Op deze website gebruiken we cookies om content en advertenties te personaliseren, om functies voor social media te bieden en om ons websiteverkeer te analyseren. Ook delen we informatie over uw gebruik van onze site met onze partners voor social media, adverteren en analyse. Deze partners kunnen deze gegevens combineren met andere informatie die u aan ze heeft verstrekt of die ze hebben verzameld op basis van uw gebruik van hun services. Meer informatie.

Akkoord

Vraag & Antwoord

Beveiliging & privacy

HijackThis logfile

None
29 antwoorden
  • Hey allemaal,
    Kan er iemand mijn logfile bekijken ?
    indien mogelijk ook een beetje uitleg geven zodat ik kan bijleren en in de toekomst zelf mijn problemen kan oplossen.

    Vriendelijke groeten

    ———————————————————————————–

    Logfile of HijackThis v1.99.1
    Scan saved at 10:46:43 AM, on 3/7/2006
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
    C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
    C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
    C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
    C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
    C:\Program Files\Norton AntiVirus
    avapsvc.exe
    C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\WINDOWS\system32\S3tray2.exe
    C:\Program Files\Common Files\Real\Update_OB\realsched.exe
    C:\Program Files\Common Files\Symantec Shared\ccApp.exe
    C:\Documents and Settings\All Users\Start Menu\Programs\Startup\palstart.exe
    C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE
    C:\Program Files\Messenger\msmsgs.exe
    C:\Documents and Settings\Faisal Rafi\My Documents\My Downloads\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
    O2 - BHO: PaltalkWebLogin - {502C3BA4-2C3E-4317-BC29-C0445E82B1F9} - C:\Program Files\Common Files\Paltalk\PaltalkWebLogin.dll
    O2 - BHO: NAV Helper - {A8F38D8D-E480-4D52-B7A2-731BB6995FDD} - C:\Program Files\Norton AntiVirus\NavShExt.dll
    O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.4000.1001
    l\msntb.dll (file missing)
    O3 - Toolbar: SecurityToolbar - {736b5468-bdad-41be-92d0-22ae2ddf7bcb} - C:\Program Files\Security Toolbar\Security Toolbar.dll (file missing)
    O3 - Toolbar: Norton AntiVirus - {C4069E3A-68F1-403E-B40E-20066696354B} - C:\Program Files\Norton AntiVirus\NavShExt.dll
    O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
    O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    O4 - HKLM\..\Run: [S3TRAY2] S3tray2.exe
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
    O4 - HKLM\..\Run: [NAV CfgWiz] "C:\Program Files\Norton AntiVirus\CfgWiz.exe" /GUID {0D7956A2-5A08-4ec2-A72C-DF8495A66016} /MODE CfgWiz /CMDLINE "REBOOT"
    O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
    O4 - HKLM\..\RunServices: [Rundll32] rundll2.dl_
    O4 - Global Startup: palstart.exe
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O15 - Trusted Zone: http://*.billingnow.com
    O15 - Trusted Zone: http://*.reliablestats.com
    O15 - Trusted Zone: http://*.winantispyware.com
    O15 - Trusted Zone: http://*.winantivirus.com
    O15 - Trusted Zone: http://*.winantiviruspro.com
    O15 - Trusted Zone: http://*.winnanny.com
    O15 - Trusted Zone: http://*.winsoftware.com
    O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
    O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.imgfarm.com/images/nocache/funwebproducts/ei-2/SmileyCentralFWBInitialSetup1.0.0.8-2.cab
    O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
    O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
    O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
    O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmessengersetupdownloader.cab
    O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab32846.cab
    O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
    O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
    O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
    O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~2.EXE
    O23 - Service: Macromedia Licensing Service - Macromedia - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
    O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus
    avapsvc.exe
    O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
    O23 - Service: Norton Protection Center Service (NSCService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE
    O23 - Service: Symantec AVScan (SAVScan) - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
    O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
    O23 - Service: SPBBCSvc - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
    O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe


  • PS onder 015 Trusted Zone heb ik deze al verwijderd met HijackThis.
  • welkom :)

    die 015-regels komen niet meer terug?
    En er zit wat spyware op die ik liever niet met hijackthis verwijder, dus eerst proberen we een andere manier :wink:

    [b:206194dcd2]FiX[/b:206194dcd2]

    [b:206194dcd2]1)[/b:206194dcd2]Verborgen mappen/bestanden laten weergeven
    Ga naar Start –> configuratiescherm –> ( 'Klassieke Weergave' ) –> Mapopties –> tabbladje "Weergave", scrollen naar bijna helemaal beneden –> "verborgen bestanden en mappen weergeven" AANduiden. Bij "Extensies voor bekende bestandstypen verbergen" het bolletje wegdoen–> ok

    [b:206194dcd2]2)[/b:206194dcd2]Download de ewido anti-malware:
    http://www.ewido.net/en/

    [b:206194dcd2]3)[/b:206194dcd2]Update ewido.

    [b:206194dcd2]4)[/b:206194dcd2]Start op in [i:206194dcd2]veilige modus[/i:206194dcd2]

    ''Opstarten''
    ''F8 achter elkaar in tappen''
    ''Veilige modus selecteren''

    [b:206194dcd2]5)[/b:206194dcd2]Start ewido en run een full system scan,Bewaar het [i:206194dcd2]Rapport[/i:206194dcd2]
    Dat je aan het einde krijgt.

    [b:206194dcd2]6)[/b:206194dcd2]Start weer normaal op en doe een system scan bij panda:

    http://www.pandasoftware.com/products/activescan?NRMODE=Published&NRORIGINALURL=%2factivescan%2f&NRNODEGUID=%7b3B202047-35D4-4DA2-B310-B1DBEC2971F2%7d&NRCACHEHINT=Guest

    [b:206194dcd2]7)[/b:206194dcd2]Bewaar dit [i:206194dcd2]Rapport[/i:206194dcd2] ook weer.

    [b:206194dcd2]8)[/b:206194dcd2]Post de logjes van

    [b:206194dcd2]''Ewido''[/b:206194dcd2]
    [b:206194dcd2]''Hijackthis''[/b:206194dcd2]
    [b:206194dcd2]Panda activescan[/b:206194dcd2]

    Succes,

    Greetz ChRiStIaN :)
  • Ok Chrizzz,
    Heb al het bovenstaande uitgevoerd.
    Zie hieronder de verschillende logfiles.
    Nogmaals bedankt man


    ———————————————————
    ewido anti-malware - Scan report
    ———————————————————

    + Created on: 2:38:11 AM, 3/8/2006
    + Report-Checksum: 60ABC3BC

    + Scan result:

    HKLM\SOFTWARE\Classes\CLSID\{2178F3FB-2560-458f-BDEE-631E2FE0DFE4} -> Adware.WinAntiVirus : Cleaned with backup
    HKLM\SOFTWARE\Classes\CLSID\{27150F81-0877-42E9-AF13-55E5A3439A26} -> Adware.Generic : Cleaned with backup
    HKLM\SOFTWARE\Classes\CLSID\{736B5468-BDAD-41BE-92D0-22AE2DDF7BCB} -> Adware.Generic : Cleaned with backup
    HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{736b5468-bdad-41be-92d0-22ae2ddf7bcb} -> Adware.Generic : Cleaned with backup
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objecta\{27150f81-0877-42e9-af13-55e5a3439a26} -> Adware.Generic : Cleaned with backup
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/istactivex.dll -> Adware.ISTBar : Cleaned with backup
    HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{27150F81-0877-42E9-AF13-55E5A3439A26} -> Adware.Generic : Cleaned with backup
    HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{27150F81-0877-42E9-AF13-55E5A3439A26} -> Adware.Generic : Cleaned with backup
    C:\Documents and Settings\Faisal Rafi\Cookies\faisal rafi@ad.yieldmanager[1].txt -> TrackingCookie.Yieldmanager : Cleaned with backup
    C:\Documents and Settings\Faisal Rafi\Cookies\faisal rafi@ad.yieldmanager[2].txt -> TrackingCookie.Yieldmanager : Cleaned with backup
    C:\Documents and Settings\Faisal Rafi\Cookies\faisal rafi@ad.yieldmanager[4].txt -> TrackingCookie.Yieldmanager : Cleaned with backup
    C:\Documents and Settings\Faisal Rafi\Cookies\faisal rafi@as-eu.falkag[2].txt -> TrackingCookie.Falkag : Cleaned with backup
    C:\Documents and Settings\Faisal Rafi\Cookies\faisal rafi@atdmt[2].txt -> TrackingCookie.Atdmt : Cleaned with backup
    C:\Documents and Settings\Faisal Rafi\Cookies\faisal rafi@com[2].txt -> TrackingCookie.Com : Cleaned with backup
    C:\Documents and Settings\Faisal Rafi\Cookies\faisal rafi@doubleclick[1].txt -> TrackingCookie.Doubleclick : Cleaned with backup
    C:\Documents and Settings\Faisal Rafi\Cookies\faisal rafi@ehg-cricinfo.hitbox[1].txt -> TrackingCookie.Hitbox : Cleaned with backup
    C:\Documents and Settings\Faisal Rafi\Cookies\faisal rafi@hitbox[2].txt -> TrackingCookie.Hitbox : Cleaned with backup
    C:\Documents and Settings\Faisal Rafi\Cookies\faisal rafi@linkbuddies[2].txt -> TrackingCookie.Linkbuddies : Cleaned with backup
    C:\Documents and Settings\Faisal Rafi\Cookies\faisal rafi@rotator.adjuggler[1].txt -> TrackingCookie.Adjuggler : Cleaned with backup
    C:\Documents and Settings\Faisal Rafi\Cookies\faisal rafi@sel.as-eu.falkag[1].txt -> TrackingCookie.Falkag : Cleaned with backup
    C:\Documents and Settings\Faisal Rafi\Cookies\faisal rafi@stat.onestat[2].txt -> TrackingCookie.Onestat : Cleaned with backup
    C:\Documents and Settings\Faisal Rafi\Cookies\faisal rafi@stats1.reliablestats[2].txt -> TrackingCookie.Reliablestats : Cleaned with backup
    C:\Documents and Settings\Faisal Rafi\Cookies\faisal rafi@tradedoubler[1].txt -> TrackingCookie.Tradedoubler : Cleaned with backup
    C:\Documents and Settings\Faisal Rafi\Cookies\faisal rafi@www.myaffiliateprogram[2].txt -> TrackingCookie.Myaffiliateprogram : Cleaned with backup
    C:\Documents and Settings\Faisal Rafi\Local Settings\Temp\Cookies\faisal rafi@ad.yieldmanager[1].txt -> TrackingCookie.Yieldmanager : Cleaned with backup
    C:\Documents and Settings\Faisal Rafi\Local Settings\Temp\Cookies\faisal rafi@burstnet[2].txt -> TrackingCookie.Burstnet : Cleaned with backup
    C:\Documents and Settings\Faisal Rafi\Local Settings\Temp\Cookies\faisal rafi@cz6.clickzs[2].txt -> TrackingCookie.Clickzs : Cleaned with backup
    C:\Documents and Settings\Najoi Bouziane\Cookies
    ajoi bouziane@2o7[1].txt -> TrackingCookie.2o7 : Cleaned with backup
    C:\Documents and Settings\Najoi Bouziane\Cookies
    ajoi bouziane@ads.addynamix[2].txt -> TrackingCookie.Addynamix : Cleaned with backup
    C:\Documents and Settings\Najoi Bouziane\Cookies
    ajoi bouziane@ads.pointroll[1].txt -> TrackingCookie.Pointroll : Cleaned with backup
    C:\Documents and Settings\Najoi Bouziane\Cookies
    ajoi bouziane@as-eu.falkag[2].txt -> TrackingCookie.Falkag : Cleaned with backup
    C:\Documents and Settings\Najoi Bouziane\Cookies
    ajoi bouziane@atdmt[2].txt -> TrackingCookie.Atdmt : Cleaned with backup
    C:\Documents and Settings\Najoi Bouziane\Cookies
    ajoi bouziane@doubleclick[1].txt -> TrackingCookie.Doubleclick : Cleaned with backup
    C:\Documents and Settings\Najoi Bouziane\Cookies
    ajoi bouziane@fastclick[1].txt -> TrackingCookie.Fastclick : Cleaned with backup
    C:\Documents and Settings\Najoi Bouziane\Cookies
    ajoi bouziane@mediaplex[1].txt -> TrackingCookie.Mediaplex : Cleaned with backup
    C:\Documents and Settings\Najoi Bouziane\Cookies
    ajoi bouziane@msnportal.112.2o7[1].txt -> TrackingCookie.2o7 : Cleaned with backup
    C:\Documents and Settings\Najoi Bouziane\Cookies
    ajoi bouziane@questionmarket[1].txt -> TrackingCookie.Questionmarket : Cleaned with backup
    C:\Documents and Settings\Najoi Bouziane\Cookies
    ajoi bouziane@sel.as-eu.falkag[1].txt -> TrackingCookie.Falkag : Cleaned with backup
    C:\Documents and Settings\Najoi Bouziane\Cookies
    ajoi bouziane@stat.onestat[2].txt -> TrackingCookie.Onestat : Cleaned with backup
    C:\Documents and Settings\Najoi Bouziane\Cookies
    ajoi bouziane@tradedoubler[1].txt -> TrackingCookie.Tradedoubler : Cleaned with backup
    C:\WINDOWS\Downloaded Program Files\UERSM_0001_N57M0112NetInstaller.exe -> Not-A-Virus.Downloader.Win32.WinFixer.b : Cleaned with backup


    ::Report End



    Logfile of HijackThis v1.99.1
    Scan saved at 1:28:19 PM, on 3/8/2006
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
    C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
    C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
    C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
    C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
    C:\Program Files\ewido anti-malware\ewidoctrl.exe
    C:\Program Files\ewido anti-malware\ewidoguard.exe
    C:\Program Files\Norton AntiVirus
    avapsvc.exe
    C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\WINDOWS\system32\S3tray2.exe
    C:\Program Files\Common Files\Real\Update_OB\realsched.exe
    C:\Program Files\Common Files\Symantec Shared\ccApp.exe
    C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE
    C:\Program Files\Messenger\msmsgs.exe
    C:\Program Files\HijackThis\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
    O2 - BHO: PaltalkWebLogin - {502C3BA4-2C3E-4317-BC29-C0445E82B1F9} - C:\Program Files\Common Files\Paltalk\PaltalkWebLogin.dll
    O2 - BHO: NAV Helper - {A8F38D8D-E480-4D52-B7A2-731BB6995FDD} - C:\Program Files\Norton AntiVirus\NavShExt.dll
    O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.4000.1001
    l\msntb.dll (file missing)
    O3 - Toolbar: Norton AntiVirus - {C4069E3A-68F1-403E-B40E-20066696354B} - C:\Program Files\Norton AntiVirus\NavShExt.dll
    O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
    O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    O4 - HKLM\..\Run: [S3TRAY2] S3tray2.exe
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
    O4 - HKLM\..\Run: [NAV CfgWiz] "C:\Program Files\Norton AntiVirus\CfgWiz.exe" /GUID {0D7956A2-5A08-4ec2-A72C-DF8495A66016} /MODE CfgWiz /CMDLINE "REBOOT"
    O4 - HKLM\..\RunServices: [Rundll32] rundll2.dl_
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
    O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
    O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.imgfarm.com/images/nocache/funwebproducts/ei-2/SmileyCentralFWBInitialSetup1.0.0.8-2.cab
    O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
    O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
    O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
    O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmessengersetupdownloader.cab
    O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab32846.cab
    O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
    O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
    O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
    O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
    O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido anti-malware\ewidoguard.exe
    O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~2.EXE
    O23 - Service: Macromedia Licensing Service - Macromedia - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
    O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus
    avapsvc.exe
    O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
    O23 - Service: Norton Protection Center Service (NSCService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE
    O23 - Service: Symantec AVScan (SAVScan) - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
    O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
    O23 - Service: SPBBCSvc - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
    O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe















  • Ik kijk er vandaag nog naar,

    Zou je iig, even dit willen proberen:

    Ga naar start–>instellingen–>configuratie scherm–>software–>[b:522d425dd3]Deinstalleer ''winantivirus'[/b:522d425dd3] Als het er niet bij staat geen probleem,
    Kan je ook even het panda logje plaatsen?
    want die heb je niet gepost.

    Greetz chriz.
  • Winantivirus staat er niet tussen.
    Panda Scan is aan het lopen :wink:
  • De Panda Scan:


    Incident Status Location

    Adware:adware/securityerror Not disinfected C:\WINDOWS\SYSTEM32\ot.ico
    Potentially unwanted tool:application/funweb Not disinfected C:\WINDOWS\DOWNLOADED PROGRAM FILES\f3initialsetup1.0.0.8-2.inf
    Spyware:application/bestoffer Not disinfected C:\WINDOWS\smdat32a.sys
    Potentially unwanted tool:application/myway Not disinfected C:\PROGRAM FILES\MySearch
    Potentially unwanted tool:application/errorsafe Not disinfected C:\PROGRAM FILES\COMMON FILES\ErrorSafe
    Potentially unwanted tool:application/winantivirus2006 Not disinfected C:\PROGRAM FILES\COMMON FILES\WinAntiVirus Pro 2006
    Adware:adware/spywarestrike Not disinfected C:\WINDOWS\SYSTEM32\1024
    Potentially unwanted tool:application/mywebsearch Not disinfected HKEY_CURRENT_USER\SOFTWARE\MYWEBSEARCH
    Potentially unwanted tool:application/need2find Not disinfected HKEY_CURRENT_USER\SOFTWARE\NEED2FIND
    Spyware:spyware
    xtoolbar Not disinfected Windows Registry
    Spyware:Cookie/Hbmediapro Not disinfected C:\Documents and Settings\Faisal Rafi\Cookies\faisal rafi@adopt.hbmediapro[2].txt
    Spyware:Cookie/Atlas DMT Not disinfected C:\Documents and Settings\Faisal Rafi\Cookies\faisal rafi@atdmt[2].txt
    Spyware:Cookie/Azjmp Not disinfected C:\Documents and Settings\Faisal Rafi\Cookies\faisal rafi@azjmp[2].txt
    Spyware:Cookie/Belnk Not disinfected C:\Documents and Settings\Faisal Rafi\Cookies\faisal rafi@belnk[1].txt
    Spyware:Cookie/Com.com Not disinfected C:\Documents and Settings\Faisal Rafi\Cookies\faisal rafi@com[1].txt
    Spyware:Cookie/Belnk Not disinfected C:\Documents and Settings\Faisal Rafi\Cookies\faisal rafi@dist.belnk[2].txt
    Spyware:Cookie/fe.lea.lycos Not disinfected C:\Documents and Settings\Faisal Rafi\Cookies\faisal rafi@fe.lea.lycos[1].txt
    Spyware:Cookie/GangbangSquad Not disinfected C:\Documents and Settings\Faisal Rafi\Cookies\faisal rafi@gangbangsquad[2].txt
    Spyware:Cookie/Hitbox Not disinfected C:\Documents and Settings\Faisal Rafi\Cookies\faisal rafi@hitbox[2].txt
    Spyware:Cookie/MetriWeb Not disinfected C:\Documents and Settings\Faisal Rafi\Cookies\faisal rafi@metriweb[1].txt
    Spyware:Cookie/Mysearch Not disinfected C:\Documents and Settings\Faisal Rafi\Cookies\faisal rafi@mysearch[2].txt
    Spyware:Cookie/SpyLog Not disinfected C:\Documents and Settings\Faisal Rafi\Cookies\faisal rafi@spylog[2].txt
    Spyware:Cookie/WinFixer Not disinfected C:\Documents and Settings\Faisal Rafi\Cookies\faisal rafi@winfixer[1].txt
    Spyware:Cookie/SpySheriff Not disinfected C:\Documents and Settings\Faisal Rafi\Cookies\faisal rafi@www.spysheriff[1].txt
    Spyware:Cookie/SpySheriff Not disinfected C:\Documents and Settings\Faisal Rafi\Cookies\faisal rafi@www.systemwarning[2].txt
    Spyware:Cookie/Hbmediapro Not disinfected C:\Documents and Settings\Faisal Rafi\Cookies\faisal rafi@adopt.hbmediapro[2].txt
    Spyware:Cookie/Atlas DMT Not disinfected C:\Documents and Settings\Faisal Rafi\Cookies\faisal rafi@atdmt[2].txt
    Spyware:Cookie/Azjmp Not disinfected C:\Documents and Settings\Faisal Rafi\Cookies\faisal rafi@azjmp[2].txt
    Spyware:Cookie/Belnk Not disinfected C:\Documents and Settings\Faisal Rafi\Cookies\faisal rafi@belnk[1].txt
    Spyware:Cookie/Com.com Not disinfected C:\Documents and Settings\Faisal Rafi\Cookies\faisal rafi@com[1].txt
    Spyware:Cookie/Belnk Not disinfected C:\Documents and Settings\Faisal Rafi\Cookies\faisal rafi@dist.belnk[2].txt
    Spyware:Cookie/fe.lea.lycos Not disinfected C:\Documents and Settings\Faisal Rafi\Cookies\faisal rafi@fe.lea.lycos[1].txt
    Spyware:Cookie/GangbangSquad Not disinfected C:\Documents and Settings\Faisal Rafi\Cookies\faisal rafi@gangbangsquad[2].txt
    Spyware:Cookie/Hitbox Not disinfected C:\Documents and Settings\Faisal Rafi\Cookies\faisal rafi@hitbox[2].txt
    Spyware:Cookie/MetriWeb Not disinfected C:\Documents and Settings\Faisal Rafi\Cookies\faisal rafi@metriweb[1].txt
    Spyware:Cookie/Mysearch Not disinfected C:\Documents and Settings\Faisal Rafi\Cookies\faisal rafi@mysearch[2].txt
    Spyware:Cookie/SpyLog Not disinfected C:\Documents and Settings\Faisal Rafi\Cookies\faisal rafi@spylog[2].txt
    Spyware:Cookie/WinFixer Not disinfected C:\Documents and Settings\Faisal Rafi\Cookies\faisal rafi@winfixer[1].txt
    Spyware:Cookie/SpySheriff Not disinfected C:\Documents and Settings\Faisal Rafi\Cookies\faisal rafi@www.spysheriff[1].txt
    Spyware:Cookie/SpySheriff Not disinfected C:\Documents and Settings\Faisal Rafi\Cookies\faisal rafi@www.systemwarning[2].txt
    Spyware:Cookie/Hbmediapro Not disinfected C:\Documents and Settings\Faisal Rafi\Local Settings\Temp\Cookies\faisal rafi@adopt.hbmediapro[2].txt
    Spyware:Cookie/Belnk Not disinfected C:\Documents and Settings\Faisal Rafi\Local Settings\Temp\Cookies\faisal rafi@belnk[1].txt
    Spyware:Cookie/Belnk Not disinfected C:\Documents and Settings\Faisal Rafi\Local Settings\Temp\Cookies\faisal rafi@dist.belnk[2].txt
    Spyware:Cookie/Mysearch Not disinfected C:\Documents and Settings\Faisal Rafi\Local Settings\Temp\Cookies\faisal rafi@mysearch[2].txt
    Spyware:Cookie/WinFixer Not disinfected C:\Documents and Settings\Faisal Rafi\Local Settings\Temp\Cookies\faisal rafi@winfixer[2].txt
    Spyware:Cookie/SpySheriff Not disinfected C:\Documents and Settings\Faisal Rafi\Local Settings\Temp\Cookies\faisal rafi@www.systemwarning[2].txt
    Potentially unwanted tool:Application/WinAntivirus Not disinfected C:\Documents and Settings\Faisal Rafi\Local Settings\Temp\NI.UWA6P_0001_N56M1011\setup.exe
    Spyware:Cookie/Belnk Not disinfected C:\Documents and Settings\Najoi Bouziane\Cookies
    ajoi bouziane@belnk[1].txt
    Spyware:Cookie/Belnk Not disinfected C:\Documents and Settings\Najoi Bouziane\Cookies
    ajoi bouziane@dist.belnk[2].txt
    Spyware:Cookie/MetriWeb Not disinfected C:\Documents and Settings\Najoi Bouziane\Cookies
    ajoi bouziane@metriweb[1].txt
    Potentially unwanted tool:Application/Winantivirus2006 Not disinfected C:\Program Files\Common Files\Companion Wizard\compwiz.exe
    Potentially unwanted tool:Application/Winantivirus2006 Not disinfected C:\Program Files\Common Files\Companion Wizard\WapCHK.dll
    Potentially unwanted tool:Application/Winantivirus2006 Not disinfected C:\Program Files\Common Files\Companion Wizard\WapCHK{77FD32C6-EB21-45D4-AB4D-26D8E33026C8}.dll
    Potentially unwanted tool:Application/Winantivirus2006 Not disinfected C:\Program Files\Common Files\Companion Wizard\WapCHK{9E3E3608-D46E-4734-8774-CB845423FB97}.dll
    Potentially unwanted tool:Application/Winantivirus2006 Not disinfected C:\Program Files\Common Files\WinAntiVirus Pro 2006\WapCHK.dll
    Potentially unwanted tool:Application/FunWeb Not disinfected C:\WINDOWS\Downloaded Program Files\f3initialsetup1.0.0.8-2.inf



  • Hey :-)

    Dat had ik dus nodig :wink:
    Ik ga nu dus een fix uitschrijven, en ik probeer eerst de makkelijkere methode, als dat niet lukt heb ik nog een andere fix in gedachten :-)

    [b:bdb90f0c16]FiX:[/b:bdb90f0c16]

    [b:bdb90f0c16]1.[/b:bdb90f0c16]Zet in configuratiescherm –> mapoptie's een vinkje bij verborgen bestanden en mappen weergeven. Haal daarna ook het vinkje weg bij extensie's voor bekende bestandstypen verbergen. Klik vervolgens op toepassen en ok.

    [b:bdb90f0c16]2.[/b:bdb90f0c16]Verwijder de volgende software via deze methode:

    ''Start–>Instellingen–>configuratie scherm–>Software''

    [b:bdb90f0c16]''Errorsafe''[/b:bdb90f0c16]
    [b:bdb90f0c16]''WinantivirusPro''[/b:bdb90f0c16]
    [b:bdb90f0c16]''Spyware strike''[/b:bdb90f0c16]
    [b:bdb90f0c16]''mywebsearch''[/b:bdb90f0c16]
    [b:bdb90f0c16]''winantivirus''[/b:bdb90f0c16]

    [b:bdb90f0c16]3.[/b:bdb90f0c16]Start op in veilige modus:"

    [b:bdb90f0c16]''Start op''[/b:bdb90f0c16]
    [b:bdb90f0c16]''Onder het opstarten tab je de F8 key achter elkaar in''[/b:bdb90f0c16]
    [b:bdb90f0c16]''Selecteer ''veilige modus''[/b:bdb90f0c16]

    [b:bdb90f0c16]3.[/b:bdb90f0c16]Zoek met behulp van de [i:bdb90f0c16]Windows verkenner[/i:bdb90f0c16] indien aanwezig, de volgende vetgedrukte [b:bdb90f0c16]Mappen+bestanden[/b:bdb90f0c16] op, en verwijder die:

    C:\WINDOWS\SYSTEM32\[b:bdb90f0c16]ot.ico[/b:bdb90f0c16]
    :\WINDOWS\DOWNLOADED PROGRAM FILES\[b:bdb90f0c16]f3initialsetup1.0.0.8-2.inf[/b:bdb90f0c16] als je dit [b:bdb90f0c16]Bestand[/b:bdb90f0c16] niet kan vinden doe dan dit even:

    Ga naar Start - Uitvoeren en tik het volgende commando in:
    regsvr32 /u occache.dll
    Druk op Enter.
    Als je het commando goed hebt ingevoerd, verschijnt de mededeling: "Dll UnregisterServer van occache.dll geslaagd". Bij die melding klik je op "OK".
    Open vervolgens de map C:\Windows\Downloaded Program Files.
    Verwijder daaruit het bestand f3initialsetup1.0.0.8-2.inf (dat zal nu zichtbaar zijn).

    Ga daarna weer naar Start - Uitvoeren en tik in:
    regsvr32 occache.dll

    Druk op Enter.

    Als je het commando goed hebt ingevoerd, verschijnt nu de mededeling: "Dll RegisterServer van occache.dll geslaagd". Bij die melding klik je op "OK".

    Verder deze bestanden nog opzoeken en verwijderen:

    C:\WINDOWS\[b:bdb90f0c16]smdat32a.sys[/b:bdb90f0c16]
    C:\WINDOWS\SYSTEM32\[b:bdb90f0c16]1024[/b:bdb90f0c16]
    C:\Documents and Settings\Faisal Rafi\Local Settings\Temp\[b:bdb90f0c16]NI.UWA6P_0001_N56M1011\setup.exe[/b:bdb90f0c16]

    C:\Program Files\Common Files\[b:bdb90f0c16]Companion Wizard[/b:bdb90f0c16]\compwiz.exe
    C:\Program Files\Common Files\[b:bdb90f0c16]Companion Wizard[/b:bdb90f0c16]\WapCHK.dll

    [b:bdb90f0c16]4.[/b:bdb90f0c16]Start op in normale modus

    [b:bdb90f0c16]5.[/b:bdb90f0c16]Download ATF cleaner (gemaakt door Atribune)

    http://www.atribune.org/ccount/click.php?id=1


    Dubbelklik op ATF cleaner om het programma te starten.
    Op het tabblad "Main", plaats je een vinkje bij Select All.
    Klik op de knop Empty Selected.

    Gebruik je ook Firefox als browser:
    Klik op tabblad "Firefox", plaats een vinkje bij Select All.
    Wil je de door Firefox opgeslagen wachtwoorden behouden, dan klik je in het venster dat verschijnt op "No".
    (dit haalt het vinkje weer weg bij "Firefox saved passwords";)
    Klik op de knop Empty Selected.

    Gebruik je ook Opera als browser:
    Klik op tabblad "Opera", plaats een vinkje bij Select All.
    Wil je de door Opera opgeslagen wachtwoorden behouden, dan klik je in het venster dat verschijnt op "No".
    Klik op de knop Empty Selected.
    Ga naar het tabblad "Main" en klik op de knop Exit om het programma af te sluiten.

    [b:bdb90f0c16]6.[/b:bdb90f0c16]Leeg de volgende mappen met behulp van de [i:bdb90f0c16]''windows verkenner:[/i:bdb90f0c16]

    [b:bdb90f0c16]7.[/b:bdb90f0c16]Doe nu nog eens een scan met ewido, en panda, en plaats een schoon hijackthis logje.

    [b:bdb90f0c16]8.[/b:bdb90f0c16][i:bdb90f0c16]BESCHRIJF[/i:bdb90f0c16] je ervaringen, vertel welke mappen gelukt zijn te verwijderen en welke niet, en plaats de logjes van

    [b:bdb90f0c16]''Ewido''[/b:bdb90f0c16]
    [b:bdb90f0c16]''Panda''[/b:bdb90f0c16]
    [b:bdb90f0c16]''Hijackthis[/b:bdb90f0c16]

    Greetz [b:bdb90f0c16]''Chrizz''[/b:bdb90f0c16] :wink:
  • Kleine aanvulling

    [quote:a4cf5e3569="ChRizz."]
    [b:a4cf5e3569]6.[/b:a4cf5e3569]Leeg de volgende mappen met behulp van de [i:a4cf5e3569]''windows verkenner:[/i:a4cf5e3569]

    [b:a4cf5e3569]Temp - files[/b:a4cf5e3569]
    C:\Documents and Settings\<Gebruikersnaam>\Local Settings\Temp\
    C:\Documents and Settings\<gebruikersnaam>\Local Settings\Temporary Internet Files
    C:\Documents and Settings\<gebruikersnaam>\Local Settings\Temporary Internet Files\content.ie5 <= als deze map niet weergegeven word ga dan naar de map temporary internet files en type dan \content.ie5 erachter in de adresbalk en klik enter
    C:\Windows\Temp\ [/quote:a4cf5e3569]
    Dit gebeurt door ATFcleaner ChRizz.



    Als je dit bestand C:\WINDOWS\DOWNLOADED PROGRAM FILES\f3initialsetup1.0.0.8-2.inf
    niet kan vinden, doe je dit even:
    Ga naar Start - Uitvoeren en tik het volgende commando in:
    [b:a4cf5e3569]regsvr32 /u occache.dll[/b:a4cf5e3569]
    Druk op Enter.
    Als je het commando goed hebt ingevoerd, verschijnt de mededeling: "Dll UnregisterServer van occache.dll geslaagd". Bij die melding klik je op "OK".
    Open vervolgens de map C:\Windows\Downloaded Program Files.
    Verwijder daaruit het bestand [b:a4cf5e3569]f3initialsetup1.0.0.8-2.inf[/b:a4cf5e3569] (dat zal nu zichtbaar zijn).

    Ga daarna weer naar Start - Uitvoeren en tik in:
    [b:a4cf5e3569]regsvr32 occache.dll[/b:a4cf5e3569]

    Druk op Enter.

    Als je het commando goed hebt ingevoerd, verschijnt nu de mededeling: "Dll RegisterServer van occache.dll geslaagd". Bij die melding klik je op "OK".
  • Bedankt mark !

    Ik ben nieuw met het programma ATF-cleaner,
    En zit nog in de opleiding, dus erg aardig dat je het even toevoegt.ik verander mijn post wel even zodat jij jou post kan verwijderen, goed?

    Greetz chriz.
  • Ik meende je herkend te hebben op Hijackthis.nl. ?
    Laat maar staan. De TS zal er wel uitgeraken.
  • Hoi ChRizz.

    Voeg deze link nog even toe voor het downloaden van ATF cleaner:
    http://www.atribune.org/ccount/click.php?id=1

    Groeten smeenk :wink:
  • Dag Chrizz,
    Ik las dat je inz panda diverse aanbevelingen had.
    Ik zit ook met een panda probleem en beschreef dit bij;
    Anders (internet) met onderwerp; internet auteur; gruijters
    Zou je daar eens naar willen kijken?
    Dank bv.Timo
  • Hey allemaal,
    Ik zit momenteel in Duitsland, dus kan ik de voorgestelde handelingen niet uitvoeren.
    Ben Dinsdag terug en ga het dan uitvoeren.
    In ieder geval bedankt voor de tips, Chrizz, Marc en Smeenk.


    8)
  • Is goed :)
    Fijne ''vakantie'' nog als het een vakantie is 8)
    Ik zie de logjes wel verschijnen als je mn stappenplan hebt voltooid :wink:

    Greetz chriz
  • Ja laten we het houden op vakantie 8)
    Tot later.
  • Ok heb het nodige gedaan en zal de log files hier posten.
    Over de software heb ik een vraag:

    Deze vond ik namelijk niet terug op mijn pc. Was deze fix dan iets algemeens ?
  • Logfile of HijackThis v1.99.1
    Scan saved at 1:09:48 PM, on 3/14/2006
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
    C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
    C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
    C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
    C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
    C:\Program Files\ewido anti-malware\ewidoctrl.exe
    C:\Program Files\ewido anti-malware\ewidoguard.exe
    C:\Program Files\Norton AntiVirus
    avapsvc.exe
    C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
    C:\WINDOWS\system32\pctspk.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\WINDOWS\system32\S3tray2.exe
    C:\Program Files\Common Files\Symantec Shared\ccApp.exe
    C:\Program Files\Hewlett-Packard\Digital Imaging\Unload\hpqcmon.exe
    C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE
    C:\Program Files\MSN Messenger\msnmsgr.exe
    C:\PROGRA~1\MICROS~2\Office10\OUTLOOK.EXE
    C:\Program Files\Messenger\msmsgs.exe
    C:\Program Files\Microsoft Office\Office10\WINWORD.EXE
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\HijackThis\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
    O2 - BHO: PaltalkWebLogin - {502C3BA4-2C3E-4317-BC29-C0445E82B1F9} - C:\Program Files\Common Files\Paltalk\PaltalkWebLogin.dll
    O2 - BHO: NAV Helper - {A8F38D8D-E480-4D52-B7A2-731BB6995FDD} - C:\Program Files\Norton AntiVirus\NavShExt.dll
    O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.4000.1001
    l\msntb.dll (file missing)
    O3 - Toolbar: Norton AntiVirus - {C4069E3A-68F1-403E-B40E-20066696354B} - C:\Program Files\Norton AntiVirus\NavShExt.dll
    O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
    O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    O4 - HKLM\..\Run: [S3TRAY2] S3tray2.exe
    O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
    O4 - HKLM\..\Run: [NAV CfgWiz] "C:\Program Files\Norton AntiVirus\CfgWiz.exe" /GUID {0D7956A2-5A08-4ec2-A72C-DF8495A66016} /MODE CfgWiz /CMDLINE "REBOOT"
    O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
    O4 - HKLM\..\Run: [CamMonitor] C:\Program Files\Hewlett-Packard\Digital Imaging\\Unload\hpqcmon.exe
    O4 - HKLM\..\RunServices: [Rundll32] rundll2.dl_
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
    O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
    O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.imgfarm.com/images/nocache/funwebproducts/ei-2/SmileyCentralFWBInitialSetup1.0.0.8-2.cab
    O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
    O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
    O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
    O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmessengersetupdownloader.cab
    O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab32846.cab
    O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
    O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
    O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
    O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
    O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido anti-malware\ewidoguard.exe
    O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~2.EXE
    O23 - Service: Macromedia Licensing Service - Macromedia - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
    O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus
    avapsvc.exe
    O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
    O23 - Service: Norton Protection Center Service (NSCService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE
    O23 - Service: PCTEL Speaker Phone (Pctspk) - PCtel, Inc. - C:\WINDOWS\system32\pctspk.exe
    O23 - Service: Symantec AVScan (SAVScan) - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
    O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
    O23 - Service: SPBBCSvc - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
    O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe


  • Hoi.. :)

    Dat je de software niet hebt kunnen vinden is niet zo vreemd :wink:
    Kijk zo heb ik bekeken, en het was een kleine kans van slagen dat dat er op zou staan {de softwares:}

    Jou panda log:

    Incident Status Location

    Adware:adware/securityerror Not disinfected C:\WINDOWS\SYSTEM32\ot.ico
    Potentially unwanted tool:application/funweb Not disinfected C:\WINDOWS\DOWNLOADED PROGRAM FILES\f3initialsetup1.0.0.8-2.inf
    Spyware:application/bestoffer Not disinfected C:\WINDOWS\smdat32a.sys
    Potentially unwanted tool:application/myway Not disinfected C:\PROGRAM FILES\MySearch
    Potentially unwanted tool:application/errorsafe Not disinfected C:\PROGRAM FILES\COMMON FILES\ErrorSafe
    Potentially unwanted tool:application/winantivirus2006 Not disinfected C:\PROGRAM FILES\COMMON FILES\WinAntiVirus Pro 2006
    Adware:adware/spywarestrike Not disinfected C:\WINDOWS\SYSTEM32\1024
    Potentially unwanted tool:application/mywebsearch Not disinfected HKEY_CURRENT_USER\SOFTWARE\MYWEBSEARCH
    Potentially unwanted tool:application/need2find Not disinfected HKEY_CURRENT_USER\SOFTWARE\NEED2FIND
    Spyware:spyware
    xtoolbar Not disinfected Windows Registry
    Spyware:Cookie/Hbmediapro Not disinfected C:\Documents and Settings\Faisal Rafi\Cookies\faisal rafi@adopt.hbmediapro[2].txt
    Spyware:Cookie/Atlas DMT Not disinfected C:\Documents and Settings\Faisal Rafi\Cookies\faisal rafi@atdmt[2].txt
    Spyware:Cookie/Azjmp Not disinfected C:\Documents and Settings\Faisal Rafi\Cookies\faisal rafi@azjmp[2].txt
    Spyware:Cookie/Belnk Not disinfected C:\Documents and Settings\Faisal Rafi\Cookies\faisal rafi@belnk[1].txt
    Spyware:Cookie/Com.com Not disinfected C:\Documents and Settings\Faisal Rafi\Cookies\faisal rafi@com[1].txt
    Spyware:Cookie/Belnk Not disinfected C:\Documents and Settings\Faisal Rafi\Cookies\faisal rafi@dist.belnk[2].txt
    Spyware:Cookie/fe.lea.lycos Not disinfected C:\Documents and Settings\Faisal Rafi\Cookies\faisal rafi@fe.lea.lycos[1].txt
    Spyware:Cookie/GangbangSquad Not disinfected C:\Documents and Settings\Faisal Rafi\Cookies\faisal rafi@gangbangsquad[2].txt
    Spyware:Cookie/Hitbox Not disinfected C:\Documents and Settings\Faisal Rafi\Cookies\faisal rafi@hitbox[2].txt
    Spyware:Cookie/MetriWeb Not disinfected C:\Documents and Settings\Faisal Rafi\Cookies\faisal rafi@metriweb[1].txt
    Spyware:Cookie/Mysearch Not disinfected C:\Documents and Settings\Faisal Rafi\Cookies\faisal rafi@mysearch[2].txt
    Spyware:Cookie/SpyLog Not disinfected C:\Documents and Settings\Faisal Rafi\Cookies\faisal rafi@spylog[2].txt
    Spyware:Cookie/WinFixer Not disinfected C:\Documents and Settings\Faisal Rafi\Cookies\faisal rafi@winfixer[1].txt
    Spyware:Cookie/SpySheriff Not disinfected C:\Documents and Settings\Faisal Rafi\Cookies\faisal rafi@www.spysheriff[1].txt
    Spyware:Cookie/SpySheriff Not disinfected C:\Documents and Settings\Faisal Rafi\Cookies\faisal rafi@www.systemwarning[2].txt
    Spyware:Cookie/Hbmediapro Not disinfected C:\Documents and Settings\Faisal Rafi\Cookies\faisal rafi@adopt.hbmediapro[2].txt
    Spyware:Cookie/Atlas DMT Not disinfected C:\Documents and Settings\Faisal Rafi\Cookies\faisal rafi@atdmt[2].txt
    Spyware:Cookie/Azjmp Not disinfected C:\Documents and Settings\Faisal Rafi\Cookies\faisal rafi@azjmp[2].txt
    Spyware:Cookie/Belnk Not disinfected C:\Documents and Settings\Faisal Rafi\Cookies\faisal rafi@belnk[1].txt
    Spyware:Cookie/Com.com Not disinfected C:\Documents and Settings\Faisal Rafi\Cookies\faisal rafi@com[1].txt
    Spyware:Cookie/Belnk Not disinfected C:\Documents and Settings\Faisal Rafi\Cookies\faisal rafi@dist.belnk[2].txt
    Spyware:Cookie/fe.lea.lycos Not disinfected C:\Documents and Settings\Faisal Rafi\Cookies\faisal rafi@fe.lea.lycos[1].txt
    Spyware:Cookie/GangbangSquad Not disinfected C:\Documents and Settings\Faisal Rafi\Cookies\faisal rafi@gangbangsquad[2].txt
    Spyware:Cookie/Hitbox Not disinfected C:\Documents and Settings\Faisal Rafi\Cookies\faisal rafi@hitbox[2].txt
    Spyware:Cookie/MetriWeb Not disinfected C:\Documents and Settings\Faisal Rafi\Cookies\faisal rafi@metriweb[1].txt
    Spyware:Cookie/Mysearch Not disinfected C:\Documents and Settings\Faisal Rafi\Cookies\faisal rafi@mysearch[2].txt
    Spyware:Cookie/SpyLog Not disinfected C:\Documents and Settings\Faisal Rafi\Cookies\faisal rafi@spylog[2].txt
    Spyware:Cookie/WinFixer Not disinfected C:\Documents and Settings\Faisal Rafi\Cookies\faisal rafi@winfixer[1].txt
    Spyware:Cookie/[b:afa1f432ea]spySheriff[/b:afa1f432ea] Not disinfected C:\Documents and Settings\Faisal Rafi\Cookies\faisal rafi@www.spysheriff[1].txt
    Spyware:Cookie/[b:afa1f432ea]SpySheriff[/b:afa1f432ea] Not disinfected C:\Documents and Settings\Faisal Rafi\Cookies\faisal rafi@www.systemwarning[2].txt
    Spyware:Cookie/Hbmediapro Not disinfected C:\Documents and Settings\Faisal Rafi\Local Settings\Temp\Cookies\faisal rafi@adopt.hbmediapro[2].txt
    Spyware:Cookie/Belnk Not disinfected C:\Documents and Settings\Faisal Rafi\Local Settings\Temp\Cookies\faisal rafi@belnk[1].txt
    Spyware:Cookie/Belnk Not disinfected C:\Documents and Settings\Faisal Rafi\Local Settings\Temp\Cookies\faisal rafi@dist.belnk[2].txt
    Spyware:Cookie/Mysearch Not disinfected C:\Documents and Settings\Faisal Rafi\Local Settings\Temp\Cookies\faisal rafi@[b:afa1f432ea]mysearch[/b:afa1f432ea][2].txt
    Spyware:Cookie/[b:afa1f432ea]winFixer[/b:afa1f432ea] Not disinfected C:\Documents and Settings\Faisal Rafi\Local Settings\Temp\Cookies\faisal rafi@winfixer[2].txt
    Spyware:Cookie/SpySheriff Not disinfected C:\Documents and Settings\Faisal Rafi\Local Settings\Temp\Cookies\faisal rafi@www.systemwarning[2].txt
    Potentially unwanted tool:Application/[b:afa1f432ea]WinAntivirus[/b:afa1f432ea] Not disinfected C:\Documents and Settings\Faisal Rafi\Local Settings\Temp\NI.UWA6P_0001_N56M1011\setup.exe
    Spyware:Cookie/Belnk Not disinfected C:\Documents and Settings\Najoi Bouziane\Cookies
    ajoi bouziane@belnk[1].txt
    Spyware:Cookie/Belnk Not disinfected C:\Documents and Settings\Najoi Bouziane\Cookies
    ajoi bouziane@dist.belnk[2].txt
    Spyware:Cookie/MetriWeb Not disinfected C:\Documents and Settings\Najoi Bouziane\Cookies
    ajoi bouziane@metriweb[1].txt
    Potentially unwanted tool:Application/[b:afa1f432ea]Winantivirus2006[/b:afa1f432ea] Not disinfected C:\Program Files\Common Files\Companion Wizard\compwiz.exe
    Potentially unwanted tool:Application/[b:afa1f432ea]Winantivirus2006[/b:afa1f432ea] Not disinfected C:\Program Files\Common Files\Companion Wizard\WapCHK.dll
    Potentially unwanted tool:Application/[b:afa1f432ea]Winantivirus2006[/b:afa1f432ea] Not disinfected C:\Program Files\Common Files\Companion Wizard\WapCHK{77FD32C6-EB21-45D4-AB4D-26D8E33026C8}.dll
    Potentially unwanted tool:Application/[b:afa1f432ea]Winantivirus2006[/b:afa1f432ea]Not disinfected C:\Program Files\Common Files\Companion Wizard\WapCHK{9E3E3608-D46E-4734-8774-CB845423FB97}.dll
    Potentially unwanted tool:Application/Winantivirus2006 Not disinfected C:\Program Files\Common Files\[b:afa1f432ea]WinAntiVirus Pro 2006[/b:afa1f432ea]\WapCHK.dll
    Potentially unwanted tool:Application/FunWeb Not disinfected C:\WINDOWS\Downloaded Program Files\f3initialsetup1.0.0.8-2.inf

    Ik heb een aantal vetgedrukt gemaakt Dus er was in feite een kans dat die programmas er wel opzaten dit is zo te zien niet zo.

    2.)Je hijackthis log is schoon toch verzoek ik je nog even een ewido en panda log te plaatsen :wink:

    Beschrijf ook wat uitgebreider of je nog problemen e.d. hebt :wink:

    Greetz chrizz



  • Hey bedankt voor je uitleg Chrizz.
    Zal de andere logs tegen morgen erop zetten.
    Ik ondervind niet echt veel problemen. Behalve dan een rotprobleem en dat is dat mijn laptop (dit zijn logs van mijn laptop) soms vastloopt.
    Het scherm "freezed" gewoon.
    Eerst dacht ik mischien dat mijn koeler het niet meer goed deed of vastzat door stof maar na een grondige kuisbeurt, gebeurt dit nog steeds.
    Zou dit komen door een virus of zo ? ? ? Ik weet het niet. En aangezien de hijackthis log proper was…

    Ik weet het echt niet… :(

Beantwoord deze vraag

Dit is een gearchiveerde pagina. Antwoorden is niet meer mogelijk.