Mededeling

Collapse
No announcement yet.

Spyware verwijderen

Collapse
X
Collapse
  •  
  • Page of 1
  • Filter
  • Tijd
  • Show
Clear All
new posts
Vorige template Volgende
  • #1

    Spyware verwijderen

    Beste Helper,

    Met AdAwar gescand SE, draai op XPhome

    Outlook express sluit spontaan na de eerste keer openen en men kan blijkbaar niet online binnenkomen op mijn server voor het spelen van een game.
    Diverse oplossingen vergeefs uitgeprobeerd. Vermoed dat spyware oorzaak is, zo en zo wil ik een check op spyware in het algemeen.

    Gaarne advies voor het verwijderen van spyware.

    bvd
    groet,

    Robin Hood


    Logfile of HijackThis v1.98.2
    Scan saved at 16:46:33, on 24-12-2004
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\csrss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\spoolsv.exe
    C:\ATI Technologies\ATI Control Panel\atiptaxx.exe
    C:\apps\ABoard\ABoard.exe
    C:\Program Files\Virtual CD v4 SDK\system\vcsplay.exe
    C:\Program Files\QuickTime\qttask.exe
    C:\apps\ABoard\AOSD.exe
    C:\NORMAN\Nvc\BIN\ZLH.EXE
    C:\Program Files\D-Tools\daemon.exe
    C:\Program Files\iolo\Common\Task Agent\task_agent.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Shareaza\Shareaza.exe
    C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
    C:\Norman\Nvc\BIN\Zanda.exe
    C:\WINDOWS\system32\slserv.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\wdfmgr.exe
    C:\NORMAN\Nvc\BIN\NYMSE.EXE
    C:\Program Files\Virtual CD v4 SDK\system\vcssecs.exe
    C:\NORMAN\Nvc\BIN\NIP.EXE
    C:\NORMAN\Nvc\BIN\nvcoas.exe
    C:\NORMAN\Nvc\BIN\nipsvc.exe
    C:\NORMAN\Nvc\BIN\NVCSCHED.EXE
    C:\NORMAN\Nvc\BIN\NJEEVES.EXE
    C:\WINDOWS\System32\alg.exe
    C:\WINDOWS\System32\svchost.exe
    C:\NORMAN\Nvc\BIN\cclaw.exe
    C:\Documents and Settings\Ed\Bureaublad\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.startkabel.nl/
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak = http://www.startkabel.nl/
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
    O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
    O4 - HKLM\..\Run: [ATIPTA] C:\ATI Technologies\ATI Control Panel\atiptaxx.exe
    O4 - HKLM\..\Run: [ACTIVBOARD] c:\apps\ABoard\ABoard.exe
    O4 - HKLM\..\Run: [VCSPlayer] "C:\Program Files\Virtual CD v4 SDK\system\vcsplay.exe"
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [Norman ZANDA] C:\NORMAN\Nvc\BIN\ZLH.EXE /LOAD /SPLASH
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033
    O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
    O4 - HKCU\..\Run: [iolo Task Agent] C:\Program Files\iolo\Common\Task Agent\task_agent.exe
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [Shareaza] "C:\Program Files\Shareaza\Shareaza.exe" -tray
    O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
    O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
    O8 - Extra context menu item: Gelijkwaardige pagina's - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
    O8 - Extra context menu item: Koppelingspagina's - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
    O8 - Extra context menu item: Opgeslagen momentopname van de pagina - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
    O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
    O16 - DPF: {1D185838-009D-47C8-824B-B65B4854430E} (chelloInstall.Install) - http://quickfix2.chello.nl/quickfix2/asp/chelloInstall.CAB
    O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
    O16 - DPF: {6CB5E471-C305-11D3-99A8-000086395495} - http://toolbar.google.com/data/nl/big/1.1.62-big/GoogleNav.cab
    O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Besturing) - http://a840.g.akamai.net/7/840/537/2004061001/housecall.trendmicro.com/housecall/xscan53.cab
    O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
    O16 - DPF: {8EDAD21C-3584-4E66-A8AB-EB0E5584767D} - http://toolbar.google.com/data/GoogleActivate.cab
    O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab31267.cab
    O16 - DPF: {C58EFA10-2CC0-4C50-8C77-B326555EC1B7} (LaunchApp.clsDefault) - http://quickfix2.chello.nl/quickfix2/asp/LaunchApp.CAB
    O16 - DPF: {E87F6C8E-16C0-11D3-BEF7-009027438003} (Persits Software XUpload) - http://asp02.photoprintit.de/microsite/8/defaults/activex/XUpload.ocx
    O16 - DPF: {FE8287E9-5F43-11D3-ABCA-00105A5C1F46} (HouseCall Control) - http://www.housecall.nl/housecall/xscan4.cab
    Last edited by Robin hood; 24-12-04, 16:16.
    Labels: Geen
    • Citaat
  • #2
    Hoi Robin Hood,

    Installeer de nieuwste versie van HijackThis, versie 1.99.0: http://www.nucia.eu/...this/index.html
    Maak daarmee een nieuw log en plaats dat hier.
    • Citaat

    Comment

    • #3
      Beste Buffy,

      Dit is geloof ik de manier om te reageren op jouw vraag. Anders hoor ik het wel.
      groetjes,
      Robin


      Logfile of HijackThis v1.99.0
      Scan saved at 18:45:50, on 24-12-2004
      Platform: Windows XP SP2 (WinNT 5.01.2600)
      MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

      Running processes:
      C:\WINDOWS\System32\smss.exe
      C:\WINDOWS\system32\csrss.exe
      C:\WINDOWS\system32\winlogon.exe
      C:\WINDOWS\system32\services.exe
      C:\WINDOWS\system32\lsass.exe
      C:\WINDOWS\system32\svchost.exe
      C:\WINDOWS\system32\svchost.exe
      C:\WINDOWS\System32\svchost.exe
      C:\WINDOWS\System32\svchost.exe
      C:\WINDOWS\System32\svchost.exe
      C:\WINDOWS\Explorer.EXE
      C:\WINDOWS\system32\spoolsv.exe
      C:\ATI Technologies\ATI Control Panel\atiptaxx.exe
      C:\apps\ABoard\ABoard.exe
      C:\Program Files\Virtual CD v4 SDK\system\vcsplay.exe
      C:\Program Files\QuickTime\qttask.exe
      C:\apps\ABoard\AOSD.exe
      C:\NORMAN\Nvc\BIN\ZLH.EXE
      C:\Program Files\D-Tools\daemon.exe
      C:\Program Files\iolo\Common\Task Agent\task_agent.exe
      C:\WINDOWS\system32\ctfmon.exe
      C:\Program Files\Shareaza\Shareaza.exe
      C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
      C:\Norman\Nvc\BIN\Zanda.exe
      C:\WINDOWS\system32\slserv.exe
      C:\WINDOWS\System32\svchost.exe
      C:\WINDOWS\system32\wdfmgr.exe
      C:\NORMAN\Nvc\BIN\NYMSE.EXE
      C:\Program Files\Virtual CD v4 SDK\system\vcssecs.exe
      C:\NORMAN\Nvc\BIN\NIP.EXE
      C:\NORMAN\Nvc\BIN\nvcoas.exe
      C:\NORMAN\Nvc\BIN\nipsvc.exe
      C:\NORMAN\Nvc\BIN\NVCSCHED.EXE
      C:\NORMAN\Nvc\BIN\NJEEVES.EXE
      C:\WINDOWS\System32\alg.exe
      C:\WINDOWS\System32\svchost.exe
      C:\NORMAN\Nvc\BIN\cclaw.exe
      C:\Program Files\Outlook Express\msimn.exe
      C:\Program Files\Internet Explorer\iexplore.exe
      C:\Program Files\Internet Explorer\IEXPLORE.EXE
      C:\Documents and Settings\Ed\Local Settings\Temporary Internet Files\Content.IE5\M8LBLHZG\hijackthis[1].exe

      R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.startkabel.nl/
      R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
      R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak = http://www.startkabel.nl/
      O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
      O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
      O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
      O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
      O4 - HKLM\..\Run: [ATIPTA] C:\ATI Technologies\ATI Control Panel\atiptaxx.exe
      O4 - HKLM\..\Run: [ACTIVBOARD] c:\apps\ABoard\ABoard.exe
      O4 - HKLM\..\Run: [VCSPlayer] "C:\Program Files\Virtual CD v4 SDK\system\vcsplay.exe"
      O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
      O4 - HKLM\..\Run: [Norman ZANDA] C:\NORMAN\Nvc\BIN\ZLH.EXE /LOAD /SPLASH
      O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
      O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
      O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033
      O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
      O4 - HKCU\..\Run: [iolo Task Agent] C:\Program Files\iolo\Common\Task Agent\task_agent.exe
      O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
      O4 - HKCU\..\Run: [Shareaza] "C:\Program Files\Shareaza\Shareaza.exe" -tray
      O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
      O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
      O8 - Extra context menu item: Gelijkwaardige pagina's - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
      O8 - Extra context menu item: Koppelingspagina's - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
      O8 - Extra context menu item: Opgeslagen momentopname van de pagina - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
      O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
      O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
      O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
      O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
      O16 - DPF: {1D185838-009D-47C8-824B-B65B4854430E} (chelloInstall.Install) - http://quickfix2.chello.nl/quickfix2/asp/chelloInstall.CAB
      O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
      O16 - DPF: {6CB5E471-C305-11D3-99A8-000086395495} - http://toolbar.google.com/data/nl/big/1.1.62-big/GoogleNav.cab
      O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Besturing) - http://a840.g.akamai.net/7/840/537/2004061001/housecall.trendmicro.com/housecall/xscan53.cab
      O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
      O16 - DPF: {8EDAD21C-3584-4E66-A8AB-EB0E5584767D} - http://toolbar.google.com/data/GoogleActivate.cab
      O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab31267.cab
      O16 - DPF: {C58EFA10-2CC0-4C50-8C77-B326555EC1B7} (LaunchApp.clsDefault) - http://quickfix2.chello.nl/quickfix2/asp/LaunchApp.CAB
      O16 - DPF: {E87F6C8E-16C0-11D3-BEF7-009027438003} (Persits Software XUpload) - http://asp02.photoprintit.de/microsite/8/defaults/activex/XUpload.ocx
      O16 - DPF: {FE8287E9-5F43-11D3-ABCA-00105A5C1F46} (HouseCall Control) - http://www.housecall.nl/housecall/xscan4.cab
      O23 - Service: ATI Smart - Unknown - C:\WINDOWS\system32\ati2sgag.exe
      O23 - Service: Norman API-hooking helper - Unknown - C:\NORMAN\Nvc\BIN\nipsvc.exe
      O23 - Service: Norman NJeeves - Unknown - C:\NORMAN\Nvc\BIN\NJEEVES.EXE
      O23 - Service: Norman ZANDA - Unknown - C:\Norman\Nvc\BIN\Zanda.exe
      O23 - Service: Norman Virus Control on-access component - Norman ASA - C:\NORMAN\Nvc\BIN\nvcoas.exe
      O23 - Service: Norman Virus Control Scheduler - Norman Data Defense Systems - C:\NORMAN\Nvc\BIN\NVCSCHED.EXE
      O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe
      O23 - Service: SmartLinkService - Unknown - slserv.exe (file missing)
      O23 - Service: Virtual CD v4 Security service (SDK - Version) - H+H Software GmbH - C:\Program Files\Virtual CD v4 SDK\system\vcssecs.exe
      O23 - Service: WinTools for IE service - Unknown - C:\Program Files\Common Files\WinTools\WToolsS.exe (file missing)
      • Citaat

      Comment

      • #4
        Hallo Robin Hood,

        Je hebt HijackThis nu vanuit de map tijdelijke internetbestanden gedraaid. Dat is niet zo handig, want die map wordt nogal eens geleegd en dan ben je niet alleen HijackThis zelf kwijt maar de back-ups die het zal aanmaken ook.
        Ik raad je daarom aan HijackThis 1.99.0 even te unzippen naar een eigen map, bijvoorbeeld C:\Program Files\HJT. Draai het nu dus vanuit die map.


        1. Scan met HijackThis en vink het volgende item aan:

        O23 - Service: WinTools for IE service - Unknown - C:\Program Files\Common Files\WinTools\WToolsS.exe (file missing)

        Sluit alle vensters behalve HijackThis zelf en klik op "Fix checked".

        2. Start de pc opnieuw op.

        3. Maak een nieuw log en plaats dat hier.
        • Citaat

        Comment

        • #5
          Oke Buffy,

          Hierbij een nieuwe log zoals gevraagd.
          Groetjes,
          Robin
          Logfile of HijackThis v1.99.0
          Scan saved at 19:24:27, on 24-12-2004
          Platform: Windows XP SP2 (WinNT 5.01.2600)
          MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

          Running processes:
          C:\WINDOWS\System32\smss.exe
          C:\WINDOWS\system32\csrss.exe
          C:\WINDOWS\system32\winlogon.exe
          C:\WINDOWS\system32\services.exe
          C:\WINDOWS\system32\lsass.exe
          C:\WINDOWS\system32\svchost.exe
          C:\WINDOWS\system32\svchost.exe
          C:\WINDOWS\System32\svchost.exe
          C:\WINDOWS\System32\svchost.exe
          C:\WINDOWS\System32\svchost.exe
          C:\WINDOWS\Explorer.EXE
          C:\WINDOWS\system32\spoolsv.exe
          C:\ATI Technologies\ATI Control Panel\atiptaxx.exe
          C:\apps\ABoard\ABoard.exe
          C:\Program Files\Virtual CD v4 SDK\system\vcsplay.exe
          C:\apps\ABoard\AOSD.exe
          C:\Program Files\QuickTime\qttask.exe
          C:\NORMAN\Nvc\BIN\ZLH.EXE
          C:\Program Files\D-Tools\daemon.exe
          C:\Program Files\iolo\Common\Task Agent\task_agent.exe
          C:\WINDOWS\system32\ctfmon.exe
          C:\Program Files\Shareaza\Shareaza.exe
          C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
          C:\Norman\Nvc\BIN\Zanda.exe
          C:\WINDOWS\system32\slserv.exe
          C:\WINDOWS\System32\svchost.exe
          C:\WINDOWS\system32\wdfmgr.exe
          C:\Program Files\Virtual CD v4 SDK\system\vcssecs.exe
          C:\NORMAN\Nvc\BIN\NYMSE.EXE
          C:\NORMAN\Nvc\BIN\NIP.EXE
          C:\NORMAN\Nvc\BIN\nvcoas.exe
          C:\NORMAN\Nvc\BIN\NVCSCHED.EXE
          C:\NORMAN\Nvc\BIN\nipsvc.exe
          C:\NORMAN\Nvc\BIN\NJEEVES.EXE
          C:\WINDOWS\System32\alg.exe
          C:\WINDOWS\System32\svchost.exe
          C:\NORMAN\Nvc\BIN\cclaw.exe
          C:\WINDOWS\system32\wuauclt.exe
          C:\Program Files\Outlook Express\msimn.exe
          C:\Program Files\Internet Explorer\iexplore.exe
          C:\wincmd\WINCMD32.EXE
          c:\Program Files\HijackThis\hijackthis.exe

          R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.startkabel.nl/
          R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
          R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak = http://www.startkabel.nl/
          O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
          O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
          O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
          O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
          O4 - HKLM\..\Run: [ATIPTA] C:\ATI Technologies\ATI Control Panel\atiptaxx.exe
          O4 - HKLM\..\Run: [ACTIVBOARD] c:\apps\ABoard\ABoard.exe
          O4 - HKLM\..\Run: [VCSPlayer] "C:\Program Files\Virtual CD v4 SDK\system\vcsplay.exe"
          O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
          O4 - HKLM\..\Run: [Norman ZANDA] C:\NORMAN\Nvc\BIN\ZLH.EXE /LOAD /SPLASH
          O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
          O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
          O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033
          O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
          O4 - HKCU\..\Run: [iolo Task Agent] C:\Program Files\iolo\Common\Task Agent\task_agent.exe
          O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
          O4 - HKCU\..\Run: [Shareaza] "C:\Program Files\Shareaza\Shareaza.exe" -tray
          O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
          O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
          O8 - Extra context menu item: Gelijkwaardige pagina's - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
          O8 - Extra context menu item: Koppelingspagina's - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
          O8 - Extra context menu item: Opgeslagen momentopname van de pagina - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
          O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
          O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
          O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
          O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
          O16 - DPF: {1D185838-009D-47C8-824B-B65B4854430E} (chelloInstall.Install) - http://quickfix2.chello.nl/quickfix2/asp/chelloInstall.CAB
          O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
          O16 - DPF: {6CB5E471-C305-11D3-99A8-000086395495} - http://toolbar.google.com/data/nl/big/1.1.62-big/GoogleNav.cab
          O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Besturing) - http://a840.g.akamai.net/7/840/537/2004061001/housecall.trendmicro.com/housecall/xscan53.cab
          O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
          O16 - DPF: {8EDAD21C-3584-4E66-A8AB-EB0E5584767D} - http://toolbar.google.com/data/GoogleActivate.cab
          O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab31267.cab
          O16 - DPF: {C58EFA10-2CC0-4C50-8C77-B326555EC1B7} (LaunchApp.clsDefault) - http://quickfix2.chello.nl/quickfix2/asp/LaunchApp.CAB
          O16 - DPF: {E87F6C8E-16C0-11D3-BEF7-009027438003} (Persits Software XUpload) - http://asp02.photoprintit.de/microsite/8/defaults/activex/XUpload.ocx
          O16 - DPF: {FE8287E9-5F43-11D3-ABCA-00105A5C1F46} (HouseCall Control) - http://www.housecall.nl/housecall/xscan4.cab
          O23 - Service: ATI Smart - Unknown - C:\WINDOWS\system32\ati2sgag.exe
          O23 - Service: Norman API-hooking helper - Unknown - C:\NORMAN\Nvc\BIN\nipsvc.exe
          O23 - Service: Norman NJeeves - Unknown - C:\NORMAN\Nvc\BIN\NJEEVES.EXE
          O23 - Service: Norman ZANDA - Unknown - C:\Norman\Nvc\BIN\Zanda.exe
          O23 - Service: Norman Virus Control on-access component - Norman ASA - C:\NORMAN\Nvc\BIN\nvcoas.exe
          O23 - Service: Norman Virus Control Scheduler - Norman Data Defense Systems - C:\NORMAN\Nvc\BIN\NVCSCHED.EXE
          O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe
          O23 - Service: SmartLinkService - Unknown - slserv.exe (file missing)
          O23 - Service: Virtual CD v4 Security service (SDK - Version) - H+H Software GmbH - C:\Program Files\Virtual CD v4 SDK\system\vcssecs.exe
          • Citaat

          Comment

          • #6
            Dit log is helemaal schoon.
            • Citaat

            Comment

            • #7
              Dankjewel, fijn kerstweekend gewenst!!!

              groet,

              Robin
              • Citaat

              Comment

              • #8
                Graag gedaan en prettige feestdagen!
                • Citaat

                Comment

                Vorige template Volgende
                Sorry, you are not authorized to view this page
                Working...
                X