Op deze website gebruiken we cookies om content en advertenties te personaliseren, om functies voor social media te bieden en om ons websiteverkeer te analyseren. Ook delen we informatie over uw gebruik van onze site met onze partners voor social media, adverteren en analyse. Deze partners kunnen deze gegevens combineren met andere informatie die u aan ze heeft verstrekt of die ze hebben verzameld op basis van uw gebruik van hun services. Meer informatie.

Akkoord

Vraag & Antwoord

Beveiliging & privacy

hijack log

None
9 antwoorden
  • Hallo,

    Hierbij stuur ik mijn hijacklog van mijn computer. Ik heb laatste tijd erg last van internet dat uitvalt. En internet explorer werkt traag. Heb ik besmettingen op mijn pc?

    Logfile of HijackThis v1.99.1
    Scan saved at 20:00:15, on 19-8-2006
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.5450.0004)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
    C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
    C:\WINDOWS\system32
    vsvc32.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\Mixer.exe
    C:\WINDOWS\system32\rundll32.exe
    C:\WINDOWS\system32\LVCOMSX.EXE
    C:\Program Files\Logitech\Video\LogiTray.exe
    C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
    C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
    C:\Program Files\QuickTime\qttask.exe
    C:\Program Files\DAEMON Tools\daemon.exe
    C:\Program Files\MSN Messenger\MsnMsgr.Exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Pinnacle\Shared Files\Programs\Scheduler\PCLEScheduler.exe
    C:\Program Files\Logitech\Video\FxSvr2.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Windows Media Player\wmplayer.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\hijackthis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.nl/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=54729
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=55245&clcid={SUB_CLCID}
    F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
    O2 - BHO: iFinger plugin / Browser helper object - {A114D52B-870C-4F15-8021-B6D7F91A054B} - C:\PROGRA~1\iFinger\plugins\IE.ifp
    O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
    O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
    O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
    O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
    O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
    O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
    O4 - Global Startup: Pinnacle Scheduler.lnk = C:\Program Files\Pinnacle\Shared Files\Programs\Scheduler\PCLEScheduler.exe
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
    O11 - Options group: [INTERNATIONAL] International*
    O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/downloads/kws/kavwebscan.cab
    O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1135367091281
    O16 - DPF: {745395C8-D0E1-4227-8586-624CA9A10A8D} (AxisMediaControl Class) - http://www.duinenstrand.nl/VideoWeb/AMC.cab
    O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Besturing) - http://a840.g.akamai.net/7/840/537/2004061001/housecall.trendmicro.com/housecall/xscan53.cab
    O16 - DPF: {80DD2229-B8E4-4C77-B72F-F22972D723EA} (AvxScanOnline Control) - http://www.bitdefender.com/scan/Msie/bitdefender.cab
    O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
    O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
    O16 - DPF: {A18962F6-E6ED-40B1-97C9-1FB36F38BFA8} (Aurigma Image Uploader 3.5 Control) - http://cache.hyves.nl/statics/Aurigma/ImageUploader.cab
    O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
    O16 - DPF: {E55FD215-A32E-43FE-A777-A7E8F165F551} (Flatcast Viewer 4.15) - http://www.flatcast.com/de/download/NpFv415.dll
    O16 - DPF: {E991BDE0-9816-4094-853E-6BDB60F0342D} (Get_ActiveX Control) - http://apps.corel.com/nos_dl_manager/plugin/IENetOpPlugin.ocx
    O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://chat.msn.com/bin/msnchat45.cab
    O17 - HKLM\System\CCS\Services\Tcpip\..\{7B8FA31C-1DC8-445C-8A79-B9AD7A1C1FFD}: NameServer = 10.0.0.138
    O20 - Winlogon Notify: RAinit - C:\WINDOWS\SYSTEM32\RAinit.dll
    O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
    O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
    O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
    O23 - Service: MSSQLServerADHelper - Unknown owner - C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqladhlp.exe (file missing)
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32
    vsvc32.exe

    Vriendelijke groet,
    TvSchendel
  • Even kijken hoor. 8)
  • Download [b:d13d001338]IEFix.exe[/b:d13d001338]
    Dubbelklikken op IEFix.exe om het te starten.


    Download [b:d13d001338]Dr.Web CureIt[/color:d13d001338][/b:d13d001338] naar je Bureaublad:[list:d13d001338][*:d13d001338]Dubbelklik [b:d13d001338]drweb-cureit.exe[/b:d13d001338] en sta het toe om de express scan te starten.
    [*:d13d001338]Dit zal de bestanden scannen die momenteel in het geheugen geladen zijn en wanneer er iets gevonden wordt,
    klik de [b:d13d001338]Yes to all[/b:d13d001338] knop bij de vraag 'cure it?'. Dit is enkel een korte scan.
    [*:d13d001338]Eenmaal de korte scan is beeïndigd, kan je de drives selecteren die je wilt laten scannen.
    [*:d13d001338]Selecteer hier [b:d13d001338]alle drives[/b:d13d001338]. Een rood bolletje zal dan tevoorschijn komen op de drives die je laat scannen.
    [*:d13d001338]Klik daarna de [b:d13d001338]groene pijl[/b:d13d001338] rechts om de scan te starten.
    [*:d13d001338]Klik [b:d13d001338]Yes to all[/b:d13d001338] wanneer er gevraagd wordt om cure of move uit te voeren.
    [*:d13d001338]Wanneer de scan beëindigd is, kijk of je kunt op het icoontje naast de gevonden bestanden klikken: [img:d13d001338]http://users.telenet.be/bluepatchy/miekiemoes/images/check.gif[/img:d13d001338]
    [*:d13d001338]Indien ja,klik er op en klik vervolgens op het icoontje er juist onder en selecteer [b:d13d001338]Move incurable[/b:d13d001338] zoals je hier ziet:
    [img:d13d001338]http://users.telenet.be/bluepatchy/miekiemoes/images/move.gif[/img:d13d001338]
    Dit verplaatst gevonden bestanden naar de "%userprofile%\DoctorWeb\quarantaine-map" indien herstel niet mogelijk is.
    [*:d13d001338]Nadat de scan gedaan is, in het menu bovenaan, klik [b:d13d001338]File[/b:d13d001338] en kies [b:d13d001338]Save report List[/b:d13d001338]. Bewaar het op je Bureaublad.
    [*:d13d001338]Sluit daarna Dr.Web Cureit.
    [*:d13d001338][b:d13d001338]Herstart[/b:d13d001338] je computer!! [i:d13d001338]Belangrijke stap, want het kan zijn dat Dr.Web Cureit bestanden zal verplaatsen/verwijderen tijdens herstart[/i:d13d001338].
    [*:d13d001338]Na het herstarten, [b:d13d001338]kopieer en plak de inhoud van die log die je eerder hebt bewaard in je volgende post[/b:d13d001338].
    [/list:u:d13d001338]

    Mag ik een nieuw logje van HJT aub en vertel eens of het verholpen is.
  • Hierbij een log van de gemaakte scan + hijack log. De problemen zijn nog niet helemaal verholpen. Internet is nog traag.

    A0088773.exe C:\System Volume Information\_restore{CE49CFD6-A291-49CB-A00B-FFF036A572A4}\RP581 Tool.Prockill Incurable.Moved.
    A0088775.exe C:\System Volume Information\_restore{CE49CFD6-A291-49CB-A00B-FFF036A572A4}\RP581 Trojan.Shutdown Deleted.


    Logfile of HijackThis v1.99.1
    Scan saved at 13:50:50, on 20-8-2006
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.5450.0004)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
    C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
    C:\WINDOWS\system32
    vsvc32.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\Mixer.exe
    C:\WINDOWS\system32\rundll32.exe
    C:\WINDOWS\system32\LVCOMSX.EXE
    C:\Program Files\Logitech\Video\LogiTray.exe
    C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
    C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
    C:\Program Files\QuickTime\qttask.exe
    C:\Program Files\DAEMON Tools\daemon.exe
    C:\Program Files\MSN Messenger\MsnMsgr.Exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Pinnacle\Shared Files\Programs\Scheduler\PCLEScheduler.exe
    C:\Program Files\Logitech\Video\FxSvr2.exe
    C:\Program Files\Microsoft Office\Office10\EXCEL.EXE
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\hijackthis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.nl/
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    R3 - URLSearchHook: {1A03F196-9617-4CA0-842B-A83CEECB022B} - - (no file)
    F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
    O2 - BHO: iFinger plugin / Browser helper object - {A114D52B-870C-4F15-8021-B6D7F91A054B} - C:\PROGRA~1\iFinger\plugins\IE.ifp
    O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
    O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
    O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
    O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
    O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
    O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
    O4 - Global Startup: Pinnacle Scheduler.lnk = C:\Program Files\Pinnacle\Shared Files\Programs\Scheduler\PCLEScheduler.exe
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
    O11 - Options group: [INTERNATIONAL] International*
    O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/downloads/kws/kavwebscan.cab
    O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1135367091281
    O16 - DPF: {745395C8-D0E1-4227-8586-624CA9A10A8D} (AxisMediaControl Class) - http://www.duinenstrand.nl/VideoWeb/AMC.cab
    O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Besturing) - http://a840.g.akamai.net/7/840/537/2004061001/housecall.trendmicro.com/housecall/xscan53.cab
    O16 - DPF: {80DD2229-B8E4-4C77-B72F-F22972D723EA} (AvxScanOnline Control) - http://www.bitdefender.com/scan/Msie/bitdefender.cab
    O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
    O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
    O16 - DPF: {A18962F6-E6ED-40B1-97C9-1FB36F38BFA8} (Aurigma Image Uploader 3.5 Control) - http://cache.hyves.nl/statics/Aurigma/ImageUploader.cab
    O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
    O16 - DPF: {E55FD215-A32E-43FE-A777-A7E8F165F551} (Flatcast Viewer 4.15) - http://www.flatcast.com/de/download/NpFv415.dll
    O16 - DPF: {E991BDE0-9816-4094-853E-6BDB60F0342D} (Get_ActiveX Control) - http://apps.corel.com/nos_dl_manager/plugin/IENetOpPlugin.ocx
    O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://chat.msn.com/bin/msnchat45.cab
    O17 - HKLM\System\CCS\Services\Tcpip\..\{7FF6B33E-0D8E-4DF2-8A34-18A06C604389}: NameServer = 10.0.0.138
    O20 - Winlogon Notify: RAinit - C:\WINDOWS\SYSTEM32\RAinit.dll
    O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
    O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
    O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
    O23 - Service: MSSQLServerADHelper - Unknown owner - C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqladhlp.exe (file missing)
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32
    vsvc32.exe
  • Andere scanner,

    Download en installeer [b:14e41f5cc4]Ewido Anti-Spyware 4.0[/b:14e41f5cc4][/color:14e41f5cc4].[list:14e41f5cc4]
    Na de installatie, open Ewido Anti-Spyware 4.0:
    * onder "[b:14e41f5cc4]Status[/b:14e41f5cc4]", klik op [b:14e41f5cc4]Change state[/b:14e41f5cc4] naast "Resident shield". (wijzig van active naar [b:14e41f5cc4]inactive[/b:14e41f5cc4]!)
    * onder "[b:14e41f5cc4]Update[/b:14e41f5cc4]", klik op de [b:14e41f5cc4]Start update[/b:14e41f5cc4] knop.
    * onder "[b:14e41f5cc4]Scanner[/b:14e41f5cc4]", tab "Settings":[list:14e41f5cc4]- onder "How to act?", klik op "[u:14e41f5cc4]Recommended actions[/u:14e41f5cc4]" en selecteer [b:14e41f5cc4]Quarantine[/b:14e41f5cc4]. ([b:14e41f5cc4]ZEER BELANGRIJK![/b:14e41f5cc4])
    - onder "Reports", selecteer [b:14e41f5cc4]Automatically generate report after every scan[/b:14e41f5cc4] en [u:14e41f5cc4]verwijder[/u:14e41f5cc4] het vinkje bij [b:14e41f5cc4]Only if threats were found[/b:14e41f5cc4][/list:u:14e41f5cc4]
    Sluit Ewido. Laat het [b:14e41f5cc4]nog niet[/b:14e41f5cc4] scannen.[/list:u:14e41f5cc4]

    start op in veilige modus(op F8 drukken tijdens opstarten)

    Start [b:14e41f5cc4]Ewido[/b:14e41f5cc4][/color:14e41f5cc4].[list:14e41f5cc4]* Klik op [b:14e41f5cc4]Scan[/b:14e41f5cc4] en kies [b:14e41f5cc4]Complete System Scan[/b:14e41f5cc4].
    * Na afloop van de scan, klik je op [b:14e41f5cc4]Apply All Actions[/b:14e41f5cc4].
    * Wanneer je de melding krijgt 'All actions have been applied', klik je onderaan op de knop [b:14e41f5cc4]Save Report[/b:14e41f5cc4].
    * Klik in het menu bovenaan op [b:14e41f5cc4]Reports[/b:14e41f5cc4]. Kopieer het rapport van de scan en plaats dat hier in je volgende bericht.[/list:u:14e41f5cc4]
  • ———————————————————
    ewido anti-spyware - Scan Report
    ———————————————————

    + Created at: 17:35:59 20-8-2006

    + Scan result:



    C:\WINDOWS\system32\70tovmto.ini -> Adware.Sahat : Cleaned with backup (quarantined).
    C:\Documents and Settings\Thomas\Cookies\thomas@2o7[2].txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
    C:\Documents and Settings\Thomas\Cookies\thomas@microsofteup.112.2o7[1].txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
    C:\Documents and Settings\Thomas\Cookies\thomas@msnportal.112.2o7[1].txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
    C:\Documents and Settings\Thomas\Cookies\thomas@adtech[2].txt -> TrackingCookie.Adtech : Cleaned with backup (quarantined).
    C:\Documents and Settings\Thomas\Cookies\thomas@atdmt[2].txt -> TrackingCookie.Atdmt : Cleaned with backup (quarantined).
    C:\Documents and Settings\Thomas\Cookies\thomas@bluestreak[1].txt -> TrackingCookie.Bluestreak : Cleaned with backup (quarantined).
    C:\Documents and Settings\Thomas\Cookies\thomas@bluestreak[2].txt -> TrackingCookie.Bluestreak : Cleaned with backup (quarantined).
    C:\Documents and Settings\Thomas\Cookies\thomas@doubleclick[1].txt -> TrackingCookie.Doubleclick : Cleaned with backup (quarantined).
    C:\Documents and Settings\Thomas\Cookies\thomas@as-eu.falkag[1].txt -> TrackingCookie.Falkag : Cleaned with backup (quarantined).
    C:\Documents and Settings\Thomas\Cookies\thomas@as1.falkag[1].txt -> TrackingCookie.Falkag : Cleaned with backup (quarantined).
    C:\Documents and Settings\Thomas\Cookies\thomas@stat.onestat[2].txt -> TrackingCookie.Onestat : Cleaned with backup (quarantined).
    C:\Documents and Settings\Thomas\Cookies\thomas@stat.onestat[3].txt -> TrackingCookie.Onestat : Cleaned with backup (quarantined).
    C:\Documents and Settings\Thomas\Cookies\thomas@ads.pointroll[2].txt -> TrackingCookie.Pointroll : Cleaned with backup (quarantined).
    C:\Documents and Settings\Thomas\Cookies\thomas@project2.realtracker[1].txt -> TrackingCookie.Realtracker : Cleaned with backup (quarantined).
    C:\Documents and Settings\Thomas\Cookies\thomas@serving-sys[1].txt -> TrackingCookie.Serving-sys : Cleaned with backup (quarantined).
    C:\Documents and Settings\Thomas\Cookies\thomas@statcounter[1].txt -> TrackingCookie.Statcounter : Cleaned with backup (quarantined).
    C:\Documents and Settings\Thomas\Cookies\thomas@tradedoubler[1].txt -> TrackingCookie.Tradedoubler : Cleaned with backup (quarantined).
    C:\Documents and Settings\Thomas\Cookies\thomas@weborama[1].txt -> TrackingCookie.Weborama : Cleaned with backup (quarantined).
    C:\Documents and Settings\Thomas\Cookies\thomas@statse.webtrendslive[2].txt -> TrackingCookie.Webtrendslive : Cleaned with backup (quarantined).
    C:\Documents and Settings\Thomas\Cookies\thomas@ad.yieldmanager[1].txt -> TrackingCookie.Yieldmanager : Cleaned with backup (quarantined).


    ::Report end
  • Hallo, ga eens naar software en als daar in de lijst [b:404edb7072]ISTbar[/b:404edb7072] voorkomt wil je die dan verwijderen aub.

    start ewido opnieuw en laat nu alles [b:404edb7072]verwijderen[/b:404edb7072] wat het vind.

    Plaats ook een nieuw HJT logje ter controle aub en vertel gelijk of je problemen nu over zijn.
  • ISTbar is niet te vinden in de softwarelijst. Krijg regelmatig pop-up van top 40 ringtone.
  • [quote:0c584cf9dd="TvSchendel"]ISTbar is niet te vinden in de softwarelijst. Krijg regelmatig pop-up van top 40 ringtone.[/quote:0c584cf9dd]

    probleem al over??

Beantwoord deze vraag

Dit is een gearchiveerde pagina. Antwoorden is niet meer mogelijk.