Vraag & Antwoord

Beveiliging & privacy

probleempjes met IE

7 antwoorden
  • hallo, sinds een aantal weken heb ik een paar problemen met bepaalde internetsites. als ik bijvoorbeeld bij gmail inlog, pakt hij het inloggen wel, maar krijg ik nooit het scherm van me inbox te zien. hij blijft telkens naar een andere pagina zoeken lijkt het. het laadbalkje onder me internetscherm begint steeds opnieuw. bij Hotmail heb ik een zelfde soort probleem. ook op marktplaats heb ik een probleem. ik kan wel de site openen en subrubrieken etc, maar open ik een advertentie, dan geeft hij aan dat de pagina niet gevonden kan worden. aan me internet kan het niet liggen omdat beneden op de pc wel alles het doet. kan iemand me helpen? met vriendelijke groet stefan Logfile of Trend Micro HijackThis v2.0.0 (BETA) Scan saved at 19:47:11, on 1-8-2007 Platform: Windows XP SP2 (WinNT 5.01.2600) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\ZoneLabs\vsmon.exe C:\WINDOWS\system32\ZoneLabs\avsys\ScanningProcess.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\ZoneLabs\avsys\ScanningProcess.exe C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\WINDOWS\system32\cisvc.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\PSIService.exe C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Analog Devices\SoundMAX\DrvLsnr.exe C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIACE.EXE C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe C:\Program Files\iTunes\iTunesHelper.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Windows Media Player\WMPNSCFG.exe C:\WINDOWS\system32\wuauclt.exe C:\PROGRA~1\ZONELA~1\ZONEAL~1\MAILFR~1\mantispm.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\MSN Messenger\msnmsgr.exe C:\Program Files\MSN Messenger\usnsvc.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\Internet Explorer\iexplore.exe C:\WINDOWS\system32\cidaemon.exe C:\Program Files\BitComet\BitComet.exe C:\Documents and Settings\user\Mijn documenten\HiJackThis_v2.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.nl/ R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.nl/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.6.14.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll O2 - BHO: adssite - {F31B3634-12AA-41ca-B021-0685C3B3E4CA} - C:\WINDOWS\system32\nsz6.dll O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll O4 - HKLM\..\Run: [DrvLsnr] C:\Program Files\Analog Devices\SoundMAX\DrvLsnr.exe O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe" O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [EPSON Stylus DX3800 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIACE.EXE /P26 "EPSON Stylus DX3800 Series" /O6 "USB001" /M "Stylus DX3800" O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE -startup O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Lokale service') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Netwerkservice') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Global Startup: Adobe Reader Snelle start.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O14 - IERESET.INF: START_PAGE_URL=http://www.caresys.nl/ O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase8300.cab O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game06.zylom.com/activex/zylomgamesplayer.cab O16 - DPF: {DEB21AD3-FDA4-42F6-B57D-EE696A675EE8} (IPSUploader Control) - http://as.photoprintit.de/ips-opdata/74914090/activex/IPSUploader.cab O16 - DPF: {E87F6C8E-16C0-11D3-BEF7-009027438003} (Persits Software XUpload) - http://www.hema.nl/site/xupload/XUpload.ocx O17 - HKLM\System\CCS\Services\Tcpip\..\{D5DC47DE-8CC9-497E-B252-55DB9CF7F60F}: NameServer = 192.168.200.1,192.168.200.2 O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe O23 - Service: ProtexisLicensing - Unknown owner - C:\WINDOWS\system32\PSIService.exe O23 - Service: ServiceLayer - Nokia. - C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe -- End of file - 8046 bytes
  • bitcomet.exe known as Tibick Worm bitcomet, has the following information and may help up understand this process better. bitcomet.exe - Here is the scoop on Tibick Worm as it pertains to computer network security. The big question: what is bitcomet.exe and is it spyware, a trojan and if so, how do I get rid of Tibick Worm? bitcomet.exe (Tibick Worm) - Details Finding a program by the name of bitcomet.exe running on your computer means that your computer may be infected with a worm that goes by the name of tibick. bron http://www.auditmypc.com/process/bitcomet.asp
  • @stee0036: http://www.liutilities.com/products/wintaskspro/processlibrary/bitcomet/ Hier zie je dat dit geen spyware is :wink: Download [url=http://download.bleepingcomputer.com/sUBs/ComboFix.exe]Combofix[/url] naar je [b:1290f18c8d]bureaublad[/b:1290f18c8d] Dubbelklik op [u:1290f18c8d]combofix.exe[/u:1290f18c8d] Volg de instructies, aanvaard de disclaimer door y of Y te typen. Tijdens het runnen van de fix, [b:1290f18c8d]NIET[/b:1290f18c8d] in het venster klikken, want dit zal je pc doen vasthangen. Wanneer de fix voltooid is en na herstart, zal de log [b:1290f18c8d]combofix.txt[/b:1290f18c8d] openen. Bewaar dit logje. NOTA: Indien je virusscanner reageert met een melding van een scriptuitvoering, mag je dit negeren. Post nu het logje van Combofix.txt tesamen met een nieuw Hijackthis logje in je volgende bericht. Succes 8) Pim
  • ah dat van bitcomet wist ik niet. Bedankt. Mijn oplossingen liggen op een ander front: Ik heb dit vaker gepost en is beetje mijn stokpaardje.. Als Windows langzaam wordt ga ik niet uren zoeken naar spyware, virussen of registerfouten maar formatteer ik de zaak opnieuw. Ik heb ook ghost images van Windows, die zet ik ook wel eens terug. Op mijn snelle pc is windows erop zetten een half uur. Als je vaker windows installeerd wordt je er ook handiger in. Ik heb meerdere schijven en mijn data blijft onaagetast als Windows een duw geef.
  • Zoiets kan je doen, maar is wel heel overkill. Probeer het logje van Combofix eens. Trouwens, plotselinge traagheid kan ook komen door een kapotte harde schijf, maar laten we eerst spyware uitsluiten.
  • ik heb het allemaal uitgevoerd en heb de volgende logjes ComboFix 07-08-04.3 - "user" 2007-08-07 14:44:01.1 [GMT 2:00] - NTFS Microsoft Windows XP Professional 5.1.2600.2.1252.1.1043.18.Waar * Created a new restore point ((((((((((((((((((((((((( Files Created from 2007-07-07 to 2007-08-07 ))))))))))))))))))))))))))))))) 2007-08-07 14:41 51,200 --a------ C:\WINDOWS\nircmd.exe 2007-08-07 14:27 <DIR> dr-h----- C:\DOCUME~1\user\Onlangs geopend 2007-08-07 14:13 <DIR> d-------- C:\Program Files\BitComet 2007-08-07 13:53 <DIR> d-------- C:\Program Files\uTorrent 2007-08-02 10:23 <DIR> d-------- C:\Program Files\DC++ 2007-07-30 08:27 63,488 --a------ C:\WINDOWS\xobglu16.dll 2007-07-30 08:27 23,552 --a------ C:\WINDOWS\xobglu32.dll 2007-07-28 19:42 <DIR> d-------- C:\WINDOWS\Drivers 2007-07-25 11:56 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\vsosdk 2007-07-14 12:18 <DIR> d-------- C:\Program Files\Samsung 2007-07-14 12:16 94,000 --a------ C:\WINDOWS\system32\drivers\ssm_mdm.sys 2007-07-14 12:16 8,336 --a------ C:\WINDOWS\system32\drivers\ssm_mdfl.sys 2007-07-14 12:16 77,824 --a------ C:\WINDOWS\system32\fun_mp4_dec.dll 2007-07-14 12:16 684,032 --a------ C:\WINDOWS\system32\fun_mp4_enc.dll 2007-07-14 12:16 6,176 --a------ C:\WINDOWS\system32\drivers\ssm_cmnt.sys 2007-07-14 12:16 6,176 --a------ C:\WINDOWS\system32\drivers\ssm_cm.sys 2007-07-14 12:16 58,320 --a------ C:\WINDOWS\system32\drivers\ssm_bus.sys 2007-07-14 12:16 5,840 --a------ C:\WINDOWS\system32\drivers\ssm_whnt.sys 2007-07-14 12:16 5,840 --a------ C:\WINDOWS\system32\drivers\ssm_wh.sys 2007-07-14 12:16 2,729,472 --a------ C:\WINDOWS\system32\fun_avcodec.dll 2007-07-14 12:16 <DIR> d-------- C:\WINDOWS\system32\Samsung_USB_Drivers 2007-07-14 12:16 <DIR> d-------- C:\WINDOWS\system32\Samsung PC Studio Codecs 2007-07-13 16:40 <DIR> d-------- C:\Program Files\iTunes 2007-07-13 16:40 <DIR> d-------- C:\Program Files\iPod 2007-07-13 16:36 <DIR> d-------- C:\Program Files\Common Files\Apple 2007-07-13 16:36 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple 2007-07-13 16:31 <DIR> d-------- C:\Program Files\QuickTime 2007-07-08 21:41 <DIR> d-------- C:\Downloads (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) 2007-08-07 16:01 2857504 --ahs---- C:\WINDOWS\system32\drivers\fidbox2.dat 2007-08-07 16:00 44335904 --ahs---- C:\WINDOWS\system32\drivers\fidbox.dat 2007-08-07 14:41 --------- d-------- C:\DOCUME~1\user\APPLIC~1\uTorrent 2007-08-07 14:13 2560 --a------ C:\WINDOWS\system32\BitCometRes.dll 2007-08-06 12:11 597656 --ahs---- C:\WINDOWS\system32\drivers\fidbox.idx 2007-08-06 12:11 273104 --ahs---- C:\WINDOWS\system32\drivers\fidbox2.idx 2007-08-05 13:31 512 --a------ C:\ScanSectorLog.dat 2007-08-03 11:52 --------- d-------- C:\DOCUME~1\user\APPLIC~1\Vso 2007-08-02 22:04 --------- d-------- C:\Program Files\TrackMania Nations ESWC 2007-08-02 11:28 --------- d-------- C:\DOCUME~1\user\APPLIC~1\Corel 2007-08-02 11:24 2828 --ahs---- C:\WINDOWS\system32\KGyGaAvL.sys 2007-07-27 07:28 359808 --a--c--- C:\WINDOWS\system32\dllcache\tcpip.sys 2007-07-27 07:28 359808 --a------ C:\WINDOWS\system32\drivers\tcpip.sys 2007-07-14 12:33 --------- d--h----- C:\Program Files\InstallShield Installation Information 2007-07-13 22:24 82426 --a------ C:\WINDOWS\system32\perfc013.dat 2007-07-13 22:24 468882 --a------ C:\WINDOWS\system32\perfh013.dat 2007-07-01 18:19 --------- d-------- C:\Program Files\MSN Messenger 2007-07-01 18:19 --------- d-------- C:\Program Files\Messenger Plus! Live 2007-06-24 15:01 --------- d-------- C:\DOCUME~1\user\APPLIC~1\Zylom 2007-06-17 15:08 --------- d-------- C:\Program Files\Xvid 2007-06-07 20:21 --------- d-------- C:\Program Files\Apple Software Update 2007-05-17 21:11 88 -r-hs---- C:\WINDOWS\system32\E22FBA9882.sys 2007-05-16 17:19 86528 --a--c--- C:\WINDOWS\system32\dllcache\directdb.dll 2007-05-16 17:19 85504 --a--c--- C:\WINDOWS\system32\dllcache\wabimp.dll 2007-05-16 17:19 683520 --a--c--- C:\WINDOWS\system32\dllcache\inetcomm.dll 2007-05-16 17:19 683520 --a------ C:\WINDOWS\system32\inetcomm.dll 2007-05-16 17:19 510976 --a--c--- C:\WINDOWS\system32\dllcache\wab32.dll 2007-05-16 17:19 1314816 --a--c--- C:\WINDOWS\system32\dllcache\msoe.dll 2007-05-08 11:01 3583488 --a--c--- C:\WINDOWS\system32\dllcache\mshtml.dll 2007-01-25 21:55 87608 --a------ C:\DOCUME~1\user\APPLIC~1\ezpinst.exe 2007-01-25 21:55 47360 --a------ C:\DOCUME~1\user\APPLIC~1\pcouffin.sys ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) *Note* empty entries & legit default entries are not shown [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "DrvLsnr"="C:\Program Files\Analog Devices\SoundMAX\DrvLsnr.exe" [2003-05-08 12:34] "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe" [2007-03-14 03:43] "NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2006-10-22 13:22] "nwiz"="nwiz.exe" [2006-10-22 13:22 C:\WINDOWS\system32\nwiz.exe] "NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2006-10-22 13:22] "EPSON Stylus DX3800 Series"="C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIACE.exe" [2005-02-08 06:00] "ZoneAlarm Client"="C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" [2007-03-09 01:02] "PCSuiteTrayApplication"="C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.exe" [2006-04-26 08:29] "QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [2007-06-29 06:24] "iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2007-07-10 09:18] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 14:00] "WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" [2006-11-02 23:53] C:\Documents and Settings\All Users\Menu Start\Programma's\Opstarten\ Adobe Reader Snelle start.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-09-23 23:05:26] R0 sfvfs02;StarForce Protection VFS Driver (version 2.x);C:\WINDOWS\system32\drivers\sfvfs02.sys R2 SoundMAX Agent Service (default);SoundMAX Agent Service;C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe R3 E100B;Intel(R) PRO Network Connection Driver;C:\WINDOWS\system32\DRIVERS\e100b325.sys R3 pcouffin;VSO Software pcouffin;C:\WINDOWS\system32\Drivers\pcouffin.sys S2 Ca504av;TRUST 350FS POWERC@M FLASH(Video);C:\WINDOWS\system32\Drivers\Ca504av.sys S3 NAL;Nal Service ;\??\C:\WINDOWS\system32\Drivers\iqvw32.sys S3 Nokia USB Generic;Nokia USB Generic;C:\WINDOWS\system32\drivers\nmwcdc.sys S3 Nokia USB Modem;Nokia USB Modem;C:\WINDOWS\system32\drivers\nmwcdcm.sys S3 Nokia USB Phone Parent;Nokia USB Phone Parent;C:\WINDOWS\system32\drivers\nmwcd.sys S3 Nokia USB Port;Nokia USB Port;C:\WINDOWS\system32\drivers\nmwcdcj.sys S3 ssm_bus;SAMSUNG Mobile USB Device II 1.0 driver (WDM);C:\WINDOWS\system32\DRIVERS\ssm_bus.sys S3 ssm_mdfl;SAMSUNG Mobile USB Modem II 1.0 Filter;C:\WINDOWS\system32\DRIVERS\ssm_mdfl.sys S3 ssm_mdm;SAMSUNG Mobile USB Modem II 1.0 Drivers;C:\WINDOWS\system32\DRIVERS\ssm_mdm.sys S3 USBCamera;TRUST 350FS POWERC@M FLASH(Still);C:\WINDOWS\system32\Drivers\Bulk504.sys [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{f00c58b3-fecb-11db-813e-000bcda1da13}] AutoRun\command- C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL ThreeShipsBackPack.htm Contents of the 'Scheduled Tasks' folder 2007-08-03 12:53:00 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job - C:\Program Files\Apple Software Update\SoftwareUpdate.exe ************************************************************************** catchme 0.3.1061 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2007-08-07 14:48:54 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden registry entries ... [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{D04216B6-AB2A-01C7-E741-CEAE85EFBA3E}] "abljkopndpapkificcodeipnljaefcoflo"=hex:61,61,00,00 "bbljkopndpapkificcjdfgecomondibmndch"=hex:61,61,00,00 scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************** Completion time: 2007-08-07 16:10:00 --- E O F --- en me [b:aedd4d74dd]hijackthis:[/b:aedd4d74dd] Logfile of Trend Micro HijackThis v2.0.0 (BETA) Scan saved at 21:48:55, on 9-8-2007 Platform: Windows XP SP2 (WinNT 5.01.2600) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\ZoneLabs\vsmon.exe C:\WINDOWS\system32\ZoneLabs\avsys\ScanningProcess.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\ZoneLabs\avsys\ScanningProcess.exe C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\PSIService.exe C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Analog Devices\SoundMAX\DrvLsnr.exe C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIACE.EXE C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe C:\Program Files\iTunes\iTunesHelper.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Windows Media Player\WMPNSCFG.exe C:\PROGRA~1\ZONELA~1\ZONEAL~1\MAILFR~1\mantispm.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\MSN Messenger\msnmsgr.exe C:\Program Files\MSN Messenger\usnsvc.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\Windows Media Player\wmplayer.exe C:\Documents and Settings\user\Mijn documenten\HiJackThis_v2.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.nl/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.7.4.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll O4 - HKLM\..\Run: [DrvLsnr] C:\Program Files\Analog Devices\SoundMAX\DrvLsnr.exe O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe" O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [EPSON Stylus DX3800 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIACE.EXE /P26 "EPSON Stylus DX3800 Series" /O6 "USB001" /M "Stylus DX3800" O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE -startup O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Lokale service') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Netwerkservice') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Global Startup: Adobe Reader Snelle start.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O9 - Extra button: BitComet Search - {461CC20B-FB6E-4f16-8FE8-C29359DB100E} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.7.4.dll O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O14 - IERESET.INF: START_PAGE_URL=http://www.caresys.nl/ O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase8300.cab O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game06.zylom.com/activex/zylomgamesplayer.cab O16 - DPF: {DEB21AD3-FDA4-42F6-B57D-EE696A675EE8} (IPSUploader Control) - http://as.photoprintit.de/ips-opdata/74914090/activex/IPSUploader.cab O16 - DPF: {E87F6C8E-16C0-11D3-BEF7-009027438003} (Persits Software XUpload) - http://www.hema.nl/site/xupload/XUpload.ocx O17 - HKLM\System\CCS\Services\Tcpip\..\{D5DC47DE-8CC9-497E-B252-55DB9CF7F60F}: NameServer = 192.168.200.1,192.168.200.2 O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe O23 - Service: ProtexisLicensing - Unknown owner - C:\WINDOWS\system32\PSIService.exe O23 - Service: ServiceLayer - Nokia. - C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe -- End of file - 8197 bytes
  • zijn me logjes zo goed? m.v.g stefan

Beantwoord deze vraag

Weet jij het antwoord op deze vraag? Registreer of meld je aan met je account

Dit is een gearchiveerde pagina. Antwoorden is niet meer mogelijk.