Op deze website gebruiken we cookies om content en advertenties te personaliseren, om functies voor social media te bieden en om ons websiteverkeer te analyseren. Ook delen we informatie over uw gebruik van onze site met onze partners voor social media, adverteren en analyse. Deze partners kunnen deze gegevens combineren met andere informatie die u aan ze heeft verstrekt of die ze hebben verzameld op basis van uw gebruik van hun services. Meer informatie.

Akkoord

Vraag & Antwoord

Beveiliging & privacy

alweer een hijackthis logfile ........

None
4 antwoorden
  • Het zou kunnen, dat er ongerechtigheid in mijn systeem zit. Wil misschien iemand onderstaand logfile uitvlooien ? Alvast bedankt! :D :D :D

    Logfile of HijackThis v1.99.1
    Scan saved at 13:15:58, on 5-2-2006
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

    Running processes:
    G:\WINDOWS\System32\smss.exe
    G:\WINDOWS\system32\winlogon.exe
    G:\WINDOWS\system32\services.exe
    G:\WINDOWS\system32\lsass.exe
    G:\WINDOWS\system32\Ati2evxx.exe
    G:\WINDOWS\system32\svchost.exe
    G:\WINDOWS\System32\svchost.exe
    G:\Program Files\Common Files\Symantec Shared\ccProxy.exe
    G:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
    G:\Program Files\Norton Internet Security\ISSVC.exe
    G:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
    G:\WINDOWS\system32\Ati2evxx.exe
    G:\WINDOWS\Explorer.EXE
    G:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
    G:\WINDOWS\system32\spoolsv.exe
    G:\Program Files\Executive Software\Diskeeper\DkService.exe
    G:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
    G:\Program Files\Norton Internet Security\Norton AntiVirus
    avapsvc.exe
    G:\Program Files\Eset
    od32krn.exe
    G:\Program Files\Norton SystemWorks\Norton Ghost\Agent\PQV2iSvc.exe
    G:\PROGRA~1\NORTON~1\NORTON~1\NPROTECT.EXE
    G:\PROGRA~1\NORTON~1\NORTON~1\SPEEDD~1\NOPDB.EXE
    G:\WINDOWS\System32\svchost.exe
    G:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe
    G:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe

    G:\WINDOWS\system32\fxssvc.exe
    G:\WINDOWS\System32\wbem\wmiapsrv.exe
    H:\Program Files\BillP Studios\WinPatrol\WinPatrol.exe
    G:\Program Files\hcchulp\v2\hcchulp.exe
    G:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
    G:\Program Files\Common Files\Symantec Shared\ccApp.exe
    H:\Program Files\Microsoft AntiSpyware\gcasServ.exe
    H:\Program Files\Wallpaper Master\Wallpaper.exe
    G:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
    H:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe
    G:\Program Files\DAP\DAP.EXE
    G:\WINDOWS\system32\taskswitch.exe
    G:\Program Files\Virtual Magnifying Glass\Magnifying Glass.exe
    G:\Program Files\Strokeit\strokeit.exe
    G:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe
    G:\WINDOWS\system32\ctfmon.exe
    G:\Program Files\BOINC\boincmgr.exe
    H:\Program Files\MRU-Blaster\scheduler.exe
    G:\Program Files\Microsoft Office\Office10\msoffice.exe
    G:\Program Files\BOINC\boinc.exe
    G:\Program Files\BOINC\projects\setiathome.berkeley.edu\setiathome_4.18_windows_intelx86.exe
    H:\Program Files\MailWasher Pro\MailWasher.exe
    G:\Program Files\MSN Messenger\msnmsgr.exe
    G:\Program Files\Internet Explorer\iexplore.exe
    G:\Program Files\Common Files\Symantec Shared\AdBlocking\NSMdtr.exe
    G:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
    G:\Program Files\Google\Google Desktop Search\GoogleDesktopIndex.exe
    G:\Program Files\Google\Google Desktop Search\GoogleDesktopDisplay.exe
    G:\Program Files\Google\Google Desktop Search\GoogleDesktopCrawl.exe
    G:\Program Files\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.zoeken.nl/?sttname=ie_rsearch
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.hccmagazine.nl/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.zoeken.nl/?sttname=ie_rsearch
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.hccmagazine.nl
    R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.zoeken.nl/?query=%s
    R1 - HKLM\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.zoeken.nl/?query=%s
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 127.0.0.1:4001
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
    O2 - BHO: DAPHelper Class - {0000CC75-ACF3-4cac-A0A9-DD3868E06852} - G:\Program Files\DAP\DAPBHO.DLL
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - H:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: IeCaptureBho Object - {7c1ce531-09e9-4fc5-9803-1c2956615786} - G:\Program Files\Google\Google Desktop Search\GoogleDesktopIE.dll
    O2 - BHO: CNisExtBho Class - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - G:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
    O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - G:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - g:\program files\google\googletoolbar2.dll
    O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - G:\Program Files\MSN Apps\MSN Toolbar\01.02.3000.1001\en-xu\msntb.dll
    O3 - Toolbar: Norton Internet Security - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - G:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
    O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - G:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
    O3 - Toolbar: (no name) - {0BFDDA12-9C1A-46B8-9681-AFF63C2A1EF0} - (no file)
    O4 - HKLM\..\Run: [WinPatrol] H:\Program Files\BillP Studios\WinPatrol\WinPatrol.exe
    O4 - HKLM\..\Run: [HCChulp] G:\Program Files\hcchulp\v2\hcchulp.exe
    O4 - HKLM\..\Run: [ATIPTA] G:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
    O4 - HKLM\..\Run: [Symantec NetDriver Monitor] G:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
    O4 - HKLM\..\Run: [ccApp] "G:\Program Files\Common Files\Symantec Shared\ccApp.exe"
    O4 - HKLM\..\Run: [gcasServ] "H:\Program Files\Microsoft AntiSpyware\gcasServ.exe"
    O4 - HKLM\..\Run: [DiskeeperSystray] "G:\Program Files\Executive Software\Diskeeper\DkIcon.exe"
    O4 - HKLM\..\Run: [WallpaperChanger] H:\Program Files\Wallpaper Master\Wallpaper.exe
    O4 - HKLM\..\Run: [SpySweeper] "G:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe" /startintray
    O4 - HKLM\..\Run: [DownloadAccelerator] "G:\Program Files\DAP\DAP.EXE" /STARTUP
    O4 - HKLM\..\Run: [CoolSwitch] G:\WINDOWS\system32\taskswitch.exe
    O4 - HKLM\..\RunOnce: [MRUBlaster] H:\Program Files\MRU-Blaster\indexcleaner.exe -COOKIES
    O4 - HKCU\..\Run: [MagnifyingGlass] G:\Program Files\Virtual Magnifying Glass\Magnifying Glass.exe /autorun
    O4 - HKCU\..\Run: [StrokeIt] G:\Program Files\Strokeit\strokeit.exe
    O4 - HKCU\..\Run: [Gadwin PrintScreen 3.0] G:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe /nosplash
    O4 - HKCU\..\Run: [ctfmon.exe] G:\WINDOWS\system32\ctfmon.exe
    O4 - Startup: BOINC Manager.lnk = G:\Program Files\BOINC\boincmgr.exe
    O4 - Startup: MRU-Blaster Scheduler.lnk = H:\Program Files\MRU-Blaster\scheduler.exe
    O4 - Startup: MRU-Blaster Silent Clean.lnk = H:\Program Files\MRU-Blaster\mrublaster.exe
    O4 - Global Startup: Microsoft Office.lnk = G:\Program Files\Microsoft Office\Office10\OSA.EXE
    O8 - Extra context menu item: &Download with &DAP - G:\Program Files\DAP\dapextie.htm
    O8 - Extra context menu item: &Google Search - res://g:\program files\google\GoogleToolbar2.dll/cmsearch.html
    O8 - Extra context menu item: Backward Links - res://g:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
    O8 - Extra context menu item: Cached Snapshot of Page - res://g:\program files\google\GoogleToolbar2.dll/cmcache.html
    O8 - Extra context menu item: Download &all with DAP - G:\Program Files\DAP\dapextie2.htm
    O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://G:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
    O8 - Extra context menu item: Save Flash - res://G:\Program Files\UnH Solutions\Flash Saving Plugin\FlashSButton.dll/210
    O8 - Extra context menu item: Similar Pages - res://g:\program files\google\GoogleToolbar2.dll/cmsimilar.html
    O8 - Extra context menu item: Translate into English - res://g:\program files\google\GoogleToolbar2.dll/cmtrans.html
    O9 - Extra button: (no name) - AutorunsDisabled - (no file)
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - G:\Program Files\Java\jre1.5.0_02\bin
    pjpi150_02.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - G:\Program Files\Java\jre1.5.0_02\bin
    pjpi150_02.dll
    O9 - Extra button: Subscribe in Desktop Sidebar - {09FE188B-6E85-479e-9411-51FB2220DF80} - H:\Program Files\Desktop Sidebar\sbhelp.dll
    O9 - Extra 'Tools' menuitem: Subscribe in Desktop Sidebar - {09FE188B-6E85-479e-9411-51FB2220DF80} - H:\Program Files\Desktop Sidebar\sbhelp.dll
    O9 - Extra button: (no name) - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - (no file)
    O9 - Extra button: FreeToGoSwitch - {A888F560-58E4-11d0-A68A-000000000000} - G:\WINDOWS\System32\shdocvw.dll
    O9 - Extra button: Flash - {43CF38F3-5AEC-45a3-AD31-04EB06E9C6CA} - G:\Program Files\UnH Solutions\Flash Saving Plugin\FlashSButton.dll (HKCU)
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "G:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
    O20 - Winlogon Notify: WRNotifier - G:\WINDOWS\SYSTEM32\WRLogonNTF.dll
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - G:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: ATI Smart - Unknown owner - G:\WINDOWS\system32\ati2sgag.exe
    O23 - Service: AutoWhat Registry Service (AutoWhatService) - Ziff Davis Media, Inc. - G:\Program Files\PC Magazine Utilities\AutoWhat\Autoserv.exe
    O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - G:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
    O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - G:\Program Files\Common Files\Symantec Shared\ccProxy.exe
    O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - G:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
    O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - G:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
    O23 - Service: Diskeeper - Executive Software International, Inc. - G:\Program Files\Executive Software\Diskeeper\DkService.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - G:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: iPodService - Apple Computer, Inc. - G:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: ISSvc (ISSVC) - Symantec Corporation - G:\Program Files\Norton Internet Security\ISSVC.exe
    O23 - Service: Norton AntiVirus Auto-Protect-service (navapsvc) - Symantec Corporation - G:\Program Files\Norton Internet Security\Norton AntiVirus
    avapsvc.exe
    O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - G:\Program Files\Eset
    od32krn.exe
    O23 - Service: Norton Ghost - Symantec Corporation - G:\Program Files\Norton SystemWorks\Norton Ghost\Agent\PQV2iSvc.exe
    O23 - Service: Norton Unerase Protection (NProtectService) - Symantec Corporation - G:\PROGRA~1\NORTON~1\NORTON~1\NPROTECT.EXE
    O23 - Service: Sandra Data Service (SandraDataSrv) - SiSoftware - G:\Program Files\SiSoftware\SiSoftware Sandra Lite 2005.SR2a\RpcDataSrv.exe
    O23 - Service: Sandra Service (SandraTheSrv) - SiSoftware - G:\Program Files\SiSoftware\SiSoftware Sandra Lite 2005.SR2a\RpcSandraSrv.exe
    O23 - Service: SAVScan - Symantec Corporation - G:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
    O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - G:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
    O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - G:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
    O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - G:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
    O23 - Service: Speed Disk service - Symantec Corporation - G:\PROGRA~1\NORTON~1\NORTON~1\SPEEDD~1\NOPDB.EXE
    O23 - Service: Webroot Spy Sweeper Engine (svcWRSSSDK) - Webroot Software, Inc. - G:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe
    O23 - Service: Symantec Core LC - Symantec Corporation - G:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe





  • Deze regels mag je aanvinken en via de knop "Fix checked" verwijderen met HijackThis:
    [b:bfa94a9d32]O3 - Toolbar: (no name) - {0BFDDA12-9C1A-46B8-9681-AFF63C2A1EF0} - (no file)
    O9 - Extra button: (no name) - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - (no file)[/b:bfa94a9d32]

    Voor de rest zie ik geen problemen in je log.

    Zijn er problemen met je systeem?
  • Bedankt!
    Mijn systeem doet over het algemeen wel, wat ik graag wil, alleen dacht ik, dat er misschien iets geks in was terechtgekomen. Ik kom n.l. wel eens op sites, waar gestemd kan worden. Als ik dat dan doe, voeg ik vaak niet één, maar 10 of 20 stemmen toe (vote stacking). Het lijkt er op, dat dit met Firefox veel vaker gebeurt dan met IE. Vandaar.
  • Bij nader inzien, vink deze ook maar eens aan:

    [b:c4cec2cc88]O9 - Extra button: (no name) - AutorunsDisabled - (no file)
    O9 - Extra button: Subscribe in Desktop Sidebar - {09FE188B-6E85-479e-9411-51FB2220DF80} - H:\Program Files\Desktop Sidebar\sbhelp.dll
    O9 - Extra 'Tools' menuitem: Subscribe in Desktop Sidebar - {09FE188B-6E85-479e-9411-51FB2220DF80} - H:\Program Files\Desktop Sidebar\sbhelp.dll
    O9 - Extra button: FreeToGoSwitch - {A888F560-58E4-11d0-A68A-000000000000} - G:\WINDOWS\System32\shdocvw.dll[/b:c4cec2cc88]
    Daarna alle open vensters sluiten en op de knop "Fix checked" klikken.

    De computer herstarten en deze map verwijderen:
    H:\Program Files\[b:c4cec2cc88]Desktop Sidebar[/b:c4cec2cc88]\

Beantwoord deze vraag

Dit is een gearchiveerde pagina. Antwoorden is niet meer mogelijk.