Mivercon Security Forum HijackThis Forum Opgeloste/Inactieve HijackThislogs v
Virus?

 
Waardering:
  • 0 stemmen - gemiddelde waardering is 0
  • 1
  • 2
  • 3
  • 4
  • 5
Virus?
26-12-2011, 22:55 (Dit bericht is het laatst bewerkt op 26-12-2011 om 22:56 door Gringo.)
Bericht: #1
Gringo Offline
Newbie
*
 		Berichten: 2
Lid sinds: Dec 2011
Virus?
Dag beste leden

Ik heb de indruk dat mijn pc redelijk vervuilt is.
Als ik hem scan met men antivirus of antispyware vindt ie wel altijd iets maar het verwijderen van alle gevonden objecten lukt nooit.
Kunnen jullie misschien even checken of er iets ergs inzit ? Icon_razz

Alvast bedankt voor de hulp

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:51:26, on 26-12-2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\ALCWZRD.EXE
C:\Program Files\Roxio Creator 2009\5.0\CPMonitor.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Uniblue\SpeedUpMyPC\SpeedUpMyPC.exe
C:\Program Files\EnhanceKeyboard\kb_2k.exe
C:\Program Files\LimeWire\LimeWire.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\imapi.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Spybot - Search & Destroy 2\SDHookSvc.exe
C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.be/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy 2\SDHelper.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
O4 - HKLM\..\Run: [Snelkoppeling naar eigenschappenvenster voor High Definition Audio] HDAudPropShortcut.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Common Files\Roxio Shared\11.0\SharedCOM\RoxWatchTray11.exe"
O4 - HKLM\..\Run: [CPMonitor] "C:\Program Files\Roxio Creator 2009\5.0\CPMonitor.exe"
O4 - HKLM\..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nView\nwiz.exe /install
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [SDTray] "C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe"
O4 - HKLM\..\Run: [Spybot-S&D Cleaning] "C:\Program Files\Spybot - Search & Destroy 2\SDCleaner.exe" /autoclean
O4 - HKLM\..\RunOnce: [SpybotDeletingE2184] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Documents and Settings\All Users\Application Data\W3i\InstallIQUpdater\updater.log"
O4 - HKLM\..\RunOnce: [SpybotDeletingE4927] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Documents and Settings\All Users\Application Data\W3i\InstallIQUpdater\updater.log"
O4 - HKLM\..\RunOnce: [SpybotDeletingE2282] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Documents and Settings\All Users\Application Data\W3i\InstallIQUpdater\data.xml"
O4 - HKLM\..\RunOnce: [SpybotDeletingE7182] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Documents and Settings\All Users\Application Data\W3i\InstallIQUpdater\iqu.ini"
O4 - HKLM\..\RunOnce: [SpybotDeletingE2894] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Documents and Settings\All Users\Application Data\W3i\InstallIQUpdater\IQUMessageDlg.xsl"
O4 - HKLM\..\RunOnce: [SpybotDeletingE3975] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Documents and Settings\All Users\Application Data\W3i\InstallIQUpdater\updater.log"
O4 - HKLM\..\RunOnce: [SpybotDeletingE9207] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Documents and Settings\All Users\Menu Start\Programma's\InstallIQ Updater\InstallIQ Updater.lnk"
O4 - HKLM\..\RunOnce: [SpybotDeletingE3728] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Documents and Settings\All Users\Menu Start\Programma's\InstallIQ Updater\Privacy Policy.url"
O4 - HKLM\..\RunOnce: [SpybotDeletingE2203] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Documents and Settings\All Users\Menu Start\Programma's\InstallIQ Updater\Terms & Conditions.url"
O4 - HKLM\..\RunOnce: [SpybotDeletingE7977] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Documents and Settings\All Users\Menu Start\Programma's\InstallIQ Updater\Uninstall InstallIQ Updater.lnk"
O4 - HKLM\..\RunOnce: [SpybotDeletingE4169] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\Free Offers from Freeze.com\control.txt"
O4 - HKLM\..\RunOnce: [SpybotDeletingE9036] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\W3i\InstallIQUpdater\InstallIQUpdater.exe"
O4 - HKLM\..\RunOnce: [SpybotDeletingE4403] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\W3i\InstallIQUpdater\iqu.xsl"
O4 - HKLM\..\RunOnce: [SpybotDeletingE3537] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\WINDOWS\SchedLgU.Txt"
O4 - HKLM\..\RunOnce: [SpybotDeletingE7186] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Documents and Settings\All Users\Application Data\W3i\InstallIQUpdater\data.xml"
O4 - HKLM\..\RunOnce: [SpybotDeletingE9828] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Documents and Settings\All Users\Application Data\W3i\InstallIQUpdater\iqu.ini"
O4 - HKLM\..\RunOnce: [SpybotDeletingE3170] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Documents and Settings\All Users\Application Data\W3i\InstallIQUpdater\IQUMessageDlg.xsl"
O4 - HKLM\..\RunOnce: [SpybotDeletingE1256] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Documents and Settings\All Users\Application Data\W3i\InstallIQUpdater\updater.log"
O4 - HKLM\..\RunOnce: [SpybotDeletingE1451] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Documents and Settings\All Users\Menu Start\Programma's\InstallIQ Updater\InstallIQ Updater.lnk"
O4 - HKLM\..\RunOnce: [SpybotDeletingE547] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Documents and Settings\All Users\Menu Start\Programma's\InstallIQ Updater\Privacy Policy.url"
O4 - HKLM\..\RunOnce: [SpybotDeletingE2912] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Documents and Settings\All Users\Menu Start\Programma's\InstallIQ Updater\Terms & Conditions.url"
O4 - HKLM\..\RunOnce: [SpybotDeletingE782] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Documents and Settings\All Users\Menu Start\Programma's\InstallIQ Updater\Uninstall InstallIQ Updater.lnk"
O4 - HKLM\..\RunOnce: [SpybotDeletingE5848] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\Free Offers from Freeze.com\control.txt"
O4 - HKLM\..\RunOnce: [SpybotDeletingE9289] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\W3i\InstallIQUpdater\InstallIQUpdater.exe"
O4 - HKLM\..\RunOnce: [SpybotDeletingE1873] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\W3i\InstallIQUpdater\iqu.xsl"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Uniblue SpeedUpMyPC] C:\Program Files\Uniblue\SpeedUpMyPC\SpeedUpMyPC.exe -s
O4 - HKCU\..\Run: [InstallIQUpdater] "C:\Program Files\W3i\InstallIQUpdater\InstallIQUpdater.exe" /silent /autorun
O4 - HKCU\..\RunOnce: [SpybotDeletingF4503] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Documents and Settings\All Users\Application Data\W3i\InstallIQUpdater\updater.log"
O4 - HKCU\..\RunOnce: [SpybotDeletingF309] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Documents and Settings\All Users\Application Data\W3i\InstallIQUpdater\updater.log"
O4 - HKCU\..\RunOnce: [SpybotDeletingF6403] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Documents and Settings\All Users\Application Data\W3i\InstallIQUpdater\data.xml"
O4 - HKCU\..\RunOnce: [SpybotDeletingF980] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Documents and Settings\All Users\Application Data\W3i\InstallIQUpdater\iqu.ini"
O4 - HKCU\..\RunOnce: [SpybotDeletingF3689] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Documents and Settings\All Users\Application Data\W3i\InstallIQUpdater\IQUMessageDlg.xsl"
O4 - HKCU\..\RunOnce: [SpybotDeletingF6735] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Documents and Settings\All Users\Application Data\W3i\InstallIQUpdater\updater.log"
O4 - HKCU\..\RunOnce: [SpybotDeletingF7771] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Documents and Settings\All Users\Menu Start\Programma's\InstallIQ Updater\InstallIQ Updater.lnk"
O4 - HKCU\..\RunOnce: [SpybotDeletingF2042] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Documents and Settings\All Users\Menu Start\Programma's\InstallIQ Updater\Privacy Policy.url"
O4 - HKCU\..\RunOnce: [SpybotDeletingF5150] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Documents and Settings\All Users\Menu Start\Programma's\InstallIQ Updater\Terms & Conditions.url"
O4 - HKCU\..\RunOnce: [SpybotDeletingF9741] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Documents and Settings\All Users\Menu Start\Programma's\InstallIQ Updater\Uninstall InstallIQ Updater.lnk"
O4 - HKCU\..\RunOnce: [SpybotDeletingF7296] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\Free Offers from Freeze.com\control.txt"
O4 - HKCU\..\RunOnce: [SpybotDeletingF4514] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\W3i\InstallIQUpdater\InstallIQUpdater.exe"
O4 - HKCU\..\RunOnce: [SpybotDeletingF7710] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\W3i\InstallIQUpdater\iqu.xsl"
O4 - HKCU\..\RunOnce: [SpybotDeletingF7800] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\WINDOWS\SchedLgU.Txt"
O4 - HKCU\..\RunOnce: [SpybotDeletingF4694] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Documents and Settings\All Users\Application Data\W3i\InstallIQUpdater\data.xml"
O4 - HKCU\..\RunOnce: [SpybotDeletingF8977] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Documents and Settings\All Users\Application Data\W3i\InstallIQUpdater\iqu.ini"
O4 - HKCU\..\RunOnce: [SpybotDeletingF9373] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Documents and Settings\All Users\Application Data\W3i\InstallIQUpdater\IQUMessageDlg.xsl"
O4 - HKCU\..\RunOnce: [SpybotDeletingF2340] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Documents and Settings\All Users\Application Data\W3i\InstallIQUpdater\updater.log"
O4 - HKCU\..\RunOnce: [SpybotDeletingF7063] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Documents and Settings\All Users\Menu Start\Programma's\InstallIQ Updater\InstallIQ Updater.lnk"
O4 - HKCU\..\RunOnce: [SpybotDeletingF95] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Documents and Settings\All Users\Menu Start\Programma's\InstallIQ Updater\Privacy Policy.url"
O4 - HKCU\..\RunOnce: [SpybotDeletingF1458] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Documents and Settings\All Users\Menu Start\Programma's\InstallIQ Updater\Terms & Conditions.url"
O4 - HKCU\..\RunOnce: [SpybotDeletingF9097] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Documents and Settings\All Users\Menu Start\Programma's\InstallIQ Updater\Uninstall InstallIQ Updater.lnk"
O4 - HKCU\..\RunOnce: [SpybotDeletingF1937] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\Free Offers from Freeze.com\control.txt"
O4 - HKCU\..\RunOnce: [SpybotDeletingF8800] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\W3i\InstallIQUpdater\InstallIQUpdater.exe"
O4 - HKCU\..\RunOnce: [SpybotDeletingF5272] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\W3i\InstallIQUpdater\iqu.xsl"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Lokale service')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Netwerkservice')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: LimeWire On Startup.lnk = C:\Program Files\LimeWire\LimeWire.exe
O4 - Global Startup: enhanced keyboard driver.lnk = ?
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: HP Slim selecteren - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy 2\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy 2\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2009...ader55.cab
O20 - Winlogon Notify: SDWinLogon - SDWinLogon.dll (file missing)
O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft Limited - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: LiveShare P2P Server 11 (RoxLiveShare11) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\11.0\SharedCOM\RoxLiveShare11.exe
O23 - Service: RoxMediaDB11 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\11.0\SharedCOM\RoxMediaDB11.exe
O23 - Service: Roxio Hard Drive Watcher 11 (RoxWatch11) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\11.0\SharedCOM\RoxWatch11.exe
O23 - Service: Spybot S&D 2 Live Protection Service (SDHookService) - Safer-Networking Ltd. - C:\Program Files\Spybot - Search & Destroy 2\SDHookSvc.exe
O23 - Service: Spybot-S&D 2 Scanner Service (SDScannerService) - Safer-Networking Ltd. - C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe
O23 - Service: Spybot-S&D 2 Updating Service (SDUpdateService) - Safer-Networking Ltd. - C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe

--
End of file - 17844 bytes
Alle berichten van deze gebruiker zoeken
27-12-2011, 00:10
Bericht: #2
miekiemoes Offline
Administrator
*
 		Berichten: 2.135
Lid sinds: Nov 2007
RE: Virus?
Hoi,

Deïnstalleer InstallIQ Updater via software > programma's wijzigen/verwijderen.
Herstart daarna je pc en plaats een nieuw HijackThis log
Heb je toevallig onlangs een screensaver geïnstalleerd? Want deze komen vaak met deze W3i installIQ mee, die niet echt aangeraden is, doch, het is geen virus hoor, gewoon ongewenst.
Microsoft MVP - Consumer Security [Afbeelding: mvp.gif]
Director of Research @ Malwarebytes [Afbeelding: mbammini.png]
AntispywareScanners---Antivirus Scanners---Firewalls---Online Scanners---Preventie---Help! Mijn computer is traag!---Mijn Blog---Volg me op Twitter.

[Afbeelding: MiekiemoesBlog.2.gif]
De website van deze gebruiker bezoeken Alle berichten van deze gebruiker zoeken
28-12-2011, 15:14 (Dit bericht is het laatst bewerkt op 28-12-2011 om 15:17 door Gringo.)
Bericht: #3
Gringo Offline
Newbie
*
 		Berichten: 2
Lid sinds: Dec 2011
RE: Virus?
(27-12-2011 00:10)miekiemoes schreef:  Hoi,

Deïnstalleer InstallIQ Updater via software > programma's wijzigen/verwijderen.
Herstart daarna je pc en plaats een nieuw HijackThis log
Heb je toevallig onlangs een screensaver geïnstalleerd? Want deze komen vaak met deze W3i installIQ mee, die niet echt aangeraden is, doch, het is geen virus hoor, gewoon ongewenst.



Hey!

Bedankt voor de snelle respons.
Ik excuseer me voor mijn tragere respons Icon_razz had het wat druk met de feestdagen.

Die INstallIQ heb ik verwijdert , persoonlijk weet ik niet hoe dit erop komt. Ben zeker geen voorstander van screensavers enzo...

Verder heb ik hieronder een hjackthis log zoals je vroeg. Bij men vorige had ik eerst gescant met Spybot Search And Desttroy weet niet of dit erg is als je dit doet voor een hjackthis post. Nu is dit niet gebeurt alvast.

Ook heb ik al enkele malen het volgende probleem tegengekomen : dat ik werk op men pc en dan er een blauw scherm op komt dat zegt dat ik te weinig harddisk heb ofzo terwijl ik ruim 200 GB over heb :s
Wil hier een screenshot van plaatsen maar het lukt niet om dat beeld ergens op vast te leggen.

Grtzz

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:12:58, on 28-12-2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\ALCWZRD.EXE
C:\Program Files\Roxio Creator 2009\5.0\CPMonitor.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Uniblue\SpeedUpMyPC\SpeedUpMyPC.exe
C:\Program Files\EnhanceKeyboard\kb_2k.exe
C:\Program Files\LimeWire\LimeWire.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\imapi.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Spybot - Search & Destroy 2\SDHookSvc.exe
C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.be/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy 2\SDHelper.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
O4 - HKLM\..\Run: [Snelkoppeling naar eigenschappenvenster voor High Definition Audio] HDAudPropShortcut.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Common Files\Roxio Shared\11.0\SharedCOM\RoxWatchTray11.exe"
O4 - HKLM\..\Run: [CPMonitor] "C:\Program Files\Roxio Creator 2009\5.0\CPMonitor.exe"
O4 - HKLM\..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nView\nwiz.exe /install
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [SDTray] "C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe"
O4 - HKLM\..\Run: [Spybot-S&D Cleaning] "C:\Program Files\Spybot - Search & Destroy 2\SDCleaner.exe" /autoclean
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Uniblue SpeedUpMyPC] C:\Program Files\Uniblue\SpeedUpMyPC\SpeedUpMyPC.exe -s
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Lokale service')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Netwerkservice')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: LimeWire On Startup.lnk = C:\Program Files\LimeWire\LimeWire.exe
O4 - Global Startup: enhanced keyboard driver.lnk = ?
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: HP Slim selecteren - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy 2\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy 2\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2009...ader55.cab
O20 - Winlogon Notify: SDWinLogon - SDWinLogon.dll (file missing)
O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft Limited - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: LiveShare P2P Server 11 (RoxLiveShare11) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\11.0\SharedCOM\RoxLiveShare11.exe
O23 - Service: RoxMediaDB11 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\11.0\SharedCOM\RoxMediaDB11.exe
O23 - Service: Roxio Hard Drive Watcher 11 (RoxWatch11) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\11.0\SharedCOM\RoxWatch11.exe
O23 - Service: Spybot S&D 2 Live Protection Service (SDHookService) - Safer-Networking Ltd. - C:\Program Files\Spybot - Search & Destroy 2\SDHookSvc.exe
O23 - Service: Spybot-S&D 2 Scanner Service (SDScannerService) - Safer-Networking Ltd. - C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe
O23 - Service: Spybot-S&D 2 Updating Service (SDUpdateService) - Safer-Networking Ltd. - C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe

--
End of file - 8372 bytes
Alle berichten van deze gebruiker zoeken
28-12-2011, 15:17
Bericht: #4
miekiemoes Offline
Administrator
*
 		Berichten: 2.135
Lid sinds: Nov 2007
RE: Virus?
Hoi,

Dit ziet er terug OK uit.
Welke problemen zijn er momenteel nog?
Microsoft MVP - Consumer Security [Afbeelding: mvp.gif]
Director of Research @ Malwarebytes [Afbeelding: mbammini.png]
AntispywareScanners---Antivirus Scanners---Firewalls---Online Scanners---Preventie---Help! Mijn computer is traag!---Mijn Blog---Volg me op Twitter.

[Afbeelding: MiekiemoesBlog.2.gif]
De website van deze gebruiker bezoeken Alle berichten van deze gebruiker zoeken
07-04-2012, 17:01
Bericht: #5
miekiemoes Offline
Administrator
*
 		Berichten: 2.135
Lid sinds: Nov 2007
Inactief
Jammer dat je geen reactie meer hebt gegeven op deze thread..., daarom wordt deze thread verplaatst naar het "Opgeloste/Inactieve HijackThislogs" forum, waar je niet meer kan posten, enkel lezen.

Indien je terug problemen ondervindt in de eerstvolgende dagen, gelieve een PM te sturen naar één van de Moderators of Administrators om deze thread terug te zetten zodat je verder kan geholpen worden.

Bij problemen die opduiken na enkele weken is het beter om een nieuwe thread te starten met een nieuwe log.
Indien er problemen zijn die niks met malware te maken hebben, gelieve een nieuwe thread te starten in het juist forumonderdeel.
Microsoft MVP - Consumer Security [Afbeelding: mvp.gif]
Director of Research @ Malwarebytes [Afbeelding: mbammini.png]
AntispywareScanners---Antivirus Scanners---Firewalls---Online Scanners---Preventie---Help! Mijn computer is traag!---Mijn Blog---Volg me op Twitter.

[Afbeelding: MiekiemoesBlog.2.gif]
De website van deze gebruiker bezoeken Alle berichten van deze gebruiker zoeken


Ga naar locatie:


Gebruikers die deze discussie lezen: 1 gast(en)