Vraag & Antwoord

Beveiliging & privacy

AVG ASW detecteert Adware.Generic

7 antwoorden
  • Hallo, wie kan mij helpen. AVG ASW detecteert elke keer opnieuw het volgende spyware-item: Adware.Generic. Daarvoor Adware.Screensavers. Beide vinden/bevonden zich in dezelde registersleutel. Hoe kan ik deze parasiet verwijderen, AVG ASW doet het wel en doet het niet? Bijgevoegd: twee AVG ASW rapporten en een HJT-log. --------------------------------------------------------- AVG Anti-Spyware - Scan Report --------------------------------------------------------- + Created at: 1:51:43 14-7-2007 + Scan result: HKLM\SYSTEM\ControlSet003\Control\Video\{0A4C146C-EC17-42F2-85A7-23C2E8EA6BA6}\0000\\_nhl2005.exe:D3DOGL_67207556 -> Adware.Screensavers : Cleaned with backup (quarantined). ::Report end --------------------------------------------------------- AVG Anti-Spyware - Scan Report --------------------------------------------------------- + Created at: 19:05:45 2-8-2007 + Scan result: HKLM\SYSTEM\ControlSet003\Control\Video\{0A4C146C-EC17-42F2-85A7-23C2E8EA6BA6}\0000\\_nhl2005.exe:D3DOGL_67207556 -> Adware.Generic : Cleaned with backup (quarantined). ::Report end [hjt] Logfile of HijackThis v1.99.1 Scan saved at 2:39:32, on 4-8-2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16473) [b:201ff89cbb]Running processes:[/b:201ff89cbb] [color=teal:201ff89cbb]c:\windows\system32\[/color:201ff89cbb][color=blue:201ff89cbb]smss.exe[/color:201ff89cbb] [color=teal:201ff89cbb]c:\windows\system32\[/color:201ff89cbb][color=blue:201ff89cbb]csrss.exe[/color:201ff89cbb] [color=teal:201ff89cbb]c:\windows\system32\[/color:201ff89cbb][color=blue:201ff89cbb]winlogon.exe[/color:201ff89cbb] [color=teal:201ff89cbb]c:\windows\system32\[/color:201ff89cbb][color=blue:201ff89cbb]services.exe[/color:201ff89cbb] [color=teal:201ff89cbb]c:\windows\system32\[/color:201ff89cbb][color=blue:201ff89cbb]lsass.exe[/color:201ff89cbb] [color=teal:201ff89cbb]c:\windows\system32\[/color:201ff89cbb][color=blue:201ff89cbb]svchost.exe[/color:201ff89cbb] [color=teal:201ff89cbb]c:\windows\system32\[/color:201ff89cbb][color=blue:201ff89cbb]svchost.exe[/color:201ff89cbb] [color=teal:201ff89cbb]c:\program files\windows defender\[/color:201ff89cbb][color=blue:201ff89cbb]msmpeng.exe[/color:201ff89cbb] [color=teal:201ff89cbb]c:\windows\system32\[/color:201ff89cbb][color=blue:201ff89cbb]svchost.exe[/color:201ff89cbb] [color=teal:201ff89cbb]c:\windows\system32\[/color:201ff89cbb][color=blue:201ff89cbb]svchost.exe[/color:201ff89cbb] [color=teal:201ff89cbb]c:\windows\system32\[/color:201ff89cbb][color=blue:201ff89cbb]svchost.exe[/color:201ff89cbb] [color=teal:201ff89cbb]c:\windows\system32\[/color:201ff89cbb][color=blue:201ff89cbb]spoolsv.exe[/color:201ff89cbb] [color=teal:201ff89cbb]c:\program files\a-squared anti-malware\[/color:201ff89cbb][color=blue:201ff89cbb]a2service.exe[/color:201ff89cbb] [color=teal:201ff89cbb]c:\program files\a-squared free\[/color:201ff89cbb][color=blue:201ff89cbb]a2service.exe[/color:201ff89cbb] [color=teal:201ff89cbb]c:\program files\lavasoft\ad-aware 2007\[/color:201ff89cbb][color=blue:201ff89cbb]aawservice.exe[/color:201ff89cbb] [color=teal:201ff89cbb]c:\program files\grisoft\avg anti-spyware 7.5\[/color:201ff89cbb][color=blue:201ff89cbb]guard.exe[/color:201ff89cbb] [color=teal:201ff89cbb]c:\program files\comodo\cboclean\[/color:201ff89cbb][color=blue:201ff89cbb]bocore.exe[/color:201ff89cbb] [color=teal:201ff89cbb]c:\program files\comodo\firewall\[/color:201ff89cbb][color=blue:201ff89cbb]cmdagent.exe[/color:201ff89cbb] [color=teal:201ff89cbb]c:\program files\iolo\common\lib\[/color:201ff89cbb][color=blue:201ff89cbb]iolodmvsvc.exe[/color:201ff89cbb] [color=teal:201ff89cbb]c:\program files\eset\[/color:201ff89cbb][color=blue:201ff89cbb]nod32krn.exe[/color:201ff89cbb] [color=teal:201ff89cbb]c:\windows\system32\[/color:201ff89cbb][color=blue:201ff89cbb]nvsvc32.exe[/color:201ff89cbb] [color=teal:201ff89cbb]c:\windows\[/color:201ff89cbb][color=blue:201ff89cbb]explorer.exe[/color:201ff89cbb] [color=teal:201ff89cbb]c:\program files\prevx1\[/color:201ff89cbb][color=blue:201ff89cbb]pxagent.exe[/color:201ff89cbb] [color=teal:201ff89cbb]c:\program files\sandboxie\[/color:201ff89cbb][color=blue:201ff89cbb]sbiesvc.exe[/color:201ff89cbb] [color=teal:201ff89cbb]c:\program files\siteadvisor\6066\[/color:201ff89cbb][color=blue:201ff89cbb]saservice.exe[/color:201ff89cbb] [color=teal:201ff89cbb]c:\program files\symantec\norton antibot\agent\bin\[/color:201ff89cbb][color=blue:201ff89cbb]nabwatcher.exe[/color:201ff89cbb] [color=teal:201ff89cbb]c:\program files\symantec\norton antibot\agent\bin\[/color:201ff89cbb][color=blue:201ff89cbb]nabagent.exe[/color:201ff89cbb] [color=teal:201ff89cbb]c:\program files\billp studios\winpatrol\[/color:201ff89cbb][color=blue:201ff89cbb]winpatrol.exe[/color:201ff89cbb] [color=teal:201ff89cbb]c:\program files\windows defender\[/color:201ff89cbb][color=blue:201ff89cbb]msascui.exe[/color:201ff89cbb] [color=teal:201ff89cbb]c:\program files\eset\[/color:201ff89cbb][color=blue:201ff89cbb]nod32kui.exe[/color:201ff89cbb] [color=teal:201ff89cbb]c:\program files\prevx1\[/color:201ff89cbb][color=blue:201ff89cbb]pxconsole.exe[/color:201ff89cbb] [color=teal:201ff89cbb]c:\progra~1\comodo\cboclean\[/color:201ff89cbb][color=blue:201ff89cbb]boc423.exe[/color:201ff89cbb] [color=teal:201ff89cbb]c:\program files\symantec\norton antibot\agent\bin\[/color:201ff89cbb][color=blue:201ff89cbb]nortonantibot.exe[/color:201ff89cbb] [color=teal:201ff89cbb]c:\program files\comodo\firewall\[/color:201ff89cbb][color=blue:201ff89cbb]cpf.exe[/color:201ff89cbb] [color=teal:201ff89cbb]c:\program files\hdd health\[/color:201ff89cbb][color=blue:201ff89cbb]hddhealth.exe[/color:201ff89cbb] [color=teal:201ff89cbb]c:\windows\system32\[/color:201ff89cbb][color=blue:201ff89cbb]wuauclt.exe[/color:201ff89cbb] [color=teal:201ff89cbb]c:\program files\symantec\norton antibot\agent\bin\[/color:201ff89cbb][color=blue:201ff89cbb]nabmonitor.exe[/color:201ff89cbb] [color=teal:201ff89cbb]c:\windows\system32\[/color:201ff89cbb][color=blue:201ff89cbb]alg.exe[/color:201ff89cbb] [color=teal:201ff89cbb]c:\program files\beveiliging\diverse beveiligingen\hijackthis\[/color:201ff89cbb][color=blue:201ff89cbb]hijackthis.exe[/color:201ff89cbb] [color=silver:201ff89cbb]r1 -[/color:201ff89cbb] [color=brown:201ff89cbb]hkcu\software\microsoft\internet explorer\main[/color:201ff89cbb],default_search_url = [u:201ff89cbb][noparse]http://www.google.com/ie[/noparse][/u:201ff89cbb] [color=silver:201ff89cbb]r1 -[/color:201ff89cbb] [color=brown:201ff89cbb]hkcu\software\microsoft\internet explorer\main[/color:201ff89cbb],search bar = [u:201ff89cbb][noparse]http://www.google.com/ie[/noparse][/u:201ff89cbb] [color=silver:201ff89cbb]r1 -[/color:201ff89cbb] [color=brown:201ff89cbb]hkcu\software\microsoft\internet explorer\main[/color:201ff89cbb],search page = [u:201ff89cbb][noparse]http://www.google.com[/noparse][/u:201ff89cbb] [color=silver:201ff89cbb]r0 -[/color:201ff89cbb] [color=brown:201ff89cbb]hkcu\software\microsoft\internet explorer\main[/color:201ff89cbb],start page = [u:201ff89cbb][noparse]http://www.google.nl[/noparse][/u:201ff89cbb] [color=silver:201ff89cbb]r1 -[/color:201ff89cbb] [color=brown:201ff89cbb]hklm\software\microsoft\internet explorer\main[/color:201ff89cbb],default_page_url = [u:201ff89cbb][noparse]http://go.microsoft.com/fwlink/?linkid=69157[/noparse][/u:201ff89cbb] [color=silver:201ff89cbb]r1 -[/color:201ff89cbb] [color=brown:201ff89cbb]hklm\software\microsoft\internet explorer\main[/color:201ff89cbb],default_search_url = [u:201ff89cbb][noparse]http://go.microsoft.com/fwlink/?linkid=54896[/noparse][/u:201ff89cbb] [color=silver:201ff89cbb]r1 -[/color:201ff89cbb] [color=brown:201ff89cbb]hklm\software\microsoft\internet explorer\main[/color:201ff89cbb],search bar = [u:201ff89cbb][noparse]http://www.google.com/ie[/noparse][/u:201ff89cbb] [color=silver:201ff89cbb]r1 -[/color:201ff89cbb] [color=brown:201ff89cbb]hklm\software\microsoft\internet explorer\main[/color:201ff89cbb],search page = [u:201ff89cbb][noparse]http://go.microsoft.com/fwlink/?linkid=54896[/noparse][/u:201ff89cbb] [color=silver:201ff89cbb]r0 -[/color:201ff89cbb] [color=brown:201ff89cbb]hklm\software\microsoft\internet explorer\main[/color:201ff89cbb],start page = [u:201ff89cbb][noparse]http://go.microsoft.com/fwlink/?linkid=69157[/noparse][/u:201ff89cbb] [color=silver:201ff89cbb]r1 -[/color:201ff89cbb] [color=brown:201ff89cbb]hkcu\software\microsoft\internet explorer\search[/color:201ff89cbb],default_search_url = [u:201ff89cbb][noparse]http://www.google.com/ie[/noparse][/u:201ff89cbb] [color=silver:201ff89cbb]r1 -[/color:201ff89cbb] [color=brown:201ff89cbb]hkcu\software\microsoft\internet explorer\search[/color:201ff89cbb],searchassistant = [u:201ff89cbb][noparse]http://www.google.com/ie[/noparse][/u:201ff89cbb] [color=silver:201ff89cbb]r0 -[/color:201ff89cbb] [color=brown:201ff89cbb]hklm\software\microsoft\internet explorer\search[/color:201ff89cbb],searchassistant = [u:201ff89cbb][noparse]http://www.google.com/ie[/noparse][/u:201ff89cbb] [color=silver:201ff89cbb]r1 -[/color:201ff89cbb] [color=brown:201ff89cbb]hkcu\software\microsoft\internet explorer\searchurl[/color:201ff89cbb],(default) = [u:201ff89cbb][noparse]http://www.google.com/search?q=%s[/noparse][/u:201ff89cbb] [color=silver:201ff89cbb]r1 -[/color:201ff89cbb] [color=brown:201ff89cbb]hklm\software\microsoft\internet explorer\searchurl[/color:201ff89cbb],(default) = [u:201ff89cbb][noparse]http://www.google.com/keyword/%s[/noparse][/u:201ff89cbb] [color=silver:201ff89cbb]r0 -[/color:201ff89cbb] [color=brown:201ff89cbb]hkcu\software\microsoft\internet explorer\main[/color:201ff89cbb],local page = [color=silver:201ff89cbb]r0 -[/color:201ff89cbb] [color=brown:201ff89cbb]hklm\software\microsoft\internet explorer\main[/color:201ff89cbb],local page = [color=silver:201ff89cbb]r1 -[/color:201ff89cbb] [color=brown:201ff89cbb]hkcu\software\microsoft\windows\currentversion\internet settings[/color:201ff89cbb],proxyserver = proxy.12move.nl:8080 [color=silver:201ff89cbb]r0 -[/color:201ff89cbb] [color=brown:201ff89cbb]hkcu\software\microsoft\internet explorer\toolbar[/color:201ff89cbb],linksfoldername = koppelingen [color=silver:201ff89cbb]f2 -[/color:201ff89cbb] [color=brown:201ff89cbb]reg[/color:201ff89cbb]:system.ini: userinit=[color=teal:201ff89cbb]c:\windows\system32\[/color:201ff89cbb][color=blue:201ff89cbb]userinit.exe[/color:201ff89cbb] [color=silver:201ff89cbb]o2 -[/color:201ff89cbb] [color=brown:201ff89cbb]bho[/color:201ff89cbb]: ie7pro - [color=orange:201ff89cbb]{00011268-e188-40df-a514-835fcd78b1bf}[/color:201ff89cbb] - [color=teal:201ff89cbb]c:\program files\ie7pro\[/color:201ff89cbb][color=blue:201ff89cbb]ie7pro.dll[/color:201ff89cbb] [color=silver:201ff89cbb]o2 -[/color:201ff89cbb] [color=brown:201ff89cbb]bho[/color:201ff89cbb]: (no name) - [color=orange:201ff89cbb]{089fd14d-132b-48fc-8861-0048ae113215}[/color:201ff89cbb] - [color=teal:201ff89cbb]c:\program files\siteadvisor\6066\[/color:201ff89cbb][color=blue:201ff89cbb]siteadv.dll[/color:201ff89cbb] [color=silver:201ff89cbb]o2 -[/color:201ff89cbb] [color=brown:201ff89cbb]bho[/color:201ff89cbb]: (no name) - [color=orange:201ff89cbb]{53707962-6f74-2d53-2644-206d7942484f}[/color:201ff89cbb] - [color=teal:201ff89cbb]c:\progra~1\beveil~1\antisp~1\spybot~1\[/color:201ff89cbb][color=blue:201ff89cbb]sdhelper.dll[/color:201ff89cbb] [color=silver:201ff89cbb]o2 -[/color:201ff89cbb] [color=brown:201ff89cbb]bho[/color:201ff89cbb]: malicious scripts scanner - [color=orange:201ff89cbb]{55ea1964-f5e4-4d6a-b9b2-125b37655fcb}[/color:201ff89cbb] - [color=teal:201ff89cbb]c:\documents and settings\all users\application data\prevx\[/color:201ff89cbb][color=blue:201ff89cbb]pxbho.dll[/color:201ff89cbb] [color=silver:201ff89cbb]o2 -[/color:201ff89cbb] [color=brown:201ff89cbb]bho[/color:201ff89cbb]: ssvhelper class - [color=orange:201ff89cbb]{761497bb-d6f0-462c-b6eb-d4daf1d92d43}[/color:201ff89cbb] - [color=teal:201ff89cbb]c:\program files\java\jre1.5.0_10\bin\[/color:201ff89cbb][color=blue:201ff89cbb]ssv.dll[/color:201ff89cbb] [color=silver:201ff89cbb]o3 -[/color:201ff89cbb] [color=brown:201ff89cbb]toolbar[/color:201ff89cbb]: mcafee siteadvisor - [color=orange:201ff89cbb]{0bf43445-2f28-4351-9252-17fe6e806aa0}[/color:201ff89cbb] - [color=teal:201ff89cbb]c:\program files\siteadvisor\6066\[/color:201ff89cbb][color=blue:201ff89cbb]siteadv.dll[/color:201ff89cbb] [color=silver:201ff89cbb]o4 -[/color:201ff89cbb] [color=brown:201ff89cbb]hklm\..\run[/color:201ff89cbb]: [b:201ff89cbb][winpatrol][/b:201ff89cbb] [color=teal:201ff89cbb]c:\program files\billp studios\winpatrol\[/color:201ff89cbb][color=blue:201ff89cbb]winpatrol.exe[/color:201ff89cbb] [color=silver:201ff89cbb]o4 -[/color:201ff89cbb] [color=brown:201ff89cbb]hklm\..\run[/color:201ff89cbb]: [b:201ff89cbb][windows defender][/b:201ff89cbb] [color=teal:201ff89cbb]c:\program files\windows defender\[/color:201ff89cbb][color=blue:201ff89cbb]msascui.exe[/color:201ff89cbb] -hide [color=silver:201ff89cbb]o4 -[/color:201ff89cbb] [color=brown:201ff89cbb]hklm\..\run[/color:201ff89cbb]: [b:201ff89cbb][nod32kui][/b:201ff89cbb] [color=teal:201ff89cbb]c:\program files\eset\[/color:201ff89cbb][color=blue:201ff89cbb]nod32kui.exe[/color:201ff89cbb] /waitservice [color=silver:201ff89cbb]o4 -[/color:201ff89cbb] [color=brown:201ff89cbb]hklm\..\run[/color:201ff89cbb]: [b:201ff89cbb][!avg anti-spyware][/b:201ff89cbb] [color=teal:201ff89cbb]c:\program files\grisoft\avg anti-spyware 7.5\[/color:201ff89cbb][color=blue:201ff89cbb]avgas.exe[/color:201ff89cbb] /minimized [color=silver:201ff89cbb]o4 -[/color:201ff89cbb] [color=brown:201ff89cbb]hklm\..\run[/color:201ff89cbb]: [b:201ff89cbb][prevxone][/b:201ff89cbb] [color=teal:201ff89cbb]c:\program files\prevx1\[/color:201ff89cbb][color=blue:201ff89cbb]pxconsole.exe[/color:201ff89cbb] [color=silver:201ff89cbb]o4 -[/color:201ff89cbb] [color=brown:201ff89cbb]hklm\..\run[/color:201ff89cbb]: [b:201ff89cbb][boc-423][/b:201ff89cbb] [color=teal:201ff89cbb]c:\progra~1\comodo\cboclean\[/color:201ff89cbb][color=blue:201ff89cbb]boc423.exe[/color:201ff89cbb] [color=silver:201ff89cbb]o4 -[/color:201ff89cbb] [color=brown:201ff89cbb]hklm\..\run[/color:201ff89cbb]: [b:201ff89cbb][nortonantibot][/b:201ff89cbb] [color=teal:201ff89cbb]c:\program files\symantec\norton antibot\agent\bin\[/color:201ff89cbb][color=blue:201ff89cbb]nortonantibot.exe[/color:201ff89cbb] [color=silver:201ff89cbb]o4 -[/color:201ff89cbb] [color=brown:201ff89cbb]hklm\..\run[/color:201ff89cbb]: [b:201ff89cbb][comodo firewall pro][/b:201ff89cbb] [color=teal:201ff89cbb]c:\program files\comodo\firewall\[/color:201ff89cbb][color=blue:201ff89cbb]cpf.exe[/color:201ff89cbb] /background [color=silver:201ff89cbb]o4 -[/color:201ff89cbb] [color=brown:201ff89cbb]hklm\..\run[/color:201ff89cbb]: [b:201ff89cbb][nvcpldaemon][/b:201ff89cbb] rundll32.exe [color=teal:201ff89cbb]c:\windows\system32\[/color:201ff89cbb][color=blue:201ff89cbb]nvcpl.dll[/color:201ff89cbb],nvstartup [color=silver:201ff89cbb]o4 -[/color:201ff89cbb] [color=brown:201ff89cbb]hkcu\..\run[/color:201ff89cbb]: [b:201ff89cbb][hddhealth][/b:201ff89cbb] [color=teal:201ff89cbb]c:\program files\hdd health\[/color:201ff89cbb][color=blue:201ff89cbb]hddhealth.exe[/color:201ff89cbb] -wl [color=silver:201ff89cbb]o8 -[/color:201ff89cbb] [color=brown:201ff89cbb]extra context menu item[/color:201ff89cbb]: e&xporteren naar microsoft excel - res://[color=teal:201ff89cbb]c:\progra~1\micros~2\office12\[/color:201ff89cbb][color=blue:201ff89cbb]excel.exe[/color:201ff89cbb]/3000 [color=silver:201ff89cbb]o9 -[/color:201ff89cbb] [color=brown:201ff89cbb]extra button[/color:201ff89cbb]: ie7pro preferences - [color=orange:201ff89cbb]{0026439f-a980-4f18-8c95-4f1cbbf9c1d8}[/color:201ff89cbb] - [color=teal:201ff89cbb]c:\program files\ie7pro\[/color:201ff89cbb][color=blue:201ff89cbb]ie7pro.dll[/color:201ff89cbb] [color=silver:201ff89cbb]o9 -[/color:201ff89cbb] [color=brown:201ff89cbb]extra 'tools' menuitem[/color:201ff89cbb]: ie7pro preferences - [color=orange:201ff89cbb]{0026439f-a980-4f18-8c95-4f1cbbf9c1d8}[/color:201ff89cbb] - [color=teal:201ff89cbb]c:\program files\ie7pro\[/color:201ff89cbb][color=blue:201ff89cbb]ie7pro.dll[/color:201ff89cbb] [color=silver:201ff89cbb]o9 -[/color:201ff89cbb] [color=brown:201ff89cbb]extra button[/color:201ff89cbb]: (no name) - [color=orange:201ff89cbb]{08b0e5c0-4fcb-11cf-aaa5-00401c608501}[/color:201ff89cbb] - [color=teal:201ff89cbb]c:\program files\java\jre1.5.0_10\bin\[/color:201ff89cbb][color=blue:201ff89cbb]ssv.dll[/color:201ff89cbb] [color=silver:201ff89cbb]o9 -[/color:201ff89cbb] [color=brown:201ff89cbb]extra 'tools' menuitem[/color:201ff89cbb]: sun java console - [color=orange:201ff89cbb]{08b0e5c0-4fcb-11cf-aaa5-00401c608501}[/color:201ff89cbb] - [color=teal:201ff89cbb]c:\program files\java\jre1.5.0_10\bin\[/color:201ff89cbb][color=blue:201ff89cbb]ssv.dll[/color:201ff89cbb] [color=silver:201ff89cbb]o9 -[/color:201ff89cbb] [color=brown:201ff89cbb]extra button[/color:201ff89cbb]: (no name) - [color=orange:201ff89cbb]{85d1f590-48f4-11d9-9669-0800200c9a66}[/color:201ff89cbb] - [color=teal:201ff89cbb]%windir%\[/color:201ff89cbb][color=blue:201ff89cbb]bdoscandel.exe[/color:201ff89cbb] [color=red:201ff89cbb](file missing)[/color:201ff89cbb] [color=silver:201ff89cbb]o9 -[/color:201ff89cbb] [color=brown:201ff89cbb]extra 'tools' menuitem[/color:201ff89cbb]: uninstall bitdefender online scanner v8 - [color=orange:201ff89cbb]{85d1f590-48f4-11d9-9669-0800200c9a66}[/color:201ff89cbb] - [color=teal:201ff89cbb]%windir%\[/color:201ff89cbb][color=blue:201ff89cbb]bdoscandel.exe[/color:201ff89cbb] [color=red:201ff89cbb](file missing)[/color:201ff89cbb] [color=silver:201ff89cbb]o9 -[/color:201ff89cbb] [color=brown:201ff89cbb]extra button[/color:201ff89cbb]: research - [color=orange:201ff89cbb]{92780b25-18cc-41c8-b9be-3c9c571a8263}[/color:201ff89cbb] - [color=teal:201ff89cbb]c:\progra~1\micros~2\office12\[/color:201ff89cbb][color=blue:201ff89cbb]refiebar.dll[/color:201ff89cbb] [color=silver:201ff89cbb]o9 -[/color:201ff89cbb] [color=brown:201ff89cbb]extra button[/color:201ff89cbb]: (no name) - [color=orange:201ff89cbb]{e2e2dd38-d088-4134-82b7-f2ba38496583}[/color:201ff89cbb] - [color=teal:201ff89cbb]%windir%\network diagnostic\[/color:201ff89cbb][color=blue:201ff89cbb]xpnetdiag.exe[/color:201ff89cbb] [color=red:201ff89cbb](file missing)[/color:201ff89cbb] [color=silver:201ff89cbb]o9 -[/color:201ff89cbb] [color=brown:201ff89cbb]extra 'tools' menuitem[/color:201ff89cbb]: @xpsp3res.dll,-20001 - [color=orange:201ff89cbb]{e2e2dd38-d088-4134-82b7-f2ba38496583}[/color:201ff89cbb] - [color=teal:201ff89cbb]%windir%\network diagnostic\[/color:201ff89cbb][color=blue:201ff89cbb]xpnetdiag.exe[/color:201ff89cbb] [color=red:201ff89cbb](file missing)[/color:201ff89cbb] [color=silver:201ff89cbb]o11 -[/color:201ff89cbb] [color=brown:201ff89cbb]options group[/color:201ff89cbb]: [b:201ff89cbb][international][/b:201ff89cbb] international* [color=silver:201ff89cbb]o14 -[/color:201ff89cbb] [color=brown:201ff89cbb]iereset.inf[/color:201ff89cbb]: start_page_url=[u:201ff89cbb][noparse]http://www.12move.nl[/noparse][/u:201ff89cbb] [color=silver:201ff89cbb]o16 -[/color:201ff89cbb] [color=brown:201ff89cbb]dpf[/color:201ff89cbb]: [color=orange:201ff89cbb]{17492023-c23a-453e-a040-c7c580bbf700}[/color:201ff89cbb] (windows genuine advantage validation tool) - [u:201ff89cbb][noparse]http://go.microsoft.com/fwlink/?linkid=39204[/noparse][/u:201ff89cbb] [color=silver:201ff89cbb]o16 -[/color:201ff89cbb] [color=brown:201ff89cbb]dpf[/color:201ff89cbb]: [color=orange:201ff89cbb]{30528230-99f7-4bb4-88d8-fa1d4f56a2ab}[/color:201ff89cbb] - [color=silver:201ff89cbb]o16 -[/color:201ff89cbb] [color=brown:201ff89cbb]dpf[/color:201ff89cbb]: [color=orange:201ff89cbb]{512fc5a1-7de1-43f1-bc0c-371622fcb409}[/color:201ff89cbb] (totalscan installer class) - [u:201ff89cbb][noparse]http://www.nanoscan.com/as/v1/cabs/ascstubie.cab[/noparse][/u:201ff89cbb] [color=silver:201ff89cbb]o16 -[/color:201ff89cbb] [color=brown:201ff89cbb]dpf[/color:201ff89cbb]: [color=orange:201ff89cbb]{5d86ddb5-bdf9-441b-9e9e-d4730f4ee499}[/color:201ff89cbb] (bdscanonline control) - [u:201ff89cbb][noparse]http://download.bitdefender.com/resources/scan8/oscan8.cab[/noparse][/u:201ff89cbb] [color=silver:201ff89cbb]o16 -[/color:201ff89cbb] [color=brown:201ff89cbb]dpf[/color:201ff89cbb]: [color=orange:201ff89cbb]{5ed80217-570b-4da9-bf44-be107c0ec166}[/color:201ff89cbb] - [u:201ff89cbb][noparse]http://cdn.scan.safety.live.com/resource/download/scanner/wlscbase969.cab[/noparse][/u:201ff89cbb] [color=silver:201ff89cbb]o16 -[/color:201ff89cbb] [color=brown:201ff89cbb]dpf[/color:201ff89cbb]: [color=orange:201ff89cbb]{6e32070a-766d-4ee6-879c-dc1fa91d2fc3}[/color:201ff89cbb] (muwebcontrol class) - [u:201ff89cbb][noparse]http://update.microsoft.com/microsoftupdate/v6/v5controls/en/x86/client/muweb_site.cab?1162239558168[/noparse][/u:201ff89cbb] [color=silver:201ff89cbb]o16 -[/color:201ff89cbb] [color=brown:201ff89cbb]dpf[/color:201ff89cbb]: [color=orange:201ff89cbb]{bb21f850-63f4-4ec9-bf9d-565bd30c9ae9}[/color:201ff89cbb] - [u:201ff89cbb][noparse]http://ax.emsisoft.com/asquared.cab[/noparse][/u:201ff89cbb] [color=silver:201ff89cbb]o18 -[/color:201ff89cbb] [color=brown:201ff89cbb]protocol[/color:201ff89cbb]: ms-help - [color=orange:201ff89cbb]{314111c7-a502-11d2-bbca-00c04f8ec294}[/color:201ff89cbb] - [color=teal:201ff89cbb]c:\program files\common files\microsoft shared\help\[/color:201ff89cbb][color=blue:201ff89cbb]hxds.dll[/color:201ff89cbb] [color=silver:201ff89cbb]o18 -[/color:201ff89cbb] [color=brown:201ff89cbb]protocol[/color:201ff89cbb]: siteadvisor - [color=orange:201ff89cbb]{3a5dc592-7723-4eaa-9ee6-af4222bcf879}[/color:201ff89cbb] - [color=teal:201ff89cbb]c:\program files\siteadvisor\6066\[/color:201ff89cbb][color=blue:201ff89cbb]siteadv.dll[/color:201ff89cbb] [color=silver:201ff89cbb]o18 -[/color:201ff89cbb] [color=brown:201ff89cbb]protocol[/color:201ff89cbb]: wlmailhtml - [color=orange:201ff89cbb]{03c514a3-1efb-4856-9f99-10d7be1653c0}[/color:201ff89cbb] - [color=teal:201ff89cbb]c:\program files\windows live mail desktop\[/color:201ff89cbb][color=blue:201ff89cbb]mailcomm.dll[/color:201ff89cbb] [color=silver:201ff89cbb]o18 -[/color:201ff89cbb] [color=brown:201ff89cbb]filter hijack[/color:201ff89cbb]: text/xml - [color=orange:201ff89cbb]{807563e5-5146-11d5-a672-00b0d022e945}[/color:201ff89cbb] - [color=teal:201ff89cbb]c:\progra~1\common~1\micros~1\office12\[/color:201ff89cbb][color=blue:201ff89cbb]msoxmlmf.dll[/color:201ff89cbb] [color=silver:201ff89cbb]o20 -[/color:201ff89cbb] [color=brown:201ff89cbb]winlogon notify[/color:201ff89cbb]: wgalogon - [color=teal:201ff89cbb]c:\windows\system32\[/color:201ff89cbb][color=blue:201ff89cbb]wgalogon.dll[/color:201ff89cbb] [color=silver:201ff89cbb]o21 -[/color:201ff89cbb] [color=brown:201ff89cbb]ssodl[/color:201ff89cbb]: wpdshserviceobj - [color=orange:201ff89cbb]{aaa288ba-9a4c-45b0-95d7-94d524869db5}[/color:201ff89cbb] - [color=teal:201ff89cbb]c:\windows\system32\[/color:201ff89cbb][color=blue:201ff89cbb]wpdshserviceobj.dll[/color:201ff89cbb] [color=silver:201ff89cbb]o23 -[/color:201ff89cbb] [color=brown:201ff89cbb]service[/color:201ff89cbb]: a-squared anti-malware service (a2antimalware) - emsi software gmbh - [color=teal:201ff89cbb]c:\program files\a-squared anti-malware\[/color:201ff89cbb][color=blue:201ff89cbb]a2service.exe[/color:201ff89cbb] [color=silver:201ff89cbb]o23 -[/color:201ff89cbb] [color=brown:201ff89cbb]service[/color:201ff89cbb]: a-squared free service (a2free) - emsi software gmbh - [color=teal:201ff89cbb]c:\program files\a-squared free\[/color:201ff89cbb][color=blue:201ff89cbb]a2service.exe[/color:201ff89cbb] [color=silver:201ff89cbb]o23 -[/color:201ff89cbb] [color=brown:201ff89cbb]service[/color:201ff89cbb]: ad-aware 2007 service (aawservice) - lavasoft ab - [color=teal:201ff89cbb]c:\program files\lavasoft\ad-aware 2007\[/color:201ff89cbb][color=blue:201ff89cbb]aawservice.exe[/color:201ff89cbb] [color=silver:201ff89cbb]o23 -[/color:201ff89cbb] [color=brown:201ff89cbb]service[/color:201ff89cbb]: adobe lm service - adobe systems - [color=teal:201ff89cbb]c:\program files\common files\adobe systems shared\service\[/color:201ff89cbb][color=blue:201ff89cbb]adobelmsvc.exe[/color:201ff89cbb] [color=silver:201ff89cbb]o23 -[/color:201ff89cbb] [color=brown:201ff89cbb]service[/color:201ff89cbb]: avg anti-spyware guard - grisoft s.r.o. - [color=teal:201ff89cbb]c:\program files\grisoft\avg anti-spyware 7.5\[/color:201ff89cbb][color=blue:201ff89cbb]guard.exe[/color:201ff89cbb] [color=silver:201ff89cbb]o23 -[/color:201ff89cbb] [color=brown:201ff89cbb]service[/color:201ff89cbb]: bocore - comodo - [color=teal:201ff89cbb]c:\program files\comodo\cboclean\[/color:201ff89cbb][color=blue:201ff89cbb]bocore.exe[/color:201ff89cbb] [color=silver:201ff89cbb]o23 -[/color:201ff89cbb] [color=brown:201ff89cbb]service[/color:201ff89cbb]: comodo application agent (cmdagent) - comodo - [color=teal:201ff89cbb]c:\program files\comodo\firewall\[/color:201ff89cbb][color=blue:201ff89cbb]cmdagent.exe[/color:201ff89cbb] [color=silver:201ff89cbb]o23 -[/color:201ff89cbb] [color=brown:201ff89cbb]service[/color:201ff89cbb]: iolo dmv service (iolodmv) - unknown owner - [color=teal:201ff89cbb]c:\program files\iolo\common\lib\[/color:201ff89cbb][color=blue:201ff89cbb]iolodmvsvc.exe[/color:201ff89cbb] [color=silver:201ff89cbb]o23 -[/color:201ff89cbb] [color=brown:201ff89cbb]service[/color:201ff89cbb]: nod32 kernel service (nod32krn) - eset - [color=teal:201ff89cbb]c:\program files\eset\[/color:201ff89cbb][color=blue:201ff89cbb]nod32krn.exe[/color:201ff89cbb] [color=silver:201ff89cbb]o23 -[/color:201ff89cbb] [color=brown:201ff89cbb]service[/color:201ff89cbb]: nvidia display driver service (nvsvc) - nvidia corporation - [color=teal:201ff89cbb]c:\windows\system32\[/color:201ff89cbb][color=blue:201ff89cbb]nvsvc32.exe[/color:201ff89cbb] [color=silver:201ff89cbb]o23 -[/color:201ff89cbb] [color=brown:201ff89cbb]service[/color:201ff89cbb]: prevx agent (prevxagent) - unknown owner - [color=teal:201ff89cbb]c:\program files\prevx1\[/color:201ff89cbb][color=blue:201ff89cbb]pxagent.exe[/color:201ff89cbb] -f [color=red:201ff89cbb](file missing)[/color:201ff89cbb] [color=silver:201ff89cbb]o23 -[/color:201ff89cbb] [color=brown:201ff89cbb]service[/color:201ff89cbb]: sisoftware database agent service (sandradatasrv) - sisoftware - [color=teal:201ff89cbb]c:\program files\sisoftware\sisoftware sandra lite xib\win32\[/color:201ff89cbb][color=blue:201ff89cbb]rpcdatasrv.exe[/color:201ff89cbb] [color=silver:201ff89cbb]o23 -[/color:201ff89cbb] [color=brown:201ff89cbb]service[/color:201ff89cbb]: sisoftware sandra agent service (sandrathesrv) - sisoftware - [color=teal:201ff89cbb]c:\program files\sisoftware\sisoftware sandra lite xib\[/color:201ff89cbb][color=blue:201ff89cbb]rpcsandrasrv.exe[/color:201ff89cbb] [color=silver:201ff89cbb]o23 -[/color:201ff89cbb] [color=brown:201ff89cbb]service[/color:201ff89cbb]: sandboxie service (sbiesvc) - tzuk - [color=teal:201ff89cbb]c:\program files\sandboxie\[/color:201ff89cbb][color=blue:201ff89cbb]sbiesvc.exe[/color:201ff89cbb] [color=silver:201ff89cbb]o23 -[/color:201ff89cbb] [color=brown:201ff89cbb]service[/color:201ff89cbb]: siteadvisor service - mcafee, inc. - [color=teal:201ff89cbb]c:\program files\siteadvisor\6066\[/color:201ff89cbb][color=blue:201ff89cbb]saservice.exe[/color:201ff89cbb] [color=silver:201ff89cbb]o23 -[/color:201ff89cbb] [color=brown:201ff89cbb]service[/color:201ff89cbb]: symantecantibotagent - unknown owner - [color=teal:201ff89cbb]c:\program files\symantec\norton antibot\agent\bin\[/color:201ff89cbb][color=blue:201ff89cbb]nabagent.exe[/color:201ff89cbb] symantecantibotagent [color=red:201ff89cbb](file missing)[/color:201ff89cbb] [color=silver:201ff89cbb]o23 -[/color:201ff89cbb] [color=brown:201ff89cbb]service[/color:201ff89cbb]: symantecantibotwatcher - symantec - [color=teal:201ff89cbb]c:\program files\symantec\norton antibot\agent\bin\[/color:201ff89cbb][color=blue:201ff89cbb]nabwatcher.exe[/color:201ff89cbb] [/hjt]
  • Hai, ik vind dit slecht leesbaar, wil je het opnieuw proberen aub. Download Hijackthis-setup http://www.isecurity.org.uk/downloads/hijackthissetup.exe Dubbelklik op Hijackthis-setup Hijackthis wordt nu op je PC geïnstalleerd, een snel koppeling wordt op je bureaublad geplaatst Dubbelklik op het Icoontje van Hijackthis Klik op "Do a systemscan and save a logfile" Er opent een Kladblok venster, houd gelijkt tijdig de CTRL en A toets ingedrukt, nu is alles geselecteerd. Houd gelijkt tijdig de CTRL en C toets ingedrukt, nu is alles gekopieerd. Log in op het forum en klik hier Forum op "nieuw onderwerp" Voorzie dat van een Titel en een omschrijving van je probleem, vertel ook wat je al wel heb gedaan en wat je niet kon doen. Plak nu het HJT logje in je bericht door met de rechtermuisknop te klikken en kies voor plakken. Klik vervolgens op OK bvd J
  • Hallo, AVG ASW vindt elke keer weer na opstarten Adware.Generic, ondanks het feit dat die daarvoor in quarantaine was gezet. Enige tijd geleden bevond zich Adware.Screensavers in dezelfde registerkey, welke nu niet meer wordt gedetecteerd. Daarnaast heb ik Ad-Aware 2007, Adware-Aware SE Pro, a-squared Free, Dr.Web cure-it, CWShredder, NOD32, Prevx1, Spybot SD, Windows Defender en verschillende online scanners (o.a Bitdefender, Panda en F-secure) de boel laten scannen. Lijkt mij toch meer dan genoeg. Verder schoon ik de computer regelmatig op en laat ik het register op fouten scannen. Hoe kan ik Adware.Generic definitief verwijderen? AVG Anti-Spyware - Scan Report --------------------------------------------------------- + Created at: 1:51:43 14-7-2007 + Scan result: HKLM\SYSTEM\ControlSet003\Control\Video\{0A4C146C-EC17-42F2-85A7-23C2E8EA6BA6}\0000\\_nhl2005.exe:D3DOGL_67207556 -> Adware.Screensavers : Cleaned with backup (quarantined). ::Report end --------------------------------------------------------- AVG Anti-Spyware - Scan Report --------------------------------------------------------- + Created at: 11:32:37 4-8-2007 + Scan result: HKLM\SYSTEM\ControlSet003\Control\Video\{0A4C146C-EC17-42F2-85A7-23C2E8EA6BA6}\0000\\_nhl2005.exe:D3DOGL_67207556 -> Adware.Generic : Cleaned with backup (quarantined). ::Report end Logfile of HijackThis v1.99.1 Scan saved at 20:48:12, on 6-8-2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16473) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\csrss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Windows Defender\MsMpEng.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\PROGRAM FILES\A-SQUARED ANTI-MALWARE\a2service.exe C:\Program Files\a-squared Free\a2service.exe C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe C:\Program Files\Comodo\CBOClean\BOCORE.exe C:\Program Files\Comodo\Firewall\cmdagent.exe C:\Program Files\iolo\Common\Lib\ioloDMVSvc.exe C:\Program Files\Eset\nod32krn.exe C:\WINDOWS\system32\nvsvc32.exe C:\Program Files\Prevx1\PXAgent.exe C:\Program Files\Sandboxie\SbieSvc.exe C:\Program Files\SiteAdvisor\6066\SAService.exe C:\Program Files\Symantec\Norton AntiBot\agent\Bin\NABWatcher.exe C:\Program Files\Symantec\Norton AntiBot\agent\Bin\NABAgent.exe C:\WINDOWS\System32\alg.exe C:\WINDOWS\Explorer.EXE C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe C:\Program Files\Windows Defender\MSASCui.exe C:\Program Files\Eset\nod32kui.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe C:\Program Files\Prevx1\PXConsole.exe C:\PROGRA~1\Comodo\CBOClean\BOC423.exe C:\Program Files\Symantec\Norton AntiBot\agent\bin\NortonAntiBot.exe C:\Program Files\Comodo\Firewall\CPF.exe C:\Program Files\Symantec\Norton AntiBot\agent\bin\NABMonitor.exe C:\Program Files\HDD Health\hddhealth.exe C:\Program Files\SiteAdvisor\6066\SiteAdv.exe C:\Program Files\Windows Live Mail desktop\wlmail.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\Beveiliging\Diverse beveiligingen\HijackThis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.nl R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.google.com/search?q=%s R1 - HKLM\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.google.com/keyword/%s R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = proxy.12move.nl:8080 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe O2 - BHO: IE7Pro - {00011268-E188-40DF-A514-835FCD78B1BF} - C:\Program Files\IE7Pro\IE7Pro.dll O2 - BHO: (no name) - {089FD14D-132B-48FC-8861-0048AE113215} - C:\Program Files\SiteAdvisor\6066\SiteAdv.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\BEVEIL~1\ANTISP~1\SPYBOT~1\SDHelper.dll O2 - BHO: Malicious Scripts Scanner - {55EA1964-F5E4-4D6A-B9B2-125B37655FCB} - C:\Documents and Settings\All Users\Application Data\Prevx\pxbho.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll O3 - Toolbar: McAfee SiteAdvisor - {0BF43445-2F28-4351-9252-17FE6E806AA0} - C:\Program Files\SiteAdvisor\6066\SiteAdv.dll O4 - HKLM\..\Run: [WinPatrol] C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized O4 - HKLM\..\Run: [PrevxOne] "C:\Program Files\Prevx1\PXConsole.exe" O4 - HKLM\..\Run: [BOC-423] C:\PROGRA~1\Comodo\CBOClean\BOC423.exe O4 - HKLM\..\Run: [NortonAntiBot] "C:\Program Files\Symantec\Norton AntiBot\agent\bin\NortonAntiBot.exe" O4 - HKLM\..\Run: [COMODO Firewall Pro] "C:\Program Files\Comodo\Firewall\CPF.exe" /background O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKCU\..\Run: [HDDHealth] C:\Program Files\HDD Health\hddhealth.exe -wl O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: IE7Pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - C:\Program Files\IE7Pro\IE7Pro.dll O9 - Extra 'Tools' menuitem: IE7Pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - C:\Program Files\IE7Pro\IE7Pro.dll O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing) O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing) O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O11 - Options group: [INTERNATIONAL] International* O14 - IERESET.INF: START_PAGE_URL=http://www.12move.nl O16 - DPF: {0B79F48A-E8D6-11DB-9283-E25056D89593} (F-Secure Online Scanner 3.1) - http://support.f-secure.com/ols/fscax.cab O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} - O16 - DPF: {512FC5A1-7DE1-43F1-BC0C-371622FCB409} (TotalScan Installer Class) - http://www.nanoscan.com/as/v1/cabs/ascstubie.cab O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} - http://cdn.scan.safety.live.com/resource/download/scanner/wlscbase969.cab O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1162239558168 O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} - http://ax.emsisoft.com/asquared.cab O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll O18 - Protocol: siteadvisor - {3A5DC592-7723-4EAA-9EE6-AF4222BCF879} - C:\Program Files\SiteAdvisor\6066\SiteAdv.dll O18 - Protocol: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live Mail desktop\mailcomm.dll O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll O23 - Service: a-squared Anti-Malware Service (a2AntiMalware) - Emsi Software GmbH - C:\PROGRAM FILES\A-SQUARED ANTI-MALWARE\a2service.exe O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Program Files\a-squared Free\a2service.exe O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe O23 - Service: BOCore - COMODO - C:\Program Files\Comodo\CBOClean\BOCORE.exe O23 - Service: Comodo Application Agent (CmdAgent) - COMODO - C:\Program Files\Comodo\Firewall\cmdagent.exe O23 - Service: iolo DMV Service (ioloDMV) - Unknown owner - C:\Program Files\iolo\Common\Lib\ioloDMVSvc.exe O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Prevx Agent (PREVXAgent) - Unknown owner - C:\Program Files\Prevx1\PXAgent.exe" -f (file missing) O23 - Service: SiSoftware Database Agent Service (SandraDataSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite XIb\Win32\RpcDataSrv.exe O23 - Service: SiSoftware Sandra Agent Service (SandraTheSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite XIb\RpcSandraSrv.exe O23 - Service: Sandboxie Service (SbieSvc) - tzuk - C:\Program Files\Sandboxie\SbieSvc.exe O23 - Service: SiteAdvisor Service - McAfee, Inc. - C:\Program Files\SiteAdvisor\6066\SAService.exe O23 - Service: SymantecAntiBotAgent - Unknown owner - C:\Program Files\Symantec\Norton AntiBot\agent\Bin\NABAgent.exe" SymantecAntiBotAgent (file missing) O23 - Service: SymantecAntiBotWatcher - Symantec - C:\Program Files\Symantec\Norton AntiBot\agent\Bin\NABWatcher.exe
  • Start Hijackthis op en kies voor 'Do a system scan only' Selecteer alleen de items die hieronder zijn genoemd: [b:442ab048ad] R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = [/b:442ab048ad] Klik op 'Fix checked' om de items te verwijderen. Heb je nu nog steeds problemen??
  • Helaas, het probleem is niet verholpen. Logfile of HijackThis v1.99.1 Scan saved at 14:49:40, on 7-8-2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16473) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\csrss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Windows Defender\MsMpEng.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\PROGRAM FILES\A-SQUARED ANTI-MALWARE\a2service.exe C:\Program Files\a-squared Free\a2service.exe C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe C:\Program Files\Comodo\CBOClean\BOCORE.exe C:\Program Files\Comodo\Firewall\cmdagent.exe C:\Program Files\iolo\Common\Lib\ioloDMVSvc.exe C:\Program Files\Eset\nod32krn.exe C:\WINDOWS\system32\nvsvc32.exe C:\Program Files\Prevx1\PXAgent.exe C:\Program Files\Sandboxie\SbieSvc.exe C:\Program Files\SiteAdvisor\6066\SAService.exe C:\Program Files\Symantec\Norton AntiBot\agent\Bin\NABWatcher.exe C:\WINDOWS\system32\SearchIndexer.exe C:\Program Files\Symantec\Norton AntiBot\agent\Bin\NABAgent.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\wuauclt.exe C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe C:\Program Files\Windows Defender\MSASCui.exe C:\WINDOWS\System32\alg.exe C:\Program Files\Eset\nod32kui.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe C:\Program Files\Prevx1\PXConsole.exe C:\PROGRA~1\Comodo\CBOClean\BOC423.exe C:\Program Files\Symantec\Norton AntiBot\agent\bin\NortonAntiBot.exe C:\Program Files\Comodo\Firewall\CPF.exe C:\Program Files\Symantec\Norton AntiBot\agent\bin\NABMonitor.exe C:\Program Files\HDD Health\hddhealth.exe C:\Program Files\Beveiliging\Diverse beveiligingen\HijackThis\HijackThis.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\SiteAdvisor\6066\SiteAdv.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.nl R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.google.com/search?q=%s R1 - HKLM\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.google.com/keyword/%s R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = proxy.12move.nl:8080 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe O2 - BHO: IE7Pro - {00011268-E188-40DF-A514-835FCD78B1BF} - C:\Program Files\IE7Pro\IE7Pro.dll O2 - BHO: (no name) - {089FD14D-132B-48FC-8861-0048AE113215} - C:\Program Files\SiteAdvisor\6066\SiteAdv.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\BEVEIL~1\ANTISP~1\SPYBOT~1\SDHelper.dll O2 - BHO: Malicious Scripts Scanner - {55EA1964-F5E4-4D6A-B9B2-125B37655FCB} - C:\Documents and Settings\All Users\Application Data\Prevx\pxbho.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll O3 - Toolbar: McAfee SiteAdvisor - {0BF43445-2F28-4351-9252-17FE6E806AA0} - C:\Program Files\SiteAdvisor\6066\SiteAdv.dll O4 - HKLM\..\Run: [WinPatrol] C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized O4 - HKLM\..\Run: [PrevxOne] "C:\Program Files\Prevx1\PXConsole.exe" O4 - HKLM\..\Run: [BOC-423] C:\PROGRA~1\Comodo\CBOClean\BOC423.exe O4 - HKLM\..\Run: [NortonAntiBot] "C:\Program Files\Symantec\Norton AntiBot\agent\bin\NortonAntiBot.exe" O4 - HKLM\..\Run: [COMODO Firewall Pro] "C:\Program Files\Comodo\Firewall\CPF.exe" /background O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKCU\..\Run: [HDDHealth] C:\Program Files\HDD Health\hddhealth.exe -wl O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: IE7Pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - C:\Program Files\IE7Pro\IE7Pro.dll O9 - Extra 'Tools' menuitem: IE7Pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - C:\Program Files\IE7Pro\IE7Pro.dll O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing) O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing) O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O11 - Options group: [INTERNATIONAL] International* O14 - IERESET.INF: START_PAGE_URL=http://www.12move.nl O16 - DPF: {0B79F48A-E8D6-11DB-9283-E25056D89593} (F-Secure Online Scanner 3.1) - http://support.f-secure.com/ols/fscax.cab O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} - O16 - DPF: {512FC5A1-7DE1-43F1-BC0C-371622FCB409} (TotalScan Installer Class) - http://www.nanoscan.com/as/v1/cabs/ascstubie.cab O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} - http://cdn.scan.safety.live.com/resource/download/scanner/wlscbase969.cab O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1162239558168 O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} - http://ax.emsisoft.com/asquared.cab O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll O18 - Protocol: siteadvisor - {3A5DC592-7723-4EAA-9EE6-AF4222BCF879} - C:\Program Files\SiteAdvisor\6066\SiteAdv.dll O18 - Protocol: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live Mail desktop\mailcomm.dll O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll O23 - Service: a-squared Anti-Malware Service (a2AntiMalware) - Emsi Software GmbH - C:\PROGRAM FILES\A-SQUARED ANTI-MALWARE\a2service.exe O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Program Files\a-squared Free\a2service.exe O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe O23 - Service: BOCore - COMODO - C:\Program Files\Comodo\CBOClean\BOCORE.exe O23 - Service: Comodo Application Agent (CmdAgent) - COMODO - C:\Program Files\Comodo\Firewall\cmdagent.exe O23 - Service: iolo DMV Service (ioloDMV) - Unknown owner - C:\Program Files\iolo\Common\Lib\ioloDMVSvc.exe O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Prevx Agent (PREVXAgent) - Unknown owner - C:\Program Files\Prevx1\PXAgent.exe" -f (file missing) O23 - Service: SiSoftware Database Agent Service (SandraDataSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite XIb\Win32\RpcDataSrv.exe O23 - Service: SiSoftware Sandra Agent Service (SandraTheSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite XIb\RpcSandraSrv.exe O23 - Service: Sandboxie Service (SbieSvc) - tzuk - C:\Program Files\Sandboxie\SbieSvc.exe O23 - Service: SiteAdvisor Service - McAfee, Inc. - C:\Program Files\SiteAdvisor\6066\SAService.exe O23 - Service: SymantecAntiBotAgent - Unknown owner - C:\Program Files\Symantec\Norton AntiBot\agent\Bin\NABAgent.exe" SymantecAntiBotAgent (file missing) O23 - Service: SymantecAntiBotWatcher - Symantec - C:\Program Files\Symantec\Norton AntiBot\agent\Bin\NABWatcher.exe
  • Het probleem is verholpen. Ik heb een tijd geleden het stuurprogramma van mijn grafische kaart (GeForce FX5200) bijgewerkt. Ik heb het hele bestand wat ik destijds daarvoor heb gedownload van nVidia verwijderd en de driver opnieuw geinstalleerd met de originele cd. Ik heb AVG ASW een aantal keren laten scannen, ook na een aantal keren herstarten en so far so good. Bedankt voor de gedane moeite. Nog één vraag: kan ik in een HJT-log de regels waar aan het eind staat dat er een "file is missing", deze regels ongestraft verwijderen?
  • [quote:6aec54c39b="Doggy94"]Nog één vraag: kan ik in een HJT-log de regels waar aan het eind staat dat er een "file is missing", deze regels ongestraft verwijderen?[/quote:6aec54c39b] Je zal daar in de praktijk niets van merken, maar in de 09-lijnen is dit een foutje van het programma HiJackThis. Dus laten staan is de beste optie.

Beantwoord deze vraag

Weet jij het antwoord op deze vraag? Registreer of meld je aan met je account

Dit is een gearchiveerde pagina. Antwoorden is niet meer mogelijk.