|
|
#1
1 september 2008, 12:51
| |||
| |||
| Dit isnt iets belangrijks dank de Heer, net af of je kan een thorugh bladeren als je een minuut om te zien of ik nasties Ik ben niet bewust van moeten krijgen, dankzij een stelletje guys! Logbestand van Trend Micro HijackThis v2.0.2 Scan saved at 20:42:25, op 01/09/2008 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16705) Boot mode: Normal Draaiende processen: C: \ WINDOWS \ System32 \ Smss.exe C: \ WINDOWS \ system32 \ winlogon.exe C: \ WINDOWS \ system32 \ Services.exe C: \ WINDOWS \ system32 \ lsass.exe C: \ WINDOWS \ system32 \ Ati2evxx.exe C: \ WINDOWS \ system32 \ svchost.exe C: \ Program Files \ Windows Defender \ MsMpEng.exe C: \ WINDOWS \ System32 \ svchost.exe C: \ WINDOWS \ system32 \ svchost.exe C: \ WINDOWS \ system32 \ Ati2evxx.exe C: \ Program Files \ Lavasoft \ Ad-Aware \ aawservice.exe C: \ Program Files \ Alwil Software \ Avast4 \ aswUpdSv.exe C: \ Program Files \ Alwil Software \ Avast4 \ ashServ.exe C: \ WINDOWS \ explorer.exe C: \ WINDOWS \ system32 \ brsvc01a.exe C: \ WINDOWS \ system32 \ brss01a.exe C: \ WINDOWS \ system32 \ Spoolsv.exe C: \ Program Files \ Common Files \ Apple \ Mobile Device Support \ bin \ AppleMobileDeviceService.exe C: \ PROGRA ~ 1 \ ALWILS ~ 1 \ Avast4 \ ashDisp.exe C: \ Program Files \ Bonjour \ mDNSResponder.exe C: \ WINDOWS \ system32 \ PnkBstrA.exe C: \ Program Files \ CyberLink \ Shared files \ RichVideo.exe C: \ WINDOWS \ system32 \ svchost.exe C: \ Program Files \ Windows Defender \ MSASCui.exe C: \ Program Files \ ATI Technologies \ ATI.ACE \ Core-Static \ MOM.exe C: \ WINDOWS \ system32 \ LVCOMSX.EXE C: \ Program Files \ Logitech \ Video \ LogiTray.exe C: \ WINDOWS \ system32 \ Rundll32.exe C: \ Program Files \ stoom \ steam.exe C: \ Program Files \ Alwil Software \ Avast4 \ ashWebSv.exe C: \ WINDOWS \ system32 \ Ctfmon.exe C: \ Program Files \ Logitech \ Video \ FxSvr2.exe C: \ Program Files \ ATI Technologies \ ATI.ACE \ Core-Static \ ccc.exe C: \ Program Files \ Windows Live \ Messenger \ usnsvc.exe C: \ Program Files \ Windows Live \ Messenger \ msnmsgr.exe C: \ Program Files \ MessengerDiscovery \ MessengerDiscovery Live.exe C: \ Program Files \ Windows Live \ Contacts \ wlcomm.exe C: \ Program Files \ iPod \ bin \ iPodService.exe c: \ program files \ windows media player \ wmplayer.exe C: \ WINDOWS \ Microsoft.NET \ Framework \ v3.0 \ Windows Communication Foundation \ infocard.exe C: \ Program Files \ Logitech \ SetPoint \ SetPoint.exe C: \ Program Files \ Common Files \ Logishrd \ KHAL2 \ KHALMNPR.EXE C: \ Program Files \ Trend Micro \ HijackThis \ HijackThis.exe R1 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Search Bar = http://search.winzy.com/ie.html R0 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Start Page = http://cbfsms.com/ R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Window Title = Verken de **** in 'Web R1 - HKCU \ Software \ Microsoft \ Windows \ CurrentVersion \ Int ernet Settings, ProxyOverride = *. lokale F2 - REG: system.ini: UserInit = C: \ WINDOWS \ system32 \ Userinit.exe O2 - BHO: Adobe PDF Reader Link Helper - (06849E9F-C8D7-4D59-B87D-784B7D6BE0B3) - C: \ Program Files \ Common Files \ Adobe \ Acrobat \ ActiveX \ AcroIEHelper.dll O2 - BHO: Groove GFS Browser Helper - (72853161-30C5-4D22-B7F9-0BBC1D38A37E) - C: \ Program Files \ Microsoft Office \ Office12 \ GrooveShellExtensions.dll O2 - BHO: SSVHelper Class - (761497BB-D6F0-462C-B6EB-D4DAF1D92D43) - C: \ Program Files \ Java \ jre1.6.0_03 \ bin \ ssv.dll O2 - BHO: Windows Live Sign-in Helper - (9030D464-4C02-4ABF-8ECC-5164760863C6) - C: \ Program Files \ Common Files \ Microsoft Shared \ Windows Live \ WindowsLiveLogin.dll O4 - HKLM \ .. \ Run: [avast!] C: \ PROGRA ~ 1 \ ALWILS ~ 1 \ Avast4 \ ashDisp.exe O4 - HKLM \ .. \ Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE O4 - HKLM \ .. \ Run: [Windows Defender] "C: \ Program Files \ Windows Defender \ MSASCui.exe"-hide O4 - HKLM \ .. \ Run: [StartCCC] "C: \ Program Files \ ATI Technologies \ ATI.ACE \ Core-Static \ CLIStart.exe" MSRun O4 - HKLM \ .. \ Run: [LVCOMSX] C: \ WINDOWS \ system32 \ LVCOMSX.EXE O4 - HKLM \ .. \ Run: [LogitechVideoRepair] C: \ Program Files \ Logitech \ Video \ ISStart.exe O4 - HKLM \ .. \ Run: [igfxtray] C: \ WINDOWS \ system32 \ igfxtray.exe O4 - HKLM \ .. \ Run: [igfxhkcmd] C: \ WINDOWS \ system32 \ hkcmd.exe O4 - HKLM \ .. \ Run: [Cmaudio] Rundll32 cmicnfg.cpl, CMICtrlWnd O4 - HKLM \ .. \ Run: [MSConfig] C: \ WINDOWS \ PCHealth \ HelpCtr \ Binaries \ msconfig.exe / auto O4 - HKCU \ .. \ Run: [Ctfmon.exe] C: \ WINDOWS \ system32 \ Ctfmon.exe O4 - HKCU \ .. \ Run: [msnmsgr] "C: \ Program Files \ Windows Live \ Messenger \ msnmsgr.exe" / achtergrond O4 - HKUS \ S-1-5-19 \ .. \ Run: [Ctfmon.exe] C: \ WINDOWS \ system32 \ Ctfmon.exe (User 'LOCAL SERVICE') O4 - HKUS \ S-1-5-20 \ .. \ Run: [Ctfmon.exe] C: \ WINDOWS \ system32 \ Ctfmon.exe (User 'NETWORK SERVICE') O4 - HKUS \ S-1-5-18 \ .. \ Run: [Ctfmon.exe] C: \ WINDOWS \ system32 \ Ctfmon.exe (User 'SYSTEM') O4 - HKUS \. DEFAULT \ .. \ Run: [Ctfmon.exe] C: \ WINDOWS \ system32 \ Ctfmon.exe (User 'Default user') O4 - Global Startup: Logitech SetPoint.lnk = C: \ Program Files \ Logitech \ SetPoint \ SetPoint.exe O8 - Extra context menu item: E & xporteren naar Microsoft Excel - res: / / C: \ PROGRA ~ 1 \ MICROS ~ 2 \ Office12 \ EXCEL.EXE/3000 O9 - Extra button: (geen naam) - (08B0E5C0-4FCB-11CF-AAA5-00401C608501) - C: \ Program Files \ Java \ jre1.6.0_03 \ bin \ ssv.dll O9 - Extra 'Tools' MENUITEM: Sun Java Console - (08B0E5C0-4FCB-11CF-AAA5-00401C608501) - C: \ Program Files \ Java \ jre1.6.0_03 \ bin \ ssv.dll O9 - Extra button: Verzenden naar OneNote - (2670000A-7350-4f3c-8081-5663EE0C6C49) - C: \ PROGRA ~ 1 \ MICROS ~ 2 \ Office12 \ ONBttnIE.dll O9 - Extra 'Tools' MENUITEM: S & einde aan OneNote - (2670000A-7350-4f3c-8081-5663EE0C6C49) - C: \ PROGRA ~ 1 \ MICROS ~ 2 \ Office12 \ ONBttnIE.dll O9 - Extra button: Onderzoek - (92780B25-18CC-41C8-B9BE-3C9C571A8263) - C: \ PROGRA ~ 1 \ MICROS ~ 2 \ Office12 \ REFIEBAR.DLL O9 - Extra button: (geen naam) - (e2e2dd38-d088-4134-82b7-f2ba38496583) - C: \ WINDOWS \ Network Diagnostic \ xpnetdiag.exe O9 - Extra 'Tools' MENUITEM: @ xpsp3res.dll, -20001 - (e2e2dd38-d088-4134-82b7-f2ba38496583) - C: \ WINDOWS \ Network Diagnostic \ xpnetdiag.exe O9 - Extra button: Messenger - (FB5F1910-F110-11d2-BB9E-00C04F795683) - C: \ Program Files \ Messenger \ msmsgs.exe O9 - Extra 'Tools' MENUITEM: Windows Messenger - (FB5F1910-F110-11d2-BB9E-00C04F795683) - C: \ Program Files \ Messenger \ msmsgs.exe O15 - Trusted Zone: http://asia.msi.com.tw O15 - Trusted Zone: http://global.msi.com.tw O15 - Trusted Zone: http://www.msi.com.tw O15 - Trusted Zone: http://download.windowsupdate.com O16 - DPF: (1E54D648-B804-468d-BC78-4AFFED8E262E) (System Requirements Lab) -- http://www.srtest.com/srl_bin/sysreqlab3.cab O16 - DPF: (20A60F0D-9AFA-4515-A0FD-83BD84642501) (Checkers Class) -- http://messenger.zone.msn.com/binary...r.cab56986.cab O16 - DPF: (48DD0448-9209-4F81-9F6D-D83562940134) (MySpace Uploader Control) -- http://lads.myspace.com/upload/MySpaceUploader1006.cab O16 - DPF: (4F1E5B1A-2A80-42CA-8532-2D05CB959537) (MSN Photo Upload Tool) -- http://gfx1.hotmail.com/mail/w2/resources/MSNPUpld.cab O16 - DPF: (5D6F45B3-9043-443D-A792-115447494D24) (UnoCtrl Class) -- http://messenger.zone.msn.com/EN-GB/.../GAME_UNO1.cab O16 - DPF: (67A5F8DC-1A4B-4D66-9F24-A704AD929EEE) (System Requirements Lab) -- http://www.nvidia.com/content/Driver...sysreqlab2.cab O16 - DPF: (67DABFBF-D0AB-41FA-9C46-CC0F21721616) (DivXBrowserPlugin Object) -- http://download.divx.com/player/DivXBrowserPlugin.cab O16 - DPF: (6E32070A-766D-4EE6-879C-DC1FA91D2FC3) (MUWebControl Class) -- http://www.update.microsoft.com/micr...?1195685283109 O16 - DPF: (74DBCB52-F298-4110-951D-AD2FF67BC8AB) (NVIDIA Smart Scan) -- http://www.nvidia.com/content/Driver...aSmartScan.cab O16 - DPF: (8167C273-DF59-4416-B647-C8BB2C7EE83E) (WebSDev Control) -- http://liveupdate.msi.com.tw/autobio...ne/install.cab O16 - DPF: (8AD9C840-044E-11D1-B3E9-00805F499D93) (Java Runtime Environment 1.6.0) -- http://javadl-esd.sun.com/update/1.6...ws-i586-jc.cab O16 - DPF: (A90A5822-F108-45AD-8482-9BC8B12DD539) (Crucial cpcScan) -- http://www.crucial.com/controls/cpcScanner.cab O16 - DPF: (B8BE5E93-A60C-4D26-A2DC-220313175592) (MSN Games - Installer) -- http://messenger.zone.msn.com/binary...o.cab56649.cab O16 - DPF: (BD393C14-72AD-4790-A095-76522973D6B8) (CBreakshotControl Class) -- http://messenger.zone.msn.com/binary...t.cab57213.cab O16 - DPF: (C3F79A2B-B9B4-4A66-B012-3EE46475B072) (MessengerStatsClient Class) -- http://messenger.zone.msn.com/binary...t.cab56907.cab O16 - DPF: (D27CDB6E-AE6D-11CF-96B8-444553540000) (Shockwave Flash Object) -- http://fpdownload2.macromedia.com/ge...sh/swflash.cab O16 - DPF: (E6187999-9FEC-46A1-A20F-F4CA977D5643) (ZoneChess Object) -- http://messenger.zone.msn.com/binary/Chess.cab57176.cab O16 - DPF: (E8F628B5-259A-4734-97EE-BA914D7BE941) (Driver Agent ActiveX Control) -- http://plugin.driveragent.com/files/driveragent.cab O18 - Protocol: grooveLocalGWS - (88FED34C-F0CA-4636-A375-3CB6248B04CD) - C: \ Program Files \ Microsoft Office \ Office12 \ GrooveSystemServices.dll O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C: \ Program Files \ Lavasoft \ Ad-Aware \ aawservice.exe O23 - Service: Apple Mobile Device - Apple, Inc - C: \ Program Files \ Common Files \ Apple \ Mobile Device Support \ bin \ AppleMobileDeviceService.exe O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C: \ Program Files \ Alwil Software \ Avast4 \ aswUpdSv.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc - C: \ WINDOWS \ system32 \ Ati2evxx.exe O23 - Service: ATI Smart - Onbekende eigenaar - C: \ WINDOWS \ system32 \ ati2sgag.exe O23 - Service: avast! Antivirus - ALWIL Software - C: \ Program Files \ Alwil Software \ Avast4 \ ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C: \ Program Files \ Alwil Software \ Avast4 \ ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C: \ Program Files \ Alwil Software \ Avast4 \ ashWebSv.exe O23 - Service: Bonjour Service - Apple Inc - C: \ Program Files \ Bonjour \ mDNSResponder.exe O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C: \ WINDOWS \ system32 \ brsvc01a.exe O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd - C: \ Program Files \ Common Files \ Macrovision Shared \ FLEXnet Publisher \ FNPLicensingService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C: \ Program Files \ Common Files \ InstallShield \ Driver \ 11 \ Intel 32 \ IDriverT.exe O23 - Service: iPod Service - Apple Inc - C: \ Program Files \ iPod \ bin \ iPodService.exe O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc - C: \ Program Files \ Common Files \ Logishrd \ Bluetooth \ LBTServ.exe O23 - Service: NBService - Nero AG - C: \ Program Files \ Nero \ Nero 7 \ Nero BackItUp \ NBService.exe O23 - Service: NMIndexingService - Nero AG - C: \ Program Files \ Common Files \ Ahead \ Lib \ NMIndexingService.exe O23 - Service: PnkBstrA - Onbekende eigenaar - C: \ WINDOWS \ system32 \ PnkBstrA.exe O23 - Service: Cyberlink RichVideo Service (CRVS) (RichVideo) - Onbekende eigenaar - C: \ Program Files \ CyberLink \ Shared files \ RichVideo.exe -- End of file - 11133 bytes Hope theres niets en een beetje van traagheid is mijn P4 opgeven .. |
|
#2
1 september 2008, 13:25
| |||
| |||
| Downloaden Malwarebytes' Anti-Malware (MBAM)
__________________  |
|
#3
1 september 2008, 15:19
| |||
| |||
| Malwarebytes' Anti-Malware 1.25 Database versie: 1103 Windows 5.1.2600 Service Pack 3 23:16:55 01/09/2008 mbam-log-09-01-2008 (23-16-55). txt Scan type: Quick Scan Objecten gescand: 51583 Verstreken tijd: 6 minute (s), 29 second (s), Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 0 Registry Values Infected: 0 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 0 Memory Processes Infected: (Geen kwaadaardige items gedetecteerd) Memory Modules Infected: (Geen kwaadaardige items gedetecteerd) Registry Keys Infected: (Geen kwaadaardige items gedetecteerd) Registry Values Infected: (Geen kwaadaardige items gedetecteerd) Registry Data Items Infected: (Geen kwaadaardige items gedetecteerd) Folders Infected: (Geen kwaadaardige items gedetecteerd) Geïnfecteerde bestanden: (Geen kwaadaardige items gedetecteerd) |
|
#4
1 september 2008, 15:23
| |||
| |||
| Er is geen malware in het logboek. Weet je wat dit is? R1 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Search Bar = http://search.winzy.com/ie.html
__________________ |
|
#5
2 september 2008, 08:28
| |||
| |||
| Ja, Winzy is de zoekmachine ik gebruikt om het gebruik tthinking ik kon krijgen van het prijzengeld, niets zorgen te maken om er Cheers voor uw tijd!  |
|
#6
2 september 2008, 11:46
| |||
| |||
| Uw Java is verouderd. Oudere versies hebben kwetsbaarheden die kwaadaardige sites kunt gebruiken om uw systeem te infecteren. Installeer eerst de nieuwe Sun Java Runtime Environment Zorg dat u alle browservensters sluiten voordat u begint met de installatie. Verwijder de oude versie (s)
Gebruik de Secunia Software Inspector om te controleren of out of date software.
---------- Ga naar Microsoft Windows Update en ontvang alle kritische veiligheid updates. (moet u Internet Explorer te gebruiken om dit te doen)
__________________ |
