Ga naar inhoud
  • 0

Opdrachten zo als taakbeheer en regedit werken niet. Heb ik met een virus temaken?


Anoniem2

Vraag

Hallo,\r\nIk Heb een probleem en aangezien dit mijn eerste post is zal ik het probeeren netjes te doen.\r\nIk heb het volgende probleem:\r\nIk wilde mijn pc maar weer eens gaan opruimen en toen stuiten ik op een verborgen map(denk ik) die ongeveer 5gig op mijn pc inneemt ik heb slechts 40GB dus dit is vervelend.\r\nik google de wat en kwam er achter dat ik een back-up moet maken van mijn register.\r\nmaar toen in entousiast regedit intypte bij uitvoeren kreeg ik de melding dat het geen geldige win32-toepassing is en ook regedit[B].exe[/B] werkt niet dan krijg ik de melding dat het al door een ander programma in gebruik is.\r\nik denk nou dan zal ik eens kijken ik doe ctrl+alt+del werkt dat ook niet! (ook rechtermuisknopt op taakbalk en dan taakbeheer werk niet)\r\n\r\nHeb ik met een virus temaken?\r\n\r\nIk googlede wat en zag dat ik eens een rapport met de log van hijackthis moet plaatsen.\r\nDus in volgende 3 post\'s omdat anders mijn post\'s te lang zijn -_-\'.
Link naar reactie

11 antwoorden op deze vraag

Aanbevolen berichten

  • 0
weer in 3 delen -_-\r\n[CODE]\r\n[B]Logfile of HijackThis v1.99.1\r\nScan saved at 19:24:27, on 27-2-2007\r\nPlatform: Windows XP SP2 (WinNT 5.01.2600)\r\nMSIE: Internet Explorer v7.00 (7.00.6000.16414)[/B]\r\n\r\nRunning processes:\r\nC:\\WINDOWS\\System32\\smss.exe\r\nC:\\WINDOWS\\system32\\winlogon.exe\r\nC:\\WINDOWS\\system32\\services.exe\r\nC:\\WINDOWS\\system32\\lsass.exe\r\nC:\\WINDOWS\\system32\\svchost.exe\r\nC:\\WINDOWS\\System32\\svchost.exe\r\nC:\\Program Files\\Common Files\\Symantec Shared\\ccProxy.exe\r\nC:\\WINDOWS\\Explorer.EXE\r\nC:\\Program Files\\Common Files\\Symantec Shared\\ccSetMgr.exe\r\nC:\\Program Files\\Norton Internet Security\\ISSVC.exe\r\nC:\\Program Files\\Common Files\\Symantec Shared\\SNDSrvc.exe\r\nC:\\Program Files\\Common Files\\Symantec Shared\\SPBBC\\SPBBCSvc.exe\r\nC:\\Program Files\\Common Files\\Symantec Shared\\ccEvtMgr.exe\r\nC:\\WINDOWS\\system32\\spoolsv.exe\r\nC:\\Program Files\\TOSHIBA\\ConfigFree\\CFSvcs.exe\r\nC:\\WINDOWS\\system32\\DVDRAMSV.exe\r\n[/CODE]
Link naar reactie
  • 0
[CODE]C:\\Program Files\\Norton Internet Security\\Norton AntiVirus\\navapsvc.exe\r\nC:\\WINDOWS\\system32\\svchost.exe\r\nC:\\WINDOWS\\system32\\igfxtray.exe\r\nC:\\WINDOWS\\system32\\hkcmd.exe\r\nC:\\Program Files\\Toshiba\\Windows Utilities\\Hotkey.exe\r\nC:\\Program Files\\Synaptics\\SynTP\\SynTPLpr.exe\r\nC:\\WINDOWS\\system32\\igfxext.exe\r\nC:\\Program Files\\Synaptics\\SynTP\\SynTPEnh.exe\r\nC:\\WINDOWS\\System32\\svchost.exe\r\nC:\\Program Files\\TOSHIBA\\Touch and Launch\\PadExe.exe\r\nC:\\Program Files\\TOSHIBA\\TOSHIBA-zoomutility\\SmoothView.exe\r\nC:\\Program Files\\TOSHIBA\\ConfigFree\\NDSTray.exe\r\nC:\\Program Files\\Common Files\\Symantec Shared\\ccApp.exe\r\nC:\\Program Files\\Java\\jre1.5.0_09\\bin\\jusched.exe\r\nC:\\WINDOWS\\system32\\dla\\tfswctrl.exe\r\nC:\\Program Files\\QuickTime\\qttask.exe\r\nC:\\Program Files\\Common Files\\Real\\Update_OB\\realsched.exe\r\nD:\\Program Files\\Sony Ericsson\\Mobile2\\Application Launcher\\Application Launcher.exe\r\nC:\\WINDOWS\\system32\\p2pnetworking.exe\r\nC:\\WINDOWS\\system32\\ctfmon.exe\r\nC:\\Program Files\\Microsoft ActiveSync\\wcescomm.exe\r\nC:\\Program Files\\Common Files\\Teleca Shared\\CapabilityManager.exe\r\nC:\\Program Files\\Google\\GoogleToolbarNotifier\\1.2.1128.5462\\GoogleToolbarNotifier.exe\r\nC:\\Program Files\\SlySoft\\AnyDVD\\AnyDVD.exe\r\nC:\\PROGRA~1\\MICROS~3\\rapimgr.exe\r\nC:\\WINDOWS\\system32\\RAMASST.exe\r\nC:\\Documents and Settings\\All Users\\Menu Start\\Programma\'s\\Opstarten\\taskmgr.exe\r\nC:\\Program Files\\Common Files\\Teleca Shared\\Generic.exe\r\nD:\\Program Files\\Sony Ericsson\\Mobile2\\Mobile Phone Monitor\\epmworker.exe\r\nC:\\Program Files\\MSN Messenger\\msnmsgr.exe\r\nC:\\Program Files\\Java\\jre1.5.0_09\\bin\\jucheck.exe\r\nC:\\WINDOWS\\system32\\svchost.exe\r\nC:\\Program Files\\Internet Explorer\\IEXPLORE.EXE\r\nC:\\Program Files\\Messenger\\msmsgs.exe\r\nD:\\help\\HijackThis.exe\r\n\r\nR0 - HKCU\\Software\\Microsoft\\Internet Explorer\\Main,Start Page = http://www.nintendo-europe.com/NOE/nl/NL/home/index.do\r\nR1 - HKLM\\Software\\Microsoft\\Internet Explorer\\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157\r\nR1 - HKLM\\Software\\Microsoft\\Internet Explorer\\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896\r\nR1 - HKLM\\Software\\Microsoft\\Internet Explorer\\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896\r\nR0 - HKLM\\Software\\Microsoft\\Internet Explorer\\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157\r\nR0 - HKCU\\Software\\Microsoft\\Internet Explorer\\Toolbar,LinksFolderName = Koppelingen\r\nF2 - REG:system.ini: UserInit=userinit.exe\r\nO2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\\Program Files\\abobe reader\\ActiveX\\AcroIEHelper.dll\r\nO2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\\WINDOWS\\system32\\dla\\tfswshx.dll\r\nO2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\\Program Files\\Java\\jre1.5.0_09\\bin\\ssv.dll\r\nO2 - BHO: Norton Internet Security - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\\Program Files\\Common Files\\Symantec Shared\\AdBlocking\\NISShExt.dll\r\nO2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\\program files\\google\\googletoolbar2.dll\r\nO2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\\Program Files\\Norton Internet Security\\Norton AntiVirus\\NavShExt.dll\r\nO3 - Toolbar: Norton Internet Security - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\\Program Files\\Common Files\\Symantec Shared\\AdBlocking\\NISShExt.dll\r\nO3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\\Program Files\\Norton Internet Security\\Norton AntiVirus\\NavShExt.dll\r\nO3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\\program files\\google\\googletoolbar2.dll\r\nO4 - HKLM\\..\\Run: [IgfxTray] C:\\WINDOWS\\system32\\igfxtray.exe\r\nO4 - HKLM\\..\\Run: [HotKeysCmds] C:\\WINDOWS\\system32\\hkcmd.exe\r\nO4 - HKLM\\..\\Run: [Toshiba Hotkey Utility] \"C:\\Program Files\\Toshiba\\Windows Utilities\\Hotkey.exe\" /lang NL\r\nO4 - HKLM\\..\\Run: [SynTPLpr] C:\\Program Files\\Synaptics\\SynTP\\SynTPLpr.exe\r\nO4 - HKLM\\..\\Run: [SynTPEnh] C:\\Program Files\\Synaptics\\SynTP\\SynTPEnh.exe\r\nO4 - HKLM\\..\\Run: [PadTouch] C:\\Program Files\\TOSHIBA\\Touch and Launch\\PadExe.exe\r\nO4 - HKLM\\..\\Run: [SmoothView] C:\\Program Files\\TOSHIBA\\TOSHIBA-zoomutility\\SmoothView.exe\r\nO4 - HKLM\\..\\Run: [NDSTray.exe] NDSTray.exe\r\nO4 - HKLM\\..\\Run: [ccApp] \"C:\\Program Files\\Common Files\\Symantec Shared\\ccApp.exe\"\r\nO4 - HKLM\\..\\Run: [URLLSTCK.exe] C:\\Program Files\\Norton Internet Security\\UrlLstCk.exe\r\nO4 - HKLM\\..\\Run: [SunJavaUpdateSched] \"C:\\Program Files\\Java\\jre1.5.0_09\\bin\\jusched.exe\"\r\nO4 - HKLM\\..\\Run: [Symantec NetDriver Monitor] C:\\PROGRA~1\\SYMNET~1\\SNDMon.exe /Consumer\r\nO4 - HKLM\\..\\Run: [CFSServ.exe] CFSServ.exe -NoClient\r\nO4 - HKLM\\..\\Run: [dla] C:\\WINDOWS\\system32\\dla\\tfswctrl.exe\r\nO4 - HKLM\\..\\Run: [csrs] C:\\WINDOWS\\system32\\csrs.exe\r\nO4 - HKLM\\..\\Run: [QuickTime Task] \"C:\\Program Files\\QuickTime\\qttask.exe\" -atboottime\r\nO4 - HKLM\\..\\Run: [rundll23] C:\\WINDOWS\\system32\\rundll23.exe\r\nO4 - HKLM\\..\\Run: [SCAR updater] C:\\WINDOWS\\system32\\SCAR updater.exe\r\nO4 - HKLM\\..\\Run: [nicksupdater] C:\\windows\\updater\\nicksupdater.exe\r\nO4 - HKLM\\..\\Run: [NeroFilterCheck] C:\\WINDOWS\\system32\\NeroCheck.exe\r\nO4 - HKLM\\..\\Run: [TkBellExe] \"C:\\Program Files\\Common Files\\Real\\Update_OB\\realsched.exe\" -osboot\r\nO4 - HKLM\\..\\Run: [Sony Ericsson PC Suite] \"D:\\Program Files\\Sony Ericsson\\Mobile2\\Application Launcher\\Application Launcher.exe\" /startoptions\r\nO4 - HKLM\\..\\Run: [p2p networking] p2pnetworking.exe\r\nO4 - HKLM\\..\\RunServices: [p2p networking] p2pnetworking.exe\r\nO4 - HKCU\\..\\Run: [CTFMON.EXE] C:\\WINDOWS\\system32\\ctfmon.exe\r\nO4 - HKCU\\..\\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] \"C:\\Program Files\\Common Files\\Ahead\\Lib\\NMBgMonitor.exe\"\r\nO4 - HKCU\\..\\Run: [H/PC Connection Agent] \"C:\\Program Files\\Microsoft ActiveSync\\wcescomm.exe\"\r\nO4 - HKCU\\..\\Run: [updateMgr] \"D:\\Program Files\\abobe reader\\Reader\\AdobeUpdateManager.exe\" AcRdB7_0_7 -reboot 1\r\nO4 - HKCU\\..\\Run: [swg] C:\\Program Files\\Google\\GoogleToolbarNotifier\\1.2.1128.5462\\GoogleToolbarNotifier.exe\r\nO4 - HKCU\\..\\Run: [AnyDVD] C:\\Program Files\\SlySoft\\AnyDVD\\AnyDVD.exe\r\nO4 - Startup: Adobe Gamma.lnk = C:\\Program Files\\Common Files\\Adobe\\Calibration\\Adobe Gamma Loader.exe\r\nO4 - Startup: Microsoft Office OneNote 2003 Quick Launch.lnk = C:\\Program Files\\Microsoft Office\\OFFICE11\\ONENOTEM.EXE\r\nO4 - Global Startup: Adobe Reader Speed Launch.lnk = D:\\Program Files\\abobe reader\\Reader\\reader_sl.exe\r\nO4 - Global Startup: Microsoft Office.lnk = C:\\Program Files\\Microsoft Office\\Office10\\OSA.EXE\r\nO4 - Global Startup: RAMASST.lnk = C:\\WINDOWS\\system32\\RAMASST.exe\r\nO4 - Global Startup: taskmgr.exe\r\nO8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\\PROGRA~1\\MICROS~2\\Office10\\EXCEL.EXE/3000\r\nO9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\\Program Files\\Java\\jre1.5.0_09\\bin\\ssv.dll\r\nO9 - Extra \'Tools\' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\\Program Files\\Java\\jre1.5.0_09\\bin\\ssv.dll\r\nO9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\\PROGRA~1\\MICROS~3\\INetRepl.dll\r\nO9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\\PROGRA~1\\MICROS~3\\INetRepl.dll\r\nO9 - Extra \'Tools\' menuitem: Mobiele favorieten maken - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\\PROGRA~1\\MICROS~3\\INetRepl.dll\r\nO9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\\PROGRA~1\\MICROS~2\\OFFICE11\\REFIEBAR.DLL\r\nO9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\\Network Diagnostic\\xpnetdiag.exe (file missing)\r\nO9 - Extra \'Tools\' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\\Network Diagnostic\\xpnetdiag.exe (file missing)\r\nO9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} -[/CODE]
Link naar reactie
  • 0
last one:\r\n[CODE]C:\\Program Files\\Messenger\\msmsgs.exe\r\nO9 - Extra \'Tools\' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\\Program Files\\Messenger\\msmsgs.exe\r\nO11 - Options group: [INTERNATIONAL] International*\r\nO16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - [url]http://go.microsoft.com/fwlink/?linkid=39204[/url]\r\nO16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - [url]http://spaces.msn.com//PhotoUpload/MsnPUpld.cab[/url]\r\nO16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - [url]http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1143563814322[/url]\r\nO16 - DPF: {86A88967-7A20-11D2-8EDA-00600818EDB1} (ParallelGraphics Cortona Control) - [url]http://www.parallelgraphics.com/bin/cortvrml.cab[/url]\r\nO16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - [url]http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab[/url]\r\nO16 - DPF: {BE833F39-1E0C-468C-BA70-25AAEE55775E} (System Requirements Lab) - [url]http://www.systemrequirementslab.com/sysreqlab.cab[/url]\r\nO18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\\PROGRA~1\\MSNMES~1\\MSGRAP~1.DLL\r\nO18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\\PROGRA~1\\MSNMES~1\\MSGRAP~1.DLL\r\nO20 - AppInit_DLLs: pushow63.dll C:\\PROGRA~1\\Google\\GOOGLE~2\\GOEC62~1.DLL\r\nO20 - Winlogon Notify: csrs - csrs.dll (file missing)\r\nO20 - Winlogon Notify: igfxcui - C:\\WINDOWS\\SYSTEM32\\igfxsrvc.dll\r\nO20 - Winlogon Notify: WgaLogon - C:\\WINDOWS\\SYSTEM32\\WgaLogon.dll\r\nO20 - Winlogon Notify: winjnr32 - winjnr32.dll (file missing)\r\nO21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\\WINDOWS\\system32\\WPDShServiceObj.dll\r\nO23 - Service: Adobe LM Service - Adobe Systems - C:\\Program Files\\Common Files\\Adobe Systems Shared\\Service\\Adobelmsvc.exe\r\nO23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\\Program Files\\Common Files\\Symantec Shared\\ccEvtMgr.exe\r\nO23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\\Program Files\\Common Files\\Symantec Shared\\ccProxy.exe\r\nO23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\\Program Files\\Common Files\\Symantec Shared\\ccPwdSvc.exe\r\nO23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\\Program Files\\Common Files\\Symantec Shared\\ccSetMgr.exe\r\nO23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\\Program Files\\TOSHIBA\\ConfigFree\\CFSvcs.exe\r\nO23 - Service: COM+ Messages - Unknown owner - C:\\WINDOWS\\system32\\svchosts.exe\" -e mc-110-12-0001291 (file missing)\r\nO23 - Service: DVD-RAM_Service - Matsushita Electric Industrial Co., Ltd. - C:\\WINDOWS\\system32\\DVDRAMSV.exe\r\nO23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\\Program Files\\Common Files\\InstallShield\\Driver\\11\\Intel 32\\IDriverT.exe\r\nO23 - Service: ISSvc (ISSVC) - Symantec Corporation - C:\\Program Files\\Norton Internet Security\\ISSVC.exe\r\nO23 - Service: Macromedia Licensing Service - Unknown owner - C:\\Program Files\\Common Files\\Macromedia Shared\\Service\\Macromedia Licensing.exe\r\nO23 - Service: Norton AntiVirus Auto-Protect-service (navapsvc) - Symantec Corporation - C:\\Program Files\\Norton Internet Security\\Norton AntiVirus\\navapsvc.exe\r\nO23 - Service: Network Monitor - Unknown owner - C:\\Program Files\\Network Monitor\\netmon.exe (file missing)\r\nO23 - Service: SAVScan - Symantec Corporation - C:\\Program Files\\Norton Internet Security\\Norton AntiVirus\\SAVScan.exe\r\nO23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\\PROGRA~1\\COMMON~1\\SYMANT~1\\SCRIPT~1\\SBServ.exe\r\nO23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\\Program Files\\Common Files\\Symantec Shared\\SNDSrvc.exe\r\nO23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\\Program Files\\Common Files\\Symantec Shared\\SPBBC\\SPBBCSvc.exe[/CODE]\r\n\r\nAlvast bedankt voor de hulp en sorrry voor de tripple post.\r\n\r\nZspirit
Link naar reactie
  • 0
Er zitten wat keyloggers in je systeem, en waarschijnlijk nog meer rommel die Symantec weer eens over het hoofd ziet.\n \nO4 - HKLM\\..\\Run: [rundll23] C:\\WINDOWS\\system32\\rundll23.exe\nO4 - HKLM\\..\\Run: [SCAR updater] C:\\WINDOWS\\system32\\SCAR updater.exe\nO4 - HKLM\\..\\Run: [nicksupdater] C:\\windows\\updater\\nicksupdater.exe\n \nScan je systeem eens met Prevx1.\nDownloaden, installeren, updaten en hele systeem scannen.\n[URL]http://info.prevx.com/downloadprevx1.asp[/URL]
Link naar reactie

Om een reactie te plaatsen, moet je eerst inloggen

Gast
Antwoord op deze vraag...

×   Geplakt als verrijkte tekst.   Herstel opmaak

  Er zijn maximaal 75 emoji toegestaan.

×   Je link werd automatisch ingevoegd.   Tonen als normale link

×   Je vorige inhoud werd hersteld.   Leeg de tekstverwerker

×   Je kunt afbeeldingen niet direct plakken. Upload of voeg afbeeldingen vanaf een URL in

  • Populaire leden

    Er is nog niemand die deze week reputatie heeft ontvangen.

  • Leden

    Geen leden om te tonen

×
×
  • Nieuwe aanmaken...