Vraag & Antwoord

Beveiliging & privacy

Hijack-log in verband met onwisbare exe.file in temp

5 antwoorden
  • Logfile of HijackThis v1.99.0 Scan saved at 13:30:29, on 1-1-2005 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Executive Software\Diskeeper\DkService.exe C:\Program Files\Eset\nod32krn.exe C:\WINDOWS\System32\nvsvc32.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\TOSHIBA\TME3\Tmesbs32.exe C:\Program Files\Everstrike Software\Universal Shield 3.2.0\US30Service.exe C:\Program Files\HHVcdV5Sys\VC5SecS.exe C:\WINDOWS\system32\ZoneLabs\vsmon.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\System32\ezSP_Px.exe C:\WINDOWS\system32\TPWRTRAY.EXE C:\Program Files\TOSHIBA\TME3\TMESBS32.EXE C:\Program Files\TOSHIBA\TOSHIBA Controls\TFncKy.exe C:\WINDOWS\system32\TDispVol.exe C:\Program Files\Synaptics\SynTP\SynTPLpr.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\Eset\nod32kui.exe C:\Program Files\iTunes\iTunesHelper.exe C:\WINDOWS\system32\00THotkey.exe C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe C:\WINDOWS\system32\TFNF5.exe C:\Program Files\TOSHIBA\TouchED\TouchED.Exe C:\Program Files\CA\eTrust PestPatrol\PPActiveDetection.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\SysDate\SysDate.exe C:\Program Files\Sitecom\Sitecom Wireless Network PC Card 54G WL-112\Installer\WINXP\WLANUTL.exe c:\progra~1\intern~1\iexplore.exe C:\Program Files\Spam CSI - Crime Scene Investigator\Spam CSI.exe C:\Program Files\Teletekstbrowser\Teletekst.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\Eset\nod32.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Documents and Settings\All Users\Application Data\CDROM TRUST BASH TWO\HOLD KIND.exe C:\WINDOWS\System32\svchost.exe C:\Documents and Settings\All Users\Application Data\CDROM TRUST BASH TWO\HOLD KIND.exe C:\Documents and Settings\All Users\Application Data\CDROM TRUST BASH TWO\HOLD KIND.exe C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe C:\Program Files\Spyware Stormer\SpywareStormer.exe C:\Program Files\Hijack This\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://minisearch.startnow.com/ R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://minisearch.startnow.com/ R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.krantenkoppen.be/?rub=koppen&cat=nedkr R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://minisearch.startnow.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://minisearch.startnow.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://minisearch.startnow.com/ R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://minisearch.startnow.com/ R1 - HKCU\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://minisearch.startnow.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://minisearch.startnow.com/ R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://minisearch.startnow.com/ R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://minisearch.startnow.com/ R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=localhost:1044 R3 - URLSearchHook: HyperSearchHook - {AA736426-ED36-49CF-83A6-4C87A9ECEBF4} - C:\Program Files\Common Files\Hyperbar\HyperbarSS3.dll F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\Userinit.exe O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O2 - BHO: (no name) - {A743A1C7-EC5E-B87B-5CD5-DB41372BBEE1} - C:\DOCUME~1\ALLUSE~1\APPLIC~1\USERCA~1\adminiso.exe O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\windows\googletoolbar2.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\windows\googletoolbar2.dll O4 - HKLM\..\Run: [ezShieldProtector for Px] C:\WINDOWS\System32\ezSP_Px.exe O4 - HKLM\..\Run: [Tpwrtray] TPWRTRAY.EXE O4 - HKLM\..\Run: [TMESBS.EXE] C:\Program Files\TOSHIBA\TME3\TMESBS32.EXE /Client O4 - HKLM\..\Run: [TFncKy] TFncKy.exe /Type 03 O4 - HKLM\..\Run: [TDispVol] TDispVol.exe O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE NvQTwk,NvCplDaemon initialize O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE O4 - HKLM\..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe O4 - HKLM\..\Run: [DiskeeperSystray] "C:\Program Files\Executive Software\Diskeeper\DkIcon.exe" O4 - HKLM\..\Run: [000StTHK] 000StTHK.exe O4 - HKLM\..\Run: [00THotkey] C:\WINDOWS\system32\00THotkey.exe O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe O4 - HKLM\..\Run: [TFNF5] TFNF5.exe O4 - HKLM\..\Run: [TouchED] C:\Program Files\TOSHIBA\TouchED\TouchED.Exe O4 - HKLM\..\Run: [eTrustPPAP] "C:\Program Files\CA\eTrust PestPatrol\PPActiveDetection.exe" O4 - HKLM\..\Run: [Bash Two Poke Rect] C:\Documents and Settings\All Users\Application Data\CDROM TRUST BASH TWO\Size heart.exe O4 - HKLM\..\Run: [Spyware Stormer] C:\Program Files\Spyware Stormer\SpywareStormer.Exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [STORE WMA] C:\DOCUME~1\ALLUSE~1\APPLIC~1\GLUEDE~1\Creative regs.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [Desktop Weather 3] C:\PROGRA~1\THEWEA~1\The Weather Channel.exe O4 - HKCU\..\Run: [SysDate] "C:\Program Files\SysDate\SysDate.exe" O4 - Startup: Sitecom WL-112.lnk = C:\Program Files\Sitecom\Sitecom Wireless Network PC Card 54G WL-112\Installer\WINXP\WLANUTL.exe O4 - Startup: Spam CSI.exe.lnk = C:\Program Files\Spam CSI - Crime Scene Investigator\Spam CSI.exe O4 - Startup: Teletekst.lnk = C:\Program Files\Teletekstbrowser\Teletekst.exe O4 - Global Startup: SysDate.exe O8 - Extra context menu item: &Google Search - res://c:\windows\GoogleToolbar2.dll/cmsearch.html O8 - Extra context menu item: Backward Links - res://c:\windows\GoogleToolbar2.dll/cmbacklinks.html O8 - Extra context menu item: Cached Snapshot of Page - res://c:\windows\GoogleToolbar2.dll/cmcache.html O8 - Extra context menu item: eReference - C:\eRef\ahd.htm O8 - Extra context menu item: Similar Pages - res://c:\windows\GoogleToolbar2.dll/cmsimilar.html O8 - Extra context menu item: Translate into English - res://c:\windows\GoogleToolbar2.dll/cmtrans.html O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {003FADA5-8FEE-11D6-AFB7-0004768F6183} (CryptoRSA Control) - https://www.p3.postbank.nl/sesam/CAX.cab O16 - DPF: {205FF73B-CA67-11D5-99DD-444553540000} (CInstall Class) - http://www.spywarestormer.com/files2/Install.cab O16 - DPF: {41F17733-B041-4099-A042-B518BB6A408C} - http://a1540.g.akamai.net/7/1540/52/20030530/qtinstall.info.apple.com/bonnie/us/win/QuickTimeInstaller.exe O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5consumer/V5Controls/en/x86/client/wuweb_site.cab?1092985887855 O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2004061001/housecall.trendmicro.com/housecall/xscan53.cab O16 - DPF: {814EA0DA-E0D9-4AA4-833C-A1A6D38E79E9} (DASWebDownload Class) - http://das.microsoft.com/activate/cab/x86/i486/NTANSI/retail/DASAct.cab O16 - DPF: {8EDAD21C-3584-4E66-A8AB-EB0E5584767D} - http://toolbar.google.com/data/GoogleActivate.cab O23 - Service: Adobe LM Service - Unknown - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: Diskeeper - Executive Software International, Inc. - C:\Program Files\Executive Software\Diskeeper\DkService.exe O23 - Service: IomegaAccess - Unknown - C:\Program Files\Iomega\Tools_NT\IOMEGAACCESS.EXE (file missing) O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: NOD32 Kernel Service - Unknown - C:\Program Files\Eset\nod32krn.exe O23 - Service: NVIDIA Driver Helper Service - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe O23 - Service: Tmesbs32 - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TME3\Tmesbs32.exe O23 - Service: US30Service - Unknown - C:\Program Files\Everstrike Software\Universal Shield 3.2.0\US30Service.exe O23 - Service: Virtual CD v5 Security service - H+H Software GmbH - C:\Program Files\HHVcdV5Sys\VC5SecS.exe O23 - Service: TrueVector Internet Monitor - Zone Labs Inc. - C:\WINDOWS\system32\ZoneLabs\vsmon.exe O23 - Service: ZipToA - Unknown - C:\WINDOWS\System32\ZipToA.exe
  • Zorg dat alle [url=http://users.pandora.be/marcvn/spyware/1117602.htm]verborgen bestanden weergegeven worden[/url]. Ga naar Configuratiescherm - Software - Programma's wijzigen of verwijderen. Deïnstalleer indien aanwezig de volgende programma's: Spyware Stormer Messengerplus Run nadien deze uninstaller: http://lop.com/new_uninstall.exe http://lop.com/toolbar_uninstall.exe Start de computer in [url=http://users.pandora.be/marcvn/spyware/1378056.htm]veilige modus[/url]. Sluit alle open vensters, run HijackThis nog een keer en laat volgende items repareren: [b:4dc2b5a7a4] R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://minisearch.startnow.com/ R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://minisearch.startnow.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://minisearch.startnow.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://minisearch.startnow.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://minisearch.startnow.com/ R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://minisearch.startnow.com/ R1 - HKCU\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://minisearch.startnow.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://minisearch.startnow.com/ R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://minisearch.startnow.com/ R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://minisearch.startnow.com/ R3 - URLSearchHook: HyperSearchHook - {AA736426-ED36-49CF-83A6-4C87A9ECEBF4} - C:\Program Files\Common Files\Hyperbar\HyperbarSS3.dll F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\Userinit.exe O2 - BHO: (no name) - {A743A1C7-EC5E-B87B-5CD5-DB41372BBEE1} - C:\DOCUME~1\ALLUSE~1\APPLIC~1\USERCA~1\adminiso.exe O4 - HKLM\..\Run: [Bash Two Poke Rect] C:\Documents and Settings\All Users\Application Data\CDROM TRUST BASH TWO\Size heart.exe O4 - HKLM\..\Run: [Spyware Stormer] C:\Program Files\Spyware Stormer\SpywareStormer.Exe O4 - HKCU\..\Run: [STORE WMA] C:\DOCUME~1\ALLUSE~1\APPLIC~1\GLUEDE~1\Creative regs.exe O16 - DPF: {205FF73B-CA67-11D5-99DD-444553540000} (CInstall Class) - http://www.spywarestormer.com/files2/Install.cab [/b:4dc2b5a7a4] Verwijder de volgende bestanden en/of mappen indien aanwezig: C:\Program Files\Spyware Stormer C:\Documents and Settings\All Users\Application Data\CDROM TRUST BASH TWO C:\Program Files\Common Files\Hyperbar Ga naar start - uitvoeren en tik in: %TEMP% Je Temp-map wordt geopend. Selecteer alle bestanden en verwijder ze. Reboot de computer, run HijackThis opnieuw en post een nieuwe log.
  • Hier is mijn nieuwe hijack. Hartelijk dank voor alle moeite. Momenteel zit het exe bestand niet meer in mijn Temp folder. AH Logfile of HijackThis v1.99.0 Scan saved at 20:46:48, on 1-1-2005 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Executive Software\Diskeeper\DkService.exe C:\Program Files\Eset\nod32krn.exe C:\WINDOWS\System32\nvsvc32.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\TOSHIBA\TME3\Tmesbs32.exe C:\Program Files\Everstrike Software\Universal Shield 3.2.0\US30Service.exe C:\Program Files\HHVcdV5Sys\VC5SecS.exe C:\WINDOWS\system32\ZoneLabs\vsmon.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\System32\ezSP_Px.exe C:\WINDOWS\system32\TPWRTRAY.EXE C:\Program Files\TOSHIBA\TME3\TMESBS32.EXE C:\Program Files\TOSHIBA\TOSHIBA Controls\TFncKy.exe C:\WINDOWS\system32\TDispVol.exe C:\Program Files\Synaptics\SynTP\SynTPLpr.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\Eset\nod32kui.exe C:\Program Files\iTunes\iTunesHelper.exe C:\WINDOWS\system32\00THotkey.exe C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe C:\WINDOWS\system32\TFNF5.exe C:\Program Files\TOSHIBA\TouchED\TouchED.Exe C:\Program Files\CA\eTrust PestPatrol\PPActiveDetection.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Messenger\msmsgs.exe C:\PROGRA~1\THEWEA~1\The Weather Channel.exe C:\Program Files\SysDate\SysDate.exe C:\Documents and Settings\All Users\Start Menu\Programs\Startup\SysDate.exe C:\Program Files\Sitecom\Sitecom Wireless Network PC Card 54G WL-112\Installer\WINXP\WLANUTL.exe C:\Program Files\Spam CSI - Crime Scene Investigator\Spam CSI.exe C:\Program Files\Teletekstbrowser\Teletekst.exe C:\Program Files\iPod\bin\iPodService.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Hijack This\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.krantenkoppen.be/?rub=koppen&cat=nedkr R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=localhost:1044 O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\windows\googletoolbar2.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\windows\googletoolbar2.dll O4 - HKLM\..\Run: [ezShieldProtector for Px] C:\WINDOWS\System32\ezSP_Px.exe O4 - HKLM\..\Run: [Tpwrtray] TPWRTRAY.EXE O4 - HKLM\..\Run: [TMESBS.EXE] C:\Program Files\TOSHIBA\TME3\TMESBS32.EXE /Client O4 - HKLM\..\Run: [TFncKy] TFncKy.exe /Type 03 O4 - HKLM\..\Run: [TDispVol] TDispVol.exe O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE NvQTwk,NvCplDaemon initialize O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE O4 - HKLM\..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe O4 - HKLM\..\Run: [DiskeeperSystray] "C:\Program Files\Executive Software\Diskeeper\DkIcon.exe" O4 - HKLM\..\Run: [000StTHK] 000StTHK.exe O4 - HKLM\..\Run: [00THotkey] C:\WINDOWS\system32\00THotkey.exe O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe O4 - HKLM\..\Run: [TFNF5] TFNF5.exe O4 - HKLM\..\Run: [TouchED] C:\Program Files\TOSHIBA\TouchED\TouchED.Exe O4 - HKLM\..\Run: [eTrustPPAP] "C:\Program Files\CA\eTrust PestPatrol\PPActiveDetection.exe" O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [Desktop Weather 3] C:\PROGRA~1\THEWEA~1\The Weather Channel.exe O4 - HKCU\..\Run: [SysDate] "C:\Program Files\SysDate\SysDate.exe" O4 - Startup: Sitecom WL-112.lnk = C:\Program Files\Sitecom\Sitecom Wireless Network PC Card 54G WL-112\Installer\WINXP\WLANUTL.exe O4 - Startup: Spam CSI.exe.lnk = C:\Program Files\Spam CSI - Crime Scene Investigator\Spam CSI.exe O4 - Startup: Teletekst.lnk = C:\Program Files\Teletekstbrowser\Teletekst.exe O4 - Global Startup: SysDate.exe O8 - Extra context menu item: &Google Search - res://c:\windows\GoogleToolbar2.dll/cmsearch.html O8 - Extra context menu item: Backward Links - res://c:\windows\GoogleToolbar2.dll/cmbacklinks.html O8 - Extra context menu item: Cached Snapshot of Page - res://c:\windows\GoogleToolbar2.dll/cmcache.html O8 - Extra context menu item: eReference - C:\eRef\ahd.htm O8 - Extra context menu item: Similar Pages - res://c:\windows\GoogleToolbar2.dll/cmsimilar.html O8 - Extra context menu item: Translate into English - res://c:\windows\GoogleToolbar2.dll/cmtrans.html O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {003FADA5-8FEE-11D6-AFB7-0004768F6183} (CryptoRSA Control) - https://www.p3.postbank.nl/sesam/CAX.cab O16 - DPF: {41F17733-B041-4099-A042-B518BB6A408C} - http://a1540.g.akamai.net/7/1540/52/20030530/qtinstall.info.apple.com/bonnie/us/win/QuickTimeInstaller.exe O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5consumer/V5Controls/en/x86/client/wuweb_site.cab?1092985887855 O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2004061001/housecall.trendmicro.com/housecall/xscan53.cab O16 - DPF: {814EA0DA-E0D9-4AA4-833C-A1A6D38E79E9} (DASWebDownload Class) - http://das.microsoft.com/activate/cab/x86/i486/NTANSI/retail/DASAct.cab O16 - DPF: {8EDAD21C-3584-4E66-A8AB-EB0E5584767D} - http://toolbar.google.com/data/GoogleActivate.cab O23 - Service: Adobe LM Service - Unknown - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: Diskeeper - Executive Software International, Inc. - C:\Program Files\Executive Software\Diskeeper\DkService.exe O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: NOD32 Kernel Service - Unknown - C:\Program Files\Eset\nod32krn.exe O23 - Service: NVIDIA Driver Helper Service - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe O23 - Service: Tmesbs32 - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TME3\Tmesbs32.exe O23 - Service: US30Service - Unknown - C:\Program Files\Everstrike Software\Universal Shield 3.2.0\US30Service.exe O23 - Service: Virtual CD v5 Security service - H+H Software GmbH - C:\Program Files\HHVcdV5Sys\VC5SecS.exe O23 - Service: TrueVector Internet Monitor - Zone Labs Inc. - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
  • Ik heb de nieuwe log gepost als antwoord op de eerdere. Dank!
  • Ziet er goed uit. Als alle problemen opgelost zijn doe het volgende: Maak de map met tijdelijke internetbestanden leeg: Configuratiescherm - Internetopties - tabblad Algemeen - klik bij Tijdelijke internetbestanden op Bestanden Verwijderen. Maak je Prullenbak leeg. Schakel Systeemherstel uit. Herstart de computer. Schakel Systeemherstel weer in. [url=http://users.pandora.be/marcvn/spyware/1852808.htm]Systeemherstel uitschakelen[/url]. Bezoek regelmatig de [url=http://www.windowsupdate.com]Windows Update Site[/url]. Alleen zo ben je zeker dat je de nieuwste patches voor je besturingssysteem geïnstalleerd hebt. Als er nieuwe updates beschikbaar zijn, dan dowload en installeer je alle essentiële updates en service packs. Reboot je computer en controleer opnieuw. Herhaal deze procedure tot dat er geen essentiële updates meer zijn. Installeer ook [url=http://www.javacoolsoftware.com/spywareblaster.html]SpywareBlaster[/url] en [url=http://www.javacoolsoftware.com/spywareguard.html]Spywareguard[/url]. Gebruik je de laatste versie van Spybot Search & Destroy, en je maakt gebruik van de realtime protectie TeaTimer, dan moet je Spywareguard niet installeren. Meer info over hoe je een nieuwe infectie kan voorkomen vind je [url=http://users.pandora.be/marcvn/spyware/1564073.htm]hier[/url].

Beantwoord deze vraag

Weet jij het antwoord op deze vraag? Registreer of meld je aan met je account

Dit is een gearchiveerde pagina. Antwoorden is niet meer mogelijk.