Op deze website gebruiken we cookies om content en advertenties te personaliseren, om functies voor social media te bieden en om ons websiteverkeer te analyseren. Ook delen we informatie over uw gebruik van onze site met onze partners voor social media, adverteren en analyse. Deze partners kunnen deze gegevens combineren met andere informatie die u aan ze heeft verstrekt of die ze hebben verzameld op basis van uw gebruik van hun services. Meer informatie.

Akkoord

Vraag & Antwoord

Beveiliging & privacy

Probleem met Nero of malware

None
8 antwoorden
  • Ik heb al enige tijd een probleem met cd lezen en branden. Daarvoor heb ik Nero 8 gedownload en geïnstalleerd. Toen zijn de problemen pas echt begonnen. Geen internet, geen netwerk kaart, geen cd meer af kunnen spelen, etc… Geprobeerd de diverse forums hierover goed te lezen. Diverse virusprogramma´s gebruikt. Bij het gebruik van SDFixkwam er weer licht aan de horizon. Alles lijkt weer normaal, behalve…

    1. Mij Cd-Dvd combo doet het helemaal niet meer. Ook niet als ik de computer laat opstarten met de windows XP cd. Maar deze zal ik vanmiddag even mlaten testen.

    2. Nero werkt niet. Ik wil hem deïnstaleren maar dat gaat niet erzit een programma Incd in de weg.

    Ik heb twee logjes gemaakt, kan iemand daar eens naar kijken.

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 19:05:25, on 16/01/2008
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\Explorer.EXE
    D:\Avast\aswUpdSv.exe
    D:\Avast\ashServ.exe
    C:\WINDOWS\system32\LEXBCES.EXE
    C:\WINDOWS\system32\LEXPPS.EXE
    C:\WINDOWS\system32\spoolsv.exe
    D:\Photoshop Elements\PhotoshopElementsFileAgent.exe
    C:\WINDOWS\system32\RUNDLL32.EXE
    C:\WINDOWS\SOUNDMAN.EXE
    D:\Avast\ashDisp.exe
    C:\Program Files\Lexmark X5100 Series\lxbabmgr.exe
    C:\Program Files\Lexmark X5100 Series\lxbabmon.exe
    C:\Program Files\MSN Messenger\msnmsgr.exe
    C:\Program Files\Skype\Phone\Skype.exe
    C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
    C:\Program Files\Cordless USB Phone\Cordless DUALphone Suite.exe
    D:\AVG Anti-Spyware 7.5\guard.exe
    C:\Program Files\Silvercrest MTS2118 driver\KMWDSrv.exe
    C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
    C:\Program Files\NDAS\System
    dassvc.exe
    D:\Nero\Nero8\Nero BackItUp\NBService.exe
    C:\WINDOWS\system32
    vsvc32.exe
    C:\WINDOWS\system32\perfs.exe
    C:\WINDOWS\system32\routing.exe
    C:\Program Files\802.11g USB Wireless LAN Card\WLService.exe
    C:\Program Files\802.11g USB Wireless LAN Card\WLanCfgG.exe
    E:\Alcohol120%\Alcohol 120\StarWind\StarWindServiceAE.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
    D:\Avast\ashMaiSv.exe
    D:\Avast\ashWebSv.exe
    C:\Program Files\MSN Messenger\usnsvc.exe
    C:\Program Files\MSN Messenger\livecall.exe
    C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe
    C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
    E:\DVDIDL~1\DVDIdlePro.exe
    C:\Documents and Settings\Peter\Bureaublad\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
    R3 - URLSearchHook: The Pirate Bay Toolbar - {a33fa729-d155-4b23-842b-2c665ecabdb6} - C:\Program Files\The_Pirate_Bay\tbThe_.dll (file missing)
    O2 - BHO: Adobe PDF Reader Help bij koppelingen - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - D:\SPYBOT~1\SDHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: The Pirate Bay Toolbar - {a33fa729-d155-4b23-842b-2c665ecabdb6} - C:\Program Files\The_Pirate_Bay\tbThe_.dll (file missing)
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar4.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
    O2 - BHO: Trixie.Bho - {B0744341-96E0-4341-9ED2-8BC36CE0CCD0} - mscoree.dll (file missing)
    O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar4.dll
    O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
    O4 - HKLM\..\Run: [avast!] D:\Avast\ashDisp.exe
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [Lexmark X5100 Series] "C:\Program Files\Lexmark X5100 Series\lxbabmgr.exe"
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
    O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
    O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Lokale service')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Netwerkservice')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
    O4 - Global Startup: Cordless DUALphone opstarten.lnk = C:\Program Files\Cordless USB Phone\Cordless DUALphone Suite.exe
    O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
    O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://D:\Office\Office10\EXCEL.EXE/3000
    O8 - Extra context menu item: Openen in een nieuwe achtergrondtab - res://C:\Program Files\Windows Live Toolbar\Components
    l-nl\msntabres.dll.mui/229?b9a92da7db104514a0198086b9bb4319
    O8 - Extra context menu item: Openen in een nieuwe voorgrondtab - res://C:\Program Files\Windows Live Toolbar\Components
    l-nl\msntabres.dll.mui/230?b9a92da7db104514a0198086b9bb4319
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
    O9 - Extra button: (no name) - {20CCCFEC-D26F-4ffe-996B-388B39C8CCCA} - C:\WINDOWS\system32\mscoree.DLL
    O9 - Extra 'Tools' menuitem: Tri&xie Options… - {20CCCFEC-D26F-4ffe-996B-388B39C8CCCA} - C:\WINDOWS\system32\mscoree.DLL
    O15 - Trusted Zone: www.698698698.info
    O15 - Trusted Zone: www.sgnappo.com
    O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
    O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://deomepter.spaces.live.com/PhotoUpload/MsnPUpld.cab
    O16 - DPF: {B785FA3C-1DE9-4D20-8396-613C486FE95E} (AeatCtl Class) - https://www1.aeat.es/imagenes/comun/cactivex.cab
    O16 - DPF: {EB387D2F-E27B-4D36-979E-847D1036C65D} (QDiagHUpdateObj Class) - http://h30043.www3.hp.com/aio/nl/check/qdiagh.cab?326
    O16 - DPF: {F5D98C43-DB16-11CF-8ECA-0000C0FD59C7} (ActiveCGM Control) - http://www.cnig.es:8080/Cnig2006/ACGM/Acgm.cab
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
    O23 - Service: Adobe Active File Monitor V4 (AdobeActiveFileMonitor4.0) - Unknown owner - D:\Photoshop Elements\PhotoshopElementsFileAgent.exe
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - D:\Avast\aswUpdSv.exe
    O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
    O23 - Service: avast! Antivirus - ALWIL Software - D:\Avast\ashServ.exe
    O23 - Service: avast! Mail Scanner - ALWIL Software - D:\Avast\ashMaiSv.exe
    O23 - Service: avast! Web Scanner - ALWIL Software - D:\Avast\ashWebSv.exe
    O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - D:\AVG Anti-Spyware 7.5\guard.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: InCD Helper (InCDsrv) - Nero AG - D:\Nero\Nero8\InCD\InCDsrv.exe
    O23 - Service: Keyboard And Mouse Communication Service (KMWDSERVICE) - UASSOFT.COM - C:\Program Files\Silvercrest MTS2118 driver\KMWDSrv.exe
    O23 - Service: Kodak Camera Connection Software (KodakCCS) - UASSOFT.COM - (no file)
    O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
    O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~2.EXE
    O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
    O23 - Service: NDAS Service (ndassvc) - XIMETA, Inc. - C:\Program Files\NDAS\System
    dassvc.exe
    O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - D:\Nero\Nero8\Nero BackItUp\NBService.exe
    O23 - Service: Nero Registry InCD Service (NeroRegInCDSrv) - Nero AG - D:\Nero\Nero8\InCD\NBHRegInCDSrv.exe
    O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32
    vsvc32.exe
    O23 - Service: perfmons Service (perfmons) - Unknown owner - C:\WINDOWS\system32\perfs.exe
    O23 - Service: Routing Service (Routing) - Unknown owner - C:\WINDOWS\system32\routing.exe
    O23 - Service: RT73 USB Wireless LAN Card Service - Unknown owner - C:\Program Files\802.11g USB Wireless LAN Card\WLService.exe
    O23 - Service: StarWind AE Service (StarWindServiceAE) - Unknown owner - C:\WINDOWS\
    O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
    O23 - Service: Windows Live Setup Service (WLSetupSvc) - Unknown owner - C:\Program Files\Windows Live\installer\WLSetupSvc.exe


    End of file - 9798 bytes


    En




    SDFix: Version 1.126

    Run by Peter on 15/01/2008 at 11:04

    Microsoft Windows XP [versie 5.1.2600]

    Running From: C:\SDFix

    Safe Mode:
    Checking Services:


    Restoring Windows Registry Values
    Restoring Windows Default Hosts File

    Rebooting…


    Normal Mode:
    Checking Files:

    Trojan Files Found:

    C:\Program Files\Internet Explorer\svchost.exe - Deleted
    C:\Documents and Settings\Peter\Application Data\addon.dat - Deleted
    C:\WINDOWS\system32\comsa32.sys - Deleted
    C:\WINDOWS\system32\perfs.txt - Deleted




    Removing Temp Files…

    ADS Check:

    C:\WINDOWS
    No streams found.

    C:\WINDOWS\system32
    No streams found.

    C:\WINDOWS\system32\svchost.exe
    No streams found.

    C:\WINDOWS\system32
    toskrnl.exe
    No streams found.



    Final Check:

    catchme 0.3.1344.2 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2008-01-15 11:13:23
    Windows 5.1.2600 Service Pack 2 NTFS

    scanning hidden processes …

    scanning hidden services & system hive …

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\0050f2e498cc]
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\d347prt\Cfg\0Jf40]
    "khjeh"=hex:20,02,00,00,a8,e1,06,f7,5e,04,ab,c0,50,b0,f6,b5,af,9a,85,96,85,..
    "hj34z0"=hex:7f,d9,23,a1,ef,ec,e0,c1,f7,c6,92,e2,14,c1,e5,72,6c,82,b6,06,b6,..
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg]
    "s1"=dword:2df9c43f
    "s2"=dword:110480d0
    "h0"=dword:00000001

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04]
    "p0"="E:\Alcohol120%\Alcohol 120\"
    "h0"=dword:00000000
    "ujdew"=hex:96,8d,b3,f3,de,f6,bd,19,6d,6a,83,ac,c4,16,42,0d,b1,c7,6e,4c,9b,..
    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\BTHPORT\Parameters\Keys\0050f2e498cc]
    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04]
    "p0"="E:\Alcohol120%\Alcohol 120\"
    "h0"=dword:00000000
    "ujdew"=hex:96,8d,b3,f3,de,f6,bd,19,6d,6a,83,ac,c4,16,42,0d,b1,c7,6e,4c,9b,..

    scanning hidden registry entries …

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{B3CD9A72-EB80-B843-8D7E-897986203F86}]
    "gabbkhpobggbip"=hex:6f,62,66,6f,64,65,61,63,67,68,63,6e,6b,6e,6c,6b,68,6a,70,67,70,..

    scanning hidden files …


    scan completed successfully
    hidden processes: 0
    hidden services: 0
    hidden files: 1


    Remaining Services:
    ——————



    Authorized Application Key Export:

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
    "%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
    "C:\\Program Files\\Messenger\\msmsgs.exe"="c:\\windows\\$hf_mig$\\kb887472\\sp2qfe\\msmsgs.exe:*:Enabled:Windows Messenger"
    "F:\\Download\\Shareaza.exe"="e:\\shareaza\\shareaza.exe:*:Enabled:Shareaza Ultimate File Sharing"
    "E:\\Shareaza\\Shareaza.exe"="E:\\Shareaza\\Shareaza.exe:*:Enabled:Shareaza"
    "C:\\WINDOWS\\system32\\mshta.exe"="C:\\WINDOWS\\system32\\mshta.exe:*:Enabled:Microsoft (R) HTML Application host"
    "C:\\Program Files\\HP\\HP Software Update\\HPWUCli.exe"="C:\\Program Files\\HP\\HP Software Update\\HPWUCli.exe:*:Enabled:HP Software Update Client"
    "C:\\Program Files\\DVBViewerTE\\ts_winlirc.exe"="e:\\satelliet\\dvbviewerte\\ts_winlirc.exe:*:Enabled:ts_winlirc"
    "E:\\Utorrent\\utorrent.exe"="E:\\Utorrent\\utorrent.exe:*:Enabled:æTorrent"
    "C:\\WINDOWS\\system32\\dpvsetup.exe"="C:\\WINDOWS\\system32\\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test"
    "C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
    "C:\\Program Files\\MSN Messenger\\livecall.exe"="C:\\Program Files\\MSN Messenger\\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
    "C:\\Program Files\\DrayTek Router Tools V3.6.1\\SyslogRd.exe"="C:\\Program Files\\DrayTek Router Tools V3.6.1\\SyslogRd.exe:*:Enabled:DrayTek Syslog Monitor"
    "C:\\Program Files\\VoipBuster.com\\VoipBuster\\VoipBuster.exe"="C:\\Program Files\\VoipBuster.com\\VoipBuster\\VoipBuster.exe:*:Enabled:VoipBuster"
    "C:\\Program Files\\Kodak\\KODAK Software Updater\\7288971\\Program\\Kodak Software Updater.exe"="C:\\Program Files\\Kodak\\KODAK Software Updater\\7288971\\Program\\Kodak Software Updater.exe:*:Enabled:Kodak Software Updater"
    "E:\\Kodak\\Kodak EasyShare software\\bin\\EasyShare.exe"="E:\\Kodak\\Kodak EasyShare software\\bin\\EasyShare.exe:*:Enabled:EasyShare"
    "E:\\Phone\\Skype.exe"="c:\\program files\\skype\\phone\\skype.exe:*:Enabled:Skype"
    "C:\\Program Files\\SmsDiscount.com\\SmsDiscount\\SmsDiscount.exe"="C:\\Program Files\\SmsDiscount.com\\SmsDiscount\\SmsDiscount.exe:*:Enabled:SmsDiscount"
    "C:\\Program Files\\Internet Explorer\\iexplore.exe"="C:\\Program Files\\Internet Explorer\\iexplore.exe:*:Enabled:Internet Explorer"
    "C:\\Program Files\\Common Files\\Nero\\Nero Web\\SetupX.exe"="C:\\Program Files\\Common Files\\Nero\\Nero Web\\SetupX.exe:*:Enabled:Nero ControlCenter"
    "C:\\Program Files\\Skype\\Phone\\Skype.exe"="C:\\Program Files\\Skype\\Phone\\Skype.exe:*:Enabled:Skype"

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
    "%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
    "C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
    "C:\\Program Files\\MSN Messenger\\livecall.exe"="C:\\Program Files\\MSN Messenger\\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"

    Remaining Files:
    —————

    File Backups: - C:\SDFix\backups\backups.zip

    Files with Hidden Attributes:

    Wed 4 Aug 2004 93,184 A.SH. — "C:\Program Files\Internet Explorer\iexplore.exe"
    Wed 4 Aug 2004 60,416 A.SH. — "C:\Program Files\Outlook Express\msimn.exe"


    Vast bedankt,

    Peter






  • Installeer hijackthis.exe bijv. in C:\Program Files\[b:5d03c031fb]Hijackthis[/b:5d03c031fb]
    Dit in verband met de backups die dit programma maakt.

    Download:
    Sla het bestand op je bureaublad op, daarna mag je het dubbelklikken.
    Je kunt het programma laten uitpakken naar je bureaublad.
    Open nu de map RVAXO op je bureaublad en dubbelklik [b:5d03c031fb]RVAXO.cmd[/b:5d03c031fb]
    Er zal een schermpje openen, daarin zullen snel enkele regels over niet gevonden bestanden voorbijkomen, dit is normaal.
    [b:5d03c031fb]Mogelijk[/b:5d03c031fb] start er ook een uninstaller van een rogue scanner op, [b:5d03c031fb]sluit deze niet af[/b:5d03c031fb] maar volg eventuele aanwijzingen en laat deze zijn werk doen.

    Daarna zal je PC herstarten, na de herstart opent het venster van RVAXO opnieuw.
    Laat deze lopen en wacht tot er een logfile opent.
    Deze is eventueel ook hier te vinden: C:\[b:5d03c031fb]RVAXO-results.log[/b:5d03c031fb]
    Post de inhoud in je volgende bericht tesamen met een nieuw logje van HijackThis.

    Herstart je PC niet?

    Laat [b:5d03c031fb]RVAXO[/b:5d03c031fb] nog een keer lopen en post dan het nieuwe logje: [b:5d03c031fb]C:\rvaxo-results.log [/b:5d03c031fb]

    Start Hijackthis op en kies voor 'Do a system scan only'
    Selecteer alleen de items die hieronder zijn genoemd:
    [b:5d03c031fb]
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    [/b:5d03c031fb]
    Sluit alle vensters behalve Hijackthis
    Klik op 'Fix checked' om de items te verwijderen.

    Download [b:5d03c031fb].
    [list:5d03c031fb][*:5d03c031fb]Scroll omlaag naar : "[i:5d03c031fb]Java Runtime Environment (JRE) 6u4[/i:5d03c031fb]".
    [*:5d03c031fb]Klik op de "[b:5d03c031fb]Download[/b:5d03c031fb]" knop aan de rechterkant.
    [*:5d03c031fb]In het uitklapmenu rechts naast [b:5d03c031fb]Platform[/b:5d03c031fb], selecteer
  • Hier de eerste twee logjes:




    –RVAXO.exe Updated:
  • en



    –RVAXO.exe Updated:
  • Start Hijackthis op en kies voor 'Do a system scan only'
    Selecteer alleen de items die hieronder zijn genoemd:
    [b:5257740b1c]
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
    R3 - URLSearchHook: The Pirate Bay Toolbar - {a33fa729-d155-4b23-842b-2c665ecabdb6} - C:\Program Files\The_Pirate_Bay\tbThe_.dll (file missing)
    O2 - BHO: The Pirate Bay Toolbar - {a33fa729-d155-4b23-842b-2c665ecabdb6} - C:\Program Files\The_Pirate_Bay\tbThe_.dll (file missing)
    O23 - Service: Kodak Camera Connection Software (KodakCCS) - UASSOFT.COM - (no file)
    [/b:5257740b1c]
    Sluit alle vensters behalve Hijackthis
    Klik op 'Fix checked' om de items te verwijderen.

    Download [b:5257740b1c].
    [list:5257740b1c][*:5257740b1c]Scroll omlaag naar : "[i:5257740b1c]Java Runtime Environment (JRE) 6u4[/i:5257740b1c]".
    [*:5257740b1c]Klik op de "[b:5257740b1c]Download[/b:5257740b1c]" knop aan de rechterkant.
    [*:5257740b1c]In het uitklapmenu rechts naast [b:5257740b1c]Platform[/b:5257740b1c], selecteer
  • De Logjes:

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 20:24:37, on 19/01/2008
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    D:\Avast\aswUpdSv.exe
    D:\Avast\ashServ.exe
    C:\WINDOWS\SOUNDMAN.EXE
    D:\Avast\ashDisp.exe
    C:\Program Files\Lexmark X5100 Series\lxbabmgr.exe
    C:\Program Files\Hercules\DualPix Exchange\Camservice.exe
    C:\Program Files\Lexmark X5100 Series\lxbabmon.exe
    C:\Program Files\Java\jre1.6.0_04\bin\jusched.exe
    C:\Program Files\MSN Messenger\msnmsgr.exe
    C:\Program Files\Skype\Phone\Skype.exe
    C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    C:\Program Files\Cordless USB Phone\Cordless DUALphone Suite.exe
    C:\WINDOWS\system32\LEXBCES.EXE
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\system32\LEXPPS.EXE
    D:\Photoshop Elements\PhotoshopElementsFileAgent.exe
    C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
    D:\AVG Anti-Spyware 7.5\guard.exe
    C:\Program Files\Silvercrest MTS2118 driver\KMWDSrv.exe
    C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
    C:\Program Files\NDAS\System
    dassvc.exe
    D:\Nero\Nero8\Nero BackItUp\NBService.exe
    C:\WINDOWS\system32
    vsvc32.exe
    E:\Alcohol120%\Alcohol 120\StarWind\StarWindServiceAE.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
    D:\Avast\ashMaiSv.exe
    D:\Avast\ashWebSv.exe
    C:\Program Files\MSN Messenger\usnsvc.exe
    C:\Program Files\MSN Messenger\livecall.exe
    C:\WINDOWS\explorer.exe
    C:\Documents and Settings\Peter\Bureaublad\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
    O2 - BHO: Adobe PDF Reader Help bij koppelingen - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - D:\SPYBOT~1\SDHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll
    O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar4.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
    O2 - BHO: Trixie.Bho - {B0744341-96E0-4341-9ED2-8BC36CE0CCD0} - mscoree.dll (file missing)
    O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar4.dll
    O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
    O4 - HKLM\..\Run: [avast!] D:\Avast\ashDisp.exe
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [Lexmark X5100 Series] "C:\Program Files\Lexmark X5100 Series\lxbabmgr.exe"
    O4 - HKLM\..\Run: [CamserviceDP] C:\Program Files\Hercules\DualPix Exchange\Camservice.exe /startup
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_04\bin\jusched.exe"
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
    O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
    O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Lokale service')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Netwerkservice')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
    O4 - Global Startup: Cordless DUALphone opstarten.lnk = C:\Program Files\Cordless USB Phone\Cordless DUALphone Suite.exe
    O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
    O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://D:\Office\Office10\EXCEL.EXE/3000
    O8 - Extra context menu item: Openen in een nieuwe achtergrondtab - res://C:\Program Files\Windows Live Toolbar\Components
    l-nl\msntabres.dll.mui/229?b9a92da7db104514a0198086b9bb4319
    O8 - Extra context menu item: Openen in een nieuwe voorgrondtab - res://C:\Program Files\Windows Live Toolbar\Components
    l-nl\msntabres.dll.mui/230?b9a92da7db104514a0198086b9bb4319
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Consola de Sun Java - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll
    O9 - Extra button: (no name) - {20CCCFEC-D26F-4ffe-996B-388B39C8CCCA} - C:\WINDOWS\system32\mscoree.DLL
    O9 - Extra 'Tools' menuitem: Tri&xie Options… - {20CCCFEC-D26F-4ffe-996B-388B39C8CCCA} - C:\WINDOWS\system32\mscoree.DLL
    O15 - Trusted Zone: www.698698698.info
    O15 - Trusted Zone: www.sgnappo.com
    O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
    O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://deomepter.spaces.live.com/PhotoUpload/MsnPUpld.cab
    O16 - DPF: {B785FA3C-1DE9-4D20-8396-613C486FE95E} (AeatCtl Class) - https://www1.aeat.es/imagenes/comun/cactivex.cab
    O16 - DPF: {EB387D2F-E27B-4D36-979E-847D1036C65D} (QDiagHUpdateObj Class) - http://h30043.www3.hp.com/aio/nl/check/qdiagh.cab?326
    O16 - DPF: {F5D98C43-DB16-11CF-8ECA-0000C0FD59C7} (ActiveCGM Control) - http://www.cnig.es:8080/Cnig2006/ACGM/Acgm.cab
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
    O23 - Service: Adobe Active File Monitor V4 (AdobeActiveFileMonitor4.0) - Unknown owner - D:\Photoshop Elements\PhotoshopElementsFileAgent.exe
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - D:\Avast\aswUpdSv.exe
    O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
    O23 - Service: avast! Antivirus - ALWIL Software - D:\Avast\ashServ.exe
    O23 - Service: avast! Mail Scanner - ALWIL Software - D:\Avast\ashMaiSv.exe
    O23 - Service: avast! Web Scanner - ALWIL Software - D:\Avast\ashWebSv.exe
    O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - D:\AVG Anti-Spyware 7.5\guard.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: InCD Helper (InCDsrv) - Nero AG - D:\Nero\Nero8\InCD\InCDsrv.exe
    O23 - Service: Keyboard And Mouse Communication Service (KMWDSERVICE) - UASSOFT.COM - C:\Program Files\Silvercrest MTS2118 driver\KMWDSrv.exe
    O23 - Service: Kodak Camera Connection Software (KodakCCS) - UASSOFT.COM - (no file)
    O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
    O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~2.EXE
    O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
    O23 - Service: NDAS Service (ndassvc) - XIMETA, Inc. - C:\Program Files\NDAS\System
    dassvc.exe
    O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - D:\Nero\Nero8\Nero BackItUp\NBService.exe
    O23 - Service: Nero Registry InCD Service (NeroRegInCDSrv) - Nero AG - D:\Nero\Nero8\InCD\NBHRegInCDSrv.exe
    O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32
    vsvc32.exe
    O23 - Service: StarWind AE Service (StarWindServiceAE) - Unknown owner - C:\WINDOWS\
    O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
    O23 - Service: Windows Live Setup Service (WLSetupSvc) - Unknown owner - C:\Program Files\Windows Live\installer\WLSetupSvc.exe


    End of file - 8853 bytes






    ComboFix 08-01-18.5 - Peter 2008-01-19 19:54:49.1 - NTFSx86
    Microsoft Windows XP Professional 5.1.2600.2.1252.31.1043.18.131 [GMT 1:00]
    Gestart vanuit: C:\Documents and Settings\Peter\Bureaublad\combofix.exe
    * Nieuw herstelpunt werd aangemaakt







  • Ok , nog klachten nu ??
  • Alles lijkt in orde. Maandag nog even een ander cd-dvd speler proberen.

    Hartelijk bedankt tot zover.

    Peter

Beantwoord deze vraag

Dit is een gearchiveerde pagina. Antwoorden is niet meer mogelijk.