Vraag & Antwoord

Beveiliging & privacy

HijackThis logfile

29 antwoorden
  • Hey allemaal, Kan er iemand mijn logfile bekijken ? indien mogelijk ook een beetje uitleg geven zodat ik kan bijleren en in de toekomst zelf mijn problemen kan oplossen. Vriendelijke groeten ----------------------------------------------------------------------------------- Logfile of HijackThis v1.99.1 Scan saved at 10:46:43 AM, on 3/7/2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe C:\Program Files\Norton AntiVirus\navapsvc.exe C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Synaptics\SynTP\SynTPLpr.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\WINDOWS\system32\S3tray2.exe C:\Program Files\Common Files\Real\Update_OB\realsched.exe C:\Program Files\Common Files\Symantec Shared\ccApp.exe C:\Documents and Settings\All Users\Start Menu\Programs\Startup\palstart.exe C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE C:\Program Files\Messenger\msmsgs.exe C:\Documents and Settings\Faisal Rafi\My Documents\My Downloads\HijackThis.exe R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1 O2 - BHO: PaltalkWebLogin - {502C3BA4-2C3E-4317-BC29-C0445E82B1F9} - C:\Program Files\Common Files\Paltalk\PaltalkWebLogin.dll O2 - BHO: NAV Helper - {A8F38D8D-E480-4D52-B7A2-731BB6995FDD} - C:\Program Files\Norton AntiVirus\NavShExt.dll O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.4000.1001\nl\msntb.dll (file missing) O3 - Toolbar: SecurityToolbar - {736b5468-bdad-41be-92d0-22ae2ddf7bcb} - C:\Program Files\Security Toolbar\Security Toolbar.dll (file missing) O3 - Toolbar: Norton AntiVirus - {C4069E3A-68F1-403E-B40E-20066696354B} - C:\Program Files\Norton AntiVirus\NavShExt.dll O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [S3TRAY2] S3tray2.exe O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [NAV CfgWiz] "C:\Program Files\Norton AntiVirus\CfgWiz.exe" /GUID {0D7956A2-5A08-4ec2-A72C-DF8495A66016} /MODE CfgWiz /CMDLINE "REBOOT" O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto O4 - HKLM\..\RunServices: [Rundll32] rundll2.dl_ O4 - Global Startup: palstart.exe O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O15 - Trusted Zone: http://*.billingnow.com O15 - Trusted Zone: http://*.reliablestats.com O15 - Trusted Zone: http://*.winantispyware.com O15 - Trusted Zone: http://*.winantivirus.com O15 - Trusted Zone: http://*.winantiviruspro.com O15 - Trusted Zone: http://*.winnanny.com O15 - Trusted Zone: http://*.winsoftware.com O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.imgfarm.com/images/nocache/funwebproducts/ei-2/SmileyCentralFWBInitialSetup1.0.0.8-2.cab O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmessengersetupdownloader.cab O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab32846.cab O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~2.EXE O23 - Service: Macromedia Licensing Service - Macromedia - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe O23 - Service: Norton Protection Center Service (NSCService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE O23 - Service: Symantec AVScan (SAVScan) - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe O23 - Service: SPBBCSvc - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
  • PS onder 015 Trusted Zone heb ik deze al verwijderd met HijackThis.
  • welkom :) die 015-regels komen niet meer terug? En er zit wat spyware op die ik liever niet met hijackthis verwijder, dus eerst proberen we een andere manier :wink: [b:206194dcd2]FiX[/b:206194dcd2] [b:206194dcd2]1)[/b:206194dcd2]Verborgen mappen/bestanden laten weergeven Ga naar Start --> configuratiescherm --> ( 'Klassieke Weergave' ) --> Mapopties --> tabbladje "Weergave", scrollen naar bijna helemaal beneden --> "verborgen bestanden en mappen weergeven" AANduiden. Bij "Extensies voor bekende bestandstypen verbergen" het bolletje wegdoen--> ok [b:206194dcd2]2)[/b:206194dcd2]Download de ewido anti-malware: http://www.ewido.net/en/ [b:206194dcd2]3)[/b:206194dcd2]Update ewido. [b:206194dcd2]4)[/b:206194dcd2]Start op in [i:206194dcd2]veilige modus[/i:206194dcd2] ''Opstarten'' ''F8 achter elkaar in tappen'' ''Veilige modus selecteren'' [b:206194dcd2]5)[/b:206194dcd2]Start ewido en run een full system scan,Bewaar het [i:206194dcd2]Rapport[/i:206194dcd2] Dat je aan het einde krijgt. [b:206194dcd2]6)[/b:206194dcd2]Start weer normaal op en doe een system scan bij panda: http://www.pandasoftware.com/products/activescan?NRMODE=Published&NRORIGINALURL=%2factivescan%2f&NRNODEGUID=%7b3B202047-35D4-4DA2-B310-B1DBEC2971F2%7d&NRCACHEHINT=Guest [b:206194dcd2]7)[/b:206194dcd2]Bewaar dit [i:206194dcd2]Rapport[/i:206194dcd2] ook weer. [b:206194dcd2]8)[/b:206194dcd2]Post de logjes van [b:206194dcd2]''Ewido''[/b:206194dcd2] [b:206194dcd2]''Hijackthis''[/b:206194dcd2] [b:206194dcd2]Panda activescan[/b:206194dcd2] Succes, Greetz ChRiStIaN :)
  • Ok Chrizzz, Heb al het bovenstaande uitgevoerd. Zie hieronder de verschillende logfiles. Nogmaals bedankt man --------------------------------------------------------- ewido anti-malware - Scan report --------------------------------------------------------- + Created on: 2:38:11 AM, 3/8/2006 + Report-Checksum: 60ABC3BC + Scan result: HKLM\SOFTWARE\Classes\CLSID\{2178F3FB-2560-458f-BDEE-631E2FE0DFE4} -> Adware.WinAntiVirus : Cleaned with backup HKLM\SOFTWARE\Classes\CLSID\{27150F81-0877-42E9-AF13-55E5A3439A26} -> Adware.Generic : Cleaned with backup HKLM\SOFTWARE\Classes\CLSID\{736B5468-BDAD-41BE-92D0-22AE2DDF7BCB} -> Adware.Generic : Cleaned with backup HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{736b5468-bdad-41be-92d0-22ae2ddf7bcb} -> Adware.Generic : Cleaned with backup HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objecta\{27150f81-0877-42e9-af13-55e5a3439a26} -> Adware.Generic : Cleaned with backup HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/istactivex.dll -> Adware.ISTBar : Cleaned with backup HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{27150F81-0877-42E9-AF13-55E5A3439A26} -> Adware.Generic : Cleaned with backup HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{27150F81-0877-42E9-AF13-55E5A3439A26} -> Adware.Generic : Cleaned with backup C:\Documents and Settings\Faisal Rafi\Cookies\faisal rafi@ad.yieldmanager[1].txt -> TrackingCookie.Yieldmanager : Cleaned with backup C:\Documents and Settings\Faisal Rafi\Cookies\faisal rafi@ad.yieldmanager[2].txt -> TrackingCookie.Yieldmanager : Cleaned with backup C:\Documents and Settings\Faisal Rafi\Cookies\faisal rafi@ad.yieldmanager[4].txt -> TrackingCookie.Yieldmanager : Cleaned with backup C:\Documents and Settings\Faisal Rafi\Cookies\faisal rafi@as-eu.falkag[2].txt -> TrackingCookie.Falkag : Cleaned with backup C:\Documents and Settings\Faisal Rafi\Cookies\faisal rafi@atdmt[2].txt -> TrackingCookie.Atdmt : Cleaned with backup C:\Documents and Settings\Faisal Rafi\Cookies\faisal rafi@com[2].txt -> TrackingCookie.Com : Cleaned with backup C:\Documents and Settings\Faisal Rafi\Cookies\faisal rafi@doubleclick[1].txt -> TrackingCookie.Doubleclick : Cleaned with backup C:\Documents and Settings\Faisal Rafi\Cookies\faisal rafi@ehg-cricinfo.hitbox[1].txt -> TrackingCookie.Hitbox : Cleaned with backup C:\Documents and Settings\Faisal Rafi\Cookies\faisal rafi@hitbox[2].txt -> TrackingCookie.Hitbox : Cleaned with backup C:\Documents and Settings\Faisal Rafi\Cookies\faisal rafi@linkbuddies[2].txt -> TrackingCookie.Linkbuddies : Cleaned with backup C:\Documents and Settings\Faisal Rafi\Cookies\faisal rafi@rotator.adjuggler[1].txt -> TrackingCookie.Adjuggler : Cleaned with backup C:\Documents and Settings\Faisal Rafi\Cookies\faisal rafi@sel.as-eu.falkag[1].txt -> TrackingCookie.Falkag : Cleaned with backup C:\Documents and Settings\Faisal Rafi\Cookies\faisal rafi@stat.onestat[2].txt -> TrackingCookie.Onestat : Cleaned with backup C:\Documents and Settings\Faisal Rafi\Cookies\faisal rafi@stats1.reliablestats[2].txt -> TrackingCookie.Reliablestats : Cleaned with backup C:\Documents and Settings\Faisal Rafi\Cookies\faisal rafi@tradedoubler[1].txt -> TrackingCookie.Tradedoubler : Cleaned with backup C:\Documents and Settings\Faisal Rafi\Cookies\faisal rafi@www.myaffiliateprogram[2].txt -> TrackingCookie.Myaffiliateprogram : Cleaned with backup C:\Documents and Settings\Faisal Rafi\Local Settings\Temp\Cookies\faisal rafi@ad.yieldmanager[1].txt -> TrackingCookie.Yieldmanager : Cleaned with backup C:\Documents and Settings\Faisal Rafi\Local Settings\Temp\Cookies\faisal rafi@burstnet[2].txt -> TrackingCookie.Burstnet : Cleaned with backup C:\Documents and Settings\Faisal Rafi\Local Settings\Temp\Cookies\faisal rafi@cz6.clickzs[2].txt -> TrackingCookie.Clickzs : Cleaned with backup C:\Documents and Settings\Najoi Bouziane\Cookies\najoi bouziane@2o7[1].txt -> TrackingCookie.2o7 : Cleaned with backup C:\Documents and Settings\Najoi Bouziane\Cookies\najoi bouziane@ads.addynamix[2].txt -> TrackingCookie.Addynamix : Cleaned with backup C:\Documents and Settings\Najoi Bouziane\Cookies\najoi bouziane@ads.pointroll[1].txt -> TrackingCookie.Pointroll : Cleaned with backup C:\Documents and Settings\Najoi Bouziane\Cookies\najoi bouziane@as-eu.falkag[2].txt -> TrackingCookie.Falkag : Cleaned with backup C:\Documents and Settings\Najoi Bouziane\Cookies\najoi bouziane@atdmt[2].txt -> TrackingCookie.Atdmt : Cleaned with backup C:\Documents and Settings\Najoi Bouziane\Cookies\najoi bouziane@doubleclick[1].txt -> TrackingCookie.Doubleclick : Cleaned with backup C:\Documents and Settings\Najoi Bouziane\Cookies\najoi bouziane@fastclick[1].txt -> TrackingCookie.Fastclick : Cleaned with backup C:\Documents and Settings\Najoi Bouziane\Cookies\najoi bouziane@mediaplex[1].txt -> TrackingCookie.Mediaplex : Cleaned with backup C:\Documents and Settings\Najoi Bouziane\Cookies\najoi bouziane@msnportal.112.2o7[1].txt -> TrackingCookie.2o7 : Cleaned with backup C:\Documents and Settings\Najoi Bouziane\Cookies\najoi bouziane@questionmarket[1].txt -> TrackingCookie.Questionmarket : Cleaned with backup C:\Documents and Settings\Najoi Bouziane\Cookies\najoi bouziane@sel.as-eu.falkag[1].txt -> TrackingCookie.Falkag : Cleaned with backup C:\Documents and Settings\Najoi Bouziane\Cookies\najoi bouziane@stat.onestat[2].txt -> TrackingCookie.Onestat : Cleaned with backup C:\Documents and Settings\Najoi Bouziane\Cookies\najoi bouziane@tradedoubler[1].txt -> TrackingCookie.Tradedoubler : Cleaned with backup C:\WINDOWS\Downloaded Program Files\UERSM_0001_N57M0112NetInstaller.exe -> Not-A-Virus.Downloader.Win32.WinFixer.b : Cleaned with backup ::Report End Logfile of HijackThis v1.99.1 Scan saved at 1:28:19 PM, on 3/8/2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe C:\Program Files\ewido anti-malware\ewidoctrl.exe C:\Program Files\ewido anti-malware\ewidoguard.exe C:\Program Files\Norton AntiVirus\navapsvc.exe C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Synaptics\SynTP\SynTPLpr.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\WINDOWS\system32\S3tray2.exe C:\Program Files\Common Files\Real\Update_OB\realsched.exe C:\Program Files\Common Files\Symantec Shared\ccApp.exe C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE C:\Program Files\Messenger\msmsgs.exe C:\Program Files\HijackThis\HijackThis.exe R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1 O2 - BHO: PaltalkWebLogin - {502C3BA4-2C3E-4317-BC29-C0445E82B1F9} - C:\Program Files\Common Files\Paltalk\PaltalkWebLogin.dll O2 - BHO: NAV Helper - {A8F38D8D-E480-4D52-B7A2-731BB6995FDD} - C:\Program Files\Norton AntiVirus\NavShExt.dll O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.4000.1001\nl\msntb.dll (file missing) O3 - Toolbar: Norton AntiVirus - {C4069E3A-68F1-403E-B40E-20066696354B} - C:\Program Files\Norton AntiVirus\NavShExt.dll O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [S3TRAY2] S3tray2.exe O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [NAV CfgWiz] "C:\Program Files\Norton AntiVirus\CfgWiz.exe" /GUID {0D7956A2-5A08-4ec2-A72C-DF8495A66016} /MODE CfgWiz /CMDLINE "REBOOT" O4 - HKLM\..\RunServices: [Rundll32] rundll2.dl_ O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.imgfarm.com/images/nocache/funwebproducts/ei-2/SmileyCentralFWBInitialSetup1.0.0.8-2.cab O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmessengersetupdownloader.cab O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab32846.cab O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido anti-malware\ewidoguard.exe O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~2.EXE O23 - Service: Macromedia Licensing Service - Macromedia - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe O23 - Service: Norton Protection Center Service (NSCService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE O23 - Service: Symantec AVScan (SAVScan) - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe O23 - Service: SPBBCSvc - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
  • Ik kijk er vandaag nog naar, Zou je iig, even dit willen proberen: Ga naar start-->instellingen-->configuratie scherm-->software-->[b:522d425dd3]Deinstalleer ''winantivirus'[/b:522d425dd3] Als het er niet bij staat geen probleem, Kan je ook even het panda logje plaatsen? want die heb je niet gepost. Greetz chriz.
  • Winantivirus staat er niet tussen. Panda Scan is aan het lopen :wink:
  • De Panda Scan: Incident Status Location Adware:adware/securityerror Not disinfected C:\WINDOWS\SYSTEM32\ot.ico Potentially unwanted tool:application/funweb Not disinfected C:\WINDOWS\DOWNLOADED PROGRAM FILES\f3initialsetup1.0.0.8-2.inf Spyware:application/bestoffer Not disinfected C:\WINDOWS\smdat32a.sys Potentially unwanted tool:application/myway Not disinfected C:\PROGRAM FILES\MySearch Potentially unwanted tool:application/errorsafe Not disinfected C:\PROGRAM FILES\COMMON FILES\ErrorSafe Potentially unwanted tool:application/winantivirus2006 Not disinfected C:\PROGRAM FILES\COMMON FILES\WinAntiVirus Pro 2006 Adware:adware/spywarestrike Not disinfected C:\WINDOWS\SYSTEM32\1024 Potentially unwanted tool:application/mywebsearch Not disinfected HKEY_CURRENT_USER\SOFTWARE\MYWEBSEARCH Potentially unwanted tool:application/need2find Not disinfected HKEY_CURRENT_USER\SOFTWARE\NEED2FIND Spyware:spyware/rxtoolbar Not disinfected Windows Registry Spyware:Cookie/Hbmediapro Not disinfected C:\Documents and Settings\Faisal Rafi\Cookies\faisal rafi@adopt.hbmediapro[2].txt Spyware:Cookie/Atlas DMT Not disinfected C:\Documents and Settings\Faisal Rafi\Cookies\faisal rafi@atdmt[2].txt Spyware:Cookie/Azjmp Not disinfected C:\Documents and Settings\Faisal Rafi\Cookies\faisal rafi@azjmp[2].txt Spyware:Cookie/Belnk Not disinfected C:\Documents and Settings\Faisal Rafi\Cookies\faisal rafi@belnk[1].txt Spyware:Cookie/Com.com Not disinfected C:\Documents and Settings\Faisal Rafi\Cookies\faisal rafi@com[1].txt Spyware:Cookie/Belnk Not disinfected C:\Documents and Settings\Faisal Rafi\Cookies\faisal rafi@dist.belnk[2].txt Spyware:Cookie/fe.lea.lycos Not disinfected C:\Documents and Settings\Faisal Rafi\Cookies\faisal rafi@fe.lea.lycos[1].txt Spyware:Cookie/GangbangSquad Not disinfected C:\Documents and Settings\Faisal Rafi\Cookies\faisal rafi@gangbangsquad[2].txt Spyware:Cookie/Hitbox Not disinfected C:\Documents and Settings\Faisal Rafi\Cookies\faisal rafi@hitbox[2].txt Spyware:Cookie/MetriWeb Not disinfected C:\Documents and Settings\Faisal Rafi\Cookies\faisal rafi@metriweb[1].txt Spyware:Cookie/Mysearch Not disinfected C:\Documents and Settings\Faisal Rafi\Cookies\faisal rafi@mysearch[2].txt Spyware:Cookie/SpyLog Not disinfected C:\Documents and Settings\Faisal Rafi\Cookies\faisal rafi@spylog[2].txt Spyware:Cookie/WinFixer Not disinfected C:\Documents and Settings\Faisal Rafi\Cookies\faisal rafi@winfixer[1].txt Spyware:Cookie/SpySheriff Not disinfected C:\Documents and Settings\Faisal Rafi\Cookies\faisal rafi@www.spysheriff[1].txt Spyware:Cookie/SpySheriff Not disinfected C:\Documents and Settings\Faisal Rafi\Cookies\faisal rafi@www.systemwarning[2].txt Spyware:Cookie/Hbmediapro Not disinfected C:\Documents and Settings\Faisal Rafi\Cookies\faisal rafi@adopt.hbmediapro[2].txt Spyware:Cookie/Atlas DMT Not disinfected C:\Documents and Settings\Faisal Rafi\Cookies\faisal rafi@atdmt[2].txt Spyware:Cookie/Azjmp Not disinfected C:\Documents and Settings\Faisal Rafi\Cookies\faisal rafi@azjmp[2].txt Spyware:Cookie/Belnk Not disinfected C:\Documents and Settings\Faisal Rafi\Cookies\faisal rafi@belnk[1].txt Spyware:Cookie/Com.com Not disinfected C:\Documents and Settings\Faisal Rafi\Cookies\faisal rafi@com[1].txt Spyware:Cookie/Belnk Not disinfected C:\Documents and Settings\Faisal Rafi\Cookies\faisal rafi@dist.belnk[2].txt Spyware:Cookie/fe.lea.lycos Not disinfected C:\Documents and Settings\Faisal Rafi\Cookies\faisal rafi@fe.lea.lycos[1].txt Spyware:Cookie/GangbangSquad Not disinfected C:\Documents and Settings\Faisal Rafi\Cookies\faisal rafi@gangbangsquad[2].txt Spyware:Cookie/Hitbox Not disinfected C:\Documents and Settings\Faisal Rafi\Cookies\faisal rafi@hitbox[2].txt Spyware:Cookie/MetriWeb Not disinfected C:\Documents and Settings\Faisal Rafi\Cookies\faisal rafi@metriweb[1].txt Spyware:Cookie/Mysearch Not disinfected C:\Documents and Settings\Faisal Rafi\Cookies\faisal rafi@mysearch[2].txt Spyware:Cookie/SpyLog Not disinfected C:\Documents and Settings\Faisal Rafi\Cookies\faisal rafi@spylog[2].txt Spyware:Cookie/WinFixer Not disinfected C:\Documents and Settings\Faisal Rafi\Cookies\faisal rafi@winfixer[1].txt Spyware:Cookie/SpySheriff Not disinfected C:\Documents and Settings\Faisal Rafi\Cookies\faisal rafi@www.spysheriff[1].txt Spyware:Cookie/SpySheriff Not disinfected C:\Documents and Settings\Faisal Rafi\Cookies\faisal rafi@www.systemwarning[2].txt Spyware:Cookie/Hbmediapro Not disinfected C:\Documents and Settings\Faisal Rafi\Local Settings\Temp\Cookies\faisal rafi@adopt.hbmediapro[2].txt Spyware:Cookie/Belnk Not disinfected C:\Documents and Settings\Faisal Rafi\Local Settings\Temp\Cookies\faisal rafi@belnk[1].txt Spyware:Cookie/Belnk Not disinfected C:\Documents and Settings\Faisal Rafi\Local Settings\Temp\Cookies\faisal rafi@dist.belnk[2].txt Spyware:Cookie/Mysearch Not disinfected C:\Documents and Settings\Faisal Rafi\Local Settings\Temp\Cookies\faisal rafi@mysearch[2].txt Spyware:Cookie/WinFixer Not disinfected C:\Documents and Settings\Faisal Rafi\Local Settings\Temp\Cookies\faisal rafi@winfixer[2].txt Spyware:Cookie/SpySheriff Not disinfected C:\Documents and Settings\Faisal Rafi\Local Settings\Temp\Cookies\faisal rafi@www.systemwarning[2].txt Potentially unwanted tool:Application/WinAntivirus Not disinfected C:\Documents and Settings\Faisal Rafi\Local Settings\Temp\NI.UWA6P_0001_N56M1011\setup.exe Spyware:Cookie/Belnk Not disinfected C:\Documents and Settings\Najoi Bouziane\Cookies\najoi bouziane@belnk[1].txt Spyware:Cookie/Belnk Not disinfected C:\Documents and Settings\Najoi Bouziane\Cookies\najoi bouziane@dist.belnk[2].txt Spyware:Cookie/MetriWeb Not disinfected C:\Documents and Settings\Najoi Bouziane\Cookies\najoi bouziane@metriweb[1].txt Potentially unwanted tool:Application/Winantivirus2006 Not disinfected C:\Program Files\Common Files\Companion Wizard\compwiz.exe Potentially unwanted tool:Application/Winantivirus2006 Not disinfected C:\Program Files\Common Files\Companion Wizard\WapCHK.dll Potentially unwanted tool:Application/Winantivirus2006 Not disinfected C:\Program Files\Common Files\Companion Wizard\WapCHK{77FD32C6-EB21-45D4-AB4D-26D8E33026C8}.dll Potentially unwanted tool:Application/Winantivirus2006 Not disinfected C:\Program Files\Common Files\Companion Wizard\WapCHK{9E3E3608-D46E-4734-8774-CB845423FB97}.dll Potentially unwanted tool:Application/Winantivirus2006 Not disinfected C:\Program Files\Common Files\WinAntiVirus Pro 2006\WapCHK.dll Potentially unwanted tool:Application/FunWeb Not disinfected C:\WINDOWS\Downloaded Program Files\f3initialsetup1.0.0.8-2.inf
  • Hey :-) Dat had ik dus nodig :wink: Ik ga nu dus een fix uitschrijven, en ik probeer eerst de makkelijkere methode, als dat niet lukt heb ik nog een andere fix in gedachten :-) [b:bdb90f0c16]FiX:[/b:bdb90f0c16] [b:bdb90f0c16]1.[/b:bdb90f0c16]Zet in configuratiescherm --> mapoptie's een vinkje bij verborgen bestanden en mappen weergeven. Haal daarna ook het vinkje weg bij extensie's voor bekende bestandstypen verbergen. Klik vervolgens op toepassen en ok. [b:bdb90f0c16]2.[/b:bdb90f0c16]Verwijder de volgende software via deze methode: ''Start-->Instellingen-->configuratie scherm-->Software'' [b:bdb90f0c16]''Errorsafe''[/b:bdb90f0c16] [b:bdb90f0c16]''WinantivirusPro''[/b:bdb90f0c16] [b:bdb90f0c16]''Spyware strike''[/b:bdb90f0c16] [b:bdb90f0c16]''mywebsearch''[/b:bdb90f0c16] [b:bdb90f0c16]''winantivirus''[/b:bdb90f0c16] [b:bdb90f0c16]3.[/b:bdb90f0c16]Start op in veilige modus:" [b:bdb90f0c16]''Start op''[/b:bdb90f0c16] [b:bdb90f0c16]''Onder het opstarten tab je de F8 key achter elkaar in''[/b:bdb90f0c16] [b:bdb90f0c16]''Selecteer ''veilige modus''[/b:bdb90f0c16] [b:bdb90f0c16]3.[/b:bdb90f0c16]Zoek met behulp van de [i:bdb90f0c16]Windows verkenner[/i:bdb90f0c16] indien aanwezig, de volgende vetgedrukte [b:bdb90f0c16]Mappen+bestanden[/b:bdb90f0c16] op, en verwijder die: C:\WINDOWS\SYSTEM32\[b:bdb90f0c16]ot.ico[/b:bdb90f0c16] :\WINDOWS\DOWNLOADED PROGRAM FILES\[b:bdb90f0c16]f3initialsetup1.0.0.8-2.inf[/b:bdb90f0c16] als je dit [b:bdb90f0c16]Bestand[/b:bdb90f0c16] niet kan vinden doe dan dit even: Ga naar Start - Uitvoeren en tik het volgende commando in: regsvr32 /u occache.dll Druk op Enter. Als je het commando goed hebt ingevoerd, verschijnt de mededeling: "Dll UnregisterServer van occache.dll geslaagd". Bij die melding klik je op "OK". Open vervolgens de map C:\Windows\Downloaded Program Files. Verwijder daaruit het bestand f3initialsetup1.0.0.8-2.inf (dat zal nu zichtbaar zijn). Ga daarna weer naar Start - Uitvoeren en tik in: regsvr32 occache.dll Druk op Enter. Als je het commando goed hebt ingevoerd, verschijnt nu de mededeling: "Dll RegisterServer van occache.dll geslaagd". Bij die melding klik je op "OK". Verder deze bestanden nog opzoeken en verwijderen: C:\WINDOWS\[b:bdb90f0c16]smdat32a.sys[/b:bdb90f0c16] C:\WINDOWS\SYSTEM32\[b:bdb90f0c16]1024[/b:bdb90f0c16] C:\Documents and Settings\Faisal Rafi\Local Settings\Temp\[b:bdb90f0c16]NI.UWA6P_0001_N56M1011\setup.exe[/b:bdb90f0c16] C:\Program Files\Common Files\[b:bdb90f0c16]Companion Wizard[/b:bdb90f0c16]\compwiz.exe C:\Program Files\Common Files\[b:bdb90f0c16]Companion Wizard[/b:bdb90f0c16]\WapCHK.dll [b:bdb90f0c16]4.[/b:bdb90f0c16]Start op in normale modus [b:bdb90f0c16]5.[/b:bdb90f0c16]Download ATF cleaner (gemaakt door Atribune) http://www.atribune.org/ccount/click.php?id=1 Dubbelklik op ATF cleaner om het programma te starten. Op het tabblad "Main", plaats je een vinkje bij Select All. Klik op de knop Empty Selected. Gebruik je ook Firefox als browser: Klik op tabblad "Firefox", plaats een vinkje bij Select All. Wil je de door Firefox opgeslagen wachtwoorden behouden, dan klik je in het venster dat verschijnt op "No". (dit haalt het vinkje weer weg bij "Firefox saved passwords") Klik op de knop Empty Selected. Gebruik je ook Opera als browser: Klik op tabblad "Opera", plaats een vinkje bij Select All. Wil je de door Opera opgeslagen wachtwoorden behouden, dan klik je in het venster dat verschijnt op "No". Klik op de knop Empty Selected. Ga naar het tabblad "Main" en klik op de knop Exit om het programma af te sluiten. [b:bdb90f0c16]6.[/b:bdb90f0c16]Leeg de volgende mappen met behulp van de [i:bdb90f0c16]''windows verkenner:[/i:bdb90f0c16] [b:bdb90f0c16]7.[/b:bdb90f0c16]Doe nu nog eens een scan met ewido, en panda, en plaats een schoon hijackthis logje. [b:bdb90f0c16]8.[/b:bdb90f0c16][i:bdb90f0c16]BESCHRIJF[/i:bdb90f0c16] je ervaringen, vertel welke mappen gelukt zijn te verwijderen en welke niet, en plaats de logjes van [b:bdb90f0c16]''Ewido''[/b:bdb90f0c16] [b:bdb90f0c16]''Panda''[/b:bdb90f0c16] [b:bdb90f0c16]''Hijackthis[/b:bdb90f0c16] Greetz [b:bdb90f0c16]''Chrizz''[/b:bdb90f0c16] :wink:
  • Kleine aanvulling [quote:a4cf5e3569="ChRizz."] [b:a4cf5e3569]6.[/b:a4cf5e3569]Leeg de volgende mappen met behulp van de [i:a4cf5e3569]''windows verkenner:[/i:a4cf5e3569] [b:a4cf5e3569]Temp - files[/b:a4cf5e3569] C:\Documents and Settings\<Gebruikersnaam>\Local Settings\Temp\ C:\Documents and Settings\<gebruikersnaam>\Local Settings\Temporary Internet Files C:\Documents and Settings\<gebruikersnaam>\Local Settings\Temporary Internet Files\content.ie5 <= als deze map niet weergegeven word ga dan naar de map temporary internet files en type dan \content.ie5 erachter in de adresbalk en klik enter C:\Windows\Temp\ [/quote:a4cf5e3569] Dit gebeurt door ATFcleaner ChRizz. Als je dit bestand C:\WINDOWS\DOWNLOADED PROGRAM FILES\f3initialsetup1.0.0.8-2.inf niet kan vinden, doe je dit even: Ga naar Start - Uitvoeren en tik het volgende commando in: [b:a4cf5e3569]regsvr32 /u occache.dll[/b:a4cf5e3569] Druk op Enter. Als je het commando goed hebt ingevoerd, verschijnt de mededeling: "Dll UnregisterServer van occache.dll geslaagd". Bij die melding klik je op "OK". Open vervolgens de map C:\Windows\Downloaded Program Files. Verwijder daaruit het bestand [b:a4cf5e3569]f3initialsetup1.0.0.8-2.inf[/b:a4cf5e3569] (dat zal nu zichtbaar zijn). Ga daarna weer naar Start - Uitvoeren en tik in: [b:a4cf5e3569]regsvr32 occache.dll[/b:a4cf5e3569] Druk op Enter. Als je het commando goed hebt ingevoerd, verschijnt nu de mededeling: "Dll RegisterServer van occache.dll geslaagd". Bij die melding klik je op "OK".
  • Bedankt mark ! Ik ben nieuw met het programma ATF-cleaner, En zit nog in de opleiding, dus erg aardig dat je het even toevoegt.ik verander mijn post wel even zodat jij jou post kan verwijderen, goed? Greetz chriz.
  • Ik meende je herkend te hebben op Hijackthis.nl. ? Laat maar staan. De TS zal er wel uitgeraken.
  • Hoi ChRizz. Voeg deze link nog even toe voor het downloaden van ATF cleaner: http://www.atribune.org/ccount/click.php?id=1 Groeten smeenk :wink:
  • Dag Chrizz, Ik las dat je inz panda diverse aanbevelingen had. Ik zit ook met een panda probleem en beschreef dit bij; Anders (internet) met onderwerp; internet auteur; gruijters Zou je daar eens naar willen kijken? Dank bv.Timo
  • Hey allemaal, Ik zit momenteel in Duitsland, dus kan ik de voorgestelde handelingen niet uitvoeren. Ben Dinsdag terug en ga het dan uitvoeren. In ieder geval bedankt voor de tips, Chrizz, Marc en Smeenk. 8)
  • Is goed :) Fijne ''vakantie'' nog als het een vakantie is 8) Ik zie de logjes wel verschijnen als je mn stappenplan hebt voltooid :wink: Greetz chriz
  • Ja laten we het houden op vakantie 8) Tot later.
  • Ok heb het nodige gedaan en zal de log files hier posten. Over de software heb ik een vraag: Deze vond ik namelijk niet terug op mijn pc. Was deze fix dan iets algemeens ?
  • Logfile of HijackThis v1.99.1 Scan saved at 1:09:48 PM, on 3/14/2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe C:\Program Files\ewido anti-malware\ewidoctrl.exe C:\Program Files\ewido anti-malware\ewidoguard.exe C:\Program Files\Norton AntiVirus\navapsvc.exe C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe C:\WINDOWS\system32\pctspk.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Synaptics\SynTP\SynTPLpr.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\WINDOWS\system32\S3tray2.exe C:\Program Files\Common Files\Symantec Shared\ccApp.exe C:\Program Files\Hewlett-Packard\Digital Imaging\Unload\hpqcmon.exe C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE C:\Program Files\MSN Messenger\msnmsgr.exe C:\PROGRA~1\MICROS~2\Office10\OUTLOOK.EXE C:\Program Files\Messenger\msmsgs.exe C:\Program Files\Microsoft Office\Office10\WINWORD.EXE C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\HijackThis\HijackThis.exe R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1 O2 - BHO: PaltalkWebLogin - {502C3BA4-2C3E-4317-BC29-C0445E82B1F9} - C:\Program Files\Common Files\Paltalk\PaltalkWebLogin.dll O2 - BHO: NAV Helper - {A8F38D8D-E480-4D52-B7A2-731BB6995FDD} - C:\Program Files\Norton AntiVirus\NavShExt.dll O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.4000.1001\nl\msntb.dll (file missing) O3 - Toolbar: Norton AntiVirus - {C4069E3A-68F1-403E-B40E-20066696354B} - C:\Program Files\Norton AntiVirus\NavShExt.dll O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [S3TRAY2] S3tray2.exe O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto O4 - HKLM\..\Run: [NAV CfgWiz] "C:\Program Files\Norton AntiVirus\CfgWiz.exe" /GUID {0D7956A2-5A08-4ec2-A72C-DF8495A66016} /MODE CfgWiz /CMDLINE "REBOOT" O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [CamMonitor] C:\Program Files\Hewlett-Packard\Digital Imaging\\Unload\hpqcmon.exe O4 - HKLM\..\RunServices: [Rundll32] rundll2.dl_ O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.imgfarm.com/images/nocache/funwebproducts/ei-2/SmileyCentralFWBInitialSetup1.0.0.8-2.cab O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmessengersetupdownloader.cab O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab32846.cab O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido anti-malware\ewidoguard.exe O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~2.EXE O23 - Service: Macromedia Licensing Service - Macromedia - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe O23 - Service: Norton Protection Center Service (NSCService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE O23 - Service: PCTEL Speaker Phone (Pctspk) - PCtel, Inc. - C:\WINDOWS\system32\pctspk.exe O23 - Service: Symantec AVScan (SAVScan) - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe O23 - Service: SPBBCSvc - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
  • Hoi.. :) Dat je de software niet hebt kunnen vinden is niet zo vreemd :wink: Kijk zo heb ik bekeken, en het was een kleine kans van slagen dat dat er op zou staan {de softwares:} Jou panda log: Incident Status Location Adware:adware/securityerror Not disinfected C:\WINDOWS\SYSTEM32\ot.ico Potentially unwanted tool:application/funweb Not disinfected C:\WINDOWS\DOWNLOADED PROGRAM FILES\f3initialsetup1.0.0.8-2.inf Spyware:application/bestoffer Not disinfected C:\WINDOWS\smdat32a.sys Potentially unwanted tool:application/myway Not disinfected C:\PROGRAM FILES\MySearch Potentially unwanted tool:application/errorsafe Not disinfected C:\PROGRAM FILES\COMMON FILES\ErrorSafe Potentially unwanted tool:application/winantivirus2006 Not disinfected C:\PROGRAM FILES\COMMON FILES\WinAntiVirus Pro 2006 Adware:adware/spywarestrike Not disinfected C:\WINDOWS\SYSTEM32\1024 Potentially unwanted tool:application/mywebsearch Not disinfected HKEY_CURRENT_USER\SOFTWARE\MYWEBSEARCH Potentially unwanted tool:application/need2find Not disinfected HKEY_CURRENT_USER\SOFTWARE\NEED2FIND Spyware:spyware/rxtoolbar Not disinfected Windows Registry Spyware:Cookie/Hbmediapro Not disinfected C:\Documents and Settings\Faisal Rafi\Cookies\faisal rafi@adopt.hbmediapro[2].txt Spyware:Cookie/Atlas DMT Not disinfected C:\Documents and Settings\Faisal Rafi\Cookies\faisal rafi@atdmt[2].txt Spyware:Cookie/Azjmp Not disinfected C:\Documents and Settings\Faisal Rafi\Cookies\faisal rafi@azjmp[2].txt Spyware:Cookie/Belnk Not disinfected C:\Documents and Settings\Faisal Rafi\Cookies\faisal rafi@belnk[1].txt Spyware:Cookie/Com.com Not disinfected C:\Documents and Settings\Faisal Rafi\Cookies\faisal rafi@com[1].txt Spyware:Cookie/Belnk Not disinfected C:\Documents and Settings\Faisal Rafi\Cookies\faisal rafi@dist.belnk[2].txt Spyware:Cookie/fe.lea.lycos Not disinfected C:\Documents and Settings\Faisal Rafi\Cookies\faisal rafi@fe.lea.lycos[1].txt Spyware:Cookie/GangbangSquad Not disinfected C:\Documents and Settings\Faisal Rafi\Cookies\faisal rafi@gangbangsquad[2].txt Spyware:Cookie/Hitbox Not disinfected C:\Documents and Settings\Faisal Rafi\Cookies\faisal rafi@hitbox[2].txt Spyware:Cookie/MetriWeb Not disinfected C:\Documents and Settings\Faisal Rafi\Cookies\faisal rafi@metriweb[1].txt Spyware:Cookie/Mysearch Not disinfected C:\Documents and Settings\Faisal Rafi\Cookies\faisal rafi@mysearch[2].txt Spyware:Cookie/SpyLog Not disinfected C:\Documents and Settings\Faisal Rafi\Cookies\faisal rafi@spylog[2].txt Spyware:Cookie/WinFixer Not disinfected C:\Documents and Settings\Faisal Rafi\Cookies\faisal rafi@winfixer[1].txt Spyware:Cookie/SpySheriff Not disinfected C:\Documents and Settings\Faisal Rafi\Cookies\faisal rafi@www.spysheriff[1].txt Spyware:Cookie/SpySheriff Not disinfected C:\Documents and Settings\Faisal Rafi\Cookies\faisal rafi@www.systemwarning[2].txt Spyware:Cookie/Hbmediapro Not disinfected C:\Documents and Settings\Faisal Rafi\Cookies\faisal rafi@adopt.hbmediapro[2].txt Spyware:Cookie/Atlas DMT Not disinfected C:\Documents and Settings\Faisal Rafi\Cookies\faisal rafi@atdmt[2].txt Spyware:Cookie/Azjmp Not disinfected C:\Documents and Settings\Faisal Rafi\Cookies\faisal rafi@azjmp[2].txt Spyware:Cookie/Belnk Not disinfected C:\Documents and Settings\Faisal Rafi\Cookies\faisal rafi@belnk[1].txt Spyware:Cookie/Com.com Not disinfected C:\Documents and Settings\Faisal Rafi\Cookies\faisal rafi@com[1].txt Spyware:Cookie/Belnk Not disinfected C:\Documents and Settings\Faisal Rafi\Cookies\faisal rafi@dist.belnk[2].txt Spyware:Cookie/fe.lea.lycos Not disinfected C:\Documents and Settings\Faisal Rafi\Cookies\faisal rafi@fe.lea.lycos[1].txt Spyware:Cookie/GangbangSquad Not disinfected C:\Documents and Settings\Faisal Rafi\Cookies\faisal rafi@gangbangsquad[2].txt Spyware:Cookie/Hitbox Not disinfected C:\Documents and Settings\Faisal Rafi\Cookies\faisal rafi@hitbox[2].txt Spyware:Cookie/MetriWeb Not disinfected C:\Documents and Settings\Faisal Rafi\Cookies\faisal rafi@metriweb[1].txt Spyware:Cookie/Mysearch Not disinfected C:\Documents and Settings\Faisal Rafi\Cookies\faisal rafi@mysearch[2].txt Spyware:Cookie/SpyLog Not disinfected C:\Documents and Settings\Faisal Rafi\Cookies\faisal rafi@spylog[2].txt Spyware:Cookie/WinFixer Not disinfected C:\Documents and Settings\Faisal Rafi\Cookies\faisal rafi@winfixer[1].txt Spyware:Cookie/[b:afa1f432ea]spySheriff[/b:afa1f432ea] Not disinfected C:\Documents and Settings\Faisal Rafi\Cookies\faisal rafi@www.spysheriff[1].txt Spyware:Cookie/[b:afa1f432ea]SpySheriff[/b:afa1f432ea] Not disinfected C:\Documents and Settings\Faisal Rafi\Cookies\faisal rafi@www.systemwarning[2].txt Spyware:Cookie/Hbmediapro Not disinfected C:\Documents and Settings\Faisal Rafi\Local Settings\Temp\Cookies\faisal rafi@adopt.hbmediapro[2].txt Spyware:Cookie/Belnk Not disinfected C:\Documents and Settings\Faisal Rafi\Local Settings\Temp\Cookies\faisal rafi@belnk[1].txt Spyware:Cookie/Belnk Not disinfected C:\Documents and Settings\Faisal Rafi\Local Settings\Temp\Cookies\faisal rafi@dist.belnk[2].txt Spyware:Cookie/Mysearch Not disinfected C:\Documents and Settings\Faisal Rafi\Local Settings\Temp\Cookies\faisal rafi@[b:afa1f432ea]mysearch[/b:afa1f432ea][2].txt Spyware:Cookie/[b:afa1f432ea]winFixer[/b:afa1f432ea] Not disinfected C:\Documents and Settings\Faisal Rafi\Local Settings\Temp\Cookies\faisal rafi@winfixer[2].txt Spyware:Cookie/SpySheriff Not disinfected C:\Documents and Settings\Faisal Rafi\Local Settings\Temp\Cookies\faisal rafi@www.systemwarning[2].txt Potentially unwanted tool:Application/[b:afa1f432ea]WinAntivirus[/b:afa1f432ea] Not disinfected C:\Documents and Settings\Faisal Rafi\Local Settings\Temp\NI.UWA6P_0001_N56M1011\setup.exe Spyware:Cookie/Belnk Not disinfected C:\Documents and Settings\Najoi Bouziane\Cookies\najoi bouziane@belnk[1].txt Spyware:Cookie/Belnk Not disinfected C:\Documents and Settings\Najoi Bouziane\Cookies\najoi bouziane@dist.belnk[2].txt Spyware:Cookie/MetriWeb Not disinfected C:\Documents and Settings\Najoi Bouziane\Cookies\najoi bouziane@metriweb[1].txt Potentially unwanted tool:Application/[b:afa1f432ea]Winantivirus2006[/b:afa1f432ea] Not disinfected C:\Program Files\Common Files\Companion Wizard\compwiz.exe Potentially unwanted tool:Application/[b:afa1f432ea]Winantivirus2006[/b:afa1f432ea] Not disinfected C:\Program Files\Common Files\Companion Wizard\WapCHK.dll Potentially unwanted tool:Application/[b:afa1f432ea]Winantivirus2006[/b:afa1f432ea] Not disinfected C:\Program Files\Common Files\Companion Wizard\WapCHK{77FD32C6-EB21-45D4-AB4D-26D8E33026C8}.dll Potentially unwanted tool:Application/[b:afa1f432ea]Winantivirus2006[/b:afa1f432ea]Not disinfected C:\Program Files\Common Files\Companion Wizard\WapCHK{9E3E3608-D46E-4734-8774-CB845423FB97}.dll Potentially unwanted tool:Application/Winantivirus2006 Not disinfected C:\Program Files\Common Files\[b:afa1f432ea]WinAntiVirus Pro 2006[/b:afa1f432ea]\WapCHK.dll Potentially unwanted tool:Application/FunWeb Not disinfected C:\WINDOWS\Downloaded Program Files\f3initialsetup1.0.0.8-2.inf Ik heb een aantal vetgedrukt gemaakt Dus er was in feite een kans dat die programmas er wel opzaten dit is zo te zien niet zo. 2.)Je hijackthis log is schoon toch verzoek ik je nog even een ewido en panda log te plaatsen :wink: Beschrijf ook wat uitgebreider of je nog problemen e.d. hebt :wink: Greetz chrizz
  • Hey bedankt voor je uitleg Chrizz. Zal de andere logs tegen morgen erop zetten. Ik ondervind niet echt veel problemen. Behalve dan een rotprobleem en dat is dat mijn laptop (dit zijn logs van mijn laptop) soms vastloopt. Het scherm "freezed" gewoon. Eerst dacht ik mischien dat mijn koeler het niet meer goed deed of vastzat door stof maar na een grondige kuisbeurt, gebeurt dit nog steeds. Zou dit komen door een virus of zo ? ? ? Ik weet het niet. En aangezien de hijackthis log proper was... Ik weet het echt niet... :(

Beantwoord deze vraag

Weet jij het antwoord op deze vraag? Registreer of meld je aan met je account

Dit is een gearchiveerde pagina. Antwoorden is niet meer mogelijk.