield\Mcshield.exe
                O23 - Service: NICSer_WPC54G - Unknown - C:\Program Files\Linksys\Wireless-G Notebook Adapter\NICServ.exe
                O23 - Service: SoundMAX Agent Service - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe

                Thnx...

                Comment


                • #9
                  Niet te vroeg juichen, we zijn er nog niet helemaal.


                  1. Scan met HijackThis en vink het volgende item aan:

                  O4 - HKCU\..\Run: [Antepeak] C:\DOCUME~1\Ozzie\APPLIC~1\ACTIVE~1\way loud.exe

                  Sluit alle vensters behalve HijackThis zelf en klik op "Fix checked".

                  2. Herstart de pc in veilige modus en verwijder de volgende map (indien nog aanwezig):

                  C:\Documents and Settings\Ozzie\Application Data\ACTIVE~1 <- die map (de naam van de map begint dus met "Active...", het bestand "way loud.exe" zit erin)

                  3. Herstart de pc in 'normale modus'.

                  4. Maak een nieuw log en plaats dat hier.

                  Comment


                  • #10
                    Oorspronkelijk geplaatst door Buffy
                    Niet te vroeg juichen, we zijn er nog niet helemaal.


                    1. Scan met HijackThis en vink het volgende item aan:

                    O4 - HKCU\..\Run: [Antepeak] C:\DOCUME~1\Ozzie\APPLIC~1\ACTIVE~1\way loud.exe

                    Sluit alle vensters behalve HijackThis zelf en klik op "Fix checked".

                    2. Herstart de pc in veilige modus en verwijder de volgende map (indien nog aanwezig):

                    C:\Documents and Settings\Ozzie\Application Data\ACTIVE~1 <- die map (de naam van de map begint dus met "Active...", het bestand "way loud.exe" zit erin)

                    3. Herstart de pc in 'normale modus'.

                    4. Maak een nieuw log en plaats dat hier.
                    Ik heb gedaan wat je hebt beschreven, map was alleen niet te vinden. Ik neem aan dat ie weg is

                    Nogmaals een log:

                    Logfile of HijackThis v1.99.0
                    Scan saved at 19:39:00, on 23-12-2004
                    Platform: Windows XP SP2 (WinNT 5.01.2600)
                    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

                    Running processes:
                    C:\WINDOWS\System32\smss.exe
                    C:\WINDOWS\system32\winlogon.exe
                    C:\WINDOWS\system32\services.exe
                    C:\WINDOWS\system32\lsass.exe
                    C:\WINDOWS\system32\svchost.exe
                    C:\WINDOWS\System32\svchost.exe
                    C:\WINDOWS\system32\spoolsv.exe
                    C:\Program Files\McAfee\McAfee VirusScan\Avsynmgr.exe
                    C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
                    C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
                    C:\WINDOWS\System32\svchost.exe
                    C:\Program Files\McAfee\McAfee VirusScan\VsStat.exe
                    C:\Program Files\McAfee\McAfee VirusScan\Vshwin32.exe
                    C:\Program Files\McAfee\McAfee Firewall\CPD.EXE
                    C:\Program Files\Common Files\Network Associates\McShield\Mcshield.exe
                    C:\WINDOWS\Explorer.EXE
                    C:\Program Files\McAfee\McAfee VirusScan\Avconsol.exe
                    C:\Program Files\McAfee\McAfee Firewall\CPD.EXE
                    C:\Program Files\Apoint2K\Apoint.exe
                    C:\WINDOWS\System32\sistray.EXE
                    C:\WINDOWS\System32\khooker.exe
                    C:\WINDOWS\AGRSMMSG.exe
                    C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe
                    C:\Program Files\Apoint2K\HidFind.exe
                    C:\Program Files\Apoint2K\Apntex.exe
                    C:\Program Files\McAfee\McAfee Shared Components\Guardian\CMGrdian.exe
                    C:\Program Files\Common Files\Real\Update_OB\realsched.exe
                    C:\Program Files\Java\j2re1.4.2_06\bin\jusched.exe
                    C:\WINDOWS\system32\ctfmon.exe
                    C:\Program Files\McAfee\McAfee Shared Components\Instant Updater\RuLaunch.exe
                    C:\Program Files\Linksys\Wireless-G Notebook Adapter\WPC54CFG.exe
                    C:\Program Files\MRU-Blaster\scheduler.exe
                    C:\Program Files\SpywareGuard\sgmain.exe
                    C:\WINDOWS\system32\wuauclt.exe
                    C:\Program Files\SpywareGuard\sgbhp.exe
                    C:\Documents and Settings\Ozzie\Mijn documenten\hijackthis.exe

                    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\apps\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
                    O2 - BHO: SpywareGuard Download Protection - {4A368E80-174F-4872-96B5-0B27DDD11DB2} - C:\Program Files\SpywareGuard\dlprotect.dll
                    O3 - Toolbar: McAfee VirusScan - {ACB1E670-3217-45C4-A021-6B829A8A27CB} - C:\Program Files\McAfee\McAfee VirusScan\VSCShellExtension.dll
                    O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
                    O4 - HKLM\..\Run: [SiSUSBRG] C:\WINDOWS\SiSUSBrg.exe
                    O4 - HKLM\..\Run: [SiS Tray] C:\WINDOWS\System32\sistray.EXE
                    O4 - HKLM\..\Run: [SiS KHooker] C:\WINDOWS\System32\khooker.exe
                    O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
                    O4 - HKLM\..\Run: [UpdateManager] "c:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r
                    O4 - HKLM\..\Run: [McAfee Guardian] "C:\Program Files\McAfee\McAfee Shared Components\Guardian\CMGrdian.exe" /SU
                    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
                    O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_06\bin\jusched.exe
                    O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
                    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
                    O4 - HKCU\..\Run: [McAfee.InstantUpdate.Monitor] "C:\Program Files\McAfee\McAfee Shared Components\Instant Updater\RuLaunch.exe" /STARTMONITOR
                    O4 - Startup: MRU-Blaster Scheduler.lnk = C:\Program Files\MRU-Blaster\scheduler.exe
                    O4 - Startup: SpywareGuard.lnk = C:\Program Files\SpywareGuard\sgmain.exe
                    O4 - Global Startup: Wireless-G Notebook Adapter Utility.lnk = C:\Program Files\Linksys\Wireless-G Notebook Adapter\WPC54CFG.exe
                    O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
                    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
                    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
                    O16 - DPF: {80DD2229-B8E4-4C77-B72F-F22972D723EA} (AvxScanOnline Control) - http://www.bitdefender.com/scan/Msie/bitdefender.cab
                    O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.nl/download/msnmessengersetupdownloader.cab
                    O23 - Service: AVSync Manager - Network Associates, Inc. - C:\Program Files\McAfee\McAfee VirusScan\Avsynmgr.exe
                    O23 - Service: McAfee Firewall - Network Associates, Inc. - C:\Program Files\McAfee\McAfee Firewall\CPD.EXE
                    O23 - Service: McShield - Unknown - C:\Program Files\Common Files\Network Associates\McShield\Mcshield.exe
                    O23 - Service: NICSer_WPC54G - Unknown - C:\Program Files\Linksys\Wireless-G Notebook Adapter\NICServ.exe
                    O23 - Service: SoundMAX Agent Service - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe

                    Kan ik nu wel juichen?

                    Comment


                    • #11
                      Je mag nu juichen.

                      Comment


                      • #12
                        Oorspronkelijk geplaatst door Buffy
                        Je mag nu juichen.
                        En van je heeeeeelaaa helaaaaaaa helaaaaaaaaa hoooooooooooooohooolaaaaaaaaaaaaaaaaaaa HE!!

                        Comment

                        Sorry, you are not authorized to view this page
                        Working...
                        X