Vraag & Antwoord

Beveiliging & privacy

virus: trojan dumaru en bargain buddy

7 antwoorden
  • wie kan mij helpen om de virussen te verwijderen / infomatie geven aan de hand van deze logfile? [code:1:95fb7bb985]Logfile of HijackThis v1.99.1 Scan saved at 22:24:31, on 19-12-2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\csrss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe C:\WINDOWS\system32\CTSvcCDA.EXE c:\program files\mcafee.com\agent\mcdetect.exe c:\PROGRA~1\mcafee.com\vso\mcshield.exe c:\PROGRA~1\mcafee.com\agent\mctskshd.exe C:\WINDOWS\system32\nvsvc32.exe C:\Program Files\Spyware Doctor\sdhelp.exe C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\wdfmgr.exe C:\WINDOWS\system32\MsPMSPSv.exe C:\Program Files\Analog Devices\SoundMAX\SMTray.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe C:\Program Files\Common Files\Real\Update_OB\realsched.exe C:\Program Files\HP\HP Software Update\HPWuSchd2.exe C:\Program Files\Common Files\Nokia\NCLTools\NclTray.exe C:\PROGRA~1\Nokia\NOKIAP~2\LAUNCH~1.EXE C:\Program Files\QuickTime\qttask.exe C:\Program Files\McAfee.com\VSO\mcvsshld.exe C:\Program Files\McAfee.com\VSO\oasclnt.exe c:\program files\mcafee.com\agent\mcagent.exe c:\progra~1\mcafee.com\vso\mcvsescn.exe C:\Program Files\SPYWAREfighter\spftray.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\CyberLink DVD Solution\Multimedia Launcher\PowerBar.exe C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE C:\Program Files\OLYMPUS\OLYMPUS Master\Monitor.exe C:\Program Files\Spyware Doctor\swdoctor.exe C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe C:\Program Files\Sony Corporation\Picture Package\Picture Package Menu\SonyTray.exe C:\PROGRA~1\COMMON~1\PCSuite\Services\SERVIC~1.EXE C:\Program Files\Sony Corporation\Picture Package\Picture Package Applications\Residence.exe C:\Program Files\SPYWAREfighter\spfprc.exe C:\PROGRA~1\COMMON~1\Nokia\MPAPI\MPAPI3s.exe c:\progra~1\mcafee.com\vso\mcvsftsn.exe C:\WINDOWS\System32\alg.exe C:\WINDOWS\system32\locator.exe C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe C:\Program Files\Google\GoogleToolbarNotifier\1.2.908.5008\GoogleToolbarNotifier.exe C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\WinRAR\WinRAR.exe C:\DOCUME~1\Ederveen\LOCALS~1\Temp\Rar$EX00.281\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: PCTools Site Guard - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - C:\PROGRA~1\SPYWAR~1\tools\iesdsg.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll O2 - BHO: PCTools Browser Monitor - {B56A7D7D-6927-48C8-A975-17DF180C71AC} - C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:\progra~1\mcafee.com\vso\mcvsshl.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll O4 - HKLM\..\Run: [Smapp] C:\Program Files\Analog Devices\SoundMAX\SMTray.exe O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [Norton] C:\Program Files\ASUS\WLAN Card Utilities\NorExec.exe O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe" O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKLM\..\Run: [Nokia Tray Application] C:\Program Files\Common Files\Nokia\NCLTools\NclTray.exe O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\PROGRA~1\Nokia\NOKIAP~2\LAUNCH~1.EXE -onlytray O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [OM_Monitor] C:\Program Files\OLYMPUS\OLYMPUS Master\FirstStart.exe O4 - HKLM\..\Run: [VSOCheckTask] "C:\PROGRA~1\McAfee.com\VSO\mcmnhdlr.exe" /checktask O4 - HKLM\..\Run: [VirusScan Online] C:\Program Files\McAfee.com\VSO\mcvsshld.exe O4 - HKLM\..\Run: [OASClnt] C:\Program Files\McAfee.com\VSO\oasclnt.exe O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe O4 - HKLM\..\Run: [MCUpdateExe] C:\PROGRA~1\mcafee.com\agent\McUpdate.exe O4 - HKLM\..\Run: [spywarefighterguard] C:\Program Files\SPYWAREfighter\spftray.exe O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [PowerBar] "C:\Program Files\CyberLink DVD Solution\Multimedia Launcher\PowerBar.exe" /AtBootTime O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\nbj.exe" O4 - HKCU\..\Run: [PcSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE" O4 - HKCU\..\Run: [OM_Monitor] C:\Program Files\OLYMPUS\OLYMPUS Master\Monitor.exe O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.0.720.3640\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_8 -reboot 1 O4 - HKCU\..\Run: [Spyware Doctor] "C:\Program Files\Spyware Doctor\swdoctor.exe" /Q O4 - Global Startup: Adobe Reader Snelle start.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: BlueSoleil.lnk = ? O4 - Global Startup: Picture Package Menu.lnk = ? O4 - Global Startup: Picture Package VCD Maker.lnk = ? O4 - Global Startup: Snelstart HP Image Zone.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing) O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTSvcCDA.EXE O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE O23 - Service: McAfee WSC Integration (McDetect.exe) - McAfee, Inc - c:\program files\mcafee.com\agent\mcdetect.exe O23 - Service: McAfee.com McShield (McShield) - McAfee Inc. - c:\PROGRA~1\mcafee.com\vso\mcshield.exe O23 - Service: McAfee Task Scheduler (McTskshd.exe) - McAfee, Inc - c:\PROGRA~1\mcafee.com\agent\mctskshd.exe O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: PC Tools Spyware Doctor (SDhelper) - PC Tools Research Pty Ltd - C:\Program Files\Spyware Doctor\sdhelp.exe O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe O23 - Service: SPYWAREfighterRP - SpamFighter APS - C:\Program Files\SPYWAREfighter\spfprc.exe O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe O23 - Service: vtigercrm4_2 - Unknown owner - C:\Program Files\vtigerCRM4_2\apache\bin\Apache.exe" -k runservice (file missing) [/code:1:95fb7bb985]
  • ik ga even kijken voor je.
  • Mooi logje eigenlijk, ik zie geen sporen van virus. maar omdat je klachten heb wil ik eigenlijk je toch een tool aanbieden waar ik wat meer mee zien kan. Download [url=http://download.bleepingcomputer.com/sUBs/combofix.exe][b:9b9a739a20]Combofix[/b:9b9a739a20][/url] naar je Bureaublad.[list:9b9a739a20] Dubbelklik [b:9b9a739a20]Combofix.exe[/b:9b9a739a20] Volg de instructies, aanvaard de disclaimer door "y" of "Y" te typen. Tijdens het runnen van de fix, [b:9b9a739a20]NIET[/b:9b9a739a20] in het venster klikken, want dit zal je pc doen vasthangen.[/list:u:9b9a739a20] Wanneer de fix voltooid is en na herstart, zal de log [b:9b9a739a20]combofix.txt[/b:9b9a739a20] openen. [i:9b9a739a20]Plaats deze log in je volgende post samen met een nieuw HijackThis log.[/i:9b9a739a20] NOTA: Indien je virusscanner reageert met een melding van een scriptuitvoering, mag je dit negeren. Juisterr
  • [code:1:b9d08500bc]Ederveen - 06-12-21 22:41:14,46 Service Pack 2 ComboFix 06.11.27 - Running from: "D:\kees" ((((((((((((((((((((((((((((((( Files Created from 2006-11-21 to 2006-12-21 )))))))))))))))))))))))))))))))))) 2006-12-21 21:33 <DIR> d-------- C:\Program Files\Lavasoft 2006-12-20 16:11 <DIR> d-------- C:\Program Files\XoftSpySE 2006-12-20 14:57 78,336 --a------ C:\WINDOWS\system32\drivers\ssi.sys 2006-12-20 14:57 102,912 --a------ C:\WINDOWS\system32\islzma.dll 2006-12-20 14:57 <DIR> d-------- C:\Program Files\Webroot 2006-12-20 14:57 <DIR> d-------- C:\Documents and Settings\Ederveen\Application Data\Webroot 2006-12-20 14:56 <DIR> d-------- C:\Program Files\Spybot - Search & Destroy 2006-12-20 14:56 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy 2006-12-20 14:55 <DIR> d-------- C:\Program Files\SpywareBlaster 2006-12-20 14:43 <DIR> d-------- C:\WINDOWS\system32\GroupPolicy 2006-12-20 14:43 <DIR> d-------- C:\Program Files\Hitman Pro 2006-12-19 17:40 <DIR> d-------- C:\Program Files\SPYWAREfighter 2006-12-19 17:40 <DIR> d-------- C:\Program Files\Common Files\Application 2006-12-19 17:07 51,072 --a------ C:\WINDOWS\system32\drivers\ikhlayer.sys 2006-12-19 17:07 30,592 --a------ C:\WINDOWS\system32\drivers\ikhfile.sys 2006-12-19 17:07 <DIR> d-a------ C:\Documents and Settings\All Users\Application Data\TEMP 2006-12-19 17:07 <DIR> d-------- C:\Program Files\Spyware Doctor 2006-12-19 17:07 <DIR> d-------- C:\Documents and Settings\Ederveen\Application Data\PC Tools 2006-12-10 16:49 <DIR> d-------- C:\Program Files\Mozart9 2006-12-10 16:49 <DIR> d-------- C:\Documents and Settings\Ederveen\Application Data\Mozart 9 2006-11-27 15:52 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage (((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))) 2006-12-21 22:32 -------- d-------- C:\Documents and Settings\Ederveen\Application Data\Azureus 2006-12-21 21:34 -------- d-------- C:\Documents and Settings\Ederveen\Application Data\Lavasoft 2006-12-19 17:40 -------- d-------- C:\Program Files\Common Files 2006-12-18 02:14 -------- d-------- C:\Program Files\Outlook Express 2006-12-18 02:14 -------- d-------- C:\Program Files\Internet Explorer 2006-12-18 02:14 -------- d-------- C:\Program Files\Common Files\System 2006-12-11 20:37 9116 --a------ C:\Documents and Settings\Ederveen\Application Data\ViewerApp.dat 2006-12-10 12:44 -------- d-------- C:\Documents and Settings\Ederveen\Application Data\AdobeUM 2006-12-07 07:40 2362184 --a------ C:\WINDOWS\system32\wmvcore.dll 2006-11-28 20:34 -------- d-------- C:\Program Files\WinTV 2006-11-26 12:39 3194880 --a------ C:\Program Files\TooltaskforceWmoversie2_6c.mdb 2006-11-16 22:08 -------- d--h----- C:\Program Files\InstallShield Installation Information 2006-11-16 22:06 -------- d-------- C:\Program Files\Creative 2006-11-15 22:56 -------- d-------- C:\Program Files\MSXML 4.0 2006-11-13 11:18 -------- d-------- C:\Program Files\Java 2006-11-08 06:07 679424 --a------ C:\WINDOWS\system32\inetcomm.dll 2006-11-04 14:14 1245696 --a------ C:\WINDOWS\system32\msxml4.dll 2006-11-02 15:57 -------- d-------- C:\Program Files\EasyStart 2006-11-01 14:39 -------- d-------- C:\Program Files\EasyGPS 2006-10-28 20:17 -------- d-------- C:\Program Files\Google 2006-10-22 14:46 -------- d-------- C:\Documents and Settings\Ederveen\Application Data\Google 2006-10-20 02:39 714752 --a------ C:\WINDOWS\system32\sxs.dll 2006-10-13 13:41 65536 --a------ C:\WINDOWS\system32\nwwks.dll 2006-10-13 13:41 64000 --a------ C:\WINDOWS\system32\nwapi32.dll 2006-10-13 13:41 144384 --a------ C:\WINDOWS\system32\nwprovau.dll (((((((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))) *Note* empty entries are not shown [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run] "CTFMON.EXE"="C:\\WINDOWS\\system32\\ctfmon.exe" "MSMSGS"="\"C:\\Program Files\\Messenger\\msmsgs.exe\" /background" "PowerBar"="\"C:\\Program Files\\CyberLink DVD Solution\\Multimedia Launcher\\PowerBar.exe\" /AtBootTime" "NBJ"="\"C:\\Program Files\\Ahead\\Nero BackItUp\\nbj.exe\"" "PcSync"="C:\\Program Files\\Nokia\\Nokia PC Suite 6\\PcSync2.exe /NoDialog" "H/PC Connection Agent"="\"C:\\Program Files\\Microsoft ActiveSync\\WCESCOMM.EXE\"" "OM_Monitor"="C:\\Program Files\\OLYMPUS\\OLYMPUS Master\\Monitor.exe" "swg"="C:\\Program Files\\Google\\GoogleToolbarNotifier\\1.0.720.3640\\GoogleToolbarNotifier.exe" "updateMgr"="\"C:\\Program Files\\Adobe\\Acrobat 7.0\\Reader\\AdobeUpdateManager.exe\" AcRdB7_0_8 -reboot 1" "Spyware Doctor"="\"C:\\Program Files\\Spyware Doctor\\swdoctor.exe\" /Q" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run] "Smapp"="C:\\Program Files\\Analog Devices\\SoundMAX\\SMTray.exe" "NvCplDaemon"="RUNDLL32.EXE C:\\WINDOWS\\system32\\NvCpl.dll,NvStartup" "nwiz"="nwiz.exe /install" "NeroFilterCheck"="C:\\WINDOWS\\system32\\NeroCheck.exe" "NvMediaCenter"="RUNDLL32.EXE C:\\WINDOWS\\system32\\NvMcTray.dll,NvTaskbarInit" "Norton"="C:\\Program Files\\ASUS\\WLAN Card Utilities\\NorExec.exe" "SunJavaUpdateSched"="\"C:\\Program Files\\Java\\jre1.5.0_09\\bin\\jusched.exe\"" "TkBellExe"="\"C:\\Program Files\\Common Files\\Real\\Update_OB\\realsched.exe\" -osboot" "HP Software Update"="C:\\Program Files\\HP\\HP Software Update\\HPWuSchd2.exe" "KernelFaultCheck"=hex(2):25,73,79,73,74,65,6d,72,6f,6f,74,25,5c,73,79,73,74,\ 65,6d,33,32,5c,64,75,6d,70,72,65,70,20,30,20,2d,6b,00 "Nokia Tray Application"="C:\\Program Files\\Common Files\\Nokia\\NCLTools\\NclTray.exe" "PCSuiteTrayApplication"="C:\\PROGRA~1\\Nokia\\NOKIAP~2\\LAUNCH~1.EXE -onlytray" "QuickTime Task"="\"C:\\Program Files\\QuickTime\\qttask.exe\" -atboottime" "OM_Monitor"="C:\\Program Files\\OLYMPUS\\OLYMPUS Master\\FirstStart.exe" "VSOCheckTask"="\"C:\\PROGRA~1\\McAfee.com\\VSO\\mcmnhdlr.exe\" /checktask" "VirusScan Online"="C:\\Program Files\\McAfee.com\\VSO\\mcvsshld.exe" "OASClnt"="C:\\Program Files\\McAfee.com\\VSO\\oasclnt.exe" "MCAgentExe"="c:\\PROGRA~1\\mcafee.com\\agent\\mcagent.exe" "MCUpdateExe"="c:\\PROGRA~1\\mcafee.com\\agent\\mcupdate.exe" "spywarefighterguard"="C:\\Program Files\\SPYWAREfighter\\spftray.exe" @="" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\IMAIL] "Installed"="1" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MAPI] "Installed"="1" "NoChange"="1" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MSFS] "Installed"="1" [HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components] "DeskHtmlVersion"=dword:00000110 "DeskHtmlMinorVersion"=dword:00000005 "Settings"=dword:00000001 "GeneralFlags"=dword:00000001 [HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components\0] "Source"="About:Home" "SubscribedURL"="About:Home" "FriendlyName"="Mijn huidige introductiepagina" "Flags"=dword:00000002 "Position"=hex:2c,00,00,00,00,01,00,00,00,00,00,00,00,04,00,00,e2,03,00,00,00,\ 00,00,00,01,00,00,00,01,00,00,00,01,00,00,00,00,00,00,00,00,00,00,00 "CurrentState"=hex:04,00,00,40 "OriginalStateInfo"=hex:18,00,00,00,ff,ff,00,00,ff,ff,00,00,ff,ff,ff,ff,ff,ff,\ ff,ff,04,00,00,00 "RestoredStateInfo"=hex:18,00,00,00,6a,02,00,00,23,00,00,00,a4,00,00,00,9a,00,\ 00,00,01,00,00,00 [HKEY_USERS\.default\software\microsoft\windows\currentversion\run] "CTFMON.EXE"="C:\\WINDOWS\\system32\\CTFMON.EXE" "Spyware Doctor"="\"C:\\Program Files\\Spyware Doctor\\swdoctor.exe\" /Q" [HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\run] "CTFMON.EXE"="C:\\WINDOWS\\system32\\CTFMON.EXE" "Spyware Doctor"="\"C:\\Program Files\\Spyware Doctor\\swdoctor.exe\" /Q" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\sharedtaskscheduler] "{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Preloader van browseui" "{8C7461EF-2B13-11d2-BE35-3078302C2030}"="Cache-daemon voor onderdeelcategorieën" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shellexecutehooks] "{AEB6717E-7E19-11d0-97EE-00C04FD91972}"="" [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer] "NoDriveTypeAutoRun"=dword:00000091 [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer\Run] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "dontdisplaylastusername"=dword:00000000 "legalnoticecaption"="" "legalnoticetext"="" "shutdownwithoutlogon"=dword:00000001 "undockwithoutlogon"=dword:00000001 [HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer] "NoDriveTypeAutoRun"=dword:00000091 [HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\policies\explorer] "NoDriveTypeAutoRun"=dword:00000091 [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shellserviceobjectdelayload] "PostBootReminder"="{7849596a-48ea-486e-8937-a2a3009f31a9}" "CDBurn"="{fbeb8a05-beee-4442-804e-409d6c4515e9}" "WebCheck"="{E6FB5E20-DE35-11CF-9C87-00AA005127ED}" "SysTray"="{35CEC8A3-2BE6-11D2-8773-92E220524153}" [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders] "SecurityProviders"="msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll" Contents of the 'Scheduled Tasks' folder C:\WINDOWS\tasks\Symantec NetDetect.job C:\WINDOWS\tasks\vtigerCRM Email Reminder.job C:\WINDOWS\tasks\vtigerCRM Notification Scheduler.job C:\WINDOWS\tasks\XoftSpySE.job Completion time: 06-12-21 22:45:14.60 C:\ComboFix.txt ... 06-12-21 22:45 [/code:1:b9d08500bc]
  • [code:1:2e98662338]Logfile of HijackThis v1.99.1 Scan saved at 11:39:15, on 22-12-2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\csrss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe C:\WINDOWS\system32\CTSvcCDA.EXE c:\program files\mcafee.com\agent\mcdetect.exe c:\PROGRA~1\mcafee.com\vso\mcshield.exe c:\PROGRA~1\mcafee.com\agent\mctskshd.exe C:\Program Files\Analog Devices\SoundMAX\SMTray.exe C:\WINDOWS\system32\nvsvc32.exe c:\PROGRA~1\mcafee.com\vso\OasClnt.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe C:\Program Files\Common Files\Real\Update_OB\realsched.exe C:\Program Files\HP\HP Software Update\HPWuSchd2.exe C:\Program Files\Spyware Doctor\sdhelp.exe C:\Program Files\Common Files\Nokia\NCLTools\NclTray.exe C:\PROGRA~1\Nokia\NOKIAP~2\LAUNCH~1.EXE C:\Program Files\QuickTime\qttask.exe C:\Program Files\McAfee.com\VSO\mcvsshld.exe c:\progra~1\mcafee.com\vso\mcvsescn.exe C:\PROGRA~1\mcafee.com\agent\mcagent.exe C:\Program Files\SPYWAREfighter\spftray.exe C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\CyberLink DVD Solution\Multimedia Launcher\PowerBar.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe C:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE C:\PROGRA~1\COMMON~1\PCSuite\Services\SERVIC~1.EXE C:\Program Files\OLYMPUS\OLYMPUS Master\Monitor.exe C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe C:\Program Files\Sony Corporation\Picture Package\Picture Package Menu\SonyTray.exe C:\Program Files\Sony Corporation\Picture Package\Picture Package Applications\Residence.exe C:\PROGRA~1\COMMON~1\Nokia\MPAPI\MPAPI3s.exe C:\WINDOWS\system32\wdfmgr.exe c:\progra~1\mcafee.com\vso\mcvsftsn.exe C:\WINDOWS\system32\MsPMSPSv.exe C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe C:\Program Files\SPYWAREfighter\spfprc.exe C:\WINDOWS\system32\locator.exe C:\WINDOWS\System32\alg.exe C:\WINDOWS\system32\wbem\wmiprvse.exe C:\Program Files\Google\GoogleToolbarNotifier\1.2.908.5008\GoogleToolbarNotifier.exe C:\Program Files\Spyware Doctor\swdoctor.exe C:\WINDOWS\explorer.exe C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\WINDOWS\system32\NOTEPAD.EXE C:\Program Files\WinRAR\WinRAR.exe C:\DOCUME~1\Ederveen\LOCALS~1\Temp\Rar$EX02.547\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:\progra~1\mcafee.com\vso\mcvsshl.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll O4 - HKLM\..\Run: [Smapp] C:\Program Files\Analog Devices\SoundMAX\SMTray.exe O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [Norton] C:\Program Files\ASUS\WLAN Card Utilities\NorExec.exe O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe" O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKLM\..\Run: [Nokia Tray Application] C:\Program Files\Common Files\Nokia\NCLTools\NclTray.exe O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\PROGRA~1\Nokia\NOKIAP~2\LAUNCH~1.EXE -onlytray O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [OM_Monitor] C:\Program Files\OLYMPUS\OLYMPUS Master\FirstStart.exe O4 - HKLM\..\Run: [VSOCheckTask] "C:\PROGRA~1\McAfee.com\VSO\mcmnhdlr.exe" /checktask O4 - HKLM\..\Run: [VirusScan Online] C:\Program Files\McAfee.com\VSO\mcvsshld.exe O4 - HKLM\..\Run: [OASClnt] C:\Program Files\McAfee.com\VSO\oasclnt.exe O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe O4 - HKLM\..\Run: [MCUpdateExe] C:\PROGRA~1\mcafee.com\agent\McUpdate.exe O4 - HKLM\..\Run: [spywarefighterguard] C:\Program Files\SPYWAREfighter\spftray.exe O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [PowerBar] "C:\Program Files\CyberLink DVD Solution\Multimedia Launcher\PowerBar.exe" /AtBootTime O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\nbj.exe" O4 - HKCU\..\Run: [PcSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE" O4 - HKCU\..\Run: [OM_Monitor] C:\Program Files\OLYMPUS\OLYMPUS Master\Monitor.exe O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.0.720.3640\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_8 -reboot 1 O4 - Global Startup: Adobe Reader Snelle start.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: BlueSoleil.lnk = ? O4 - Global Startup: Picture Package Menu.lnk = ? O4 - Global Startup: Picture Package VCD Maker.lnk = ? O4 - Global Startup: Snelstart HP Image Zone.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing) O20 - Winlogon Notify: WRNotifier - C:\WINDOWS\SYSTEM32\WRLogonNTF.dll O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTSvcCDA.EXE O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE O23 - Service: McAfee WSC Integration (McDetect.exe) - McAfee, Inc - c:\program files\mcafee.com\agent\mcdetect.exe O23 - Service: McAfee.com McShield (McShield) - McAfee Inc. - c:\PROGRA~1\mcafee.com\vso\mcshield.exe O23 - Service: McAfee Task Scheduler (McTskshd.exe) - McAfee, Inc - c:\PROGRA~1\mcafee.com\agent\mctskshd.exe O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: PC Tools Spyware Doctor (SDhelper) - PC Tools Research Pty Ltd - C:\Program Files\Spyware Doctor\sdhelp.exe O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe O23 - Service: SPYWAREfighterRP - SpamFighter APS - C:\Program Files\SPYWAREfighter\spfprc.exe O23 - Service: Webroot Spy Sweeper Engine (svcWRSSSDK) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe O23 - Service: vtigercrm4_2 - Unknown owner - C:\Program Files\vtigerCRM4_2\apache\bin\Apache.exe" -k runservice (file missing) [/code:1:2e98662338]
  • Wil je hitmanpro eens uninstallen aub, opnieuw opstarten en dan kijken of je probleem weg is.
  • hitmanpro uninstalled, helaas geen effect: outlook blijft oude berichten opnieuw ontvangen

Beantwoord deze vraag

Weet jij het antwoord op deze vraag? Registreer of meld je aan met je account

Dit is een gearchiveerde pagina. Antwoorden is niet meer mogelijk.