Yow iedereen
hieronder mijn post van hijackthis log. Zit al geruime tijd met trojans en adware e.d. en krijg ze er niet af. Heb al Panda AV, spyware Doctor (trial), Housecall online virusscan en vundofix gebruikt maar niks help blijkbaar...
Graag jullie mening... thx!
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Panda Security\Panda Antivirus 2008\pavsrv51.exe
C:\Program Files\Panda Security\Panda Antivirus 2008\AVENGINE.EXE
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Panda Security\Panda Antivirus 2008\PsCtrls.exe
C:\Program Files\Common Files\Panda Software\PavShld\pavprsrv.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\Program Files\Panda Security\Panda Antivirus 2008\PsImSvc.exe
C:\Program Files\Spyware Doctor\pctsAuxs.exe
C:\Program Files\Spyware Doctor\pctsSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Spyware Doctor\pctsTray.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Panda Security\Panda Antivirus 2008\ApvxdWin.exe
C:\WINDOWS\system32\WgaTray.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\system32\GSICON.EXE
C:\WINDOWS\system32\dslagent.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\ScanPanel\ScnPanel.exe
C:\Program Files\Panda Security\Panda Antivirus 2008\WebProxy.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
--------------------------------------------------
Listing of startup folders:
Shell folders Startup:
[C:\Documents and Settings\kevin\Menu Start\Programma's\Opstarten]
Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
Shell folders Common Startup:
[C:\Documents and Settings\All Users\Menu Start\Programma's\Opstarten]
Adobe Reader Snelle start.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
ScanPanel.lnk = C:\Program Files\ScanPanel\ScnPanel.exe
--------------------------------------------------
Checking Windows NT UserInit:
[HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
UserInit = C:\WINDOWS\system32\userinit.exe
--------------------------------------------------
Autorun entries from Registry:
HKLM\Software\Microsoft\Windows\CurrentVersion\Run
SoundMan = SOUNDMAN.EXE
NvCplDaemon = RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
nwiz = nwiz.exe /install
GSICONEXE = GSICON.EXE
DSLAGENTEXE = dslagent.exe USB
TkBellExe = "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
OpwareSE2 = "C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe"
OPSE reminder = "C:\Program Files\ScanSoft\OmniPageSE2.0\EregEng\Ereg.exe" -r "C:\Program Files\ScanSoft\OmniPageSE2.0\EregEng\ereg.ini"
WinampAgent = C:\Program Files\Winamp\winampa.exe
SunJavaUpdateSched = C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe
NvMediaCenter = RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
APVXDWIN = "C:\Program Files\Panda Security\Panda Antivirus 2008\APVXDWIN.EXE" /s
NBKeyScan = "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
ISTray = "C:\Program Files\Spyware Doctor\pctsTray.exe"
--------------------------------------------------
Autorun entries from Registry:
HKCU\Software\Microsoft\Windows\CurrentVersion\Run
MsnMsgr = "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA} = "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
--------------------------------------------------
Autorun entries in Registry subkeys of:
HKCU\Software\Microsoft\Windows\CurrentVersion\Run
[AdobeUpdater]
=
--------------------------------------------------
Shell & screensaver key from C:\WINDOWS\SYSTEM.INI:
Shell=*INI section not found*
SCRNSAVE.EXE=*INI section not found*
drivers=*INI section not found*
Shell & screensaver key from Registry:
Shell=Explorer.exe
SCRNSAVE.EXE=*Registry value not found*
drivers=*Registry value not found*
Policies Shell key:
HKCU\..\Policies: Shell=*Registry key not found*
HKLM\..\Policies: Shell=*Registry value not found*
--------------------------------------------------
Enumerating Browser Helper Objects:
(no name) - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}
(no name) - (no file) - {7E853D72-626A-48EC-A868-BA8D5E23E045}
(no name) - C:\WINDOWS\system32\geebc.dll (file missing) - {88F1E83D-9676-43AF-80FF-A4F848EE2965}
{a26c174a-bb39-5618-caf4-dd5d6dcda76b} - C:\WINDOWS\system32\ofxhjeqh.dll (file missing) - {b67adcd6-d5dd-4fac-8165-93bba471c62a}
441465 helper - C:\WINDOWS\system32\441465\441465.dll (file missing) - {d311c486-7d5f-4d73-b791-ee56c47d3b2e}
--------------------------------------------------
Enumerating Download Program Files:
[HouseCall Control]
InProcServer32 = C:\WINDOWS\DOWNLO~1\xscan60.ocx
CODEBASE = http://housecall60.trendmicro.com/housecall/xscan60.cab
[ActiveScan 2.0 Installer Class]
InProcServer32 = C:\WINDOWS\Downloaded Program Files\as2stubie.dll
CODEBASE = http://acs.pandasoftware.com/actives.../as2stubie.cab
[Office Update Installation Engine]
InProcServer32 = C:\WINDOWS\opuc.dll
CODEBASE = http://office.microsoft.com/officeup...tent/opuc3.cab
[MSN Photo Upload Tool]
InProcServer32 = C:\WINDOWS\Downloaded Program Files\CONFLICT.1\MsnPUpld.dll
CODEBASE = http://gfx1.hotmail.com/mail/w2/resources/MSNPUpld.cab
[Windows Live Photo Upload Control]
InProcServer32 = C:\WINDOWS\Downloaded Program Files\MsnPUpld.dll
CODEBASE = http://dekeevin.spaces.live.com/Phot...d/MsnPUpld.cab
[{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}]
CODEBASE = http://fpdownload.macromedia.com/get.../ultrashim.cab
[Shockwave Flash Object]
InProcServer32 = C:\WINDOWS\system32\Macromed\Flash\Flash9d.ocx
CODEBASE = http://fpdownload.macromedia.com/pub...sh/swflash.cab
[DownloadManager Control]
InProcServer32 = C:\WINDOWS\DOWNLO~1\DOWNLO~1.OCX
CODEBASE = http://dlm.tools.akamai.com/dlmanage...ex-2.2.1.6.cab
--------------------------------------------------
Enumerating Winsock LSP files:
NameSpace #4: C:\Program Files\Bonjour\mdnsNSP.dll
--------------------------------------------------
Enumerating ShellServiceObjectDelayLoad items:
PostBootReminder: C:\WINDOWS\system32\SHELL32.dll
CDBurn: C:\WINDOWS\system32\SHELL32.dll
WebCheck: C:\WINDOWS\system32\webcheck.dll
SysTray: C:\WINDOWS\system32\stobject.dll
--------------------------------------------------
End of report, 8.134 bytes
Report generated in 0,078 seconds
Favorieten/bladwijzers