Vraag & Antwoord

Beveiliging & privacy

Log Hijack

Anoniem
PSchenderling
17 antwoorden
  • Ik heb problemen met mijn aanskluiting op een thuisnetwerk en kan daardoor ook niet meer op het web. Dit bericht komt van een andere computer, die wel op het netwerk komt. Ik heb het vermoeden, dat mijn desktop geblokkeerd wordt Dat blijkt al bij het opstarten. De windowsopstartprocedure kan niet worden afgemaakt. Vermoedelijk is het een virus. Hieronder is een Hijacklog, waaruit hopelijk meer blijkt. Zou iemand er naar willen kijken?

    Logfile of HijackThis v1.98.2
    Scan saved at 14:14:42, on 26-10-2006
    Platform: Windows XP (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 (6.00.2600.0000)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\System32\cisvc.exe
    C:\WINDOWS\System32\CTsvcCDA.EXE
    C:\WINDOWS\System32\inetsrv\inetinfo.exe
    C:\WINDOWS\system32\drivers\KodakCCS.exe
    C:\Program Files\Norton AntiVirus\navapsvc.exe
    C:\WINDOWS\System32\nvsvc32.exe
    C:\WINDOWS\System32\ScsiAccess.EXE
    C:\WINDOWS\System32\tcpsvcs.exe
    C:\WINDOWS\System32\snmp.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\System32\MsPMSPSv.exe
    C:\Program Files\Linksys Wireless-B Media Adapter\bin\XWPCApplicationLoaderService.exe
    C:\Program Files\Linksys Wireless-B Media Adapter\bin\XWPCHostService.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\System32\CTHELPER.EXE
    C:\PROGRA~1\NORTON~1\navapw32.exe
    C:\Program Files\HighCriteria\TotalRecorder\TotRecSched.exe
    C:\Program Files\Logitech\iTouch\iTouch.exe
    C:\Program Files\Common Files\Real\Update_OB\realsched.exe
    C:\Program Files\Logitech\MouseWare\system\em_exec.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\Program Files\QuickTime\qttask.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\WINDOWS\System32\LVCOMSX.EXE
    C:\Program Files\Logitech\Video\LogiTray.exe
    C:\WINDOWS\System32\ctfmon.exe
    C:\Program Files\Creative\TaskBar\CTLTray.exe
    C:\Program Files\Creative\TaskBar\CTLTask.exe
    C:\Program Files\Messenger\msmsgs.exe
    C:\Program Files\Linksys Wireless-B Media Adapter\bin\XWPCLauncher.exe
    C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\backWeb-7288971.exe
    C:\Program Files\Logitech\Video\FxSvr2.exe
    C:\WINDOWS\System32\cidaemon.exe
    C:\WINDOWS\System32\cidaemon.exe
    C:\Documents and Settings\Piet\Bureaublad\HijackThis.exe
    C:\Program Files\Lavasoft\Ad-Aware SE Personal\Ad-Aware.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.nl/
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
    O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
    O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
    O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
    O4 - HKLM\..\Run: [CTStartup] C:\Program Files\Creative\SBAudigy\Program\CTEaxSpl.EXE /run
    O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
    O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\System32\NeroCheck.exe
    O4 - HKLM\..\Run: [NAV Agent] C:\PROGRA~1\NORTON~1\navapw32.exe
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [TotalRecorderScheduler] "C:\Program Files\HighCriteria\TotalRecorder\TotRecSched.exe"
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [zBrowser Launcher] C:\Program Files\Logitech\iTouch\iTouch.exe
    O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\System32\LVCOMSX.EXE
    O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
    O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
    O4 - HKCU\..\Run: [NOMAD Detector] "C:\Program Files\Creative\SBAudigy\PlayCenter2\CTNMRun.exe"
    O4 - HKCU\..\Run: [TaskTray] "C:\Program Files\Creative\TaskBar\CTLTray.exe"
    O4 - HKCU\..\Run: [TaskBar] "C:\Program Files\Creative\TaskBar\CTLTask.exe"
    O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
    O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
    O4 - Global Startup: Adapter Utility.lnk = ?
    O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
    O4 - Global Startup: Kodak EasyShare software.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
    O4 - Global Startup: KODAK Software Updater.lnk = C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\backWeb-7288971.exe
    O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
    O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office2\Office\OSA9.EXE
    O9 - Extra button: ShopperReports - Compare travel rates - {946B3E9E-E21A-49c8-9F63-900533FAFE14} - C:\Program Files\ShopperReports\Bin\1.1.0.0\ShprRprt.dll (file missing)
    O9 - Extra button: ShopperReports - Compare product prices - {946B3E9E-E21A-49c8-9F63-900533FAFE15} - C:\Program Files\ShopperReports\Bin\1.1.0.0\ShprRprt.dll (file missing)
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
    O10 - Unknown file in Winsock LSP: c:\windows\system32\srvdll.dll
    O10 - Unknown file in Winsock LSP: c:\windows\system32\srvdll.dll
    O16 - DPF: {003FADA5-8FEE-11D6-AFB7-0004768F6183} (CryptoRSA Control) - https://www.p3.postbank.nl/sesam/CAX.cab
    O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab
    O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} (Creative Software AutoUpdate) - http://www.creative.com/SU/ocx/12119/CTSUEng.cab
    O16 - DPF: {11260943-421B-11D0-8EAC-0000C07D88CF} (iPIX ActiveX Control) - http://www.ipix.com/viewers/ipixx.cab
    O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
    O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab
    O16 - DPF: {2CA0FF2C-0CE1-4382-A0C4-B2782965CCC2} (G-Vista ActiveX) - http://www.zugmap.ch/richtplan3d/pages/plugin/gvista30161.cab
    O16 - DPF: {31B7EB4E-8B4B-11D1-A789-00A0CC6651A8} (Cult3D ActiveX Player) - http://www.cult3d.com/download/cult.cab
    O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} (FilePlanet Download Control Class) - http://www.fileplanet.com/fpdlmgr/cabs/FPDC_1_0_0_44.cab
    O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://spaces.msn.com/PhotoUpload/MsnPUpld.cab?10,0,911,0
    O16 - DPF: {62789780-B744-11D0-986B-00609731A21D} (Autodesk MapGuide ActiveX Control) - http://pub.plan.at/mgaxctrlde.cab
    O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab
    O16 - DPF: {AE4CEC9D-C836-4579-829B-4C345101B3B9} (GVista Terrain Renderer) - http://www.dilas.ch/plugin/gvista/gvista2709.cab
    O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmessengersetupdownloader.cab
    O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab31267.cab
    O16 - DPF: {E55FD215-A32E-43FE-A777-A7E8F165F551} (Flatcast Viewer 4.15) - http://www.flatcast.com/de/download/NpFv415.dll
    O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://www.creative.com/SU/ocx/15008/CTPID.cab
    O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab
    O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O20 - AppInit_DLLs: MsgPlusLoader.dll
    Anoniem
    Anoniem
  • sorry oude versie van hjt, maak via deze link een nieuwe aub en gooi de oude versie weg.

    http://forum.computertotaal.nl/phpBB2/viewtopic.php?p=765174#765174
    Anoniem
    Anoniem
  • Gedaan

    Logfile of HijackThis v1.99.1
    Scan saved at 17:13, on 06-10-26
    Platform: Windows XP (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 (6.00.2600.0000)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\System32\cisvc.exe
    C:\WINDOWS\System32\CTsvcCDA.EXE
    C:\WINDOWS\System32\inetsrv\inetinfo.exe
    C:\WINDOWS\system32\drivers\KodakCCS.exe
    C:\Program Files\Norton AntiVirus\navapsvc.exe
    C:\WINDOWS\System32\nvsvc32.exe
    C:\WINDOWS\System32\ScsiAccess.EXE
    C:\WINDOWS\System32\tcpsvcs.exe
    C:\WINDOWS\System32\snmp.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\System32\MsPMSPSv.exe
    C:\Program Files\Linksys Wireless-B Media Adapter\bin\XWPCApplicationLoaderService.exe
    C:\Program Files\Linksys Wireless-B Media Adapter\bin\XWPCHostService.exe
    C:\WINDOWS\System32\cidaemon.exe
    C:\WINDOWS\System32\cidaemon.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\System32\CTHELPER.EXE
    C:\PROGRA~1\NORTON~1\navapw32.exe
    C:\Program Files\HighCriteria\TotalRecorder\TotRecSched.exe
    C:\Program Files\Logitech\iTouch\iTouch.exe
    C:\Program Files\Common Files\Real\Update_OB\realsched.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\Program Files\Logitech\MouseWare\system\em_exec.exe
    C:\Program Files\QuickTime\qttask.exe
    C:\WINDOWS\System32\LVCOMSX.EXE
    C:\Program Files\Logitech\Video\LogiTray.exe
    C:\WINDOWS\System32\ctfmon.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Program Files\Creative\TaskBar\CTLTray.exe
    C:\Program Files\Creative\TaskBar\CTLTask.exe
    C:\Program Files\Messenger\msmsgs.exe
    C:\Program Files\Linksys Wireless-B Media Adapter\bin\XWPCLauncher.exe
    C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\backWeb-7288971.exe
    C:\Program Files\Logitech\Video\FxSvr2.exe
    C:\Documents and Settings\Piet\Bureaublad\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.nl/
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
    O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
    O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
    O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
    O4 - HKLM\..\Run: [CTStartup] C:\Program Files\Creative\SBAudigy\Program\CTEaxSpl.EXE /run
    O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
    O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\System32\NeroCheck.exe
    O4 - HKLM\..\Run: [NAV Agent] C:\PROGRA~1\NORTON~1\navapw32.exe
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [TotalRecorderScheduler] "C:\Program Files\HighCriteria\TotalRecorder\TotRecSched.exe"
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [zBrowser Launcher] C:\Program Files\Logitech\iTouch\iTouch.exe
    O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\System32\LVCOMSX.EXE
    O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
    O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
    O4 - HKCU\..\Run: [NOMAD Detector] "C:\Program Files\Creative\SBAudigy\PlayCenter2\CTNMRun.exe"
    O4 - HKCU\..\Run: [TaskTray] "C:\Program Files\Creative\TaskBar\CTLTray.exe"
    O4 - HKCU\..\Run: [TaskBar] "C:\Program Files\Creative\TaskBar\CTLTask.exe"
    O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
    O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
    O4 - Global Startup: Adapter Utility.lnk = ?
    O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
    O4 - Global Startup: Kodak EasyShare software.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
    O4 - Global Startup: KODAK Software Updater.lnk = C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\backWeb-7288971.exe
    O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
    O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office2\Office\OSA9.EXE
    O9 - Extra button: ShopperReports - Compare travel rates - {946B3E9E-E21A-49c8-9F63-900533FAFE14} - C:\Program Files\ShopperReports\Bin\1.1.0.0\ShprRprt.dll (file missing)
    O9 - Extra button: ShopperReports - Compare product prices - {946B3E9E-E21A-49c8-9F63-900533FAFE15} - C:\Program Files\ShopperReports\Bin\1.1.0.0\ShprRprt.dll (file missing)
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
    O10 - Unknown file in Winsock LSP: c:\windows\system32\srvdll.dll
    O10 - Unknown file in Winsock LSP: c:\windows\system32\srvdll.dll
    O16 - DPF: {003FADA5-8FEE-11D6-AFB7-0004768F6183} (CryptoRSA Control) - https://www.p3.postbank.nl/sesam/CAX.cab
    O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab
    O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} (Creative Software AutoUpdate) - http://www.creative.com/SU/ocx/12119/CTSUEng.cab
    O16 - DPF: {11260943-421B-11D0-8EAC-0000C07D88CF} (iPIX ActiveX Control) - http://www.ipix.com/viewers/ipixx.cab
    O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
    O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab
    O16 - DPF: {2CA0FF2C-0CE1-4382-A0C4-B2782965CCC2} (G-Vista ActiveX) - http://www.zugmap.ch/richtplan3d/pages/plugin/gvista30161.cab
    O16 - DPF: {31B7EB4E-8B4B-11D1-A789-00A0CC6651A8} (Cult3D ActiveX Player) - http://www.cult3d.com/download/cult.cab
    O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} (FilePlanet Download Control Class) - http://www.fileplanet.com/fpdlmgr/cabs/FPDC_1_0_0_44.cab
    O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://spaces.msn.com/PhotoUpload/MsnPUpld.cab?10,0,911,0
    O16 - DPF: {62789780-B744-11D0-986B-00609731A21D} (Autodesk MapGuide ActiveX Control) - http://pub.plan.at/mgaxctrlde.cab
    O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab
    O16 - DPF: {AE4CEC9D-C836-4579-829B-4C345101B3B9} (GVista Terrain Renderer) - http://www.dilas.ch/plugin/gvista/gvista2709.cab
    O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmessengersetupdownloader.cab
    O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab31267.cab
    O16 - DPF: {E55FD215-A32E-43FE-A777-A7E8F165F551} (Flatcast Viewer 4.15) - http://www.flatcast.com/de/download/NpFv415.dll
    O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://www.creative.com/SU/ocx/15008/CTPID.cab
    O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab
    O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O20 - AppInit_DLLs: MsgPlusLoader.dll
    O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.EXE
    O23 - Service: iPod-service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: ISEXEng - Unknown owner - C:\WINDOWS\System32\angelex.exe (file missing)
    O23 - Service: Kodak Camera Connection Software (KodakCCS) - Eastman Kodak Company - C:\WINDOWS\system32\drivers\KodakCCS.exe
    O23 - Service: MySql - Unknown owner - C:/mysql/bin/mysqld-nt.exe (file missing)
    O23 - Service: Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
    O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - %ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini (file missing)
    O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
    O23 - Service: ScsiAccess - Unknown owner - C:\WINDOWS\System32\ScsiAccess.EXE
    O23 - Service: Digital Media Adapter Application Loader Service (XWPCApplicationLoaderService) - Linksys Corporation - C:\Program Files\Linksys Wireless-B Media Adapter\bin\XWPCApplicationLoaderService.exe
    O23 - Service: Digital Media Adapter Host Service (XWPCHostService) - Linksys Corporation - C:\Program Files\Linksys Wireless-B Media Adapter\bin\XWPCHostService.exe
    Anoniem
    Anoniem
  • Hai,

    Is er een reden waarom je windows niet op to date hebt, zelfs geen sp1 dat is vragen om moeilijkheden en eigenlijk is het raar dat er niet meer rommel in staat want je systeem is zo lek als een mandje, zoveel updates niet gehad.

    Ok de fix.

    Start HJT opnieuw en doe een systemscan only, vink onderstaande regel aan sluit alle vensters behalve HJT en klik dan op fix checked.

    [b:76f4283da6]O23 - Service: ISEXEng - Unknown owner - C:\WINDOWS\System32\angelex.exe (file missing)[/b:76f4283da6]

    start je verkenner en zoek naar onderstaand dikgedrukt bestand.
    C:\WINDOWS\System32\[b:76f4283da6]angelex.exe[/b:76f4283da6] als je het vind verwijderen.




    Open een kladblok bestand en kopieer onderstaande [b:76f4283da6]vetgedrukte[/b:76f4283da6] tekst in dat kladblokbestand:

    [b:76f4283da6]REGEDIT4

    [-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_ISEXENG]
    [-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ISEXEng]
    [-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_ISEXENG]
    [-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\ISEXEng]
    [-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Enum\Root\LEGACY_ISEXENG]
    [-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\ISEXEng][/b:76f4283da6]


    Sla dit op op je Bureaublad als [b:76f4283da6]regfix.reg,[/b:76f4283da6] met als type
    [b:76f4283da6]"alle bestanden".[/b:76f4283da6]

    Dubbelklik op [b:76f4283da6]regfix.reg[/b:76f4283da6] en sta het toevoegen aan het register toe.



    Download [b:76f4283da6]Combofix[/b:76f4283da6] naar je Bureaublad.[list:76f4283da6]
    Dubbelklik [b:76f4283da6]Combofix.exe[/b:76f4283da6]
    Volg de instructies, aanvaard de disclaimer door "y" of "Y" te typen.
    Tijdens het runnen van de fix, [b:76f4283da6]NIET[/b:76f4283da6] in het venster klikken, want dit zal je pc doen vasthangen.[/list:u:76f4283da6]
    Wanneer de fix voltooid is en na herstart, zal de log [b:76f4283da6]combofix.txt[/b:76f4283da6] openen.
    [i:76f4283da6]Plaats deze log in je volgende post samen met een nieuw HijackThis log.[/i:76f4283da6]

    NOTA: Indien je virusscanner reageert met een melding van een scriptuitvoering, mag je dit negeren.

    Succes.
    Juisterr
    Anoniem
    Anoniem
  • Nee, er is geen speciale reden. Wat raad je aan, SP2?

    Angelex niet gevonden.

    ComboFix 06.10.19 - Running from: "C:\Documents and Settings\Piet\Bureaublad"

    ((((((((((((((((((((((((((((((( Files Created from 2006-09-27 to 2006-10-27 ))))))))))))))))))))))))))))))))))


    2006-10-21 14:28 53,248 -ra—— C:\WINDOWS\system32\InstMed.exe
    2006-10-21 14:28 372,736 –a—— C:\WINDOWS\system32\LVUI2RC.dll
    2006-10-21 14:28 22,016 –a—— C:\WINDOWS\system32\drivers\LVUSBSta.sys
    2006-10-21 14:28 204,800 –a—— C:\WINDOWS\system32\LVUI2.dll
    2006-10-21 14:28 204,800 –a—— C:\WINDOWS\system32\lvcodec2.dll
    2006-10-21 14:28 2,180,096 –a—— C:\WINDOWS\system32\drivers\lvsvf2.sys
    2006-10-21 14:28 106,496 –a—— C:\WINDOWS\system32\lvcoinst.dll
    2006-10-21 14:28 1,317,152 –a—— C:\WINDOWS\system32\drivers\lvcm.sys
    2006-10-21 14:27 89,088 –a—— C:\WINDOWS\system32\atl71.dll
    2006-10-21 14:27 65,536 –a—— C:\WINDOWS\system32\MFC71DEU.DLL
    2006-10-21 14:27 61,440 –a—— C:\WINDOWS\system32\MFC71ITA.DLL
    2006-10-21 14:27 61,440 –a—— C:\WINDOWS\system32\MFC71ESP.DLL
    2006-10-21 14:27 57,344 –a—— C:\WINDOWS\system32\MFC71ENU.DLL
    2006-10-21 14:27 499,712 –a—— C:\WINDOWS\system32\msvcp71.dll
    2006-10-21 14:27 49,152 –a—— C:\WINDOWS\system32\MFC71KOR.DLL
    2006-10-21 14:27 49,152 –a—— C:\WINDOWS\system32\MFC71JPN.DLL
    2006-10-21 14:27 45,056 –a—— C:\WINDOWS\system32\MFC71CHT.DLL
    2006-10-21 14:27 40,960 –a—— C:\WINDOWS\system32\MFC71CHS.DLL
    2006-10-21 14:27 348,160 –a—— C:\WINDOWS\system32\msvcr71.dll
    2006-10-21 14:27 1,060,864 –a—— C:\WINDOWS\system32\MFC71.dll
    2006-10-21 14:27 1,047,552 –a—— C:\WINDOWS\system32\MFC71u.dll
    2006-10-21 12:05 8,192 –a—— C:\WINDOWS\system32\tsbyuv.dll
    2006-10-21 12:05 50,176 –a—— C:\WINDOWS\system32\vfwwdm32.dll
    2006-10-21 12:05 45,568 –a—— C:\WINDOWS\system32\iyuv_32.dll
    2006-10-19 15:35 81,920 –a—— C:\WINDOWS\system32\VM305Sti.dll
    2006-10-19 15:35 61,440 –a—— C:\WINDOWS\VM305_STI.exe
    2006-10-19 15:35 53,248 –a—— C:\WINDOWS\Sti305.exe
    2006-10-19 15:35 49,152 –a—— C:\WINDOWS\amcap.exe
    2006-10-19 15:35 392,316 –a—— C:\WINDOWS\system32\drivers\usbVM305.sys
    2006-10-19 15:35 307,200 –a—— C:\WINDOWS\vidcap32.Exe
    2006-10-19 15:35 114,688 –a—— C:\WINDOWS\VM305Cap.exe
    2006-10-15 13:01 69,632 –a—— C:\WINDOWS\system32\SrvDll.dll
    2006-10-15 13:01 53,248 –a—— C:\WINDOWS\system32\appstart.exe
    2006-10-15 13:01 10,240 –a—— C:\WINDOWS\system32\sporder.Dll


    (((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))))


    2006-10-26 19:46 ——– d-a—— C:\Program Files\Common Files
    2006-10-26 16:10 ——– d——– C:\Program Files\Windows Media Player
    2006-10-25 19:36 ——– d——– C:\Program Files\Vimicro
    2006-10-23 20:25 ——– d——– C:\Program Files\Winamp
    2006-10-21 14:28 ——– d——– C:\Program Files\Common Files\Logitech
    2006-10-21 14:27 ——– d–h—– C:\Program Files\InstallShield Installation Information
    2006-10-21 14:26 ——– d——– C:\Program Files\Logitech
    2006-10-20 23:31 ——– d——– C:\Program Files\Zylom Games
    2006-10-14 20:50 ——– d——– C:\Documents and Settings\Piet\Application Data\ppStream
    2006-10-12 18:44 ——– d——– C:\Program Files\Internet Explorer
    2006-10-04 20:27 ——– d-a—— C:\Documents and Settings\Piet\Application Data\SopCast
    2006-09-30 18:31 ——– d——– C:\Program Files\FlashFXP
    2006-08-31 17:06 1957888 –a—— C:\WINDOWS\system32\Tropix.scr


    (((((((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))

    *Note* empty entries are not shown

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run]
    "CTFMON.EXE"="C:\\WINDOWS\\System32\\ctfmon.exe"
    "NOMAD Detector"="\"C:\\Program Files\\Creative\\SBAudigy\\PlayCenter2\\CTNMRun.exe\""
    "TaskTray"="\"C:\\Program Files\\Creative\\TaskBar\\CTLTray.exe\""
    "TaskBar"="\"C:\\Program Files\\Creative\\TaskBar\\CTLTask.exe\""
    "MSMSGS"="\"C:\\Program Files\\Messenger\\msmsgs.exe\" /background"
    "msnmsgr"="\"C:\\Program Files\\MSN Messenger\\msnmsgr.exe\" /background"
    "LogitechSoftwareUpdate"="\"C:\\Program Files\\Logitech\\Video\\ManifestEngine.exe\" boot"

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run]
    "CTStartup"="C:\\Program Files\\Creative\\SBAudigy\\Program\\CTEaxSpl.EXE /run"
    "CTHelper"="CTHELPER.EXE"
    "NeroCheck"="C:\\WINDOWS\\System32\\NeroCheck.exe"
    "NAV Agent"="C:\\PROGRA~1\\NORTON~1\\navapw32.exe"
    "NvCplDaemon"="RUNDLL32.EXE C:\\WINDOWS\\System32\\NvCpl.dll,NvStartup"
    "nwiz"="nwiz.exe /install"
    "TotalRecorderScheduler"="\"C:\\Program Files\\HighCriteria\\TotalRecorder\\TotRecSched.exe\""
    "NvMediaCenter"="RUNDLL32.EXE C:\\WINDOWS\\System32\\NvMcTray.dll,NvTaskbarInit"
    "zBrowser Launcher"="C:\\Program Files\\Logitech\\iTouch\\iTouch.exe"
    "Logitech Utility"="Logi_MwX.Exe"
    "TkBellExe"="\"C:\\Program Files\\Common Files\\Real\\Update_OB\\realsched.exe\" -osboot"
    "iTunesHelper"="C:\\Program Files\\iTunes\\iTunesHelper.exe"
    "QuickTime Task"="\"C:\\Program Files\\QuickTime\\qttask.exe\" -atboottime"
    @=""
    "LVCOMSX"="C:\\WINDOWS\\System32\\LVCOMSX.EXE"
    "LogitechVideoRepair"="C:\\Program Files\\Logitech\\Video\\ISStart.exe "
    "LogitechVideoTray"="C:\\Program Files\\Logitech\\Video\\LogiTray.exe"

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\IMAIL]
    "Installed"="1"

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MAPI]
    "NoChange"="1"
    "Installed"="1"

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MSFS]
    "Installed"="1"

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\runonceex]
    @=""

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\runonceex\CTStartup]
    "CTStartup"="\"C:\\Program Files\\Creative\\SBAudigy\\Program\\CTEaxSpl.EXE\" EAX.AVI"

    [HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components]
    "DeskHtmlVersion"=dword:00000110
    "DeskHtmlMinorVersion"=dword:00000005
    "Settings"=dword:00000000
    "GeneralFlags"=dword:00000005

    [HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components\0]
    "Source"="About:Home"
    "SubscribedURL"="About:Home"
    "FriendlyName"="Mijn huidige introductiepagina"
    "Flags"=dword:00000002
    "Position"=hex:2c,00,00,00,86,01,00,00,00,00,00,00,7a,02,00,00,c8,02,00,00,00,\
    00,00,00,01,00,00,00,01,00,00,00,01,00,00,00,00,00,00,00,00,00,00,00
    "CurrentState"=hex:04,00,00,40
    "OriginalStateInfo"=hex:18,00,00,00,9c,00,00,00,00,00,00,00,64,03,00,00,c8,02,\
    00,00,04,00,00,40
    "RestoredStateInfo"=hex:18,00,00,00,9c,00,00,00,00,00,00,00,64,03,00,00,c8,02,\
    00,00,01,00,00,00

    [HKEY_USERS\.default\software\microsoft\windows\currentversion\run]
    "CTFMON.EXE"="C:\\WINDOWS\\System32\\CTFMON.EXE"

    [HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\run]
    "CTFMON.EXE"="C:\\WINDOWS\\System32\\CTFMON.EXE"

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\sharedtaskscheduler]
    "{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Preloader van browseui"
    "{8C7461EF-2B13-11d2-BE35-3078302C2030}"="Cache-daemon voor onderdeelcategorieën"

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
    "{AEB6717E-7E19-11d0-97EE-00C04FD91972}"=""

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
    "NoDriveTypeAutoRun"=hex:5f,00,00,00
    @=""

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer\Run]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
    "dontdisplaylastusername"=dword:00000000
    "legalnoticecaption"=""
    "legalnoticetext"=""
    "shutdownwithoutlogon"=dword:00000001
    "undockwithoutlogon"=dword:00000001

    [HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
    "NoDriveTypeAutoRun"=dword:00000091

    [HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\policies\explorer]
    "NoDriveTypeAutoRun"=dword:00000091

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shellserviceobjectdelayload]
    "PostBootReminder"="{7849596a-48ea-486e-8937-a2a3009f31a9}"
    "CDBurn"="{fbeb8a05-beee-4442-804e-409d6c4515e9}"
    "WebCheck"="{E6FB5E20-DE35-11CF-9C87-00AA005127ED}"
    "SysTray"="{35CEC8A3-2BE6-11D2-8773-92E220524153}"
    "UPnPMonitor"="{e57ce738-33e8-4c51-8354-bb4de9d215d1}"

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
    "SecurityProviders"="msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll"


    Contents of the 'Scheduled Tasks' folder
    C:\WINDOWS\tasks\Norton AntiVirus - Mijn computer scannen.job
    C:\WINDOWS\tasks\Symantec NetDetect.job

    Completion time: 06-10-27 13:13:02.15
    C:\ComboFix.txt … 06-10-27 13:13
    C:\ComboFix2.txt … 06-10-26 22:45
    C:\ComboFix3.txt … 06-10-26 16:30




    Logfile of HijackThis v1.99.1
    Scan saved at 13:14:20, on 27-10-2006
    Platform: Windows XP (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 (6.00.2600.0000)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\System32\cisvc.exe
    C:\WINDOWS\System32\CTsvcCDA.EXE
    C:\WINDOWS\System32\inetsrv\inetinfo.exe
    C:\WINDOWS\system32\drivers\KodakCCS.exe
    C:\Program Files\Norton AntiVirus\navapsvc.exe
    C:\WINDOWS\System32\nvsvc32.exe
    C:\WINDOWS\System32\ScsiAccess.EXE
    C:\WINDOWS\System32\tcpsvcs.exe
    C:\WINDOWS\System32\snmp.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\System32\MsPMSPSv.exe
    C:\Program Files\Linksys Wireless-B Media Adapter\bin\XWPCApplicationLoaderService.exe
    C:\Program Files\Linksys Wireless-B Media Adapter\bin\XWPCHostService.exe
    C:\WINDOWS\System32\CTHELPER.EXE
    C:\PROGRA~1\NORTON~1\navapw32.exe
    C:\Program Files\HighCriteria\TotalRecorder\TotRecSched.exe
    C:\Program Files\Logitech\iTouch\iTouch.exe
    C:\Program Files\Common Files\Real\Update_OB\realsched.exe
    C:\Program Files\Logitech\MouseWare\system\em_exec.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\Program Files\QuickTime\qttask.exe
    C:\WINDOWS\System32\LVCOMSX.EXE
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Program Files\Logitech\Video\LogiTray.exe
    C:\WINDOWS\System32\ctfmon.exe
    C:\Program Files\Creative\TaskBar\CTLTray.exe
    C:\Program Files\Creative\TaskBar\CTLTask.exe
    C:\Program Files\Messenger\msmsgs.exe
    C:\Program Files\Linksys Wireless-B Media Adapter\bin\XWPCLauncher.exe
    C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\backWeb-7288971.exe
    C:\Program Files\Logitech\Video\FxSvr2.exe
    C:\WINDOWS\System32\cidaemon.exe
    C:\WINDOWS\System32\cidaemon.exe
    C:\WINDOWS\system32\NOTEPAD.EXE
    C:\WINDOWS\system32\NOTEPAD.EXE
    C:\Documents and Settings\Piet\Bureaublad\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.nl/
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
    O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
    O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
    O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
    O4 - HKLM\..\Run: [CTStartup] C:\Program Files\Creative\SBAudigy\Program\CTEaxSpl.EXE /run
    O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
    O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\System32\NeroCheck.exe
    O4 - HKLM\..\Run: [NAV Agent] C:\PROGRA~1\NORTON~1\navapw32.exe
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [TotalRecorderScheduler] "C:\Program Files\HighCriteria\TotalRecorder\TotRecSched.exe"
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [zBrowser Launcher] C:\Program Files\Logitech\iTouch\iTouch.exe
    O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\System32\LVCOMSX.EXE
    O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
    O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
    O4 - HKCU\..\Run: [NOMAD Detector] "C:\Program Files\Creative\SBAudigy\PlayCenter2\CTNMRun.exe"
    O4 - HKCU\..\Run: [TaskTray] "C:\Program Files\Creative\TaskBar\CTLTray.exe"
    O4 - HKCU\..\Run: [TaskBar] "C:\Program Files\Creative\TaskBar\CTLTask.exe"
    O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
    O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
    O4 - Global Startup: Adapter Utility.lnk = ?
    O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
    O4 - Global Startup: Kodak EasyShare software.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
    O4 - Global Startup: KODAK Software Updater.lnk = C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\backWeb-7288971.exe
    O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
    O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office2\Office\OSA9.EXE
    O9 - Extra button: ShopperReports - Compare travel rates - {946B3E9E-E21A-49c8-9F63-900533FAFE14} - C:\Program Files\ShopperReports\Bin\1.1.0.0\ShprRprt.dll (file missing)
    O9 - Extra button: ShopperReports - Compare product prices - {946B3E9E-E21A-49c8-9F63-900533FAFE15} - C:\Program Files\ShopperReports\Bin\1.1.0.0\ShprRprt.dll (file missing)
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
    O10 - Unknown file in Winsock LSP: c:\windows\system32\srvdll.dll
    O10 - Unknown file in Winsock LSP: c:\windows\system32\srvdll.dll
    O16 - DPF: {003FADA5-8FEE-11D6-AFB7-0004768F6183} (CryptoRSA Control) - https://www.p3.postbank.nl/sesam/CAX.cab
    O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab
    O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} (Creative Software AutoUpdate) - http://www.creative.com/SU/ocx/12119/CTSUEng.cab
    O16 - DPF: {11260943-421B-11D0-8EAC-0000C07D88CF} (iPIX ActiveX Control) - http://www.ipix.com/viewers/ipixx.cab
    O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
    O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab
    O16 - DPF: {2CA0FF2C-0CE1-4382-A0C4-B2782965CCC2} (G-Vista ActiveX) - http://www.zugmap.ch/richtplan3d/pages/plugin/gvista30161.cab
    O16 - DPF: {31B7EB4E-8B4B-11D1-A789-00A0CC6651A8} (Cult3D ActiveX Player) - http://www.cult3d.com/download/cult.cab
    O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} (FilePlanet Download Control Class) - http://www.fileplanet.com/fpdlmgr/cabs/FPDC_1_0_0_44.cab
    O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://spaces.msn.com/PhotoUpload/MsnPUpld.cab?10,0,911,0
    O16 - DPF: {62789780-B744-11D0-986B-00609731A21D} (Autodesk MapGuide ActiveX Control) - http://pub.plan.at/mgaxctrlde.cab
    O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab
    O16 - DPF: {AE4CEC9D-C836-4579-829B-4C345101B3B9} (GVista Terrain Renderer) - http://www.dilas.ch/plugin/gvista/gvista2709.cab
    O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmessengersetupdownloader.cab
    O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab31267.cab
    O16 - DPF: {E55FD215-A32E-43FE-A777-A7E8F165F551} (Flatcast Viewer 4.15) - http://www.flatcast.com/de/download/NpFv415.dll
    O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://www.creative.com/SU/ocx/15008/CTPID.cab
    O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab
    O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O20 - AppInit_DLLs: MsgPlusLoader.dll
    O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.EXE
    O23 - Service: iPod-service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: Kodak Camera Connection Software (KodakCCS) - Eastman Kodak Company - C:\WINDOWS\system32\drivers\KodakCCS.exe
    O23 - Service: MySql - Unknown owner - C:/mysql/bin/mysqld-nt.exe (file missing)
    O23 - Service: Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
    O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - %ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini (file missing)
    O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
    O23 - Service: ScsiAccess - Unknown owner - C:\WINDOWS\System32\ScsiAccess.EXE
    O23 - Service: Digital Media Adapter Application Loader Service (XWPCApplicationLoaderService) - Linksys Corporation - C:\Program Files\Linksys Wireless-B Media Adapter\bin\XWPCApplicationLoaderService.exe
    O23 - Service: Digital Media Adapter Host Service (XWPCHostService) - Linksys Corporation - C:\Program Files\Linksys Wireless-B Media Adapter\bin\XWPCHostService.exe
    Anoniem
    Anoniem
  • Het probleem is nog niet opgelost. Ik zie wel de CPU op 75%. Verder kan ik niets ontdekken.
    Anoniem
    Anoniem
  • Heeft iemand nog een suggestie, of ben ik nu heel ongeduldig?
    Anoniem
    Anoniem
  • [quote:03db217169="PSchenderling"]Heeft iemand nog een suggestie, of ben ik nu heel ongeduldig?[/quote:03db217169]

    antwoord is slecht een dag oud, dus ja ongeduldig, wij zijn ook maar vrijwilligers met een gewone baan.

    http://www.cexx.org/lspfix.zip
    Download LspFix
    Start het programma.
    Plaats een vinkje bij I know what I am doing.
    Zorg dat in het rechtse venster (het remove venster) alle volgende bestanden staan (geen andere)

    [b:03db217169] srvdll.dll[/b:03db217169]
    Klik op Finish

    Download [b:03db217169] naar je Bureaublad:[list:03db217169][*:03db217169]Dubbelklik [b:03db217169]drweb-cureit.exe[/b:03db217169] Klik op udate
    [*:03db217169]Na de update verschijnt er een nieuw icoontje op je buroblad "CureIt.exe" dubbelklik het en klik op Scan, sta het toe om de express scan te starten.
    [*:03db217169]Dit zal de bestanden scannen die momenteel in het geheugen geladen zijn en wanneer er iets gevonden wordt,
    klik de [b:03db217169]Yes to all[/b:03db217169] knop bij de vraag 'cure it?'. Dit is enkel een korte scan.
    [*:03db217169]Eenmaal de korte scan is beeïndigd, kan je de drives selecteren die je wilt laten scannen.
    [*:03db217169]Selecteer hier [b:03db217169]alle drives[/b:03db217169]. Een rood bolletje zal dan tevoorschijn komen op de drives die je laat scannen.
    [*:03db217169]Klik daarna de [b:03db217169]groene pijl[/b:03db217169] rechts om de scan te starten.
    [*:03db217169]Klik [b:03db217169]Yes to all[/b:03db217169] wanneer er gevraagd wordt om cure of move uit te voeren.
    [*:03db217169]Wanneer de scan beëindigd is, kijk of je kunt op het icoontje naast de gevonden bestanden klikken: [img:03db217169]http://users.telenet.be/bluepatchy/miekiemoes/images/check.gif[/img:03db217169]
    [*:03db217169]Indien ja,klik er op en klik vervolgens op het icoontje er juist onder en selecteer [b:03db217169]Move incurable[/b:03db217169] zoals je hier ziet:
    [img:03db217169]http://users.telenet.be/bluepatchy/miekiemoes/images/move.gif[/img:03db217169]
    Dit verplaatst gevonden bestanden naar de "%userprofile%\DoctorWeb\quarantaine-map" indien herstel niet mogelijk is.
    [*:03db217169]Nadat de scan gedaan is, in het menu bovenaan, klik [b:03db217169]File[/b:03db217169] en kies [b:03db217169]Save report List[/b:03db217169]. Bewaar het op je Bureaublad.
    [*:03db217169]Sluit daarna Dr.Web Cureit.
    [*:03db217169][b:03db217169]Herstart[/b:03db217169] je computer!! [i:03db217169]Belangrijke stap, want het kan zijn dat Dr.Web Cureit bestanden zal verplaatsen/verwijderen tijdens herstart[/i:03db217169].
    [*:03db217169]Na het herstarten, [b:03db217169]kopieer en plak de inhoud van die log die je eerder hebt bewaard in je volgende post[/b:03db217169].
    [/list:u:03db217169]

    Negeer popups over Buy of 50% korting

    Aub nieuw HJT logje en het logje van Dr.web.

    Succes
    J
    :P
    Anoniem
    Anoniem
  • Ik begrijp het: liefdewerk oud papier. Het is mooi, dat er mensen zijn, die hun vrije tijd opofferen om anderen te helpen. Ik had gisteren een vrije dag genomen om de problemen aan te pakken vandaar.

    Ongelofelijk wat een rotzooi er bij mij opstaat. De pc start nu door, maar nog geen verbinding met het internet.

    Hier de logjes


    apropos.exe C:\Documents and Settings\Elize\Application Data Trojan.AproposAd Deleted.
    Tick Soft.exe C:\Documents and Settings\Elize\Application Data\Kind Ping That Trojan.Swizzor Deleted.
    1c152d.exe C:\Documents and Settings\Elize\Local Settings\Temp Trojan.Swizzor Deleted.
    40c1e3.exe C:\Documents and Settings\Elize\Local Settings\Temp Trojan.Swizzor Deleted.
    bb.exe C:\Documents and Settings\Elize\Local Settings\Temp Adware.BargainBuddy Incurable.Moved.
    bis35.exe C:\Documents and Settings\Elize\Local Settings\Temp Trojan.Swizzor Deleted.
    dfiTempA.exe C:\Documents and Settings\Elize\Local Settings\Temp Dialer.Xs Deleted.
    iinstall.exe C:\Documents and Settings\Elize\Local Settings\Temp Trojan.Isbar.107 Deleted.
    powerscan.exe C:\Documents and Settings\Elize\Local Settings\Temp Adware.PowerScan Incurable.Moved.
    rebootnt.exe C:\Documents and Settings\Elize\Local Settings\Temp\~vis0000 Tool.Reboot Incurable.Moved.
    hotbar.exe C:\Documents and Settings\Elize\Mijn documenten Adware.Hotbar Incurable.Moved.
    cln13.tmp C:\Documents and Settings\Richard\Local Settings\Temp Trojan.Dyfuca Deleted.
    cln7E.tmp C:\Documents and Settings\Richard\Local Settings\Temp Trojan.Dyfuca Deleted.
    fqctbiG.exe C:\Documents and Settings\Richard\Local Settings\Temp Trojan.Isbar Deleted.
    optimize.exe C:\Documents and Settings\Richard\Local Settings\Temp Trojan.Dyfuca Deleted.
    rebootnt.exe C:\Documents and Settings\Richard\Local Settings\Temp\~vis0000 Tool.Reboot Incurable.Moved.
    rebootnt.exe C:\Documents and Settings\Richard\Local Settings\Temp\~vis0001 Tool.Reboot Incurable.Moved.
    6 Burn.wma C:\My Shared Folder Trojan.DownLoader.1729 Deleted.
    Confessions - Usher - 6 - Burn.wma C:\My Shared Folder Trojan.DownLoader.1729 Deleted.
    uninst.exe C:\Program Files\Adverts Trojan.LopAd Deleted.
    mindset.exe C:\Program Files\ddm\361 Trojan.MulDrop.749 Deleted.
    optimize.exe C:\Program Files\ddm\361 Trojan.Dyfuca Deleted.
    mirc.exe C:\Program Files\mIRC Program.mIRC.61 Incurable.Moved.
    Dc7.exe C:\RECYCLER\S-1-5-21-583907252-706699826-682003330-1005 Dialer.Xs Deleted.
    A0207799.exe C:\System Volume Information\_restore{7530CDFB-FCE4-4215-A1FE-8BD40FC04B59}\RP1036 Adware.PestTrap Incurable.Moved.
    A0208507.exe C:\System Volume Information\_restore{7530CDFB-FCE4-4215-A1FE-8BD40FC04B59}\RP1040 Adware.PestTrap Incurable.Moved.
    A0208590.exe C:\System Volume Information\_restore{7530CDFB-FCE4-4215-A1FE-8BD40FC04B59}\RP1040 Trojan.AproposAd Deleted.
    A0208591.exe C:\System Volume Information\_restore{7530CDFB-FCE4-4215-A1FE-8BD40FC04B59}\RP1040 Trojan.Swizzor Deleted.
    A0208592.exe C:\System Volume Information\_restore{7530CDFB-FCE4-4215-A1FE-8BD40FC04B59}\RP1040 Trojan.LopAd Deleted.
    A0208593.exe C:\System Volume Information\_restore{7530CDFB-FCE4-4215-A1FE-8BD40FC04B59}\RP1040 Trojan.MulDrop.749 Deleted.
    A0208594.exe C:\System Volume Information\_restore{7530CDFB-FCE4-4215-A1FE-8BD40FC04B59}\RP1040 Trojan.Dyfuca Deleted.
    A0208595.exe C:\System Volume Information\_restore{7530CDFB-FCE4-4215-A1FE-8BD40FC04B59}\RP1040 Dialer.Xs Deleted.
    A0203432.exe C:\System Volume Information\_restore{7530CDFB-FCE4-4215-A1FE-8BD40FC04B59}\RP973 Adware.Hotbar Incurable.Moved.
    A0203433.exe C:\System Volume Information\_restore{7530CDFB-FCE4-4215-A1FE-8BD40FC04B59}\RP973 Adware.Hotbar Incurable.Moved.
    A0203436.exe C:\System Volume Information\_restore{7530CDFB-FCE4-4215-A1FE-8BD40FC04B59}\RP973 Adware.Hotbar Incurable.Moved.
    A0203438.exe C:\System Volume Information\_restore{7530CDFB-FCE4-4215-A1FE-8BD40FC04B59}\RP973 Adware.Hotbar Incurable.Moved.
    A0203439.dll C:\System Volume Information\_restore{7530CDFB-FCE4-4215-A1FE-8BD40FC04B59}\RP973 Adware.Hotbar Incurable.Moved.
    A0203440.exe C:\System Volume Information\_restore{7530CDFB-FCE4-4215-A1FE-8BD40FC04B59}\RP973 Adware.Hotbar Incurable.Moved.
    A0203441.dll C:\System Volume Information\_restore{7530CDFB-FCE4-4215-A1FE-8BD40FC04B59}\RP973 Adware.Hotbar Incurable.Moved.
    A0203442.dll C:\System Volume Information\_restore{7530CDFB-FCE4-4215-A1FE-8BD40FC04B59}\RP973 Adware.Hotbar Incurable.Moved.
    A0203482.dll C:\System Volume Information\_restore{7530CDFB-FCE4-4215-A1FE-8BD40FC04B59}\RP973 Adware.Hotbar Incurable.Moved.
    A0204732.exe C:\System Volume Information\_restore{7530CDFB-FCE4-4215-A1FE-8BD40FC04B59}\RP979 Trojan.LopAd Deleted.
    A0204963.dll C:\System Volume Information\_restore{7530CDFB-FCE4-4215-A1FE-8BD40FC04B59}\RP984 Trojan.Inject.130 Deleted.
    A0205001.dll C:\System Volume Information\_restore{7530CDFB-FCE4-4215-A1FE-8BD40FC04B59}\RP984 Trojan.Inject.130 Deleted.
    A0205010.exe C:\System Volume Information\_restore{7530CDFB-FCE4-4215-A1FE-8BD40FC04B59}\RP984 Adware.Msearch Incurable.Moved.
    A0205015.exe C:\System Volume Information\_restore{7530CDFB-FCE4-4215-A1FE-8BD40FC04B59}\RP984 Adware.Msearch Incurable.Moved.
    A0205017.exe C:\System Volume Information\_restore{7530CDFB-FCE4-4215-A1FE-8BD40FC04B59}\RP984 Trojan.DownLoader.12314 Incurable.Moved.
    A0205018.exe C:\System Volume Information\_restore{7530CDFB-FCE4-4215-A1FE-8BD40FC04B59}\RP984 Trojan.DownLoader.12321 Incurable.Moved.
    A0205056.exe C:\System Volume Information\_restore{7530CDFB-FCE4-4215-A1FE-8BD40FC04B59}\RP985 Trojan.DownLoader.12321 Incurable.Moved.
    A0205057.exe C:\System Volume Information\_restore{7530CDFB-FCE4-4215-A1FE-8BD40FC04B59}\RP985 Trojan.DownLoader.12314 Incurable.Moved.
    A0205059.exe C:\System Volume Information\_restore{7530CDFB-FCE4-4215-A1FE-8BD40FC04B59}\RP985 Adware.Msearch Incurable.Moved.
    A0205064.exe C:\System Volume Information\_restore{7530CDFB-FCE4-4215-A1FE-8BD40FC04B59}\RP985 Adware.Msearch Incurable.Moved.
    A0205070.dll C:\System Volume Information\_restore{7530CDFB-FCE4-4215-A1FE-8BD40FC04B59}\RP985 Trojan.Inject.130 Deleted.
    A0205079.exe C:\System Volume Information\_restore{7530CDFB-FCE4-4215-A1FE-8BD40FC04B59}\RP985 Trojan.DownLoader.12321 Incurable.Moved.
    A0205084.exe C:\System Volume Information\_restore{7530CDFB-FCE4-4215-A1FE-8BD40FC04B59}\RP985 Trojan.PWS.Gamania Deleted.
    A0205085.exe C:\System Volume Information\_restore{7530CDFB-FCE4-4215-A1FE-8BD40FC04B59}\RP985 BackDoor.Generic.1400 Deleted.
    A0205086.com C:\System Volume Information\_restore{7530CDFB-FCE4-4215-A1FE-8BD40FC04B59}\RP985 BackDoor.Generic.1400 Deleted.
    A0205087.com C:\System Volume Information\_restore{7530CDFB-FCE4-4215-A1FE-8BD40FC04B59}\RP985 BackDoor.Generic.1400 Deleted.
    A0205088.COM C:\System Volume Information\_restore{7530CDFB-FCE4-4215-A1FE-8BD40FC04B59}\RP985 BackDoor.Generic.1400 Deleted.
    A0205089.exe C:\System Volume Information\_restore{7530CDFB-FCE4-4215-A1FE-8BD40FC04B59}\RP985 BackDoor.Generic.1400 Deleted.
    A0205090.com C:\System Volume Information\_restore{7530CDFB-FCE4-4215-A1FE-8BD40FC04B59}\RP985 BackDoor.Generic.1400 Deleted.
    A0205091.com C:\System Volume Information\_restore{7530CDFB-FCE4-4215-A1FE-8BD40FC04B59}\RP985 BackDoor.Generic.1400 Deleted.
    A0205092.pif C:\System Volume Information\_restore{7530CDFB-FCE4-4215-A1FE-8BD40FC04B59}\RP985 BackDoor.Generic.1400 Deleted.
    A0205093.com C:\System Volume Information\_restore{7530CDFB-FCE4-4215-A1FE-8BD40FC04B59}\RP985 BackDoor.Generic.1400 Deleted.
    A0205094.pif C:\System Volume Information\_restore{7530CDFB-FCE4-4215-A1FE-8BD40FC04B59}\RP985 BackDoor.Generic.1400 Deleted.
    A0205095.com C:\System Volume Information\_restore{7530CDFB-FCE4-4215-A1FE-8BD40FC04B59}\RP985 BackDoor.Generic.1400 Deleted.
    A0205096.com C:\System Volume Information\_restore{7530CDFB-FCE4-4215-A1FE-8BD40FC04B59}\RP985 BackDoor.Generic.1400 Deleted.
    A0205097.com C:\System Volume Information\_restore{7530CDFB-FCE4-4215-A1FE-8BD40FC04B59}\RP985 BackDoor.Generic.1400 Deleted.
    A0205098.exe C:\System Volume Information\_restore{7530CDFB-FCE4-4215-A1FE-8BD40FC04B59}\RP985 Trojan.DownLoader.12314 Incurable.Moved.
    A0205099.EXE C:\System Volume Information\_restore{7530CDFB-FCE4-4215-A1FE-8BD40FC04B59}\RP985 BackDoor.Generic.1400 Deleted.
    A0205100.exe C:\System Volume Information\_restore{7530CDFB-FCE4-4215-A1FE-8BD40FC04B59}\RP985 Trojan.DownLoader.11977 Deleted.
    A0205101.exe C:\System Volume Information\_restore{7530CDFB-FCE4-4215-A1FE-8BD40FC04B59}\RP985 BackDoor.Generic.1400 Deleted.
    A0205102.exe C:\System Volume Information\_restore{7530CDFB-FCE4-4215-A1FE-8BD40FC04B59}\RP985 Trojan.DownLoader.10275 Incurable.Moved.
    HbInstIE.dll C:\WINDOWS\Downloaded Program Files Adware.Hotbar Incurable.Moved.
    HbInstIE.dll C:\WINDOWS\Downloaded Program Files\CONFLICT.1 Adware.Hotbar Incurable.Moved.
    exul1.exe C:\WINDOWS\system32 Adware.Exact Incurable.Moved.
    SrvDll.dll C:\WINDOWS\system32 Trojan.DownLoader.13539 Will be cured after reboot.
    SWRT01.dll C:\WINDOWS\system32 Adware.AdDestroyer Incurable.Moved.
    Xcite.dll C:\WINDOWS\system32 Adware.MyWay Incurable.Moved.
    Xcite.exe C:\WINDOWS\system32 Trojan.MulDrop.2545 Incurable.Moved.
    plg_ie0.dll F:\WINDOWS\Application Data Trojan.LopAd Deleted.
    stngleaqco.dll F:\WINDOWS\Application Data Trojan.LopAd Deleted.
    mp3_plugin.exe F:\WINDOWS\Downloaded Program Files Trojan.LopAd Deleted.
    DietKaza.exe F:\Program Files\Skidmonk\Diet Kaza Probably BACKDOOR.Trojan Incurable.Moved.
    Setup.exe F:\Program Files\Skyline\TerraExplorer Probably DLOADER.Trojan Incurable.Moved.
    SponsorSetup.exe F:\Program Files\Messenger Plus! 2 Trojan.Swizzor Deleted.
    mirc.exe F:\Program Files\mIRC Program.mIRC.603 Incurable.Moved.
    A0207804.dll F:\System Volume Information\_restore{7530CDFB-FCE4-4215-A1FE-8BD40FC04B59}\RP1036 Adware.Cydoor Incurable.Moved.
    A0207805.dll F:\System Volume Information\_restore{7530CDFB-FCE4-4215-A1FE-8BD40FC04B59}\RP1036 Adware.Cydoor Incurable.Moved.
    A0207806.DLL F:\System Volume Information\_restore{7530CDFB-FCE4-4215-A1FE-8BD40FC04B59}\RP1036 Tool.Hatkeys Incurable.Moved.
    A0207808.exe\data002 F:\System Volume Information\_restore{7530CDFB-FCE4-4215-A1FE-8BD40FC04B59}\RP1036\A0207808.exe Trojan.LopAd
    A0207808.exe F:\System Volume Information\_restore{7530CDFB-FCE4-4215-A1FE-8BD40FC04B59}\RP1036 Archive contains infected objects Moved.
    A0207809.exe\data002 F:\System Volume Information\_restore{7530CDFB-FCE4-4215-A1FE-8BD40FC04B59}\RP1036\A0207809.exe Trojan.LopAd
    A0207809.exe F:\System Volume Information\_restore{7530CDFB-FCE4-4215-A1FE-8BD40FC04B59}\RP1036 Archive contains infected objects Moved.
    A0207810.dll F:\System Volume Information\_restore{7530CDFB-FCE4-4215-A1FE-8BD40FC04B59}\RP1036 Adware.Altnet Incurable.Moved.
    A0208570.dll F:\System Volume Information\_restore{7530CDFB-FCE4-4215-A1FE-8BD40FC04B59}\RP1040 Adware.Cydoor Incurable.Moved.
    A0208571.dll F:\System Volume Information\_restore{7530CDFB-FCE4-4215-A1FE-8BD40FC04B59}\RP1040 Adware.Cydoor Incurable.Moved.
    A0208572.DLL F:\System Volume Information\_restore{7530CDFB-FCE4-4215-A1FE-8BD40FC04B59}\RP1040 Tool.Hatkeys Incurable.Moved.
    A0208574.exe\data002 F:\System Volume Information\_restore{7530CDFB-FCE4-4215-A1FE-8BD40FC04B59}\RP1040\A0208574.exe Trojan.LopAd
    A0208574.exe F:\System Volume Information\_restore{7530CDFB-FCE4-4215-A1FE-8BD40FC04B59}\RP1040 Archive contains infected objects Moved.
    A0208575.exe\data002 F:\System Volume Information\_restore{7530CDFB-FCE4-4215-A1FE-8BD40FC04B59}\RP1040\A0208575.exe Trojan.LopAd
    A0208575.exe F:\System Volume Information\_restore{7530CDFB-FCE4-4215-A1FE-8BD40FC04B59}\RP1040 Archive contains infected objects Moved.
    A0208576.dll F:\System Volume Information\_restore{7530CDFB-FCE4-4215-A1FE-8BD40FC04B59}\RP1040 Adware.Altnet
    A0208597.dll F:\System Volume Information\_restore{7530CDFB-FCE4-4215-A1FE-8BD40FC04B59}\RP1040 Trojan.LopAd Deleted.
    A0208598.dll F:\System Volume Information\_restore{7530CDFB-FCE4-4215-A1FE-8BD40FC04B59}\RP1040 Trojan.LopAd Deleted.
    A0208599.exe F:\System Volume Information\_restore{7530CDFB-FCE4-4215-A1FE-8BD40FC04B59}\RP1040 Trojan.LopAd Deleted.
    A0208600.exe F:\System Volume Information\_restore{7530CDFB-FCE4-4215-A1FE-8BD40FC04B59}\RP1040 Trojan.Swizzor Deleted.




    Logfile of HijackThis v1.99.1
    Scan saved at 19:38:13, on 28-10-2006
    Platform: Windows XP (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 (6.00.2600.0000)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\System32\cisvc.exe
    C:\WINDOWS\System32\CTsvcCDA.EXE
    C:\WINDOWS\System32\inetsrv\inetinfo.exe
    C:\WINDOWS\system32\drivers\KodakCCS.exe
    C:\Program Files\Norton AntiVirus\navapsvc.exe
    C:\WINDOWS\System32\nvsvc32.exe
    C:\WINDOWS\System32\ScsiAccess.EXE
    C:\WINDOWS\System32\tcpsvcs.exe
    C:\WINDOWS\System32\snmp.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\System32\MsPMSPSv.exe
    C:\Program Files\Linksys Wireless-B Media Adapter\bin\XWPCApplicationLoaderService.exe
    C:\Program Files\Linksys Wireless-B Media Adapter\bin\XWPCHostService.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\System32\CTHELPER.EXE
    C:\PROGRA~1\NORTON~1\navapw32.exe
    C:\Program Files\HighCriteria\TotalRecorder\TotRecSched.exe
    C:\Program Files\Logitech\iTouch\iTouch.exe
    C:\Program Files\Common Files\Real\Update_OB\realsched.exe
    C:\Program Files\Logitech\MouseWare\system\em_exec.exe
    C:\Program Files\QuickTime\qttask.exe
    C:\WINDOWS\System32\LVCOMSX.EXE
    C:\Program Files\Logitech\Video\LogiTray.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\WINDOWS\System32\ctfmon.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Program Files\Creative\TaskBar\CTLTray.exe
    C:\Program Files\Creative\TaskBar\CTLTask.exe
    C:\Program Files\Messenger\msmsgs.exe
    C:\Program Files\Linksys Wireless-B Media Adapter\bin\XWPCLauncher.exe
    C:\Program Files\Logitech\Video\FxSvr2.exe
    C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\backWeb-7288971.exe
    C:\Documents and Settings\Piet\Bureaublad\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.nl/
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
    O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
    O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
    O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
    O4 - HKLM\..\Run: [CTStartup] C:\Program Files\Creative\SBAudigy\Program\CTEaxSpl.EXE /run
    O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
    O4 - HKLM\..\Run: [NAV Agent] C:\PROGRA~1\NORTON~1\navapw32.exe
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [TotalRecorderScheduler] "C:\Program Files\HighCriteria\TotalRecorder\TotRecSched.exe"
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [zBrowser Launcher] C:\Program Files\Logitech\iTouch\iTouch.exe
    O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\System32\LVCOMSX.EXE
    O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
    O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
    O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\System32\NeroCheck.exe
    O4 - HKLM\..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
    O4 - HKCU\..\Run: [NOMAD Detector] "C:\Program Files\Creative\SBAudigy\PlayCenter2\CTNMRun.exe"
    O4 - HKCU\..\Run: [TaskTray] "C:\Program Files\Creative\TaskBar\CTLTray.exe"
    O4 - HKCU\..\Run: [TaskBar] "C:\Program Files\Creative\TaskBar\CTLTask.exe"
    O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
    O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
    O4 - Global Startup: Adapter Utility.lnk = ?
    O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
    O4 - Global Startup: Kodak EasyShare software.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
    O4 - Global Startup: KODAK Software Updater.lnk = C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\backWeb-7288971.exe
    O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
    O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office2\Office\OSA9.EXE
    O9 - Extra button: ShopperReports - Compare travel rates - {946B3E9E-E21A-49c8-9F63-900533FAFE14} - C:\Program Files\ShopperReports\Bin\1.1.0.0\ShprRprt.dll (file missing)
    O9 - Extra button: ShopperReports - Compare product prices - {946B3E9E-E21A-49c8-9F63-900533FAFE15} - C:\Program Files\ShopperReports\Bin\1.1.0.0\ShprRprt.dll (file missing)
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
    O16 - DPF: {003FADA5-8FEE-11D6-AFB7-0004768F6183} (CryptoRSA Control) - https://www.p3.postbank.nl/sesam/CAX.cab
    O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab
    O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} (Creative Software AutoUpdate) - http://www.creative.com/SU/ocx/12119/CTSUEng.cab
    O16 - DPF: {11260943-421B-11D0-8EAC-0000C07D88CF} (iPIX ActiveX Control) - http://www.ipix.com/viewers/ipixx.cab
    O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
    O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab
    O16 - DPF: {2CA0FF2C-0CE1-4382-A0C4-B2782965CCC2} (G-Vista ActiveX) - http://www.zugmap.ch/richtplan3d/pages/plugin/gvista30161.cab
    O16 - DPF: {31B7EB4E-8B4B-11D1-A789-00A0CC6651A8} (Cult3D ActiveX Player) - http://www.cult3d.com/download/cult.cab
    O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} (FilePlanet Download Control Class) - http://www.fileplanet.com/fpdlmgr/cabs/FPDC_1_0_0_44.cab
    O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://spaces.msn.com/PhotoUpload/MsnPUpld.cab?10,0,911,0
    O16 - DPF: {62789780-B744-11D0-986B-00609731A21D} (Autodesk MapGuide ActiveX Control) - http://pub.plan.at/mgaxctrlde.cab
    O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab
    O16 - DPF: {AE4CEC9D-C836-4579-829B-4C345101B3B9} (GVista Terrain Renderer) - http://www.dilas.ch/plugin/gvista/gvista2709.cab
    O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmessengersetupdownloader.cab
    O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab31267.cab
    O16 - DPF: {E55FD215-A32E-43FE-A777-A7E8F165F551} (Flatcast Viewer 4.15) - http://www.flatcast.com/de/download/NpFv415.dll
    O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://www.creative.com/SU/ocx/15008/CTPID.cab
    O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab
    O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O20 - AppInit_DLLs: MsgPlusLoader.dll
    O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.EXE
    O23 - Service: iPod-service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: Kodak Camera Connection Software (KodakCCS) - Eastman Kodak Company - C:\WINDOWS\system32\drivers\KodakCCS.exe
    O23 - Service: MySql - Unknown owner - C:/mysql/bin/mysqld-nt.exe (file missing)
    O23 - Service: Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
    O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - %ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini (file missing)
    O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
    O23 - Service: ScsiAccess - Unknown owner - C:\WINDOWS\System32\ScsiAccess.EXE
    O23 - Service: Digital Media Adapter Application Loader Service (XWPCApplicationLoaderService) - Linksys Corporation - C:\Program Files\Linksys Wireless-B Media Adapter\bin\XWPCApplicationLoaderService.exe
    O23 - Service: Digital Media Adapter Host Service (XWPCHostService) - Linksys Corporation - C:\Program Files\Linksys Wireless-B Media Adapter\bin\XWPCHostService.exe
    Anoniem
    Anoniem
  • Gebruik deze iefix eens iefix
    Anoniem
    Anoniem
  • Ik heb nu toegang tot het thuisnetwerk, maar nog niet tot het web.

    Mijn dochter heeft met een laptop (draadloze verbinding) ook geen internetverbinding. Zij krijgt de boodschap, dat zij geen netwerkadres krijgt toegewezen. Ook niet na 'herstelverbinding'. Hier is van haar pc een hijacklog

    Logfile of HijackThis v1.99.1
    Scan saved at 21:02:44, on 28-10-2006
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\System32\wltrysvc.exe
    C:\WINDOWS\System32\bcmwltry.exe
    C:\WINDOWS\system32\spoolsv.exe
    c:\program files\mcafee.com\agent\mcdetect.exe
    c:\PROGRA~1\mcafee.com\vso\mcshield.exe
    c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
    c:\PROGRA~1\mcafee.com\vso\OasClnt.exe
    c:\program files\mcafee.com\vso\mcvsshld.exe
    c:\progra~1\mcafee.com\vso\mcvsescn.exe
    c:\program files\mcafee.com\agent\mcagent.exe
    C:\WINDOWS\tsnp2std.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
    C:\WINDOWS\stsystra.exe
    C:\Program Files\QuickTime\qttask.exe
    C:\PROGRA~1\McAfee\SPAMKI~1\MskAgent.exe
    C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe
    C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
    C:\PROGRA~1\McAfee.com\PERSON~1\MpfService.exe
    C:\WINDOWS\system32\igfxpers.exe
    C:\WINDOWS\system32\hkcmd.exe
    C:\Program Files\Dell\Media Experience\DMXLauncher.exe
    C:\WINDOWS\System32\DLA\DLACTRLW.EXE
    C:\WINDOWS\system32\WLTRAY.exe
    C:\Program Files\Dell\QuickSet\quickset.exe
    C:\WINDOWS\VM_STI.EXE
    C:\Program Files\Spyware Doctor\swdoctor.exe
    C:\Program Files\MSN Messenger\msnmsgr.exe
    C:\WINDOWS\system32\igfxsrvc.exe
    C:\Program Files\NetWaiting\netWaiting.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Digital Line Detect\DLG.exe
    c:\progra~1\mcafee.com\vso\mcvsftsn.exe
    C:\Program Files\Dell\NICCONFIGSVC\NICCONFIGSVC.exe
    C:\Program Files\Spyware Doctor\sdhelp.exe
    C:\Program Files\Messenger\msmsgs.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\msiexec.exe
    C:\PROGRA~1\McAfee.com\PERSON~1\MpfAgent.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\Documents and Settings\Elize\Bureaublad\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://dellsearchedit.myway.com/samisc/dellsidebar.jhtml?p=DW
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.nl/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www1.euro.dell.com/content/default.aspx?c=nl&l=nl&s=gen
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www1.euro.dell.com/content/default.aspx?c=nl&l=nl&s=gen
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
    O2 - BHO: PCTools Site Guard - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - C:\PROGRA~1\SPYWAR~1\tools\iesdsg.dll
    O2 - BHO: PCTools Browser Monitor - {B56A7D7D-6927-48C8-A975-17DF180C71AC} - C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll
    O4 - HKLM\..\Run: [MCUpdateExe] c:\PROGRA~1\mcafee.com\agent\McUpdate.exe
    O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe
    O4 - HKLM\..\Run: [VSOCheckTask] "C:\PROGRA~1\McAfee.com\VSO\mcmnhdlr.exe" /checktask
    O4 - HKLM\..\Run: [VirusScan Online] C:\Program Files\McAfee.com\VSO\mcvsshld.exe
    O4 - HKLM\..\Run: [tsnp2std] C:\WINDOWS\tsnp2std.exe
    O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
    O4 - HKLM\..\Run: [SigmatelSysTrayApp] stsystra.exe
    O4 - HKLM\..\Run: [ShowLOMControl] 
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [OASClnt] C:\Program Files\McAfee.com\VSO\oasclnt.exe
    O4 - HKLM\..\Run: [MSKDetectorExe] C:\PROGRA~1\McAfee\SPAMKI~1\MSKDetct.exe /startup
    O4 - HKLM\..\Run: [MSKAGENTEXE] C:\PROGRA~1\McAfee\SPAMKI~1\MskAgent.exe
    O4 - HKLM\..\Run: [MPFExe] C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe
    O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
    O4 - HKLM\..\Run: [ISUSPM Startup] "C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -startup
    O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
    O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
    O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
    O4 - HKLM\..\Run: [DMXLauncher] C:\Program Files\Dell\Media Experience\DMXLauncher.exe
    O4 - HKLM\..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE
    O4 - HKLM\..\Run: [Dell Wireless Manager UI] C:\WINDOWS\system32\WLTRAY
    O4 - HKLM\..\Run: [Dell QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe
    O4 - HKLM\..\Run: [BigDogPath] C:\WINDOWS\VM_STI.EXE Vimicro USB PC Camera (VC0305)
    O4 - HKCU\..\Run: [Spyware Doctor] "C:\Program Files\Spyware Doctor\swdoctor.exe" /Q
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
    O4 - HKCU\..\Run: [ModemOnHold] C:\Program Files\NetWaiting\netWaiting.exe
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - Global Startup: Digital Line Detect.lnk = ?
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
    O9 - Extra button: (no name) - {39FD89BF-D3F1-45b6-BB56-3582CCF489E1} - c:\program files\mcafee\spamkiller\mcapfbho.dll
    O9 - Extra 'Tools' menuitem: McAfee AntiPhishing Filter - {39FD89BF-D3F1-45b6-BB56-3582CCF489E1} - c:\program files\mcafee\spamkiller\mcapfbho.dll
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://liezisgek.spaces.msn.com//PhotoUpload/MsnPUpld.cab
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
    O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O18 - Filter: application/x-internet-signup - {A173B69A-1F9B-4823-9FDA-412F641E65D6} - C:\Program Files\Tiscali\Tiscali Internet\dlls\tiscalifilter.dll
    O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxdev.dll
    O23 - Service: McAfee WSC Integration (McDetect.exe) - McAfee, Inc - c:\program files\mcafee.com\agent\mcdetect.exe
    O23 - Service: McAfee.com McShield (McShield) - McAfee Inc. - c:\PROGRA~1\mcafee.com\vso\mcshield.exe
    O23 - Service: McAfee Task Scheduler (McTskshd.exe) - McAfee, Inc - c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
    O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe
    O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee Corporation - C:\PROGRA~1\McAfee.com\PERSON~1\MpfService.exe
    O23 - Service: McAfee SpamKiller Server (MskService) - McAfee Inc. - C:\PROGRA~1\McAfee\SPAMKI~1\MSKSrvr.exe
    O23 - Service: NICCONFIGSVC - Dell Inc. - C:\Program Files\Dell\NICCONFIGSVC\NICCONFIGSVC.exe
    O23 - Service: PC Tools Spyware Doctor (SDhelper) - PC Tools Research Pty Ltd - C:\Program Files\Spyware Doctor\sdhelp.exe
    O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\WINDOWS\System32\wltrysvc.exe
    Anoniem
    Anoniem
  • Aanvulling: de laptop van mijn dochter maakt geen verbinding met het internet.
    Anoniem
    Anoniem
  • Heb je op die pc ook de iefix gedaan??
    Anoniem
    Anoniem
  • Inmiddels doet de laptop het niet meer. ik ga eens zoeken.
    Anoniem
    Anoniem
  • Ik heb me vergist. IE werkte op dat moment offline. De status is dus onveranderd. Geen verbinding.
    Anoniem
    Anoniem
  • ik heb nog een iefix probeer deze eens.


    http://users.pandora.be/DeLorean/Downloads/WinsockFix.exe

    Handleiding voor deze WinSockfix :

    Na downloaden Winsockfix.exe aanklikken en "Reg backup" klikken,
    je huidig register word nu opgeslaan in de map "ERDNT"
    Daarna klik je "Fix" de Winsockfix Utility doet dan het volgende:

    1) Controleert je Windows versie
    2) Releast uw IP-adress zodat je Offline bent
    3) Reset de TCP stack door Netsh.exe te gebruiken (Windows XP alleen)
    4) Verwijderd de huidige TCP en Winsock waardes in het register
    5) Nieuwe "werkende" waardes worden in de plaats gezet
    6) Uw huidig Host bestand word gebackupt
    7) Er word een standaard Host bestand geplaatst

    herstart je pc.
    Anoniem
    Anoniem
  • Hij blijft nu tijdens de opstartprocedure hangen en loopt door als cvshost lokale service beeindigd wordt.
    Anoniem
    Anoniem

Beantwoord deze vraag

Dit is een gearchiveerde pagina. Antwoorden is niet meer mogelijk.

Gerelateerde vragen

We hebben je een e-mail gestuurd!

Oops… er ging wat mis.

Hoera, je account is nu geactiveerd!

Dit token is niet meer valide.

Wachtwoord vergeten?

Je aanvraag is verstuurd

Wachtwoord herstellen

Wachtwoord herstellen

Dit token is niet meer valide.

Je vraag is geplaatst!

Je antwoord is geplaatst!

Bevestigingsmail verstuurd!