|
|
#1
30 november 2008, 09:59
|
|||
|
|||
Please help Trojan.SystemDriver gevonden
Hoi, ik heb een pc die nieuw is, heb ik bestanden en programma's op en dan deze maand, is het spelen op.
Wanneer ik naar het opstarten van de computer soms het werkt, maar 80% het niet zal gaan langs de welkomstpagina, 10% van de tijd wel, maar dan alleen voor het scherm naar zwart, telkens het Gors zwart of niet zal gaan verleden de welkomstpagina. Ik moet de pc opnieuw opstarten. Soms heb ik om het te openen in safemode dan opnieuw starten en dan werkt het. En dan wanneer ik ga naar het gesloten, dan stopt op de pagina stilgelegd en zal niet bewegen, Ik heb het een nacht om te zien of het zou in de ochtend was het nog te zeggen ramen in afgesloten. Ik rende Super anti spyware en hij vond dit: Trojan. System Driver C: \ 32788R22FWJFW \ CREG.DAT Die is gesteld in de in quarantaine geplaatste objecten bestand, moet ik verwijderen? Ook fould 52 Tracking Cookies die ook in quarantaine bestand. Ik heb een HijackThis scan en dat is wat hij zei: Logbestand van Trend Micro HijackThis v2.0.2 Scan opgeslagen om 12:04:20 op 15/11/2008 Platform: Windows Vista SP1 (WinNT 6.00.1905) MSIE: Internet Explorer v7.00 (7.00.6001.18000) Boot modus: Veilige modus Draaiende processen: C: \ Windows \ explorer.exe C: \ Program Files \ Trend Micro \ HijackThis \ HijackThis.exe R1 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Start Page = https: / / login.yahoo.com / config / mail?. intl = nl &. src = YM R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TY...ion&pf=desktop R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Start Page = http://ie.redirect.hp.com/svs/rdr?TY...ion&pf=desktop R0 - HKLM \ Software \ Microsoft \ Internet Explorer \ Search, SearchAssistant = R0 - HKLM \ Software \ Microsoft \ Internet Explorer \ Search, CustomizeSearch = R0 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Local Page = R0 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Local Page = R0 - HKCU \ Software \ Microsoft \ Internet Explorer \ Toolbar, LinksFolderName = O1 - Hosts::: 1 localhost O2 - BHO: Adobe PDF Reader Link Helper - (06849E9F-C8D7-4D59-B87D-784B7D6BE0B3) - C: \ Program Files \ Adobe \ Acrobat 7.0 \ ActiveX \ AcroIEHelper.dll O2 - BHO: NCO 2.0 IE BHO - (602ADB0E-4AFF-4217-8AA1-95DAC4DFA408) - C: \ Program Files \ Common Files \ Symantec Shared \ coShared \ Browser \ 2.6 \ coIEPlg.dll O2 - BHO: Symantec Intrusion Prevention - (6D53EC84-6AAE-4787-AEEE-F4628F01010C) - C: \ PROGRA ~ 1 \ COMMON ~ 1 \ SYMANT ~ 1 \ IDS \ IPSBHO.dll O2 - BHO: Groove GFS Browser Helper - (72853161-30C5-4D22-B7F9-0BBC1D38A37E) - C: \ Program Files \ Microsoft Office \ Office12 \ GrooveShellExtensions.dll O2 - BHO: Google Toolbar Helper - (AA58ED58-01DD-4d91-8333-CF10577473F7) - c: \ Program Files \ Google \ googletoolbar2.dll O3 - Toolbar: Show Norton Toolbar - (7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA) - C: \ Program Files \ Common Files \ Symantec Shared \ coShared \ Browser \ 2.6 \ CoIEPlg.dll O3 - Toolbar: & Google - (2318C2B1-4965-11D4-9B18-009027A5CD4F) - c: \ Program Files \ Google \ googletoolbar2.dll O4 - HKLM \ .. \ Run: [Windows Defender]% ProgramFiles% \ Windows Defender \ MSASCui.exe-hide O4 - HKLM \ .. \ Run: [hpsysdrv] c: \ hp \ support \ hpsysdrv.exe O4 - HKLM \ .. \ Run: [KBD] C: \ HP \ KBD \ KbdStub.EXE O4 - HKLM \ .. \ Run: [ATICCC] "C: \ Program Files \ ATI Technologies \ ATI.ACE \ CLIStart.exe" O4 - HKLM \ .. \ Run: [RtHDVCpl] RtHDVCpl.exe O4 - HKLM \ .. \ Run: [ccApp] "C: \ Program Files \ Common Files \ Symantec Shared \ ccApp.exe" O4 - HKLM \ .. \ Run: [osCheck] "C: \ Program Files \ Norton 360 \ osCheck.exe" O4 - HKLM \ .. \ Run: [QuickTime Task] "C: \ Program Files \ QuickTime \ QTTask.exe"-atboottime O4 - HKLM \ .. \ Run: [iTunesHelper] "C: \ Program Files \ iTunes \ iTunesHelper.exe" O4 - HKLM \ .. \ Run: [GrooveMonitor] "C: \ Program Files \ Microsoft Office \ Office12 \ GrooveMonitor.exe" O4 - HKLM \ .. \ Run: [IAAnotif] "C: \ Program Files \ Intel \ Intel Matrix Storage Manager \ Iaanotif.exe" O4 - HKLM \ .. \ Run: [HP Software Update] C: \ Program Files \ HP \ HP Software Update \ HPWuSchd2.exe O4 - HKLM \ .. \ Run: [RoxWatchTray] "C: \ Program Files \ Common Files \ Roxio Shared \ 9.0 \ SharedCOM \ RoxWatchTray9.exe" O4 - HKLM \ .. \ Run: [DMXLauncher] "C: \ Program Files \ Roxio \ Media Experience \ DMXLauncher.exe" O4 - HKLM \ .. \ Run: [RoxioDragToDisc] "C: \ Program Files \ Roxio \ Drag-to-Disc \ DrgToDsc.exe" O4 - HKLM \ .. \ RunOnce: [Launcher]% WINDIR% \ SMINST \ launcher.exe O4 - HKCU \ .. \ Run: [kattebelletje] C: \ Program Files \ kattebelletje \ Scribble.exe geruisloze O4 - HKCU \ .. \ Run: [OM2_Monitor] "C: \ Program Files \ OLYMPUS \ OLYMPUS Master 2 \ MMonitor.exe" O4 - HKUS \ S-1-5-19 \ .. \ Run: [Sidebar]% ProgramFiles% \ Windows Sidebar \ Sidebar.exe / detectMem (User 'LOCAL SERVICE') O4 - HKUS \ S-1-5-19 \ .. \ Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll, ShowWelcomeCenter (User 'LOCAL SERVICE') O4 - HKUS \ S-1-5-20 \ .. \ Run: [Sidebar]% ProgramFiles% \ Windows Sidebar \ Sidebar.exe / detectMem (User 'NETWORK SERVICE') O4 - Startup: Scheduler.lnk =? O4 - Startup: TracksCleaner.lnk = C: \ Program Files \ GhostSurf Platinum \ TracksCleaner.exe O4 - Global Startup: GhostSurf proxy.lnk = C: \ Program Files \ GhostSurf Platinum \ Proxy.exe O4 - Global Startup: SpyCatcher.lnk = C: \ Program Files \ GhostSurf Platinum \ SpyCatcher.exe O8 - Extra context menu item: E & xporteren naar Microsoft Excel - res: / / C: \ PROGRA ~ 1 \ MICROS ~ 3 \ Office12 \ EXCEL.EXE/3000 O9 - Extra button: Verzenden naar OneNote - (2670000A-7350-4f3c-8081-5663EE0C6C49) - C: \ PROGRA ~ 1 \ MICROS ~ 3 \ Office12 \ ONBttnIE.dll O9 - Extra 'Tools' MENUITEM: S & einde aan OneNote - (2670000A-7350-4f3c-8081-5663EE0C6C49) - C: \ PROGRA ~ 1 \ MICROS ~ 3 \ Office12 \ ONBttnIE.dll O9 - Extra button: Onderzoek - (92780B25-18CC-41C8-B9BE-3C9C571A8263) - C: \ PROGRA ~ 1 \ MICROS ~ 3 \ Office12 \ REFIEBAR.DLL O13 - Gopher Prefix: O16 - DPF: (D27CDB6E-AE6D-11CF-96B8-444553540000) (Shockwave Flash Object) -- https: / / fpdownload.macromedia.com / ge...nt / swflash.cab O18 - Protocol: grooveLocalGWS - (88FED34C-F0CA-4636-A375-3CB6248B04CD) - C: \ Program Files \ Microsoft Office \ Office12 \ GrooveSystemServices.dll O20 - AppInit_DLLs: secuload.dll O23 - Service: Intel (R) Alert Service (AlertService) - Intel (R) Corporation - C: \ Program Files \ Intel \ IntelDH \ CCU \ AlertService.exe O23 - Service: Apple Mobile Device - Apple Inc - C: \ Program Files \ Common Files \ Apple \ Mobile Device Support \ bin \ AppleMobileDeviceService.exe O23 - Service: Ati External Event Utility - ATI Technologies Inc - C: \ Windows \ system32 \ Ati2evxx.exe O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C: \ Program Files \ Symantec \ LiveUpdate \ AluSchedulerSvc.exe O23 - Service: Bonjour Service - Apple Inc - C: \ Program Files \ Bonjour \ mDNSResponder.exe O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C: \ Program Files \ Common Files \ Symantec Shared \ ccSvcHst.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C: \ Program Files \ Common Files \ Symantec Shared \ ccSvcHst.exe O23 - Service: Symantec Lic Netconnect service (CLTNetCnService) - Symantec Corporation - C: \ Program Files \ Common Files \ Symantec Shared \ ccSvcHst.exe O23 - Service: COM Host (comHost) - Symantec Corporation - C: \ Program Files \ Common Files \ Symantec Shared \ VAScanner \ comHost.exe O23 - Service: DQLWinService - Onbekende eigenaar - C: \ Program Files \ Common Files \ Intel \ IntelDH \ NMS \ AdpPlugins \ DQLWinService.e xe O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd - C: \ Program Files \ Common Files \ Macrovision Shared \ FLEXnet Publisher \ FNPLicensingService.exe O23 - Service: Google Updater Service (gusvc) - Google - C: \ Program Files \ Google \ Common \ Google Updater \ GoogleUpdaterService.exe O23 - Service: Intel (R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C: \ Program Files \ Intel \ Intel Matrix Storage Manager \ Iaantmon.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C: \ Program Files \ Common Files \ InstallShield \ Driver \ 1050 \ Intel 32 \ IDriverT.exe O23 - Service: Intel DH Service (IntelDHSvcConf) - Intel (R) Corporation - C: \ Program Files \ Intel \ IntelDH \ Intel Media Server \ Tools \ IntelDHSvcConf.exe O23 - Service: iPod Service - Apple Inc - C: \ Program Files \ iPod \ bin \ iPodService.exe O23 - Service: Intel (R) Software Services Manager (ISSM) - Intel (R) Corporation - C: \ Program Files \ Intel \ IntelDH \ Intel Media Server \ Media Server \ bin \ ISSM.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c: \ Program Files \ Common Files \ LightScribe \ LSSrvc.exe O23 - Service: LiveUpdate - Symantec Corporation - C: \ Program Files \ Symantec \ LiveUpdate \ LuComServer_3_4.EXE O23 - Service: LiveUpdate Notice - Symantec Corporation - C: \ Program Files \ Common Files \ Symantec Shared \ ccSvcHst.exe O23 - Service: Intel (R) VIIV (TM) Media Server (M1 Server) - Onbekende eigenaar - C: \ Program Files \ Intel \ IntelDH \ Intel Media Server \ Media Server \ bin \ mediaserver.exe O23 - Service: Intel (R) Application Tracker (MCLServiceATL) - Intel (R) Corporation - C: \ Program Files \ Intel \ IntelDH \ Intel Media Server \ Shells \ MCLServiceATL.exe O23 - Service: Protector - Tenebril Inc - C: \ Program Files \ GhostSurf Platinum \ ProtectorSvc.exe O23 - Service: Intel (R) Remoting Service (Remote UI Service) - Intel (R) Corporation - C: \ Program Files \ Intel \ IntelDH \ Intel Media Server \ Shells \ Remote UI Service.exe O23 - Service: Roxio UPnP Renderer 9 - Sonic Solutions - C: \ Program Files \ Roxio \ Digital Home 9 \ RoxioUPnPRenderer9.exe O23 - Service: Roxio UPnP-server 9 - Sonic Solutions - C: \ Program Files \ Roxio \ Digital Home 9 \ RoxioUpnpService9.exe O23 - Service: LiveShare P2P Server 9 (RoxLiveShare9) - Sonic Solutions - C: \ Program Files \ Common Files \ Roxio Shared \ 9.0 \ SharedCOM \ RoxLiveShare9.exe O23 - Service: RoxMediaDB9 - Sonic Solutions - C: \ Program Files \ Common Files \ Roxio Shared \ 9.0 \ SharedCOM \ RoxMediaDB9.exe O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C: \ Program Files \ Common Files \ Roxio Shared \ 9.0 \ SharedCOM \ RoxWatch9.exe O23 - Service: stllssvr - Microvision Ontwikkeling, Inc - c: \ Program Files \ Common Files \ SureThing Shared \ stllssvr.exe O23 - Service: Symantec Core LC - Onbekende eigenaar - C: \ PROGRA ~ 1 \ COMMON ~ 1 \ SYMANT ~ 1 \ CCPD-LC \ symlcsvc.exe -- End of file - 9503 bytes |
|
#2
30 november 2008, 13:03
|
|||
|
|||
|
Please help Trojan.SystemDriver gevonden
Welkom bij CJ.
Downloaden Malwarebytes' Anti-Malware (MBAM)
Extra Opmerking: Indien MBAM ontmoetingen een bestand dat is moeilijk te verwijderen, wordt u aangeboden met 1 of 2 wordt gevraagd, klikt u op OK om beide en laat MBAM gaan met de ontsmetting proces, indien gevraagd om de computer te herstarten, doe dat dan meteen. ---------- Downloaden random het systeem informatie-instrument (RSIT) door random / willekeurig uit en sla het op uw bureaublad.
__________________
 |
|
#3
2 december 2008, 04:58
|
|||
|
|||
|
Please help Trojan.SystemDriver gevonden
Hoi, sorry voor rotzooi je rond, ik heb dit op twee site als probeerde om hulp te krijgen.
De andere een zo goed, dus dont want to mess u beiden rond. Dank u toch voor uw aanbod om te helpen. |
|
#4
2 december 2008, 11:59
|
|||
|
|||
|
Please help Trojan.SystemDriver gevonden
Bedankt dat u ons dit dan weten.
__________________
|
