Vraag & Antwoord

Beveiliging & privacy

alweer een hijackthis logfile ........

4 antwoorden
  • Het zou kunnen, dat er ongerechtigheid in mijn systeem zit. Wil misschien iemand onderstaand logfile uitvlooien ? Alvast bedankt! :D :D :D Logfile of HijackThis v1.99.1 Scan saved at 13:15:58, on 5-2-2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: G:\WINDOWS\System32\smss.exe G:\WINDOWS\system32\winlogon.exe G:\WINDOWS\system32\services.exe G:\WINDOWS\system32\lsass.exe G:\WINDOWS\system32\Ati2evxx.exe G:\WINDOWS\system32\svchost.exe G:\WINDOWS\System32\svchost.exe G:\Program Files\Common Files\Symantec Shared\ccProxy.exe G:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe G:\Program Files\Norton Internet Security\ISSVC.exe G:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe G:\WINDOWS\system32\Ati2evxx.exe G:\WINDOWS\Explorer.EXE G:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe G:\WINDOWS\system32\spoolsv.exe G:\Program Files\Executive Software\Diskeeper\DkService.exe G:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe G:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe G:\Program Files\Eset\nod32krn.exe G:\Program Files\Norton SystemWorks\Norton Ghost\Agent\PQV2iSvc.exe G:\PROGRA~1\NORTON~1\NORTON~1\NPROTECT.EXE G:\PROGRA~1\NORTON~1\NORTON~1\SPEEDD~1\NOPDB.EXE G:\WINDOWS\System32\svchost.exe G:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe G:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe G:\WINDOWS\system32\fxssvc.exe G:\WINDOWS\System32\wbem\wmiapsrv.exe H:\Program Files\BillP Studios\WinPatrol\WinPatrol.exe G:\Program Files\hcchulp\v2\hcchulp.exe G:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe G:\Program Files\Common Files\Symantec Shared\ccApp.exe H:\Program Files\Microsoft AntiSpyware\gcasServ.exe H:\Program Files\Wallpaper Master\Wallpaper.exe G:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe H:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe G:\Program Files\DAP\DAP.EXE G:\WINDOWS\system32\taskswitch.exe G:\Program Files\Virtual Magnifying Glass\Magnifying Glass.exe G:\Program Files\Strokeit\strokeit.exe G:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe G:\WINDOWS\system32\ctfmon.exe G:\Program Files\BOINC\boincmgr.exe H:\Program Files\MRU-Blaster\scheduler.exe G:\Program Files\Microsoft Office\Office10\msoffice.exe G:\Program Files\BOINC\boinc.exe G:\Program Files\BOINC\projects\setiathome.berkeley.edu\setiathome_4.18_windows_intelx86.exe H:\Program Files\MailWasher Pro\MailWasher.exe G:\Program Files\MSN Messenger\msnmsgr.exe G:\Program Files\Internet Explorer\iexplore.exe G:\Program Files\Common Files\Symantec Shared\AdBlocking\NSMdtr.exe G:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe G:\Program Files\Google\Google Desktop Search\GoogleDesktopIndex.exe G:\Program Files\Google\Google Desktop Search\GoogleDesktopDisplay.exe G:\Program Files\Google\Google Desktop Search\GoogleDesktopCrawl.exe G:\Program Files\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.zoeken.nl/?sttname=ie_rsearch R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.hccmagazine.nl/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.zoeken.nl/?sttname=ie_rsearch R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.hccmagazine.nl R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.zoeken.nl/?query=%s R1 - HKLM\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.zoeken.nl/?query=%s R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 127.0.0.1:4001 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen O2 - BHO: DAPHelper Class - {0000CC75-ACF3-4cac-A0A9-DD3868E06852} - G:\Program Files\DAP\DAPBHO.DLL O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - H:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: IeCaptureBho Object - {7c1ce531-09e9-4fc5-9803-1c2956615786} - G:\Program Files\Google\Google Desktop Search\GoogleDesktopIE.dll O2 - BHO: CNisExtBho Class - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - G:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - G:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - g:\program files\google\googletoolbar2.dll O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - G:\Program Files\MSN Apps\MSN Toolbar\01.02.3000.1001\en-xu\msntb.dll O3 - Toolbar: Norton Internet Security - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - G:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - G:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll O3 - Toolbar: (no name) - {0BFDDA12-9C1A-46B8-9681-AFF63C2A1EF0} - (no file) O4 - HKLM\..\Run: [WinPatrol] H:\Program Files\BillP Studios\WinPatrol\WinPatrol.exe O4 - HKLM\..\Run: [HCChulp] G:\Program Files\hcchulp\v2\hcchulp.exe O4 - HKLM\..\Run: [ATIPTA] G:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: [Symantec NetDriver Monitor] G:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer O4 - HKLM\..\Run: [ccApp] "G:\Program Files\Common Files\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [gcasServ] "H:\Program Files\Microsoft AntiSpyware\gcasServ.exe" O4 - HKLM\..\Run: [DiskeeperSystray] "G:\Program Files\Executive Software\Diskeeper\DkIcon.exe" O4 - HKLM\..\Run: [WallpaperChanger] H:\Program Files\Wallpaper Master\Wallpaper.exe O4 - HKLM\..\Run: [SpySweeper] "G:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe" /startintray O4 - HKLM\..\Run: [DownloadAccelerator] "G:\Program Files\DAP\DAP.EXE" /STARTUP O4 - HKLM\..\Run: [CoolSwitch] G:\WINDOWS\system32\taskswitch.exe O4 - HKLM\..\RunOnce: [MRUBlaster] H:\Program Files\MRU-Blaster\indexcleaner.exe -COOKIES O4 - HKCU\..\Run: [MagnifyingGlass] G:\Program Files\Virtual Magnifying Glass\Magnifying Glass.exe /autorun O4 - HKCU\..\Run: [StrokeIt] G:\Program Files\Strokeit\strokeit.exe O4 - HKCU\..\Run: [Gadwin PrintScreen 3.0] G:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe /nosplash O4 - HKCU\..\Run: [ctfmon.exe] G:\WINDOWS\system32\ctfmon.exe O4 - Startup: BOINC Manager.lnk = G:\Program Files\BOINC\boincmgr.exe O4 - Startup: MRU-Blaster Scheduler.lnk = H:\Program Files\MRU-Blaster\scheduler.exe O4 - Startup: MRU-Blaster Silent Clean.lnk = H:\Program Files\MRU-Blaster\mrublaster.exe O4 - Global Startup: Microsoft Office.lnk = G:\Program Files\Microsoft Office\Office10\OSA.EXE O8 - Extra context menu item: &Download with &DAP - G:\Program Files\DAP\dapextie.htm O8 - Extra context menu item: &Google Search - res://g:\program files\google\GoogleToolbar2.dll/cmsearch.html O8 - Extra context menu item: Backward Links - res://g:\program files\google\GoogleToolbar2.dll/cmbacklinks.html O8 - Extra context menu item: Cached Snapshot of Page - res://g:\program files\google\GoogleToolbar2.dll/cmcache.html O8 - Extra context menu item: Download &all with DAP - G:\Program Files\DAP\dapextie2.htm O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://G:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 O8 - Extra context menu item: Save Flash - res://G:\Program Files\UnH Solutions\Flash Saving Plugin\FlashSButton.dll/210 O8 - Extra context menu item: Similar Pages - res://g:\program files\google\GoogleToolbar2.dll/cmsimilar.html O8 - Extra context menu item: Translate into English - res://g:\program files\google\GoogleToolbar2.dll/cmtrans.html O9 - Extra button: (no name) - AutorunsDisabled - (no file) O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - G:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - G:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll O9 - Extra button: Subscribe in Desktop Sidebar - {09FE188B-6E85-479e-9411-51FB2220DF80} - H:\Program Files\Desktop Sidebar\sbhelp.dll O9 - Extra 'Tools' menuitem: Subscribe in Desktop Sidebar - {09FE188B-6E85-479e-9411-51FB2220DF80} - H:\Program Files\Desktop Sidebar\sbhelp.dll O9 - Extra button: (no name) - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - (no file) O9 - Extra button: FreeToGoSwitch - {A888F560-58E4-11d0-A68A-000000000000} - G:\WINDOWS\System32\shdocvw.dll O9 - Extra button: Flash - {43CF38F3-5AEC-45a3-AD31-04EB06E9C6CA} - G:\Program Files\UnH Solutions\Flash Saving Plugin\FlashSButton.dll (HKCU) O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "G:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing) O20 - Winlogon Notify: WRNotifier - G:\WINDOWS\SYSTEM32\WRLogonNTF.dll O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - G:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - G:\WINDOWS\system32\ati2sgag.exe O23 - Service: AutoWhat Registry Service (AutoWhatService) - Ziff Davis Media, Inc. - G:\Program Files\PC Magazine Utilities\AutoWhat\Autoserv.exe O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - G:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - G:\Program Files\Common Files\Symantec Shared\ccProxy.exe O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - G:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - G:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe O23 - Service: Diskeeper - Executive Software International, Inc. - G:\Program Files\Executive Software\Diskeeper\DkService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - G:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPodService - Apple Computer, Inc. - G:\Program Files\iPod\bin\iPodService.exe O23 - Service: ISSvc (ISSVC) - Symantec Corporation - G:\Program Files\Norton Internet Security\ISSVC.exe O23 - Service: Norton AntiVirus Auto-Protect-service (navapsvc) - Symantec Corporation - G:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - G:\Program Files\Eset\nod32krn.exe O23 - Service: Norton Ghost - Symantec Corporation - G:\Program Files\Norton SystemWorks\Norton Ghost\Agent\PQV2iSvc.exe O23 - Service: Norton Unerase Protection (NProtectService) - Symantec Corporation - G:\PROGRA~1\NORTON~1\NORTON~1\NPROTECT.EXE O23 - Service: Sandra Data Service (SandraDataSrv) - SiSoftware - G:\Program Files\SiSoftware\SiSoftware Sandra Lite 2005.SR2a\RpcDataSrv.exe O23 - Service: Sandra Service (SandraTheSrv) - SiSoftware - G:\Program Files\SiSoftware\SiSoftware Sandra Lite 2005.SR2a\RpcSandraSrv.exe O23 - Service: SAVScan - Symantec Corporation - G:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - G:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - G:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - G:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe O23 - Service: Speed Disk service - Symantec Corporation - G:\PROGRA~1\NORTON~1\NORTON~1\SPEEDD~1\NOPDB.EXE O23 - Service: Webroot Spy Sweeper Engine (svcWRSSSDK) - Webroot Software, Inc. - G:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe O23 - Service: Symantec Core LC - Symantec Corporation - G:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
  • Deze regels mag je aanvinken en via de knop "Fix checked" verwijderen met HijackThis: [b:bfa94a9d32]O3 - Toolbar: (no name) - {0BFDDA12-9C1A-46B8-9681-AFF63C2A1EF0} - (no file) O9 - Extra button: (no name) - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - (no file)[/b:bfa94a9d32] Voor de rest zie ik geen problemen in je log. Zijn er problemen met je systeem?
  • Bedankt! Mijn systeem doet over het algemeen wel, wat ik graag wil, alleen dacht ik, dat er misschien iets geks in was terechtgekomen. Ik kom n.l. wel eens op sites, waar gestemd kan worden. Als ik dat dan doe, voeg ik vaak niet één, maar 10 of 20 stemmen toe (vote stacking). Het lijkt er op, dat dit met Firefox veel vaker gebeurt dan met IE. Vandaar.
  • Bij nader inzien, vink deze ook maar eens aan: [b:c4cec2cc88]O9 - Extra button: (no name) - AutorunsDisabled - (no file) O9 - Extra button: Subscribe in Desktop Sidebar - {09FE188B-6E85-479e-9411-51FB2220DF80} - H:\Program Files\Desktop Sidebar\sbhelp.dll O9 - Extra 'Tools' menuitem: Subscribe in Desktop Sidebar - {09FE188B-6E85-479e-9411-51FB2220DF80} - H:\Program Files\Desktop Sidebar\sbhelp.dll O9 - Extra button: FreeToGoSwitch - {A888F560-58E4-11d0-A68A-000000000000} - G:\WINDOWS\System32\shdocvw.dll[/b:c4cec2cc88] Daarna alle open vensters sluiten en op de knop "Fix checked" klikken. De computer herstarten en deze map verwijderen: H:\Program Files\[b:c4cec2cc88]Desktop Sidebar[/b:c4cec2cc88]\

Beantwoord deze vraag

Weet jij het antwoord op deze vraag? Registreer of meld je aan met je account

Dit is een gearchiveerde pagina. Antwoorden is niet meer mogelijk.