Vraag & Antwoord

Beveiliging & privacy

Hijacklogje

8 antwoorden
  • Hoi , Kan iemand mij aub helpen. Krijg constant het bericht : you have a security problem en krijg veel pop ups. Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 15:34:29, on 21/09/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: L:\WINDOWS\System32\smss.exe L:\WINDOWS\system32\winlogon.exe L:\WINDOWS\system32\services.exe L:\WINDOWS\system32\lsass.exe L:\WINDOWS\system32\Ati2evxx.exe L:\WINDOWS\system32\svchost.exe L:\WINDOWS\System32\svchost.exe L:\WINDOWS\system32\Ati2evxx.exe L:\WINDOWS\system32\spoolsv.exe L:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe L:\WINDOWS\system32\CTsvcCDA.EXE L:\Program Files\McAfee\SiteAdvisor\McSACore.exe L:\PROGRA~1\McAfee\MSC\mcmscsvc.exe L:\WINDOWS\Explorer.EXE l:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe l:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe L:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe L:\Program Files\McAfee\MPF\MPFSrv.exe L:\Program Files\McAfee\MSK\MskSrver.exe L:\WINDOWS\system32\PnkBstrA.exe L:\WINDOWS\system32\svchost.exe L:\PROGRA~1\McAfee.com\Agent\mcagent.exe L:\WINDOWS\system32\gsicon.exe L:\WINDOWS\system32\dslagent.exe L:\Program Files\Java\jre1.6.0_07\bin\jusched.exe L:\WINDOWS\system32\RunDll32.exe L:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe L:\Program Files\Real\RealPlayer\RealPlay.exe L:\Program Files\Home Cinema\PowerCinema\PCMService.exe L:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe L:\Program Files\HP\hpcoretech\hpcmpmgr.exe L:\WINDOWS\system32\hphmon05.exe L:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe L:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE L:\PROGRA~1\McAfee\MHN\McENUI.exe L:\Program Files\iTunes\iTunesHelper.exe L:\WINDOWS\system32\ctfmon.exe L:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe L:\Program Files\Creative\MediaSource\Detector\CTDetect.exe L:\Program Files\Steam\Steam.exe L:\Program Files\GameSpy\Comrade\Comrade.exe L:\Program Files\TomTom HOME 2\HOMERunner.exe L:\Program Files\Logitech\SetPoint\SetPoint.exe L:\PROGRA~1\PHILIP~1\GameCam SE\Program\RFTray.exe L:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe L:\Program Files\Common Files\Logitech\KhalShared\KHALMNPR.EXE L:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe L:\Program Files\PC Connectivity Solution\ServiceLayer.exe L:\Program Files\iPod\bin\iPodService.exe L:\WINDOWS\system32\HPZipm12.exe L:\WINDOWS\System32\svchost.exe L:\WINDOWS\system32\wuauclt.exe L:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe L:\Program Files\Outlook Express\msimn.exe L:\Program Files\Messenger\msmsgs.exe L:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe L:\Program Files\Internet Explorer\IEXPLORE.EXE L:\Program Files\Internet Explorer\IEXPLORE.EXE L:\Program Files\Microsoft Office\OFFICE11\EXCEL.EXE L:\Program Files\Internet Explorer\IEXPLORE.EXE L:\Program Files\Internet Explorer\IEXPLORE.EXE L:\DOCUME~1\Trikkie\LOCALS~1\Temp\video232.cfg L:\DOCUME~1\Trikkie\LOCALS~1\Temp\b.exe l:\PROGRA~1\mcafee\msc\mcshell.exe L:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe l:\PROGRA~1\mcafee\VIRUSS~1\mcvsshld.exe L:\WINDOWS\system32\taskmgr.exe L:\Program Files\Internet Explorer\IEXPLORE.EXE L:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Tools1_gekocht_gedownload\security\HiJackThis.exe L:\Program Files\Malwarebytes' Anti-Malware\mbam.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.be/ R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file) R3 - URLSearchHook: isoHunt Toolbar - {a6e4a4eb-d169-4e99-8988-250fcbafe767} - L:\Program Files\isoHunt\tbiso1.dll O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - L:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll O2 - BHO: McAntiPhishingBHO - {377C180E-6F0E-4D4C-980F-F45BD3D40CF4} - l:\PROGRA~1\mcafee\msk\mcapbho.dll O2 - BHO: XML module - {500BCA15-57A7-4eaf-8143-8C619470B13D} - L:\WINDOWS\system32\msxml71.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - L:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - L:\Program Files\McAfee\VirusScan\scriptsn.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - L:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: isoHunt Toolbar - {a6e4a4eb-d169-4e99-8988-250fcbafe767} - L:\Program Files\isoHunt\tbiso1.dll O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - l:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll O3 - Toolbar: isoHunt Toolbar - {a6e4a4eb-d169-4e99-8988-250fcbafe767} - L:\Program Files\isoHunt\tbiso1.dll O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - l:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll O4 - HKLM\..\Run: [GSICONEXE] gsicon.exe O4 - HKLM\..\Run: [DSLAGENTEXE] dslagent.exe USB O4 - HKLM\..\Run: [SunJavaUpdateSched] "L:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd O4 - HKLM\..\Run: [HP Software Update] "L:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe" O4 - HKLM\..\Run: [NeroFilterCheck] L:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [RealTray] L:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER O4 - HKLM\..\Run: [PCMService] "L:\Program Files\Home Cinema\PowerCinema\PCMService.exe" O4 - HKLM\..\Run: [HPDJ Taskbar Utility] L:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe O4 - HKLM\..\Run: [HPHUPD05] L:\Program Files\Hewlett-Packard\{D946675D-1D6C-4dc8-9E0D-B4B8EAA30EAA}\hphupd05.exe O4 - HKLM\..\Run: [HP Component Manager] "L:\Program Files\HP\hpcoretech\hpcmpmgr.exe" O4 - HKLM\..\Run: [HPHmon05] L:\WINDOWS\system32\hphmon05.exe O4 - HKLM\..\Run: [PCSuiteTrayApplication] L:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE L:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE L:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [StartCCC] "L:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" O4 - HKLM\..\Run: [mcagent_exe] L:\Program Files\McAfee.com\Agent\mcagent.exe /runkey O4 - HKLM\..\Run: [McENUI] L:\PROGRA~1\McAfee\MHN\McENUI.exe /hide O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE O4 - HKLM\..\Run: [QuickTime Task] "L:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "L:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [Antivirus] L:\Program Files\SAV\sav.exe O4 - HKCU\..\Run: [CTFMON.EXE] L:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [Gadwin PrintScreen 3.1] L:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe /nosplash O4 - HKCU\..\Run: [Creative Detector] L:\Program Files\Creative\MediaSource\Detector\CTDetect.exe /R O4 - HKCU\..\Run: [Steam] "L:\Program Files\Steam\Steam.exe" -silent O4 - HKCU\..\Run: [Comrade.exe] L:\Program Files\GameSpy\Comrade\Comrade.exe O4 - HKCU\..\Run: [TomTomHOME.exe] "L:\Program Files\TomTom HOME 2\HOMERunner.exe" O4 - HKCU\..\Run: [Antivirus] L:\Program Files\SAV\sav.exe O4 - HKCU\..\Run: [Somefox] L:\DOCUME~1\Trikkie\LOCALS~1\Temp\video232.cfg.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] L:\WINDOWS\system32\CTFMON.EXE (User 'Lokale service') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] L:\WINDOWS\system32\CTFMON.EXE (User 'Netwerkservice') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] L:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] L:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Global Startup: Adobe Gamma Loader.lnk = L:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: Event Reminder.lnk = L:\Program Files\Broderbund\PrintMaster\PMremind.exe O4 - Global Startup: Logitech SetPoint.lnk = L:\Program Files\Logitech\SetPoint\SetPoint.exe O4 - Global Startup: Microsoft Office.lnk = L:\Program Files\Microsoft Office\Office\OSA9.EXE O4 - Global Startup: Reality Fusion GameCam SE.lnk = ? O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://L:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - L:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - L:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - L:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - L:\WINDOWS\system32\Shdocvw.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - L:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - L:\Program Files\Messenger\msmsgs.exe O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1163863897156 O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - l:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll O23 - Service: Apple Mobile Device - Apple, Inc. - L:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - L:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - L:\WINDOWS\system32\ati2sgag.exe O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - L:\WINDOWS\system32\CTsvcCDA.EXE O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - L:\Program Files\MAGIX\Common\Database\bin\fbserver.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - L:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - L:\Program Files\iPod\bin\iPodService.exe O23 - Service: McAfee SiteAdvisor Service - Unknown owner - L:\Program Files\McAfee\SiteAdvisor\McSACore.exe O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - L:\PROGRA~1\McAfee\MSC\mcmscsvc.exe O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - l:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - L:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - l:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - L:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - L:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - L:\Program Files\McAfee\MPF\MPFSrv.exe O23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - L:\Program Files\McAfee\MSK\MskSrver.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - L:\WINDOWS\system32\nvsvc32.exe O23 - Service: Pml Driver HPZ12 - HP - L:\WINDOWS\system32\HPZipm12.exe O23 - Service: PnkBstrA - Unknown owner - L:\WINDOWS\system32\PnkBstrA.exe O23 - Service: ServiceLayer - Nokia. - L:\Program Files\PC Connectivity Solution\ServiceLayer.exe O23 - Service: X10 Device Network Service (x10nets) - X10 - L:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe -- End of file - 11797 bytes
  • Hoi, Wil je de volgende stappen nemen om dit probleempje op te lossen. Download [url=http://www.besttechie.net/tools/mbam-setup.exe][b:94f9a55ed8][color=red:94f9a55ed8]MalwareBytes' Anti-Malware[/color:94f9a55ed8][/b:94f9a55ed8][/url] en sla het op je bureaublad op. Dubbelklik op [b:94f9a55ed8]mbam-setup.exe[/b:94f9a55ed8] om het programma te installeren. Zorg dat er na de installatie een vinkje is geplaatst bij:[list:94f9a55ed8][*:94f9a55ed8]Update MalwareBytes' Anti-Malware [*:94f9a55ed8]Start MalwareBytes' Anti-Malware [/list:u:94f9a55ed8]Klik daarna op "[b:94f9a55ed8]Voltooien[/b:94f9a55ed8]". Indien een update gevonden wordt, zal die gedownload en geïnstalleerd worden.[list:94f9a55ed8][*:94f9a55ed8]Zodra het programma gestart is, ga dan naar het tabblad "[b:94f9a55ed8]Instellingen[/b:94f9a55ed8]". [*:94f9a55ed8]Vink hier aan: "[b:94f9a55ed8]Sluit Internet Explorer tijdens verwijdering van malware[/b:94f9a55ed8]". [*:94f9a55ed8]Ga daarna naar het tabblad "[b:94f9a55ed8]Scanner[/b:94f9a55ed8]", kies hier voor "[b:94f9a55ed8]Snelle Scan[/b:94f9a55ed8]". [*:94f9a55ed8]Druk vervolgens op "[b:94f9a55ed8]Scannen[/b:94f9a55ed8]" om de scan te starten. [*:94f9a55ed8]Het scannen kan een tijdje duren, dus wees geduldig. [*:94f9a55ed8]Wanneer de scan voltooid is, klik op [b:94f9a55ed8]OK[/b:94f9a55ed8], daarna "[b:94f9a55ed8]Bekijk Resultaten[/b:94f9a55ed8]" om de resultaten te zien. [*:94f9a55ed8]Zorg ervoor dat daar alles aangevinkt is, daarna klik op: "[b:94f9a55ed8]Verwijder geselecteerde[/b:94f9a55ed8]". [*:94f9a55ed8]Na het verwijderen zal een log openen, indien er gevraagd wordt om je computer te herstarten moet je dit toestaan. Dit is namelijk noodzakelijk om sommige infecties te kunnen verwijderen [/list:u:94f9a55ed8]Het log wordt automatisch bewaard door MalwareBytes' Anti-Malware en kan je terugvinden door op de "[b:94f9a55ed8]Logs[/b:94f9a55ed8]" tab te klikken in het programma. Post dit logje in je volgende reactie te samen met een nieuw Hiajckthis logje. Groetjes, Roelof
  • Heb gedaan wat je gezegd hebt. Dit is het gevolg. Malwarebytes' Anti-Malware 1.28 Database versie: 1184 Windows 5.1.2600 Service Pack 2 21/09/2008 16:09:58 mbam-log-2008-09-21 (16-09-58).txt Scan type: Snelle Scan Objecten gescand: 80671 Verstreken tijd: 37 minute(s), 3 second(s) Geheugenprocessen geïnfecteerd: 0 Geheugenmodulen geïnfecteerd: 1 Registersleutels geïnfecteerd: 6 Registerwaarden geïnfecteerd: 3 Registerdata bestanden geïnfecteerd: 0 Mappen geïnfecteerd: 2 Bestanden geïnfecteerd: 8 Geheugenprocessen geïnfecteerd: (Geen kwaadaardige items gevonden) Geheugenmodulen geïnfecteerd: L:\WINDOWS\system32\msxml71.dll (Trojan.FakeAlert) -> Delete on reboot. Registersleutels geïnfecteerd: HKEY_CLASSES_ROOT\xml.xml (Trojan.FakeAlert) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\TypeLib\{9233c3c0-1472-4091-a505-5580a23bb4ac} (Trojan.FakeAlert) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{500bca15-57a7-4eaf-8143-8c619470b13d} (Trojan.FakeAlert) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{500bca15-57a7-4eaf-8143-8c619470b13d} (Trojan.FakeAlert) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\xml.xml.1 (Trojan.FakeAlert) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b} (Adware.Agent) -> Quarantined and deleted successfully. Registerwaarden geïnfecteerd: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\antivirus (Rogue.SystemAntivirus) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\antivirus (Rogue.SystemAntivirus) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Somefox (Trojan.FakeAlert) -> Quarantined and deleted successfully. Registerdata bestanden geïnfecteerd: (Geen kwaadaardige items gevonden) Mappen geïnfecteerd: L:\Program Files\SecureExpertCleaner (Rogue.SecureExpertCleaner) -> Quarantined and deleted successfully. L:\Documents and Settings\All Users\Application Data\SEC (Rogue.SecureExpertCleaner) -> Quarantined and deleted successfully. Bestanden geïnfecteerd: L:\WINDOWS\system32\msxml71.dll (Trojan.FakeAlert) -> Delete on reboot. L:\Documents and Settings\Trikkie\Local Settings\Temp\GLK41.tmp (Rogue.EvidenceEliminator) -> Quarantined and deleted successfully. L:\Program Files\SAV\sav.exe (Rogue.SystemAntivirus) -> Quarantined and deleted successfully. L:\Program Files\SAV\sav0.dat (Rogue.SystemAntivirus) -> Quarantined and deleted successfully. L:\Program Files\SAV\sav1.dat (Rogue.SystemAntivirus) -> Quarantined and deleted successfully. L:\Documents and Settings\Trikkie\Local Settings\Temp\video232.cfg.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully. L:\Documents and Settings\Trikkie\Bureaublad\System Antivirus 2008.lnk (Rogue.SystemAntivirus2008) -> Quarantined and deleted successfully. L:\Documents and Settings\Trikkie\Local Settings\Temp\video232.cfg (Trojan.FakeAlert) -> Delete on reboot. en dit is de nieuwe Hijackthis logfile Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 18:22:02, on 21/09/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: L:\WINDOWS\System32\smss.exe L:\WINDOWS\system32\winlogon.exe L:\WINDOWS\system32\services.exe L:\WINDOWS\system32\lsass.exe L:\WINDOWS\system32\Ati2evxx.exe L:\WINDOWS\system32\svchost.exe L:\WINDOWS\System32\svchost.exe L:\WINDOWS\system32\Ati2evxx.exe L:\WINDOWS\system32\spoolsv.exe L:\WINDOWS\Explorer.EXE L:\WINDOWS\system32\gsicon.exe L:\WINDOWS\system32\dslagent.exe L:\Program Files\Java\jre1.6.0_07\bin\jusched.exe L:\WINDOWS\system32\RunDll32.exe L:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe L:\Program Files\Real\RealPlayer\RealPlay.exe L:\Program Files\Home Cinema\PowerCinema\PCMService.exe L:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe L:\Program Files\HP\hpcoretech\hpcmpmgr.exe L:\WINDOWS\system32\hphmon05.exe L:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe L:\Program Files\McAfee.com\Agent\mcagent.exe L:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE L:\PROGRA~1\McAfee\MHN\McENUI.exe L:\Program Files\iTunes\iTunesHelper.exe L:\WINDOWS\system32\ctfmon.exe L:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe L:\Program Files\Creative\MediaSource\Detector\CTDetect.exe L:\Program Files\Steam\Steam.exe L:\Program Files\GameSpy\Comrade\Comrade.exe L:\Program Files\TomTom HOME 2\HOMERunner.exe L:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe L:\Program Files\Logitech\SetPoint\SetPoint.exe L:\PROGRA~1\PHILIP~1\GameCam SE\Program\RFTray.exe L:\Program Files\Common Files\Logitech\KhalShared\KHALMNPR.EXE L:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe L:\WINDOWS\system32\CTsvcCDA.EXE L:\Program Files\McAfee\SiteAdvisor\McSACore.exe L:\PROGRA~1\McAfee\MSC\mcmscsvc.exe l:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe l:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe L:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe L:\Program Files\McAfee\MPF\MPFSrv.exe L:\Program Files\McAfee\MSK\MskSrver.exe L:\WINDOWS\system32\PnkBstrA.exe L:\WINDOWS\system32\svchost.exe L:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe L:\Program Files\PC Connectivity Solution\ServiceLayer.exe L:\Program Files\iPod\bin\iPodService.exe L:\WINDOWS\system32\HPZipm12.exe L:\WINDOWS\System32\svchost.exe L:\WINDOWS\system32\wuauclt.exe L:\Program Files\Outlook Express\msimn.exe L:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe L:\Program Files\Messenger\msmsgs.exe L:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe L:\Program Files\Internet Explorer\IEXPLORE.EXE L:\Program Files\Internet Explorer\IEXPLORE.EXE L:\Program Files\Internet Explorer\IEXPLORE.EXE L:\Program Files\MSN Messenger\msnmsgr.exe L:\Program Files\MSN Messenger\usnsvc.exe L:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Tools1_gekocht_gedownload\security\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.be/ R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen R3 - URLSearchHook: isoHunt Toolbar - {a6e4a4eb-d169-4e99-8988-250fcbafe767} - L:\Program Files\isoHunt\tbiso1.dll O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - L:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll O2 - BHO: McAntiPhishingBHO - {377C180E-6F0E-4D4C-980F-F45BD3D40CF4} - l:\PROGRA~1\mcafee\msk\mcapbho.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - L:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - L:\Program Files\McAfee\VirusScan\scriptsn.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - L:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: isoHunt Toolbar - {a6e4a4eb-d169-4e99-8988-250fcbafe767} - L:\Program Files\isoHunt\tbiso1.dll O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - l:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll O3 - Toolbar: isoHunt Toolbar - {a6e4a4eb-d169-4e99-8988-250fcbafe767} - L:\Program Files\isoHunt\tbiso1.dll O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - l:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll O4 - HKLM\..\Run: [GSICONEXE] gsicon.exe O4 - HKLM\..\Run: [DSLAGENTEXE] dslagent.exe USB O4 - HKLM\..\Run: [SunJavaUpdateSched] "L:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd O4 - HKLM\..\Run: [HP Software Update] "L:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe" O4 - HKLM\..\Run: [NeroFilterCheck] L:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [RealTray] L:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER O4 - HKLM\..\Run: [PCMService] "L:\Program Files\Home Cinema\PowerCinema\PCMService.exe" O4 - HKLM\..\Run: [HPDJ Taskbar Utility] L:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe O4 - HKLM\..\Run: [HPHUPD05] L:\Program Files\Hewlett-Packard\{D946675D-1D6C-4dc8-9E0D-B4B8EAA30EAA}\hphupd05.exe O4 - HKLM\..\Run: [HP Component Manager] "L:\Program Files\HP\hpcoretech\hpcmpmgr.exe" O4 - HKLM\..\Run: [HPHmon05] L:\WINDOWS\system32\hphmon05.exe O4 - HKLM\..\Run: [PCSuiteTrayApplication] L:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE L:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE L:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [StartCCC] "L:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" O4 - HKLM\..\Run: [mcagent_exe] L:\Program Files\McAfee.com\Agent\mcagent.exe /runkey O4 - HKLM\..\Run: [McENUI] L:\PROGRA~1\McAfee\MHN\McENUI.exe /hide O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE O4 - HKLM\..\Run: [QuickTime Task] "L:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "L:\Program Files\iTunes\iTunesHelper.exe" O4 - HKCU\..\Run: [CTFMON.EXE] L:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [Gadwin PrintScreen 3.1] L:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe /nosplash O4 - HKCU\..\Run: [Creative Detector] L:\Program Files\Creative\MediaSource\Detector\CTDetect.exe /R O4 - HKCU\..\Run: [Steam] "L:\Program Files\Steam\Steam.exe" -silent O4 - HKCU\..\Run: [Comrade.exe] L:\Program Files\GameSpy\Comrade\Comrade.exe O4 - HKCU\..\Run: [TomTomHOME.exe] "L:\Program Files\TomTom HOME 2\HOMERunner.exe" O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] L:\WINDOWS\system32\CTFMON.EXE (User 'Lokale service') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] L:\WINDOWS\system32\CTFMON.EXE (User 'Netwerkservice') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] L:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] L:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Global Startup: Adobe Gamma Loader.lnk = L:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: Event Reminder.lnk = L:\Program Files\Broderbund\PrintMaster\PMremind.exe O4 - Global Startup: Logitech SetPoint.lnk = L:\Program Files\Logitech\SetPoint\SetPoint.exe O4 - Global Startup: Microsoft Office.lnk = L:\Program Files\Microsoft Office\Office\OSA9.EXE O4 - Global Startup: Reality Fusion GameCam SE.lnk = ? O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://L:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - L:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - L:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - L:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - L:\WINDOWS\system32\Shdocvw.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - L:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - L:\Program Files\Messenger\msmsgs.exe O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1163863897156 O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - l:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll O23 - Service: Apple Mobile Device - Apple, Inc. - L:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - L:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - L:\WINDOWS\system32\ati2sgag.exe O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - L:\WINDOWS\system32\CTsvcCDA.EXE O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - L:\Program Files\MAGIX\Common\Database\bin\fbserver.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - L:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - L:\Program Files\iPod\bin\iPodService.exe O23 - Service: McAfee SiteAdvisor Service - Unknown owner - L:\Program Files\McAfee\SiteAdvisor\McSACore.exe O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - L:\PROGRA~1\McAfee\MSC\mcmscsvc.exe O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - l:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - L:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - l:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - L:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - L:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - L:\Program Files\McAfee\MPF\MPFSrv.exe O23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - L:\Program Files\McAfee\MSK\MskSrver.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - L:\WINDOWS\system32\nvsvc32.exe O23 - Service: Pml Driver HPZ12 - HP - L:\WINDOWS\system32\HPZipm12.exe O23 - Service: PnkBstrA - Unknown owner - L:\WINDOWS\system32\PnkBstrA.exe O23 - Service: ServiceLayer - Nokia. - L:\Program Files\PC Connectivity Solution\ServiceLayer.exe O23 - Service: X10 Device Network Service (x10nets) - X10 - L:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe -- End of file - 10984 bytes
  • Moest natuurlijk na het rebooten een nieuwe scan maken. Dit ziet er waarschijnlijk al veel beter uit. Malwarebytes' Anti-Malware 1.28 Database versie: 1186 Windows 5.1.2600 Service Pack 2 21/09/2008 18:42:00 mbam-log-2008-09-21 (18-42-00).txt Scan type: Snelle Scan Objecten gescand: 65646 Verstreken tijd: 14 minute(s), 8 second(s) Geheugenprocessen geïnfecteerd: 0 Geheugenmodulen geïnfecteerd: 0 Registersleutels geïnfecteerd: 0 Registerwaarden geïnfecteerd: 0 Registerdata bestanden geïnfecteerd: 0 Mappen geïnfecteerd: 0 Bestanden geïnfecteerd: 0 Geheugenprocessen geïnfecteerd: (Geen kwaadaardige items gevonden) Geheugenmodulen geïnfecteerd: (Geen kwaadaardige items gevonden) Registersleutels geïnfecteerd: (Geen kwaadaardige items gevonden) Registerwaarden geïnfecteerd: (Geen kwaadaardige items gevonden) Registerdata bestanden geïnfecteerd: (Geen kwaadaardige items gevonden) Mappen geïnfecteerd: (Geen kwaadaardige items gevonden) Bestanden geïnfecteerd: (Geen kwaadaardige items gevonden)
  • Roelof, zeker ook al bedankt voor je uitleg. was dit effe vergeten te vermelden. :-)
  • hoi Trikkie, Het ziet er weer goed uit. Hoe is het nu met je problemen ? Roelof
  • Alvast geen pop ups meer. Heb ook nog doctor Spyware geinstalleerd en deze heeft ook nog wat lagere bedreigingen gevonden. Ik heb McAfee, dus versta niet goed waarom deze niets heeft gedetecteert. Heb nu wel de indruk dat alles terug werkt. Ik hou het in de gaten. Nog eens bedankt voor de uitleg want dacht dat ik gans de PC mocht herinstalleren. oef. Is geen overbodige luxe om de software te gebruiken die hier in de antwoorden wordt vermeld? Thanks!!!
  • hoi Trikkie, Als je MBAM een keer per week update , kun je deze ook gebruiken als scanner. Roelof

Beantwoord deze vraag

Weet jij het antwoord op deze vraag? Registreer of meld je aan met je account

Dit is een gearchiveerde pagina. Antwoorden is niet meer mogelijk.