my Security shield??

Daniel20

18-08-2010 23:58

Beste Mensen .
\
WIE Wil Mij Uit de brand helpen gehaald “ mijn veiligheid schild ”
virusscanner is verdwenen en Kan Geen Nieuwe EROP krijgen . \ alles Gedaan zoals m -bam , Spybot online scanners etc \
mbam heeft WEL MAAR HIJ Dingen verwijderd puist Nog rossen In MIJN beveiligingcentrum ALS hoofdscanner .
en t is EEN zooitje OM mee te Werken : (
log .
Logfile van Trend Micro HijackThis v2.0.4
Scan saved at 23:55:30 , op 18-8-2010
Platform : Windows XP SP3 ( WinNT 5.01.2600 )
MSIE : Internet Explorer v7.00 ( 7.00.6000.17080 )
Boot mode: Normal
Lopende processen :
C: \ WINDOWS \ System32 \ smss.exe
C: \ WINDOWS \ system32 \ winlogon.exe
C: \ WINDOWS \ system32 \ services.exe
C: \ WINDOWS \ system32 \ lsass.exe
C: \ WINDOWS \ system32 \ Ati2evxx.exe
C: \ WINDOWS \ system32 \ svchost.exe
C: \ WINDOWS \ System32 \ svchost.exe
C: \ WINDOWS \ system32 \ svchost.exe
C: \ WINDOWS \ system32 \ Ati2evxx.exe
C: \ WINDOWS \ system32 \ LEXBCES.EXE
C: \ WINDOWS \ system32 \ spoolsv.exe
C: \ WINDOWS \ system32 \ LEXPPS.EXE
C : \ Program Files \ Common Files \ Apple \ Mobile Device Support \ AppleMobileDeviceService.exe
C: \ Program Files \ Bonjour \ mDNSResponder.exe
C: \ WINDOWS \ system32 \ FsUsbExService.Exe
C : \ Program Files \ Common Files \ Microsoft Shared \ VS7DEBUG \ Mdm.exe
C : \ Program Files \ Microsoft \ Search Enhancement Pack \ Seaport \ SeaPort.exe
C: \ WINDOWS \ system32 \ svchost.exe
C: \ Program Files \ TomTom HOME 2 \ TomTomHOMEService.exe
C: \ WINDOWS \ explorer.exe
C: \ WINDOWS \ RTHDCPL.EXE
C: \ WINDOWS \ system32 \ ctfmon.exe
C: \ Program Files \ Windows Live \ Messenger \ msnmsgr.exe
C : \ Program Files \ Google \ GoogleToolbarNotifier \ GoogleToolbarNotifier.exe
C : \ Program Files \ Internet Explorer \ iexplore.exe
C : \ tmp \ Mama \ Tijdelijke internetbestanden \ Content.IE5 \ EH3XNAA6 \ sdsetup . exe
c: \ tmp \ Mama \ is- 7N2V0.tmp \ sdsetup . tmp
C: \ WINDOWS \ system32 \ msiexec.exe
C : \ Program Files \ Internet Explorer \ iexplore.exe
C: \ Documents and Settings \ Manon \ Bureaublad \ HijackThis.exe
R1 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Default_Page_URL = http://klant.casema.nl/
R0 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Start Page = http://www.marktplaats.nl/
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Startpagina = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU \ Software \ Microsoft \ Internet Explorer \ SearchURL , (Default) = http://g.msn.nl/0SENLNL/SAOS01?FORM=TOOLBR
R0 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Local Page =
R1 - HKCU \ Software \ Microsoft \ Windows \ CurrentVersion \ Internet Settings , ProxyOverride = 127.0.0.1 ; lokale *.
R0 - HKCU \ Software \ Microsoft \ Internet Explorer \ Toolbar , LinksFolderName = Koppelingen
O1 - Hosts : 78.46.249.77 www.google.com
O1 - Hosts : 78.46.249.77 google.com
O1 - Hosts : 78.46.249.77 google.com.au
O1 - Hosts : 78.46.249.77 www.google.com.au
O1 - Hosts : 78.46.249.77 google.be
O1 - Hosts : 78.46.249.77 www.google.be
O1 - Hosts : 78.46.249.77 google.com.br
O1 - Hosts : 78.46.249.77 www.google.com.br
O1 - Hosts : 78.46.249.77 google.ca
O1 - Hosts : 78.46.249.77 www.google.ca
O1 - Hosts : 78.46.249.77 google.ch
O1 - Hosts : 78.46.249.77 www.google.ch
O1 - Hosts : 78.46.249.77 google.de
O1 - Hosts : 78.46.249.77 www.google.de
O1 - Hosts : 78.46.249.77 google.dk
O1 - Hosts : 78.46.249.77 www.google.dk
O1 - Hosts : 78.46.249.77 google.fr
O1 - Hosts : 78.46.249.77 www.google.fr
O1 - Hosts : 78.46.249.77 google.ie
O1 - Hosts : 78.46.249.77 www.google.ie
O1 - Hosts : 78.46.249.77 google.it
O1 - Hosts : 78.46.249.77 www.google.it
O1 - Hosts : 78.46.249.77 google.co.jp
O1 - Hosts : 78.46.249.77 www.google.co.jp
O1 - Hosts : 78.46.249.77 google.nl
O1 - Hosts : 78.46.249.77 www.google.nl
O1 - Hosts : 78.46.249.77 google.no
O1 - Hosts : 78.46.249.77 www.google.no
O1 - Hosts : 78.46.249.77 google.co.nz
O1 - Hosts : 78.46.249.77 www.google.co.nz
O1 - Hosts : 78.46.249.77 google.pl
O1 - Hosts : 78.46.249.77 www.google.pl
O1 - Hosts : 78.46.249.77 google.se
O1 - Hosts : 78.46.249.77 www.google.se
O1 - Hosts : 78.46.249.77 google.co.uk
O1 - Hosts : 78.46.249.77 www.google.co.uk
O1 - Hosts : 78.46.249.77 google.co.za
O1 - Hosts : 78.46.249.77 www.google.co.za
O1 - Hosts : 78.46.249.77 www.google -analytics.com
O1 - Hosts : 78.46.249.77 www.bing.com
O1 - Hosts : 78.46.249.77 search.yahoo.com
O1 - Hosts : 78.46.249.77 www.search.yahoo.com
O1 - Hosts : 78.46.249.77 uk.search.yahoo.com
O1 - Hosts : 78.46.249.77 ca.search.yahoo.com
O1 - Hosts : 78.46.249.77 de.search.yahoo.com
O1 - Hosts : 78.46.249.77 fr.search.yahoo.com
O1 - Hosts : 78.46.249.77 au.search.yahoo.com
O2 - BHO : (no name) - { 06849E9F - C8D7 - 4D59 - B87D - 784B7D6BE0B3 } - (geen file)
O2 - BHO : P2P Energy Toolbar - { 2bae58c2 - 79f9 - 45d1 - a286 - 81f911301c3a } - C: \ Program Files \ P2P_Energy \ tbP2P_.dll
O2 - BHO : WormRadar.com IESiteBlocker.NavFilter - { 3CA2F312 - 4B53 - 6F6E - A66E - 4E65E497C8C0 } - (geen file)
O2 - BHO : PHPNukeDU Toolbar - { 46735dee - f862 - 49d1 - 876d - 6382794dc625 } - C: \ Program Files \ PHPNukeDU \ tbPHPN.dll
O2 - BHO : (no name) - { 5C255C8A - E604 - 49b4 - 9D64 - 90988571CECB } - (geen file)
O2 - BHO : Zoeken Helper - { 6EBF7485 - 159F - A14F - 4bff - B9E3AAC4465B } - C: \ Program Files \ Microsoft \ Search Enhancement Pack \ Search Helper \ SEPsearchhelperie.dll
O2 - BHO : SSVHelper Class - { 761497BB - D6F0 - 462C - B6EB - D4DAF1D92D43 } - C: \ program Files \ Java \ jre1.6.0_03 \ bin \ ssv.dll
O2 - BHO : Windows Live Aanmelden - Help - { 9030D464 - 4C02 - 4ABF - 8ECC - 5164760863C6 } - C: \ Program Files \ Common Files \ Microsoft Shared \ Windows Live \ WindowsLiveLogin.dll
O2 - BHO : (geen naam) - { A057A204 - BACC - 4D26 - 9990 79A187E2698E - } - (geen file)
O2 - BHO : Google Toolbar Helper - { AA58ED58 - 01DD - 4d91 - +8333 - CF10577473F7 } - C: \ Program Files \ Google \ Google Toolbar \ GoogleToolbar_32.dll
O2 - BHO : Google Toolbar Notifier BHO - { AF69DE43 - 7D58 - +4638 - B6FA - CE66B5AD205D } - C: \ Program Files \ Google \ GoogleToolbarNotifier \ 5.5.5126.1836 \ swg.dll
O2 - BHO : Windows Live Toolbar Helper - { E15A8DC0 - 8516 - 42A1 - 81EA - DC94EC1ACF10 } - C: \ Program Files \ Windows Live \ Toolbar \ wltcore.dll
O3 - Toolbar : (no name) - { A057A204 - BACC - 4D26 - 9.990 - 79A187E2698E } - (geen file)
O3 - Toolbar : P2P Energy Toolbar - { 2bae58c2 - 79f9 - 45d1 - a286 - 81f911301c3a } - C: \ Program Files \ P2P_Energy \ tbP2P_.dll
O3 - Toolbar : PHPNukeDU Toolbar - { 46735dee - f862 - 49d1 - 876d - 6382794dc625 } - C: \ Program Files \ PHPNukeDU \ tbPHPN.dll
O3 - Toolbar : & Windows Live Toolbar - { 21FA44EF - 376D - 4D53 - 9B0F - 8A89D3229068 } - C: \ Program Files \ Windows Live \ Toolbar \ wltcore.dll
O3 - Toolbar : (no name) - { CCC7A320 - B3CA -4199 - B1A6 - 9F516DD69829 } - (geen file)
O3 - Toolbar : Google Toolbar - { 2318C2B1 - 4.965 -11D4- 9B18 - 009027A5CD4F } - C: \ Program Files \ Google \ Google Toolbar \ GoogleToolbar_32.dll
O4 - HKLM \ .. \ Run: Hdashcut.exe
O4 - HKCU \ .. \ Run: RTHDCPL.EXE
O4 - HKLM \ .. \ Run: ALCMTR.EXE
O4 - HKLM \ .. \ Run: “C : \ Program Files \ QuickTime \ qttask.exe ” - atboottime
O4 - HKCU \ .. \ Run: C: \ WINDOWS \ system32 \ ctfmon.exe
O4 - HKCU \ .. \ Run: “C : \ Program Files \ Windows Live \ Messenger \ msnmsgr.exe ” / achtergrond
O4 - HKCU \ .. \ Run: “C : \ Program Files \ Google \ GoogleToolbarNotifier \ GoogleToolbarNotifier.exe ”
O4 - HKUS \ S-1- 5-19 \ .. \ Run: C: \ WINDOWS \ system32 \ CTFMON.EXE ( User ‘ Lokale service ’ )
O4 - HKUS \ S-1- 5-20 \ .. \ Run: C: \ WINDOWS \ system32 \ CTFMON.EXE (User ' Netwerkservice " )
O4 - HKUS \ S -1 -5-18 \ .. \ Run: C: \ WINDOWS \ system32 \ CTFMON.EXE (User ‘ SYSTEM ’ )
O4 - HKUS \ . DEFAULT \ .. \ Run: C: \ WINDOWS \ system32 \ CTFMON.EXE (User ‘Default user ’ )
O8 - Extra context menu item: Voeg toe aan Windows Live Favorites & - http://favorites.live.com/quickadd.aspx
O8 - Extra context menu item : E & xporteren to Microsoft Excel - res : / / C : \ PROGRA ~ 1 \ MICROS ~ 3 \ Office11 \ EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki … - res: / / C : \ Program Files \ Google \ Google Toolbar \ Component \ GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
O9 - Extra button : (no name) - { 08B0E5C0 - 4FCB -11CF- AAA5 - 00401C608501 } - C: \ Program Files \ Java \ jre1.6.0_03 \ bin \ ssv.dll
O9 - Extra ‘Tools’ menuitem : Sun Java Console - { 08B0E5C0 - 4FCB -11CF- AAA5 - 00401C608501 } - C: \ program Files \ Java \ jre1.6.0_03 \ bin \ ssv.dll
O9 - Extra button : In weblog opnemen - { 219C3416 - 8CB2 - 491a - A3C7 - D9FCDDC9D600 } - C: \ Program Files \ Windows Live \ Schrijver \ WriterBrowserExtension.dll
O9 - Extra ‘Tools’ menuitem : In & weblog opnemen voldaan Windows Live Writer - { 219C3416 - 8CB2 - 491a - A3C7 - D9FCDDC9D600 } - C: \ Program Files \ Windows Live \ Schrijver \ WriterBrowserExtension.dll
O9 - Extra button : (no name) - { 85d1f590 - 48f4 - 11d9 - 9669 - 0800200c9a66 } - C: \ WINDOWS \ bdoscandel.exe
O9 - Extra ‘Tools’ menuitem : Uninstall BitDefender Online Scanner - { 85d1f590 - 48f4 - 11d9 - 9669 - 0800200c9a66 } - C: \ WINDOWS \ bdoscandel.exe
O9 - Extra button : Onderzoek - { 92780B25 - 18CC - 41C8 - B9BE - 3C9C571A8263 } - C: \ PROGRA ~ 1 \ MICROS ~ 3 \ Office11 \ REFIEBAR.DLL
O9 - Extra button : (no name) - { e2e2dd38 - d088 - 4134 - 82b7 - f2ba38496583 } - C: \ WINDOWS \ Network Diagnostic \ xpnetdiag.exe
O9 - Extra ‘Tools’ menuitem : @ Xpsp3res.dll , -20001 - { e2e2dd38 - d088 - 4134 - 82b7 - f2ba38496583 } - C: \ WINDOWS \ Network Diagnostic \ xpnetdiag.exe
O9 - Extra button : @ c: \ Program Files \ Messenger \ Msgslang.dll , -61144 - { FB5F1910 - F110 -11d2 - BB9E - 00C04F795683 } - c \ Program Files \ Messenger \ msmsgs.exe
O9 - Extra ‘Tools’ menuitem : @ c: \ Program Files \ Messenger \ Msgslang.dll , -61144 - { FB5F1910 - F110 -11d2- BB9E - 00C04F795683 } - c: \ Program Files \ Messenger \ msmsgs.exe
O10 - Unknown file in Winsock LSP: c: \ windows \ system32 \ nwprovau.dll
O16 - DPF : { 5D86DDB5 - BDF9 - 441B - 9E9E - D4730F4EE499 } ( BDSCANONLINE Control) - http://download.bitdefender.com/resources/scanner/sources/en/scan8/oscan8.cab
O20 - AppInit_DLLs :
O22 - SharedTaskScheduler : Preloader van browseui - { 438755C2 - A8BA -11D1- B96B - 00A0C90312E1 } - C: \ WINDOWS \ system32 \ browseui.dll
O22 - SharedTaskScheduler : Cache -daemon VOOR onderdeelcategorieën - { 8C7461EF - 2B13 -11d2- BE35 - 3078302C2030 } - C: \ WINDOWS \ system32 \ browseui.dll
O23 - Service: Mobiel Apparaat Apple ( Apple Mobile Device ) - Apple Inc - C: \ Program Files \ Common Files \ Apple \ Mobile Device Support \ AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc - C: \ WINDOWS \ system32 \ Ati2evxx.exe
O23 - Service: Bonjour -service ( Bonjour Service) - Apple Inc - C: \ Program Files \ Bonjour \ mDNSResponder.exe
O23 - Service: FsUsbExService - Teruten - C: \ WINDOWS \ system32 \ FsUsbExService.Exe
O23 - Service: Google UpdateService ( gupdate ) ( gupdate ) - Google Inc - C: \ Program Files \ Google \ Update \ GoogleUpdate.exe
O23 - Service: Google Software Updater ( gusvc ) - Google - C: \ Program Files \ Google \ Common \ Google Updater \ GoogleUpdaterService.exe
O23 - Service: iPod - service ( iPod Service ) - Apple Inc - C: \ Program Files \ iPod \ bin \ iPodService.exe
O23 - Service: LexBce Server ( LexBceS ) - Lexmark International, Inc - C: \ WINDOWS \ system32 \ LEXBCES.EXE
O23 - Service: ServiceLayer - Nokia. - C: \ Program Files \ PC Connectivity Solution \ ServiceLayer.exe
O23 - Service: TomTomHOMEService - TomTom - C: \ Program Files \ TomTom HOME 2 \ TomTomHOMEService.exe
-
End of file - 10918 bytes
Daniel20

19-08-2010 00:02

sorry voor de rare woorden zijn echt wel goed getypt
raaar ???? moet juist zijn
Piet

19-08-2010 16:23

Download HostsXpert
http://www.softpedia.com/progDownload/Hoster-Download-27041.html
Unzip het programma naar je Bureaublad of een permanente map op je harde schijf.
Open de map en dubbelklik op Hoster.exe
Klik op “Restore MS Hosts File”
Klik op “OK” en sluit het programma.
Plaats dan een nieuw HJTlogje
Daniel20

19-08-2010 17:06

bijdeze
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:03:33, on 19-8-2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.17080)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\AVG\AVG9\avgchsvx.exe
C:\Program Files\AVG\AVG9\avgrsx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\AVG\AVG9\avgcsrvx.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\AVG\AVG9\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Spyware Doctor\BDT\BDTUpdateService.exe
C:\Program Files\AVG\AVG9\avgnsx.exe
C:\WINDOWS\system32\FsUsbExService.Exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\PROGRA~1\AVG\AVG9\avgtray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Documents and Settings\manon\Bureaublad\HijackThis.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\notepad.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://klant.casema.nl/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.marktplaats.nl/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.nl/0SENLNL/SAOS01?FORM=TOOLBR
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1;*.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - (no file)
O2 - BHO: Browser Defender BHO - {2A0F3D1B-0909-4FF4-B272-609CCE6054E7} - C:\Program Files\Spyware Doctor\BDT\PCTBrowserDefender.dll
O2 - BHO: P2P Energy Toolbar - {2bae58c2-79f9-45d1-a286-81f911301c3a} - C:\Program Files\P2P_Energy\tbP2P_.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll
O2 - BHO: PHPNukeDU Toolbar - {46735dee-f862-49d1-876d-6382794dc625} - C:\Program Files\PHPNukeDU\tbPHPN.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {A057A204-BACC-4D26-9990-79A187E2698E} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.5126.1836\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: (no name) - {A057A204-BACC-4D26-9990-79A187E2698E} - (no file)
O3 - Toolbar: P2P Energy Toolbar - {2bae58c2-79f9-45d1-a286-81f911301c3a} - C:\Program Files\P2P_Energy\tbP2P_.dll
O3 - Toolbar: PHPNukeDU Toolbar - {46735dee-f862-49d1-876d-6382794dc625} - C:\Program Files\PHPNukeDU\tbPHPN.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: PC Tools Browser Guard - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files\Spyware Doctor\BDT\PCTBrowserDefender.dll
O4 - HKLM\..\Run: HDAShCut.exe
O4 - HKLM\..\Run: RTHDCPL.EXE
O4 - HKLM\..\Run: ALCMTR.EXE
O4 - HKLM\..\Run: “C:\Program Files\QuickTime\qttask.exe” -atboottime
O4 - HKLM\..\Run: C:\PROGRA~1\AVG\AVG9\avgtray.exe
O4 - HKCU\..\Run: C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: “C:\Program Files\Windows Live\Messenger\msnmsgr.exe” /background
O4 - HKCU\..\Run: “C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe”
O4 - HKUS\S-1-5-19\..\Run: C:\WINDOWS\system32\CTFMON.EXE (User ‘Lokale service’)
O4 - HKUS\S-1-5-20\..\Run: C:\WINDOWS\system32\CTFMON.EXE (User ‘Netwerkservice’)
O4 - HKUS\S-1-5-18\..\Run: C:\WINDOWS\system32\CTFMON.EXE (User ‘SYSTEM’)
O4 - HKUS\.DEFAULT\..\Run: C:\WINDOWS\system32\CTFMON.EXE (User ‘Default user’)
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki… - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra ‘Tools’ menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra ‘Tools’ menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra ‘Tools’ menuitem: Uninstall BitDefender Online Scanner - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra ‘Tools’ menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: @c:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\Program Files\Messenger\msmsgs.exe
O9 - Extra ‘Tools’ menuitem: @c:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scanner/sources/en/scan8/oscan8.cab
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase6770.cab
O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} (a-squared Scanner) - http://ax.emsisoft.com/asquared.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll
O20 - AppInit_DLLs:
O20 - Winlogon Notify: avgrsstarter - avgrsstx.dll (file missing)
O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: AVG Free WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgwdsvc.exe
O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Browser Defender Update Service - Unknown owner - C:\Program Files\Spyware Doctor\BDT\BDTUpdateService.exe
O23 - Service: FsUsbExService - Teruten - C:\WINDOWS\system32\FsUsbExService.Exe
O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe
O23 - Service: ServiceLayer - Nokia. - c:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: TomTomHOMEService - TomTom - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
–
End of file - 10603 bytes
Piet

19-08-2010 18:46

Nu nog opnieuw alle stappen uit de handleiding doorlopen en nu ook uitvoeren.
Je windows is niet up to day.IE7 ipv IE8
Java is een oude versie.jre1.6.0_03 zittennu al in de buurt van de 20
Geen online scanner gebruikt.
Geen nieuw logje van Mbam.
Kortom nog wel wat te doen voor jou
daniel20

19-08-2010 20:54

hoi piet
hier de logjes alles gedaan
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:50:46, on 19-8-2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\AVG\AVG9\avgchsvx.exe
C:\Program Files\AVG\AVG9\avgrsx.exe
C:\Program Files\AVG\AVG9\avgcsrvx.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\AVG\AVG9\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Spyware Doctor\BDT\BDTUpdateService.exe
C:\WINDOWS\system32\FsUsbExService.Exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\AVG\AVG9\avgnsx.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\WINDOWS\RTHDCPL.EXE
C:\PROGRA~1\AVG\AVG9\avgtray.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Documents and Settings\manon\Bureaublad\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://klant.casema.nl/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.marktplaats.nl/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.nl/0SENLNL/SAOS01?FORM=TOOLBR
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1;*.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - (no file)
O2 - BHO: Browser Defender BHO - {2A0F3D1B-0909-4FF4-B272-609CCE6054E7} - C:\Program Files\Spyware Doctor\BDT\PCTBrowserDefender.dll
O2 - BHO: P2P Energy Toolbar - {2bae58c2-79f9-45d1-a286-81f911301c3a} - C:\Program Files\P2P_Energy\tbP2P_.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll
O2 - BHO: PHPNukeDU Toolbar - {46735dee-f862-49d1-876d-6382794dc625} - C:\Program Files\PHPNukeDU\tbPHPN.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {A057A204-BACC-4D26-9990-79A187E2698E} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.5126.1836\swg.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: (no name) - {A057A204-BACC-4D26-9990-79A187E2698E} - (no file)
O3 - Toolbar: P2P Energy Toolbar - {2bae58c2-79f9-45d1-a286-81f911301c3a} - C:\Program Files\P2P_Energy\tbP2P_.dll
O3 - Toolbar: PHPNukeDU Toolbar - {46735dee-f862-49d1-876d-6382794dc625} - C:\Program Files\PHPNukeDU\tbPHPN.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: PC Tools Browser Guard - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files\Spyware Doctor\BDT\PCTBrowserDefender.dll
O4 - HKLM\..\Run: HDAShCut.exe
O4 - HKLM\..\Run: RTHDCPL.EXE
O4 - HKLM\..\Run: ALCMTR.EXE
O4 - HKLM\..\Run: “C:\Program Files\QuickTime\qttask.exe” -atboottime
O4 - HKLM\..\Run: C:\PROGRA~1\AVG\AVG9\avgtray.exe
O4 - HKLM\..\Run: “C:\Program Files\Common Files\Java\Java Update\jusched.exe”
O4 - HKCU\..\Run: C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: “C:\Program Files\Windows Live\Messenger\msnmsgr.exe” /background
O4 - HKCU\..\Run: “C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe”
O4 - HKUS\S-1-5-19\..\Run: C:\WINDOWS\system32\CTFMON.EXE (User ‘Lokale service’)
O4 - HKUS\S-1-5-20\..\Run: C:\WINDOWS\system32\CTFMON.EXE (User ‘Netwerkservice’)
O4 - HKUS\S-1-5-18\..\Run: C:\WINDOWS\system32\CTFMON.EXE (User ‘SYSTEM’)
O4 - HKUS\.DEFAULT\..\Run: C:\WINDOWS\system32\CTFMON.EXE (User ‘Default user’)
O4 - Global Startup: Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki… - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra ‘Tools’ menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra ‘Tools’ menuitem: Uninstall BitDefender Online Scanner - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra ‘Tools’ menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: @c:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\Program Files\Messenger\msmsgs.exe
O9 - Extra ‘Tools’ menuitem: @c:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scanner/sources/en/scan8/oscan8.cab
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase6770.cab
O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} (a-squared Scanner) - http://ax.emsisoft.com/asquared.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll
O20 - AppInit_DLLs:
O20 - Winlogon Notify: avgrsstarter - avgrsstx.dll (file missing)
O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: AVG Free WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgwdsvc.exe
O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Browser Defender Update Service - Unknown owner - C:\Program Files\Spyware Doctor\BDT\BDTUpdateService.exe
O23 - Service: FsUsbExService - Teruten - C:\WINDOWS\system32\FsUsbExService.Exe
O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe
O23 - Service: ServiceLayer - Nokia. - c:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: TomTomHOMEService - TomTom - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
–
End of file - 10881 bytes
Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org
Databaseversie: 4449
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702
19-8-2010 20:44:34
mbam-log-2010-08-19 (20-44-34).txt
Scantype: Snelle scan
Objecten gescand: 144066
Verstreken tijd: 10 minuut/minuten, 57 seconde(n)
Geheugenprocessen geïnfecteerd: 0
Geheugenmodulen geïnfecteerd: 0
Registersleutels geïnfecteerd: 0
Registerwaarden geïnfecteerd: 0
Registerdata geïnfecteerd: 0
Mappen geïnfecteerd: 0
Bestanden geïnfecteerd: 0
Geheugenprocessen geïnfecteerd:
(Geen kwaadaardige objecten gedetecteerd)
Geheugenmodulen geïnfecteerd:
(Geen kwaadaardige objecten gedetecteerd)
Registersleutels geïnfecteerd:
(Geen kwaadaardige objecten gedetecteerd)
Registerwaarden geïnfecteerd:
(Geen kwaadaardige objecten gedetecteerd)
Registerdata geïnfecteerd:
(Geen kwaadaardige objecten gedetecteerd)
Mappen geïnfecteerd:
(Geen kwaadaardige objecten gedetecteerd)
Bestanden geïnfecteerd:
(Geen kwaadaardige objecten gedetecteerd)
Killerbee

19-08-2010 22:18

Sluit even alle vensters.
Open alleen HJT en klik op “do a system scan only”
Vink nu de volgende regels aan en klik op “fix checked”
O3 - Toolbar: (no name ) - {A057A204-BACC-4D26-9990-79A187E2698E} - (no file)
O3 - Toolbar: (no name ) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
Plaats nogmaals een HJT log
daniel20

19-08-2010 22:34

bij dez killerbee
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:32:33, on 19-8-2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\AVG\AVG9\avgchsvx.exe
C:\Program Files\AVG\AVG9\avgrsx.exe
C:\Program Files\AVG\AVG9\avgcsrvx.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\AVG\AVG9\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Spyware Doctor\BDT\BDTUpdateService.exe
C:\WINDOWS\system32\FsUsbExService.Exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\AVG\AVG9\avgnsx.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\WINDOWS\system32\SearchIndexer.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\PROGRA~1\AVG\AVG9\avgtray.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Documents and Settings\manon\Bureaublad\HijackThis.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://klant.casema.nl/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.marktplaats.nl/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.nl/0SENLNL/SAOS01?FORM=TOOLBR
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1;*.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - (no file)
O2 - BHO: Browser Defender BHO - {2A0F3D1B-0909-4FF4-B272-609CCE6054E7} - C:\Program Files\Spyware Doctor\BDT\PCTBrowserDefender.dll
O2 - BHO: P2P Energy Toolbar - {2bae58c2-79f9-45d1-a286-81f911301c3a} - C:\Program Files\P2P_Energy\tbP2P_.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll
O2 - BHO: PHPNukeDU Toolbar - {46735dee-f862-49d1-876d-6382794dc625} - C:\Program Files\PHPNukeDU\tbPHPN.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {A057A204-BACC-4D26-9990-79A187E2698E} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.5126.1836\swg.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: P2P Energy Toolbar - {2bae58c2-79f9-45d1-a286-81f911301c3a} - C:\Program Files\P2P_Energy\tbP2P_.dll
O3 - Toolbar: PHPNukeDU Toolbar - {46735dee-f862-49d1-876d-6382794dc625} - C:\Program Files\PHPNukeDU\tbPHPN.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: PC Tools Browser Guard - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files\Spyware Doctor\BDT\PCTBrowserDefender.dll
O4 - HKLM\..\Run: HDAShCut.exe
O4 - HKLM\..\Run: RTHDCPL.EXE
O4 - HKLM\..\Run: ALCMTR.EXE
O4 - HKLM\..\Run: “C:\Program Files\QuickTime\qttask.exe” -atboottime
O4 - HKLM\..\Run: C:\PROGRA~1\AVG\AVG9\avgtray.exe
O4 - HKLM\..\Run: “C:\Program Files\Common Files\Java\Java Update\jusched.exe”
O4 - HKCU\..\Run: C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: “C:\Program Files\Windows Live\Messenger\msnmsgr.exe” /background
O4 - HKCU\..\Run: “C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe”
O4 - HKUS\S-1-5-19\..\Run: C:\WINDOWS\system32\CTFMON.EXE (User ‘Lokale service’)
O4 - HKUS\S-1-5-20\..\Run: C:\WINDOWS\system32\CTFMON.EXE (User ‘Netwerkservice’)
O4 - HKUS\S-1-5-18\..\Run: C:\WINDOWS\system32\CTFMON.EXE (User ‘SYSTEM’)
O4 - HKUS\.DEFAULT\..\Run: C:\WINDOWS\system32\CTFMON.EXE (User ‘Default user’)
O4 - Global Startup: Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki… - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra ‘Tools’ menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra ‘Tools’ menuitem: Uninstall BitDefender Online Scanner - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra ‘Tools’ menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: @c:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\Program Files\Messenger\msmsgs.exe
O9 - Extra ‘Tools’ menuitem: @c:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scanner/sources/en/scan8/oscan8.cab
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase6770.cab
O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} (a-squared Scanner) - http://ax.emsisoft.com/asquared.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll
O20 - AppInit_DLLs:
O20 - Winlogon Notify: avgrsstarter - avgrsstx.dll (file missing)
O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: AVG Free WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgwdsvc.exe
O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Browser Defender Update Service - Unknown owner - C:\Program Files\Spyware Doctor\BDT\BDTUpdateService.exe
O23 - Service: FsUsbExService - Teruten - C:\WINDOWS\system32\FsUsbExService.Exe
O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe
O23 - Service: ServiceLayer - Nokia. - c:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: TomTomHOMEService - TomTom - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
–
End of file - 10769 bytes
Killerbee

19-08-2010 23:02

Tot slot nog even dit.
Windows XP.
Rechtsklik op Deze Computer.
Kies voor Eigenschappen.
Ga naar het tabblad Systeemherstel.
Plaats een vinkje bij “Systeemherstel op alle stations uitschakelen”.
Herstart de computer.
Schakel systeemherstel weer opnieuw in!
En laat even weten hoe het nu is
daniel20

19-08-2010 23:18

hoi killerbee
ik zie nog wel via config-scherm>beveligingcentrum dat er onder t kopje Virusbeveiliging nog steeds een dubbele scanner moet zijn.
verder ja ik zie geen vreemde dingen etc etc
ik vermoed dat die “My Security shield ”" zich nog ergens in genesteld zit.
kan dat nog?
gr dennis,

my Security shield??

Daniel20

Daniel20

Piet

Daniel20

Piet

daniel20

Killerbee

daniel20

Killerbee

daniel20