Anoniem2 Geplaatst: 9 april 2010 Delen Geplaatst: 9 april 2010 [B][I][U][URL=\"http://forum.computeridee.nl/showthread.php?t=63801\"]klik voor het probleem[/URL][/U][/I][/B]\n\nLogfile of Trend Micro HijackThis v2.0.2\nScan saved at 22:33:26, on 9-4-2010\nPlatform: Windows Vista SP2 (WinNT 6.00.1906)\nMSIE: Internet Explorer v8.00 (8.00.6001.18904)\nBoot mode: Normal\n\nRunning processes:\nC:\\Windows\\system32\\Dwm.exe\nC:\\Windows\\Explorer.EXE\nC:\\Windows\\system32\\taskeng.exe\nC:\\Program Files\\Norton Internet Security\\Engine\\17.6.0.32\\ccSvcHst.exe\nC:\\Windows\\System32\\rundll32.exe\nC:\\Program Files\\Analog Devices\\Core\\smax4pnp.exe\nC:\\Windows\\System32\\wpcumi.exe\nC:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe\nC:\\Program Files\\Windows Sidebar\\sidebar.exe\nC:\\Program Files\\RocketDock\\RocketDock.exe\nC:\\Windows\\system32\\wbem\\unsecapp.exe\nC:\\Program Files\\Windows Sidebar\\sidebar.exe\nC:\\Program Files\\MessengerDiscovery 2\\MessengerDiscovery 2.exe\nC:\\Windows\\system32\\conime.exe\nC:\\Program Files\\Windows Live\\Contacts\\wlcomm.exe\nC:\\Program Files\\Trend Micro\\HijackThis\\HijackThis.exe\nC:\\Users\\Melvin_2\\Downloads\\HijackThis.exe\nC:\\Windows\\system32\\SearchFilterHost.exe\n\nR0 - HKCU\\Software\\Microsoft\\Internet Explorer\\Main,Start Page = [url]http://google.nl/[/url]\nR1 - HKLM\\Software\\Microsoft\\Internet Explorer\\Main,Default_Page_URL = [url]http://go.microsoft.com/fwlink/?LinkId=69157[/url]\nR1 - HKLM\\Software\\Microsoft\\Internet Explorer\\Main,Default_Search_URL = [url]http://go.microsoft.com/fwlink/?LinkId=54896[/url]\nR1 - HKLM\\Software\\Microsoft\\Internet Explorer\\Main,Search Page = [url]http://go.microsoft.com/fwlink/?LinkId=54896[/url]\nR0 - HKLM\\Software\\Microsoft\\Internet Explorer\\Main,Start Page = [url]http://go.microsoft.com/fwlink/?LinkId=69157[/url]\nO1 - Hosts: ::1 localhost\nO2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - (no file)\nO2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\\Program Files\\Norton Internet Security\\Engine\\17.6.0.32\\coIEPlg.dll\nO2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\\Program Files\\Norton Internet Security\\Engine\\17.6.0.32\\IPSBHO.DLL\nO2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\\Program Files\\Common Files\\Microsoft Shared\\Windows Live\\WindowsLiveLogin.dll\nO2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\\Program Files\\Google\\GoogleToolbarNotifier\\5.4.4525.1752\\swg.dll\nO2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\\PROGRA~1\\mcafee\\siteadvisor\\mcieplg.dll\nO2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\\Program Files\\Java\\jre6\\bin\\jp2ssv.dll\nO2 - BHO: Hotspot Shield Class - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - C:\\Program Files\\Hotspot Shield\\hssie\\HssIE.dll\nO3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\\PROGRA~1\\mcafee\\siteadvisor\\mcieplg.dll\nO3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\\Program Files\\Norton Internet Security\\Engine\\17.6.0.32\\coIEPlg.dll\nO4 - HKLM\\..\\Run: [NvCplDaemon] RUNDLL32.EXE C:\\Windows\\system32\\NvCpl.dll,NvStartup\nO4 - HKLM\\..\\Run: [NvMediaCenter] RUNDLL32.EXE C:\\Windows\\system32\\NvMcTray.dll,NvTaskbarInit\nO4 - HKLM\\..\\Run: [SoundMAXPnP] C:\\Program Files\\Analog Devices\\Core\\smax4pnp.exe\nO4 - HKLM\\..\\Run: [WPCUMI] C:\\Windows\\system32\\WpcUmi.exe\nO4 - HKLM\\..\\Run: [Malwarebytes Anti-Malware (reboot)] \"C:\\Program Files\\Malwarebytes\' Anti-Malware\\mbam.exe\" /runcleanupscript\nO4 - HKCU\\..\\Run: [DWQueuedReporting] \"C:\\PROGRA~1\\COMMON~1\\MICROS~1\\DW\\dwtrig20.exe\" -t\nO4 - HKCU\\..\\Run: [msnmsgr] \"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe\" /background\nO4 - HKCU\\..\\Run: [Sidebar] C:\\Program Files\\Windows Sidebar\\sidebar.exe\nO4 - HKCU\\..\\Run: [WMPNSCFG] C:\\Program Files\\Windows Media Player\\WMPNSCFG.exe\nO4 - HKCU\\..\\Run: [RocketDock] \"C:\\Program Files\\RocketDock\\RocketDock.exe\"\nO6 - HKCU\\Software\\Policies\\Microsoft\\Internet Explorer\\Control Panel present\nO8 - Extra context menu item: Append Link Target to Existing PDF - res://C:\\Program Files\\Common Files\\Adobe\\Acrobat\\ActiveX\\AcroIEFavClient.dll/AcroIEAppendSelLinks.html\nO8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\\PROGRA~1\\MICROS~2\\OFFICE11\\EXCEL.EXE/3000\nO9 - Extra button: Express Cleanup - {5E638779-1818-4754-A595-EF1C63B87A56} - C:\\Program Files\\Norton SystemWorks Basic Edition\\Norton Cleanup\\WCQuick.lnk (file missing)\nO9 - Extra \'Tools\' menuitem: Express Cleanup - {5E638779-1818-4754-A595-EF1C63B87A56} - C:\\Program Files\\Norton SystemWorks Basic Edition\\Norton Cleanup\\WCQuick.lnk (file missing)\nO9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\\PROGRA~1\\MICROS~2\\Office12\\REFIEBAR.DLL\nO10 - Unknown file in Winsock LSP: c:\\windows\\system32\\wpclsp.dll\nO10 - Unknown file in Winsock LSP: c:\\windows\\system32\\wpclsp.dll\nO10 - Unknown file in Winsock LSP: c:\\windows\\system32\\wpclsp.dll\nO10 - Unknown file in Winsock LSP: c:\\windows\\system32\\wpclsp.dll\nO10 - Unknown file in Winsock LSP: c:\\windows\\system32\\wpclsp.dll\nO10 - Unknown file in Winsock LSP: c:\\windows\\system32\\wpclsp.dll\nO10 - Unknown file in Winsock LSP: c:\\windows\\system32\\wpclsp.dll\nO10 - Unknown file in Winsock LSP: c:\\windows\\system32\\wpclsp.dll\nO10 - Unknown file in Winsock LSP: c:\\windows\\system32\\wpclsp.dll\nO13 - Gopher Prefix: \nO16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - [url]http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab[/url]\nO16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} - C:\\Program Files\\Yahoo!\\Common\\yinsthelper.dll\nO16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} (DLM Control) - [url]http://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.4.1.cab[/url]\nO16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - [url]http://gfx1.hotmail.com/mail/w3/pr01/resources/VistaMSNPUpldnl-nl.cab[/url]\nO16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - [url]http://messenger.zone.msn.com/NL-NL/a-UNO1/GAME_UNO1.cab[/url]\nO16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - [url]http://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase5036.cab[/url]\nO16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - [url]http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab[/url]\nO16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - [url]http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab[/url]\nO16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - [url]http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab[/url]\nO16 - DPF: {D4323BF2-006A-4440-A2F5-27E3E7AB25F8} (Virtools WebPlayer Class) - [url]http://3dlifeplayer.dl.3dvia.com/player/install/installer.exe[/url]\nO16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - [url]http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab[/url]\nO18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\\PROGRA~1\\mcafee\\siteadvisor\\mcieplg.dll\nO23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - C:\\Program Files\\Common Files\\Apple\\Mobile Device Support\\AppleMobileDeviceService.exe\nO23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\\Program Files\\Common Files\\Symantec Shared\\ccSvcHst.exe (file missing)\nO23 - Service: Google Update Service (gupdate1c986e7cbeb06f1) (gupdate1c986e7cbeb06f1) - Google Inc. - C:\\Program Files\\Google\\Update\\GoogleUpdate.exe\nO23 - Service: Google Software Updater (gusvc) - Google - C:\\Program Files\\Google\\Common\\Google Updater\\GoogleUpdaterService.exe\nO23 - Service: Hotspot Shield Service (HotspotShieldService) - Unknown owner - C:\\Program Files\\Hotspot Shield\\bin\\openvpnas.exe\nO23 - Service: Hotspot Shield Routing Service (HssSrv) - AnchorFree Inc. - C:\\Program Files\\Hotspot Shield\\HssWPR\\hsssrv.exe\nO23 - Service: Hotspot Shield Tray Service (HssTrayService) - Unknown owner - C:\\Program Files\\Hotspot Shield\\bin\\HssTrayService.EXE\nO23 - Service: Hotspot Shield Monitoring Service (HssWd) - Unknown owner - C:\\Program Files\\Hotspot Shield\\bin\\hsswd.exe\nO23 - Service: LiveUpdate - Symantec Corporation - C:\\PROGRA~1\\Symantec\\LIVEUP~1\\LUCOMS~1.EXE\nO23 - Service: McAfee SiteAdvisor Service - Unknown owner - C:\\Program Files\\McAfee\\SiteAdvisor\\McSACore.exe\nO23 - Service: Norton Internet Security (NIS) - Symantec Corporation - C:\\Program Files\\Norton Internet Security\\Engine\\17.6.0.32\\ccSvcHst.exe\nO23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - C:\\Program Files\\WinPcap\\rpcapd.exe (file missing)\nO23 - Service: SymSnapService - Symantec - C:\\Program Files\\Norton Ghost\\Shared\\Drivers\\SymSnapService.exe\n\n--\nEnd of file - 8634 bytes Quote Link naar reactie
0 Anoniem2 Geplaatst: 10 april 2010 Auteur Delen Geplaatst: 10 april 2010 Link naar probleem werkt niet...\n\nOverigens zie ik geen schadelijke dingen in de lijst. Misschien wat dingen die je niet noodzakelijk nodig hebt, maar da\'s een ander verhaal. Quote Link naar reactie
0 Anoniem2 Geplaatst: 10 april 2010 Auteur Delen Geplaatst: 10 april 2010 [url=http://forum.computeridee.nl/showthread.php?t=63801][I][U][B]Klik voor het echte probleem[/B][/U][/I][/url] Quote Link naar reactie
0 Anoniem2 Geplaatst: 10 april 2010 Auteur Delen Geplaatst: 10 april 2010 wat doet McAfee siteadvisor op je pc , als je ook norton systemworks hebt , welke 2 missende files heeft in norton cleanup.\nen deze heeft ook wat te maken met iTunes\n \nO23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - C:\\Program Files\\Common Files\\Apple\\Mobile Device Support\\AppleMobileDeviceService.exe\n \nen beter nog , laat een loglezer je hele hijacklog lezen Quote Link naar reactie
0 Anoniem2 Geplaatst: 11 april 2010 Auteur Delen Geplaatst: 11 april 2010 [QUOTE=erikdenhouter;520957][url=http://forum.computeridee.nl/showthread.php?t=63801][I][U][B]Klik voor het echte probleem[/B][/U][/I][/url][/QUOTE]\n\nhaha bedankt:p , al gewijzigd\n\n[QUOTE=tjoekse;520968]wat doet McAfee siteadvisor op je pc , als je ook norton systemworks hebt , welke 2 missende files heeft in norton cleanup.\nen deze heeft ook wat te maken met iTunes\n \nO23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - C:\\Program Files\\Common Files\\Apple\\Mobile Device Support\\AppleMobileDeviceService.exe\n \nen beter nog , laat een loglezer je hele hijacklog lezen[/QUOTE]\n\nsystemworks en siteadvisor zijn toch 2 verschillende dingen? en systemworks heb ik verwijderd..\n\nen die O23 dat is bonjour ook iets van apple Quote Link naar reactie
Vraag
Anoniem2
Link naar reactie
4 antwoorden op deze vraag
Aanbevolen berichten
Om een reactie te plaatsen, moet je eerst inloggen