Ga naar inhoud

trage laptop


paddepoel

Aanbevolen berichten

  • Reacties 23
  • Aangemaakt
  • Laatste reactie

Beste reacties in dit topic

We zullen eerst eens nagaan of malware of virussen de oorzaak zijn van je probleem.

1. Download HijackThis.

Klik bij "HijackThis Downloads" op "Installer".

Bestand HijackThis.msi opslaan. Daarna kiezen voor "uitvoeren".

Hijackthis wordt nu op je PC geïnstalleerd, een snelkoppeling wordt op je bureaublad geplaatst.

Als je geen netwerkverbinding meer hebt, kan je de download doen met een andere pc en het bestand met een usb stick overbrengen

Als je enkel nog in veilige modus kan werken, moet je de executable downloaden.

Sla deze op in een nieuwe map op de C schijf (bvb C:\\hijackthis) en start hijackthis dan vanaf deze map.

De logjes kan je dan ook in die map terugvinden.


2. Klik op de snelkoppeling om HijackThis te starten

Klik ofwel op "Do a systemscan and save a logfile", ofwel eerst op "Scan" en dan op "Savelog".

Er opent een kladblokvenster, hou gelijktijdig de CTRL en A-toets ingedrukt, nu is alles geselecteerd. Hou gelijktijdig de CTRL en C-toets ingedrukt, nu is alles gekopieerd. Plak nu het HJT logje in je bericht door CTRL en V-toets.

Krijg je een melding ""For some reason your system denied writing to the Host file ....", klik dan gewoon door op de OK-toets.

Let op : Windows Vista & 7 gebruikers dienen HijackThis als “administrator” uit te voeren via rechtermuisknop “als administrator uitvoeren". Indien dit via de snelkoppeling niet lukt voer je HijackThis als administrator uit in de volgende map : C:\\Program Files\\Trend Micro\\HiJackThis of C:\\Program Files (x86)\\Trend Micro\\HiJackThis. (Bekijk hier de afbeelding ---> Bijlage 12634)

Wil je in woord en beeld weten hoe je een logje met HijackThis maakt en plaatst op het forum, klik dan HIER.

Link naar reactie
Delen op andere sites

  • 2 weken later...

Hallo,

sorry voor het late antwoord, maar hier is het logje:

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 17:43:08, on 4/10/2011

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v8.00 (8.00.6001.18702)

Boot mode: Normal

Running processes:

C:\WINNT\System32\smss.exe

C:\WINNT\system32\winlogon.exe

C:\WINNT\system32\services.exe

C:\WINNT\system32\lsass.exe

C:\WINNT\system32\Ati2evxx.exe

C:\WINNT\system32\svchost.exe

C:\WINNT\System32\svchost.exe

C:\WINNT\system32\svchost.exe

C:\WINNT\system32\Ati2evxx.exe

C:\WINNT\system32\spoolsv.exe

C:\WINNT\system32\Drivers\trcboot.exe

C:\Program Files\IBM\Personal Communications\PCS_AGNT.EXE

C:\Program Files\IObit\Advanced SystemCare 4\ASCService.exe

C:\Program Files\Connected\AgentSrv.EXE

C:\Program Files\Juniper Networks\Common Files\dsNcService.exe

C:\Program Files\iolo\common\lib\ioloServiceManager.exe

C:\Program Files\Java\jre6\bin\jqs.exe

C:\Program Files\IBM\Lotus\Notes\nsd.exe

C:\Program Files\IBM\Lotus\Notes\nslsvice.exe

C:\Program Files\McAfee\VirusScan Enterprise\EngineServer.exe

C:\Program Files\McAfee\Common Framework\FrameworkService.exe

C:\Program Files\McAfee\VirusScan Enterprise\VsTskMgr.exe

C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE

C:\WINNT\system32\mfevtps.exe

C:\Program Files\IBM\Lotus\Notes\ntmulti.exe

C:\WINNT\System32\srvany.exe

C:\WINNT\system32\mvaservice.exe

C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe

C:\Program Files\SigmaTel\C-Major Audio\WDM\StacSV.exe

C:\WINNT\system32\svchost.exe

C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe

C:\Program Files\UltraVNC\WinVNC.exe

C:\WINNT\system32\CCM\CLICOMP\RemCtrl\Wuser32.exe

C:\WINNT\system32\CCM\CcmExec.exe

C:\Program Files\McAfee\VirusScan Enterprise\Mcshield.exe

C:\WINNT\system32\Drivers\ldlcserv.exe

C:\WINNT\system32\Drivers\ldlcserv6.exe

C:\WINNT\Explorer.EXE

C:\WINNT\stsystra.exe

C:\Program Files\Dell\QuickSet\Quickset.exe

C:\Program Files\McAfee\Common Framework\udaterui.exe

C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe

C:\Program Files\IObit\Advanced SystemCare 4\Suo10_SmartRAM.exe

C:\WINNT\system32\ctfmon.exe

C:\Program Files\McAfee\Common Framework\McTray.exe

D:\Documents and Settings\pgadebac\Local Settings\Application Data\Google\Update\1.3.21.69\GoogleCrashHandler.exe

C:\Program Files\Connected\CBSysTray.exe

C:\Program Files\Stickies\stickies.exe

C:\Program Files\IBM\Lotus\Notes\NLNOTES.EXE

C:\Program Files\IBM\Lotus\Notes\NCDaemon.exe

C:\Program Files\IBM\Lotus\Notes\framework\rcp\eclipse\plugins\com.ibm.rcp.base_6.2.1.20090925-1604\win32\x86\notes2.exe

C:\Program Files\IBM\Lotus\Notes\ntaskldr.EXE

C:\Program Files\Adobe\Acrobat 7.0\Distillr\AcroTray.exe

D:\Documents and Settings\pgadebac\Local Settings\Application Data\Google\Chrome\Application\chrome.exe

D:\Documents and Settings\pgadebac\Local Settings\Application Data\Google\Chrome\Application\chrome.exe

C:\WINNT\system32\msiexec.exe

C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe

C:\Program Files\McAfee\Common Framework\McScript_InUse.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://intranet/index.php?page=&langue=nl

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = 301 Moved Permanently

R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://10.2.31.212/homenl

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = http://intranet/proxy.pac

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen

O2 - BHO: Adobe PDF Reader Help bij koppelingen - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: DWABrowserHlprObj Class - {2709D830-B643-4e72-9A1E-701CFFFCF30C} - C:\WINNT\system32\dwabho.dll

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL

O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan Enterprise\scriptsn.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll

O4 - HKLM\..\Run: [sigmatelSysTrayApp] stsystra.exe

O4 - HKLM\..\Run: [shStatEXE] "C:\Program Files\McAfee\VirusScan Enterprise\SHSTAT.EXE" /STANDALONE

O4 - HKLM\..\Run: [Dell QuickSet] C:\Program Files\Dell\QuickSet\Quickset.exe

O4 - HKLM\..\Run: [Logon] C:\WINNT\system32\loglogon.exe

O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Program Files\McAfee\Common Framework\udaterui.exe" /StartedFromRunKey

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"

O4 - HKCU\..\Run: [smartRAM] "C:\Program Files\IObit\Advanced SystemCare 4\Suo10_SmartRAM.exe" /m

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINNT\system32\ctfmon.exe

O4 - HKCU\..\Run: [Google Update] "D:\Documents and Settings\pgadebac\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINNT\system32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\S-1-5-18\..\RunOnce: [FlashPlayerUpdate] C:\WINNT\system32\Macromed\Flash\FlashUtil10k_ActiveX.exe -update activex (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINNT\system32\CTFMON.EXE (User 'Default user')

O4 - HKUS\.DEFAULT\..\RunOnce: [FlashPlayerUpdate] C:\WINNT\system32\Macromed\Flash\FlashUtil10k_ActiveX.exe -update activex (User 'Default user')

O4 - Startup: Stickies.lnk = C:\Program Files\Stickies\stickies.exe

O4 - Global Startup: Taakbalkpictogram van Connected.LNK = C:\Program Files\Connected\CBSysTray.exe

O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINNT\system32\GPhotos.scr/200

O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000

O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINNT\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINNT\Network Diagnostic\xpnetdiag.exe

O15 - Trusted Zone: http://*.intranet

O15 - Trusted IP range: http://192.168.2.1

O15 - ESC Trusted IP range: http://192.168.2.1

O16 - DPF: {0F2AAAE3-7E9E-4B64-AB5D-1CA24C6ACB9C} (IBM Lotus iNotes 8.5 Control) - https://mail07-57.finbel.intra/dwa85W.cab

O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} (OnlineScanner Control) - http://download.eset.com/special/eos/OnlineScanner.cab

O16 - DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} (JuniperSetupClientControl Class) - https://extranet.minfin.be/dana-cached/sc/JuniperSetupClient.cab

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = finbel.intra

O17 - HKLM\Software\..\Telephony: DomainName = finbel.intra

O17 - HKLM\System\CCS\Services\Tcpip\..\{534DD674-1692-4B1B-A718-DAF433AFFF26}: Domain = finbel.intra

O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = finbel.intra

O17 - HKLM\System\CS1\Services\Tcpip\Parameters: SearchList = finbel.intra

O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = finbel.intra

O17 - HKLM\System\CS2\Services\Tcpip\Parameters: SearchList = finbel.intra

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: SearchList = finbel.intra

O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL

O18 - Protocol: schmap-help - (no CLSID) - (no file)

O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINNT\system32\browseui.dll

O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINNT\system32\browseui.dll

O22 - SharedTaskScheduler: FencesShellExt - {1984DD45-52CF-49cd-AB77-18F378FEA264} - C:\Program Files\Stardock\Fences\FencesMenu.dll

O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Unknown owner - C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe (file missing)

O23 - Service: Advanced SystemCare Service (AdvancedSystemCareService) - IObit - C:\Program Files\IObit\Advanced SystemCare 4\ASCService.exe

O23 - Service: Connected Agent Service (AgentSrv) - Connected Corporation - C:\Program Files\Connected\AgentSrv.EXE

O23 - Service: AppnNode - IBM Corporation - C:\WINNT\system32\Drivers\appnnode.exe

O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINNT\system32\Ati2evxx.exe

O23 - Service: Defragmentation-Service (DfSdkS) - mst software GmbH, Germany - C:\Program Files\Ashampoo\Ashampoo WinOptimizer 2010 Advanced\Dfsdks.exe

O23 - Service: Juniper Network Connect Service (dsNcService) - Juniper Networks - C:\Program Files\Juniper Networks\Common Files\dsNcService.exe

O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Google Updateservice (gupdate1c9c883e3eb492) (gupdate1c9c883e3eb492) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: iolo FileInfoList Service (ioloFileInfoList) - Unknown owner - C:\Program Files\iolo\common\lib\ioloServiceManager.exe

O23 - Service: iolo System Service (ioloSystemService) - Unknown owner - C:\Program Files\iolo\common\lib\ioloServiceManager.exe

O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe

O23 - Service: IBM Enterprise Extender (IPv4) (ldlcserv) - IBM Corporation - C:\WINNT\system32\Drivers\ldlcserv.exe

O23 - Service: IBM Enterprise Extender (IPv6) (ldlcserv6) - IBM Corporation - C:\WINNT\system32\Drivers\ldlcserv6.exe

O23 - Service: Lotus Notes Diagnostische Service (Lotus Notes Diagnostics) - IBM - C:\Program Files\IBM\Lotus\Notes\nsd.exe

O23 - Service: Lotus Notes Single Logon - IBM Corp - C:\Program Files\IBM\Lotus\Notes\nslsvice.exe

O23 - Service: McAfee Engine Service (McAfeeEngineService) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan Enterprise\EngineServer.exe

O23 - Service: McAfee Framework Service (McAfeeFramework) - McAfee, Inc. - C:\Program Files\McAfee\Common Framework\FrameworkService.exe

O23 - Service: McAfee McShield (McShield) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan Enterprise\Mcshield.exe

O23 - Service: McAfee Task Manager (McTaskManager) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan Enterprise\VsTskMgr.exe

O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - McAfee, Inc. - C:\WINNT\system32\mfevtps.exe

O23 - Service: Multi-user Cleanup Service - IBM Corp - C:\Program Files\IBM\Lotus\Notes\ntmulti.exe

O23 - Service: MVA-Team Service (mvaservice) - Unknown owner - C:\WINNT\System32\srvany.exe

O23 - Service: NICCONFIGSVC - Dell Inc. - C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe

O23 - Service: Sb2.Printer - Sb2 - C:\WINNT\system32\Sb2.Printer.exe

O23 - Service: SigmaTel Audio Service (STacSV) - SigmaTel, Inc. - C:\Program Files\SigmaTel\C-Major Audio\WDM\StacSV.exe

O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe

O23 - Service: IBM Traceerfunctie (TrcBoot) - IBM Corporation - C:\WINNT\system32\Drivers\trcboot.exe

O23 - Service: VNC Server (winvnc) - UltraVNC - C:\Program Files\UltraVNC\WinVNC.exe

--

End of file - 13313 bytes

Link naar reactie
Delen op andere sites

Ik vermoed dat je deze laptop ook op het werk gebruikt (of gebruikt hebt) want ik zie een aantal zaken die typisch zijn voor een bedrijfsnetwerk.

Die laat ik dus gewoon staan alhoewel die instellingen op je thuisnetwerk wel problemen kunnen geven.

Als je de laptop enkel nog thuis gebruikt, laat het dan weten en dan kunnen we alsnog deze instellingen aanpassen of verwijderen.

Start Hijackthis op. Ben je gebruiker van Vista of windows 7, klik dan met de rechter muisknop op de icoon en kies dan voor “Run as administrator" of "Uitvoeren als administrator".

Selecteer “Do a system scan only”.

Vink alleen de items aan die hieronder zijn genoemd:

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = 301 Moved Permanently

O18 - Protocol: schmap-help - (no CLSID) - (no file)

Klik op 'Fix checked' om de items te verwijderen.

Plaats een nieuw logje.

Link naar reactie
Delen op andere sites

Hallo,

het toestel wordt inderdaad op een bedrijfsnetwerk gebruikt.

Ik heb HiJackThis laten lopen en krijg een logje waar eigenaardig genoeg het item dat je hiervoor hebt vermeld NIET is opgenomen. Hierbij het logje:

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 8:24:09, on 5/10/2011

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v8.00 (8.00.6001.18702)

Boot mode: Normal

Running processes:

C:\WINNT\System32\smss.exe

C:\WINNT\system32\winlogon.exe

C:\WINNT\system32\services.exe

C:\WINNT\system32\lsass.exe

C:\WINNT\system32\Ati2evxx.exe

C:\WINNT\system32\svchost.exe

C:\WINNT\System32\svchost.exe

C:\WINNT\system32\svchost.exe

C:\WINNT\system32\Ati2evxx.exe

C:\WINNT\system32\spoolsv.exe

C:\WINNT\system32\Drivers\trcboot.exe

C:\Program Files\IBM\Personal Communications\PCS_AGNT.EXE

C:\Program Files\IObit\Advanced SystemCare 4\ASCService.exe

C:\Program Files\Connected\AgentSrv.EXE

C:\Program Files\Juniper Networks\Common Files\dsNcService.exe

C:\Program Files\iolo\common\lib\ioloServiceManager.exe

C:\Program Files\Java\jre6\bin\jqs.exe

C:\Program Files\IBM\Lotus\Notes\nsd.exe

C:\Program Files\IBM\Lotus\Notes\nslsvice.exe

C:\Program Files\McAfee\VirusScan Enterprise\EngineServer.exe

C:\Program Files\McAfee\Common Framework\FrameworkService.exe

C:\Program Files\McAfee\VirusScan Enterprise\VsTskMgr.exe

C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE

C:\WINNT\system32\mfevtps.exe

C:\Program Files\IBM\Lotus\Notes\ntmulti.exe

C:\WINNT\System32\srvany.exe

C:\WINNT\system32\mvaservice.exe

C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe

C:\Program Files\SigmaTel\C-Major Audio\WDM\StacSV.exe

C:\WINNT\system32\svchost.exe

C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe

C:\Program Files\UltraVNC\WinVNC.exe

C:\WINNT\system32\CCM\CLICOMP\RemCtrl\Wuser32.exe

C:\WINNT\system32\CCM\CcmExec.exe

C:\Program Files\McAfee\VirusScan Enterprise\Mcshield.exe

C:\WINNT\system32\Drivers\ldlcserv.exe

C:\WINNT\system32\Drivers\ldlcserv6.exe

C:\WINNT\Explorer.EXE

C:\WINNT\stsystra.exe

C:\Program Files\Dell\QuickSet\Quickset.exe

C:\Program Files\McAfee\Common Framework\udaterui.exe

C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe

C:\Program Files\IObit\Advanced SystemCare 4\Suo10_SmartRAM.exe

C:\WINNT\system32\ctfmon.exe

C:\Program Files\McAfee\Common Framework\McTray.exe

D:\Documents and Settings\pgadebac\Local Settings\Application Data\Google\Update\1.3.21.69\GoogleCrashHandler.exe

C:\Program Files\Connected\CBSysTray.exe

C:\Program Files\Stickies\stickies.exe

C:\Program Files\IBM\Lotus\Notes\NLNOTES.EXE

C:\Program Files\IBM\Lotus\Notes\NCDaemon.exe

C:\Program Files\IBM\Lotus\Notes\framework\rcp\eclipse\plugins\com.ibm.rcp.base_6.2.1.20090925-1604\win32\x86\notes2.exe

C:\Program Files\IBM\Lotus\Notes\ntaskldr.EXE

C:\Program Files\Adobe\Acrobat 7.0\Distillr\AcroTray.exe

D:\Documents and Settings\pgadebac\Local Settings\Application Data\Google\Chrome\Application\chrome.exe

D:\Documents and Settings\pgadebac\Local Settings\Application Data\Google\Chrome\Application\chrome.exe

C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://intranet/index.php?page=&langue=nl

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Downloads - Programmadownloads zijn gecheckt tegen virus en spyware

R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://10.2.31.212/homenl

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = http://intranet/proxy.pac

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen

O2 - BHO: Adobe PDF Reader Help bij koppelingen - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: DWABrowserHlprObj Class - {2709D830-B643-4e72-9A1E-701CFFFCF30C} - C:\WINNT\system32\dwabho.dll

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL

O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan Enterprise\scriptsn.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll

O4 - HKLM\..\Run: [sigmatelSysTrayApp] stsystra.exe

O4 - HKLM\..\Run: [shStatEXE] "C:\Program Files\McAfee\VirusScan Enterprise\SHSTAT.EXE" /STANDALONE

O4 - HKLM\..\Run: [Dell QuickSet] C:\Program Files\Dell\QuickSet\Quickset.exe

O4 - HKLM\..\Run: [Logon] C:\WINNT\system32\loglogon.exe

O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Program Files\McAfee\Common Framework\udaterui.exe" /StartedFromRunKey

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"

O4 - HKCU\..\Run: [smartRAM] "C:\Program Files\IObit\Advanced SystemCare 4\Suo10_SmartRAM.exe" /m

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINNT\system32\ctfmon.exe

O4 - HKCU\..\Run: [Google Update] "D:\Documents and Settings\pgadebac\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINNT\system32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\S-1-5-18\..\RunOnce: [FlashPlayerUpdate] C:\WINNT\system32\Macromed\Flash\FlashUtil10k_ActiveX.exe -update activex (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINNT\system32\CTFMON.EXE (User 'Default user')

O4 - HKUS\.DEFAULT\..\RunOnce: [FlashPlayerUpdate] C:\WINNT\system32\Macromed\Flash\FlashUtil10k_ActiveX.exe -update activex (User 'Default user')

O4 - Startup: Stickies.lnk = C:\Program Files\Stickies\stickies.exe

O4 - Global Startup: Taakbalkpictogram van Connected.LNK = C:\Program Files\Connected\CBSysTray.exe

O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINNT\system32\GPhotos.scr/200

O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000

O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINNT\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINNT\Network Diagnostic\xpnetdiag.exe

O15 - Trusted Zone: http://*.intranet

O15 - Trusted IP range: http://192.168.2.1

O15 - ESC Trusted IP range: http://192.168.2.1

O16 - DPF: {0F2AAAE3-7E9E-4B64-AB5D-1CA24C6ACB9C} (IBM Lotus iNotes 8.5 Control) - https://mail07-57.finbel.intra/dwa85W.cab

O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} (OnlineScanner Control) - http://download.eset.com/special/eos/OnlineScanner.cab

O16 - DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} (JuniperSetupClientControl Class) - https://extranet.minfin.be/dana-cached/sc/JuniperSetupClient.cab

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = finbel.intra

O17 - HKLM\Software\..\Telephony: DomainName = finbel.intra

O17 - HKLM\System\CCS\Services\Tcpip\..\{534DD674-1692-4B1B-A718-DAF433AFFF26}: Domain = finbel.intra

O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = finbel.intra

O17 - HKLM\System\CS1\Services\Tcpip\Parameters: SearchList = finbel.intra

O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = finbel.intra

O17 - HKLM\System\CS2\Services\Tcpip\Parameters: SearchList = finbel.intra

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: SearchList = finbel.intra

O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL

O18 - Protocol: schmap-help - (no CLSID) - (no file)

O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINNT\system32\browseui.dll

O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINNT\system32\browseui.dll

O22 - SharedTaskScheduler: FencesShellExt - {1984DD45-52CF-49cd-AB77-18F378FEA264} - C:\Program Files\Stardock\Fences\FencesMenu.dll

O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Unknown owner - C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe (file missing)

O23 - Service: Advanced SystemCare Service (AdvancedSystemCareService) - IObit - C:\Program Files\IObit\Advanced SystemCare 4\ASCService.exe

O23 - Service: Connected Agent Service (AgentSrv) - Connected Corporation - C:\Program Files\Connected\AgentSrv.EXE

O23 - Service: AppnNode - IBM Corporation - C:\WINNT\system32\Drivers\appnnode.exe

O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINNT\system32\Ati2evxx.exe

O23 - Service: Defragmentation-Service (DfSdkS) - mst software GmbH, Germany - C:\Program Files\Ashampoo\Ashampoo WinOptimizer 2010 Advanced\Dfsdks.exe

O23 - Service: Juniper Network Connect Service (dsNcService) - Juniper Networks - C:\Program Files\Juniper Networks\Common Files\dsNcService.exe

O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Google Updateservice (gupdate1c9c883e3eb492) (gupdate1c9c883e3eb492) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: iolo FileInfoList Service (ioloFileInfoList) - Unknown owner - C:\Program Files\iolo\common\lib\ioloServiceManager.exe

O23 - Service: iolo System Service (ioloSystemService) - Unknown owner - C:\Program Files\iolo\common\lib\ioloServiceManager.exe

O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe

O23 - Service: IBM Enterprise Extender (IPv4) (ldlcserv) - IBM Corporation - C:\WINNT\system32\Drivers\ldlcserv.exe

O23 - Service: IBM Enterprise Extender (IPv6) (ldlcserv6) - IBM Corporation - C:\WINNT\system32\Drivers\ldlcserv6.exe

O23 - Service: Lotus Notes Diagnostische Service (Lotus Notes Diagnostics) - IBM - C:\Program Files\IBM\Lotus\Notes\nsd.exe

O23 - Service: Lotus Notes Single Logon - IBM Corp - C:\Program Files\IBM\Lotus\Notes\nslsvice.exe

O23 - Service: McAfee Engine Service (McAfeeEngineService) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan Enterprise\EngineServer.exe

O23 - Service: McAfee Framework Service (McAfeeFramework) - McAfee, Inc. - C:\Program Files\McAfee\Common Framework\FrameworkService.exe

O23 - Service: McAfee McShield (McShield) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan Enterprise\Mcshield.exe

O23 - Service: McAfee Task Manager (McTaskManager) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan Enterprise\VsTskMgr.exe

O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - McAfee, Inc. - C:\WINNT\system32\mfevtps.exe

O23 - Service: Multi-user Cleanup Service - IBM Corp - C:\Program Files\IBM\Lotus\Notes\ntmulti.exe

O23 - Service: MVA-Team Service (mvaservice) - Unknown owner - C:\WINNT\System32\srvany.exe

O23 - Service: NICCONFIGSVC - Dell Inc. - C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe

O23 - Service: Sb2.Printer - Sb2 - C:\WINNT\system32\Sb2.Printer.exe

O23 - Service: SigmaTel Audio Service (STacSV) - SigmaTel, Inc. - C:\Program Files\SigmaTel\C-Major Audio\WDM\StacSV.exe

O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe

O23 - Service: IBM Traceerfunctie (TrcBoot) - IBM Corporation - C:\WINNT\system32\Drivers\trcboot.exe

O23 - Service: VNC Server (winvnc) - UltraVNC - C:\Program Files\UltraVNC\WinVNC.exe

--

End of file - 13220 bytes

Link naar reactie
Delen op andere sites

OK; maar de instellingen voor het bedrijfsnetwerk kunnen thuis misschien verbindingsproblemen geven.

Gebruik van lokale toepassingen zal in principe geen probleem zijn maar voor de netwerkverbindingen en browsers worden dus eerst de instellingen voor het bedrijfsnetwerk toegepast. Deze zijn echter onbruikbaar op je thuisnetwerk en geven ofwel foutmeldingen ofwel vertraging.

Ik zie ook dat je IObit Advanced System Care gebruikt.

Heb je dit zelf geinstalleerd of is door het bedrijf opgelegd?

Indien het niet door het bedrijf verplicht is, zou ik het weer verwijderen.

Dergelijke "systeem boosters" doen zo goed als nooit wat ze vooropstellen en in veel gevallen zitten ze vol (veiligheids)lekken en achterpoortjes waardoor de kans op malware besmettingen toeneemt ipv te verminderen.

Op termijn geven deze boosters dikwijls meer problemen dan ze oplossen.

Start Hijackthis op. Ben je gebruiker van Vista of windows 7, klik dan met de rechter muisknop op de icoon en kies dan voor “Run as administrator" of "Uitvoeren als administrator".

Selecteer “Do a system scan only”.

Vink alleen de items aan die hieronder zijn genoemd:

O18 - Protocol: schmap-help - (no CLSID) - (no file)

Klik op 'Fix checked' om de items te verwijderen.

Plaats een nieuw logje.

Link naar reactie
Delen op andere sites

Hallo,

ik heb IoBit Advanced SystemCare verwijderd.

Hetgeen moest verwijderd worden via Fix Checked komt na opnieuw scannen blijkbaar terug. Heb 2 X gescand en verwijderd.

Hierbij een nieuw logje:

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 16:58:38, on 5/10/2011

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v8.00 (8.00.6001.18702)

Boot mode: Normal

Running processes:

C:\WINNT\System32\smss.exe

C:\WINNT\system32\winlogon.exe

C:\WINNT\system32\services.exe

C:\WINNT\system32\lsass.exe

C:\WINNT\system32\Ati2evxx.exe

C:\WINNT\system32\svchost.exe

C:\WINNT\System32\svchost.exe

C:\WINNT\system32\svchost.exe

C:\WINNT\system32\Ati2evxx.exe

C:\WINNT\system32\spoolsv.exe

C:\WINNT\system32\Drivers\trcboot.exe

C:\Program Files\IBM\Personal Communications\PCS_AGNT.EXE

C:\Program Files\Connected\AgentSrv.EXE

C:\Program Files\Juniper Networks\Common Files\dsNcService.exe

C:\Program Files\iolo\common\lib\ioloServiceManager.exe

C:\Program Files\Java\jre6\bin\jqs.exe

C:\Program Files\IBM\Lotus\Notes\nsd.exe

C:\Program Files\IBM\Lotus\Notes\nslsvice.exe

C:\Program Files\McAfee\VirusScan Enterprise\EngineServer.exe

C:\Program Files\McAfee\Common Framework\FrameworkService.exe

C:\Program Files\McAfee\VirusScan Enterprise\VsTskMgr.exe

C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE

C:\WINNT\system32\mfevtps.exe

C:\Program Files\IBM\Lotus\Notes\ntmulti.exe

C:\WINNT\System32\srvany.exe

C:\WINNT\system32\mvaservice.exe

C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe

C:\Program Files\SigmaTel\C-Major Audio\WDM\StacSV.exe

C:\WINNT\system32\svchost.exe

C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe

C:\Program Files\UltraVNC\WinVNC.exe

C:\WINNT\system32\CCM\CLICOMP\RemCtrl\Wuser32.exe

C:\WINNT\system32\CCM\CcmExec.exe

C:\Program Files\McAfee\VirusScan Enterprise\Mcshield.exe

C:\WINNT\system32\Drivers\ldlcserv.exe

C:\WINNT\system32\Drivers\ldlcserv6.exe

C:\WINNT\Explorer.EXE

C:\WINNT\stsystra.exe

C:\Program Files\Dell\QuickSet\Quickset.exe

C:\Program Files\McAfee\Common Framework\udaterui.exe

C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe

C:\WINNT\system32\ctfmon.exe

C:\Program Files\McAfee\Common Framework\McTray.exe

D:\Documents and Settings\pgadebac\Local Settings\Application Data\Google\Update\1.3.21.69\GoogleCrashHandler.exe

C:\Program Files\Connected\CBSysTray.exe

C:\Program Files\Stickies\stickies.exe

C:\Program Files\IBM\Lotus\Notes\NLNOTES.EXE

C:\Program Files\IBM\Lotus\Notes\NCDaemon.exe

C:\Program Files\IBM\Lotus\Notes\framework\rcp\eclipse\plugins\com.ibm.rcp.base_6.2.1.20090925-1604\win32\x86\notes2.exe

C:\Program Files\IBM\Lotus\Notes\ntaskldr.EXE

C:\Program Files\Adobe\Acrobat 7.0\Distillr\AcroTray.exe

C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe

C:\Program Files\Common Files\InstallShield\UpdateService\agent.exe

D:\Documents and Settings\pgadebac\Local Settings\Application Data\Google\Chrome\Application\chrome.exe

D:\Documents and Settings\pgadebac\Local Settings\Application Data\Google\Chrome\Application\chrome.exe

C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://intranet/index.php?page=&langue=nl

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = 301 Moved Permanently

R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://10.2.31.212/homenl

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = http://intranet/proxy.pac

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen

O2 - BHO: Adobe PDF Reader Help bij koppelingen - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: DWABrowserHlprObj Class - {2709D830-B643-4e72-9A1E-701CFFFCF30C} - C:\WINNT\system32\dwabho.dll

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL

O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan Enterprise\scriptsn.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll

O4 - HKLM\..\Run: [sigmatelSysTrayApp] stsystra.exe

O4 - HKLM\..\Run: [shStatEXE] "C:\Program Files\McAfee\VirusScan Enterprise\SHSTAT.EXE" /STANDALONE

O4 - HKLM\..\Run: [Dell QuickSet] C:\Program Files\Dell\QuickSet\Quickset.exe

O4 - HKLM\..\Run: [Logon] C:\WINNT\system32\loglogon.exe

O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Program Files\McAfee\Common Framework\udaterui.exe" /StartedFromRunKey

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"

O4 - HKCU\..\Run: [smartRAM] "C:\Program Files\IObit\Advanced SystemCare 4\Suo10_SmartRAM.exe" /m

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINNT\system32\ctfmon.exe

O4 - HKCU\..\Run: [Google Update] "D:\Documents and Settings\pgadebac\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINNT\system32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\S-1-5-18\..\RunOnce: [FlashPlayerUpdate] C:\WINNT\system32\Macromed\Flash\FlashUtil10k_ActiveX.exe -update activex (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINNT\system32\CTFMON.EXE (User 'Default user')

O4 - HKUS\.DEFAULT\..\RunOnce: [FlashPlayerUpdate] C:\WINNT\system32\Macromed\Flash\FlashUtil10k_ActiveX.exe -update activex (User 'Default user')

O4 - Startup: Stickies.lnk = C:\Program Files\Stickies\stickies.exe

O4 - Global Startup: Taakbalkpictogram van Connected.LNK = C:\Program Files\Connected\CBSysTray.exe

O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINNT\system32\GPhotos.scr/200

O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000

O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINNT\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINNT\Network Diagnostic\xpnetdiag.exe

O15 - Trusted Zone: http://*.intranet

O15 - Trusted IP range: http://192.168.2.1

O15 - ESC Trusted IP range: http://192.168.2.1

O16 - DPF: {0F2AAAE3-7E9E-4B64-AB5D-1CA24C6ACB9C} (IBM Lotus iNotes 8.5 Control) - https://mail07-57.finbel.intra/dwa85W.cab

O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} (OnlineScanner Control) - http://download.eset.com/special/eos/OnlineScanner.cab

O16 - DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} (JuniperSetupClientControl Class) - https://extranet.minfin.be/dana-cached/sc/JuniperSetupClient.cab

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = finbel.intra

O17 - HKLM\Software\..\Telephony: DomainName = finbel.intra

O17 - HKLM\System\CCS\Services\Tcpip\..\{534DD674-1692-4B1B-A718-DAF433AFFF26}: Domain = finbel.intra

O17 - HKLM\System\CCS\Services\Tcpip\..\{D439AA8B-60D6-40E5-B794-7F7E8229E9E5}: NameServer = 10.20.128.201 10.23.142.11

O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = finbel.intra

O17 - HKLM\System\CS1\Services\Tcpip\Parameters: SearchList = finbel.intra

O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = finbel.intra

O17 - HKLM\System\CS2\Services\Tcpip\Parameters: SearchList = finbel.intra

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: SearchList = finbel.intra

O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL

O18 - Protocol: schmap-help - (no CLSID) - (no file)

O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINNT\system32\browseui.dll

O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINNT\system32\browseui.dll

O22 - SharedTaskScheduler: FencesShellExt - {1984DD45-52CF-49cd-AB77-18F378FEA264} - C:\Program Files\Stardock\Fences\FencesMenu.dll

O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Unknown owner - C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe (file missing)

O23 - Service: Connected Agent Service (AgentSrv) - Connected Corporation - C:\Program Files\Connected\AgentSrv.EXE

O23 - Service: AppnNode - IBM Corporation - C:\WINNT\system32\Drivers\appnnode.exe

O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINNT\system32\Ati2evxx.exe

O23 - Service: Juniper Network Connect Service (dsNcService) - Juniper Networks - C:\Program Files\Juniper Networks\Common Files\dsNcService.exe

O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Google Updateservice (gupdate1c9c883e3eb492) (gupdate1c9c883e3eb492) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: iolo FileInfoList Service (ioloFileInfoList) - Unknown owner - C:\Program Files\iolo\common\lib\ioloServiceManager.exe

O23 - Service: iolo System Service (ioloSystemService) - Unknown owner - C:\Program Files\iolo\common\lib\ioloServiceManager.exe

O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe

O23 - Service: IBM Enterprise Extender (IPv4) (ldlcserv) - IBM Corporation - C:\WINNT\system32\Drivers\ldlcserv.exe

O23 - Service: IBM Enterprise Extender (IPv6) (ldlcserv6) - IBM Corporation - C:\WINNT\system32\Drivers\ldlcserv6.exe

O23 - Service: Lotus Notes Diagnostische Service (Lotus Notes Diagnostics) - IBM - C:\Program Files\IBM\Lotus\Notes\nsd.exe

O23 - Service: Lotus Notes Single Logon - IBM Corp - C:\Program Files\IBM\Lotus\Notes\nslsvice.exe

O23 - Service: McAfee Engine Service (McAfeeEngineService) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan Enterprise\EngineServer.exe

O23 - Service: McAfee Framework Service (McAfeeFramework) - McAfee, Inc. - C:\Program Files\McAfee\Common Framework\FrameworkService.exe

O23 - Service: McAfee McShield (McShield) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan Enterprise\Mcshield.exe

O23 - Service: McAfee Task Manager (McTaskManager) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan Enterprise\VsTskMgr.exe

O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - McAfee, Inc. - C:\WINNT\system32\mfevtps.exe

O23 - Service: Multi-user Cleanup Service - IBM Corp - C:\Program Files\IBM\Lotus\Notes\ntmulti.exe

O23 - Service: MVA-Team Service (mvaservice) - Unknown owner - C:\WINNT\System32\srvany.exe

O23 - Service: NICCONFIGSVC - Dell Inc. - C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe

O23 - Service: Sb2.Printer - Sb2 - C:\WINNT\system32\Sb2.Printer.exe

O23 - Service: SigmaTel Audio Service (STacSV) - SigmaTel, Inc. - C:\Program Files\SigmaTel\C-Major Audio\WDM\StacSV.exe

O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe

O23 - Service: IBM Traceerfunctie (TrcBoot) - IBM Corporation - C:\WINNT\system32\Drivers\trcboot.exe

O23 - Service: VNC Server (winvnc) - UltraVNC - C:\Program Files\UltraVNC\WinVNC.exe

--

End of file - 13063 bytes

Link naar reactie
Delen op andere sites

Ga naar start - alle programma's - bureauaccesoires.

Zoek het icoon van het opdrachtprompt en klik er op met de rechter muisknop en kies dan in het lijstje voor uitvoeren als administrator om het opdrachtprompt te openen.

Tik in: sc stop AcrSch2Svc en druk op Enter.

Tik in: sc delete AcrSch2Svc en druk op Enter.

Start hijackthis op als administrator (Rechts klik en dan uitvoeren als administrator).

Probeer dan die ene lijn nogmaals te fixen.

Als het nog niet lukt, probeer het dan in veilige modus en log in met de account administrator.

Link naar reactie
Delen op andere sites

Ik heb de sc delete AcrSch2Svc uitgevoerd. Krijg als antwoord dat delete succesvol was. AcrSch2Svc heeft blijkbaar betrekking op Acronis True Image. Wat is de link met de O18 - Protocol: schmap-help - (no CLSID) - (no file) die moet gefixt worden ?

Heb meermaals Fix Checked uitgevoerd op O18, maar deze blijft in de log verschijnen.

Zie log:

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 11:56:28, on 9/10/2011

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v8.00 (8.00.6001.18702)

Boot mode: Normal

Running processes:

C:\WINNT\System32\smss.exe

C:\WINNT\system32\winlogon.exe

C:\WINNT\system32\services.exe

C:\WINNT\system32\lsass.exe

C:\WINNT\system32\Ati2evxx.exe

C:\WINNT\system32\svchost.exe

C:\WINNT\System32\svchost.exe

C:\WINNT\system32\svchost.exe

C:\WINNT\system32\Ati2evxx.exe

C:\WINNT\system32\spoolsv.exe

C:\WINNT\system32\Drivers\trcboot.exe

C:\Program Files\IBM\Personal Communications\PCS_AGNT.EXE

C:\Program Files\Connected\AgentSrv.EXE

C:\Program Files\Juniper Networks\Common Files\dsNcService.exe

C:\Program Files\iolo\common\lib\ioloServiceManager.exe

C:\Program Files\Java\jre6\bin\jqs.exe

C:\Program Files\IBM\Lotus\Notes\nsd.exe

C:\Program Files\IBM\Lotus\Notes\nslsvice.exe

C:\Program Files\McAfee\VirusScan Enterprise\EngineServer.exe

C:\Program Files\McAfee\Common Framework\FrameworkService.exe

C:\Program Files\McAfee\VirusScan Enterprise\VsTskMgr.exe

C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE

C:\WINNT\system32\mfevtps.exe

C:\Program Files\IBM\Lotus\Notes\ntmulti.exe

C:\WINNT\System32\srvany.exe

C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe

C:\WINNT\system32\mvaservice.exe

C:\Program Files\SigmaTel\C-Major Audio\WDM\StacSV.exe

C:\WINNT\Explorer.EXE

C:\WINNT\system32\svchost.exe

C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe

C:\Program Files\UltraVNC\WinVNC.exe

C:\WINNT\system32\CCM\CLICOMP\RemCtrl\Wuser32.exe

C:\WINNT\system32\CCM\CcmExec.exe

C:\Program Files\McAfee\VirusScan Enterprise\Mcshield.exe

C:\WINNT\system32\Drivers\ldlcserv.exe

C:\WINNT\system32\Drivers\ldlcserv6.exe

C:\WINNT\stsystra.exe

C:\Program Files\Dell\QuickSet\Quickset.exe

C:\Program Files\McAfee\Common Framework\udaterui.exe

C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe

C:\WINNT\system32\ctfmon.exe

D:\Documents and Settings\pgadebac\Local Settings\Application Data\Google\Update\1.3.21.69\GoogleCrashHandler.exe

C:\Program Files\McAfee\Common Framework\McTray.exe

C:\Program Files\Connected\CBSysTray.exe

C:\Program Files\Stickies\stickies.exe

C:\Program Files\IBM\Lotus\Notes\NLNOTES.EXE

C:\Program Files\IBM\Lotus\Notes\NCDaemon.exe

C:\Program Files\IBM\Lotus\Notes\framework\rcp\eclipse\plugins\com.ibm.rcp.base_6.2.1.20090925-1604\win32\x86\notes2.exe

C:\Program Files\IBM\Lotus\Notes\ntaskldr.EXE

C:\Program Files\Internet Explorer\IEXPLORE.EXE

C:\Program Files\Internet Explorer\IEXPLORE.EXE

C:\Program Files\Internet Explorer\IEXPLORE.EXE

C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://intranet/index.php?page=&langue=nl

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = 301 Moved Permanently

R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://10.2.31.212/homenl

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = http://intranet/proxy.pac

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen

O2 - BHO: Adobe PDF Reader Help bij koppelingen - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: DWABrowserHlprObj Class - {2709D830-B643-4e72-9A1E-701CFFFCF30C} - C:\WINNT\system32\dwabho.dll

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL

O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan Enterprise\scriptsn.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll

O4 - HKLM\..\Run: [sigmatelSysTrayApp] stsystra.exe

O4 - HKLM\..\Run: [shStatEXE] "C:\Program Files\McAfee\VirusScan Enterprise\SHSTAT.EXE" /STANDALONE

O4 - HKLM\..\Run: [Dell QuickSet] C:\Program Files\Dell\QuickSet\Quickset.exe

O4 - HKLM\..\Run: [Logon] C:\WINNT\system32\loglogon.exe

O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Program Files\McAfee\Common Framework\udaterui.exe" /StartedFromRunKey

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINNT\system32\ctfmon.exe

O4 - HKCU\..\Run: [Google Update] "D:\Documents and Settings\pgadebac\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINNT\system32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\S-1-5-18\..\RunOnce: [FlashPlayerUpdate] C:\WINNT\system32\Macromed\Flash\FlashUtil10k_ActiveX.exe -update activex (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINNT\system32\CTFMON.EXE (User 'Default user')

O4 - HKUS\.DEFAULT\..\RunOnce: [FlashPlayerUpdate] C:\WINNT\system32\Macromed\Flash\FlashUtil10k_ActiveX.exe -update activex (User 'Default user')

O4 - Startup: Stickies.lnk = C:\Program Files\Stickies\stickies.exe

O4 - Global Startup: Taakbalkpictogram van Connected.LNK = C:\Program Files\Connected\CBSysTray.exe

O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINNT\system32\GPhotos.scr/200

O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000

O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINNT\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINNT\Network Diagnostic\xpnetdiag.exe

O15 - Trusted Zone: http://*.intranet

O15 - Trusted IP range: http://192.168.2.1

O15 - ESC Trusted IP range: http://192.168.2.1

O16 - DPF: {0F2AAAE3-7E9E-4B64-AB5D-1CA24C6ACB9C} (IBM Lotus iNotes 8.5 Control) - https://mail07-57.finbel.intra/dwa85W.cab

O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} (OnlineScanner Control) - http://download.eset.com/special/eos/OnlineScanner.cab

O16 - DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} (JuniperSetupClientControl Class) - https://extranet.minfin.be/dana-cached/sc/JuniperSetupClient.cab

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = finbel.intra

O17 - HKLM\Software\..\Telephony: DomainName = finbel.intra

O17 - HKLM\System\CCS\Services\Tcpip\..\{534DD674-1692-4B1B-A718-DAF433AFFF26}: Domain = finbel.intra

O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = finbel.intra

O17 - HKLM\System\CS1\Services\Tcpip\Parameters: SearchList = finbel.intra

O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = finbel.intra

O17 - HKLM\System\CS2\Services\Tcpip\Parameters: SearchList = finbel.intra

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: SearchList = finbel.intra

O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL

O18 - Protocol: schmap-help - (no CLSID) - (no file)

O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINNT\system32\browseui.dll

O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINNT\system32\browseui.dll

O22 - SharedTaskScheduler: FencesShellExt - {1984DD45-52CF-49cd-AB77-18F378FEA264} - C:\Program Files\Stardock\Fences\FencesMenu.dll

O23 - Service: Connected Agent Service (AgentSrv) - Connected Corporation - C:\Program Files\Connected\AgentSrv.EXE

O23 - Service: AppnNode - IBM Corporation - C:\WINNT\system32\Drivers\appnnode.exe

O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINNT\system32\Ati2evxx.exe

O23 - Service: Juniper Network Connect Service (dsNcService) - Juniper Networks - C:\Program Files\Juniper Networks\Common Files\dsNcService.exe

O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Google Updateservice (gupdate1c9c883e3eb492) (gupdate1c9c883e3eb492) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: iolo FileInfoList Service (ioloFileInfoList) - Unknown owner - C:\Program Files\iolo\common\lib\ioloServiceManager.exe

O23 - Service: iolo System Service (ioloSystemService) - Unknown owner - C:\Program Files\iolo\common\lib\ioloServiceManager.exe

O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe

O23 - Service: IBM Enterprise Extender (IPv4) (ldlcserv) - IBM Corporation - C:\WINNT\system32\Drivers\ldlcserv.exe

O23 - Service: IBM Enterprise Extender (IPv6) (ldlcserv6) - IBM Corporation - C:\WINNT\system32\Drivers\ldlcserv6.exe

O23 - Service: Lotus Notes Diagnostische Service (Lotus Notes Diagnostics) - IBM - C:\Program Files\IBM\Lotus\Notes\nsd.exe

O23 - Service: Lotus Notes Single Logon - IBM Corp - C:\Program Files\IBM\Lotus\Notes\nslsvice.exe

O23 - Service: McAfee Engine Service (McAfeeEngineService) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan Enterprise\EngineServer.exe

O23 - Service: McAfee Framework Service (McAfeeFramework) - McAfee, Inc. - C:\Program Files\McAfee\Common Framework\FrameworkService.exe

O23 - Service: McAfee McShield (McShield) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan Enterprise\Mcshield.exe

O23 - Service: McAfee Task Manager (McTaskManager) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan Enterprise\VsTskMgr.exe

O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - McAfee, Inc. - C:\WINNT\system32\mfevtps.exe

O23 - Service: Multi-user Cleanup Service - IBM Corp - C:\Program Files\IBM\Lotus\Notes\ntmulti.exe

O23 - Service: MVA-Team Service (mvaservice) - Unknown owner - C:\WINNT\System32\srvany.exe

O23 - Service: NICCONFIGSVC - Dell Inc. - C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe

O23 - Service: Sb2.Printer - Sb2 - C:\WINNT\system32\Sb2.Printer.exe

O23 - Service: SigmaTel Audio Service (STacSV) - SigmaTel, Inc. - C:\Program Files\SigmaTel\C-Major Audio\WDM\StacSV.exe

O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe

O23 - Service: IBM Traceerfunctie (TrcBoot) - IBM Corporation - C:\WINNT\system32\Drivers\trcboot.exe

O23 - Service: VNC Server (winvnc) - UltraVNC - C:\Program Files\UltraVNC\WinVNC.exe

--

End of file - 12430 bytes

Link naar reactie
Delen op andere sites

Er is geen link tussen Acronis en die 018 lijn.

Die 018 lijn zou er zo moeten uitzien.

O18 - Protocol: schmap-help - {2CF664A0-5EA6-47B5-884C-433A60145F78} - C:\Program Files\Schmap\Schmap Player\SchmapDocLib.dll

Dit zou komen van de site London - Real-time local buzz of van een toepassing die Schmap Player heet.

Als dit allemaal niets zegt, kijk dan eens in het configuratiescherm bij programma's en onderdelen of deze toepassing geinstalleerd is en probeer deze dan te verwijderen.

Link naar reactie
Delen op andere sites


×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.