Volledige versie bekijken : Hotmail Virus



italianboy
25 March 2011, 17:14
Kheb dus zo'n Hotmail SPAM virus.

Kheb mijn wachtwoord+ geheime vraag al veranderd en kheb het nog nog steeds =/
Op virussen gescand met MBAM, Spybot , Adware en Mcaffee en nix...

Daarom dus een hijackthis logje :


Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:15:17, on 25/03/2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.21297)
Boot mode: Normal

Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\nvsvc32.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\system32\spoolsv.exe
D:\WINDOWS\system32\IProsetMonitor.exe
D:\Program Files\Java\jre6\bin\jqs.exe
D:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
D:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
D:\WINDOWS\system32\mfevtps.exe
D:\WINDOWS\system32\svchost.exe
D:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe
D:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
D:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
D:\WINDOWS\Explorer.EXE
D:\WINDOWS\system32\rundll32.exe
D:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe
D:\Program Files\McAfee.com\Agent\mcagent.exe
D:\WINDOWS\system32\ctfmon.exe
D:\Program Files\uTorrent\uTorrent.exe
D:\Program Files\Softexe\Cursor Hider\CursorHider.exe
D:\Documents and Settings\DiMeo\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
D:\Documents and Settings\DiMeo\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
D:\Documents and Settings\DiMeo\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
D:\Documents and Settings\DiMeo\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
D:\Documents and Settings\DiMeo\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
D:\Documents and Settings\DiMeo\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
D:\Documents and Settings\DiMeo\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
D:\Documents and Settings\DiMeo\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
D:\Documents and Settings\DiMeo\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
D:\Documents and Settings\DiMeo\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
D:\Documents and Settings\DiMeo\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
D:\Documents and Settings\DiMeo\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
D:\Documents and Settings\DiMeo\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
D:\Documents and Settings\DiMeo\Bureaublad\Downloads\HijackThis.exe
D:\Documents and Settings\DiMeo\Local Settings\Application Data\Google\Chrome\Application\chrome.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.nl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
R3 - URLSearchHook: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - d:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O2 - BHO: SnagIt Toolbar Loader - {00C6482D-C502-44C8-8409-FCE54AD9C208} - D:\Program Files\TechSmith\Snagit 10\SnagitBHO.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - D:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: McAfee Phishing Filter - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - d:\progra~1\mcafee\msk\mskapbho.dll
O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - D:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll
O2 - BHO: Use the DivX Plus Web Player to watch web videos with less interruptions and smoother playback on supported sites - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - D:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - D:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20110215180821.dl l
O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - d:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - D:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - D:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - d:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O3 - Toolbar: Snagit - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - D:\Program Files\TechSmith\Snagit 10\SnagitIEAddin.dll
O4 - HKLM\..\Run: [mcui_exe] "D:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE D:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKCU\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [uTorrent] "D:\Program Files\uTorrent\uTorrent.exe"
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'Netwerkservice')
O4 - HKUS\S-1-5-20\..\RunOnce: [ShowDeskFix] regsvr32 /s /n /i:u shell32 (User 'Netwerkservice')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [ShowDeskFix] regsvr32 /s /n /i:u shell32 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [ShowDeskFix] regsvr32 /s /n /i:u shell32 (User 'Default user')
O4 - Startup: Cursor Hider.lnk = D:\Program Files\Softexe\Cursor Hider\CursorHider.exe
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://D:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Free YouTube to MP3 Converter - D:\Documents and Settings\DiMeo\Application Data\DVDVideoSoftIEHelpers\freeyoutubetomp3convert er.htm
O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - D:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - d:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - d:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - D:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - D:\WINDOWS\system32\browseui.dll
O23 - Service: Intel(R) PROSet Monitoring Service - Intel Corporation - D:\WINDOWS\system32\IProsetMonitor.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - D:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: MBAMService - Malwarebytes Corporation - D:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: McAfee SiteAdvisor Service - McAfee, Inc. - D:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
O23 - Service: McAfee Personal Firewall Service (McMPFSvc) - McAfee, Inc. - D:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - D:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
O23 - Service: McAfee VirusScan Announcer (McNaiAnn) - McAfee, Inc. - D:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - D:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - D:\Program Files\McAfee\VirusScan\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - D:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
O23 - Service: McShield - McAfee, Inc. - D:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe
O23 - Service: McAfee Firewall Core Service (mfefire) - McAfee, Inc. - D:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - McAfee, Inc. - D:\WINDOWS\system32\mfevtps.exe
O23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - D:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - D:\WINDOWS\system32\nvsvc32.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software - D:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - D:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe

--
End of file - 9831 bytes

Rosty
26 March 2011, 08:59
Wat staat er precies in vermeld dan?

italianboy
26 March 2011, 11:56
Meestal gewoon een site zoals deze xxxxxxxxxxxxxxxxxx (NIET OP KLIKKEN)

italianboy
27 March 2011, 13:45
.........

Rosty
28 March 2011, 18:10
.........

Tja, met de XXXXXXXXXX'kes kan ik niets aanvangen hoor! Als je nu gewoon de link post en HTTP vervangt door HxxP kan ik deze eens bekijken.

italianboy
29 March 2011, 20:43
hxxp://www.mcmotorssrl.com/friends.html

italianboy
2 April 2011, 02:22
Bedankt! ;):wall:

Rosty
2 April 2011, 08:41
Bedankt! ;):wall:
Sorry, ik heb geen e-mail notificatie gekregen!!! :(

Link 1 (http://download.bleepingcomputer.com/sUBs/ComboFix.exe)
Link 2 (http://www.forospyware.com/sUBs/ComboFix.exe)

* BELANGRIJK !!! Sla ComboFix.exe op je Bureaublad op Schakel alle antivirus- en antispywareprogramma's uit, want anders kunnen ze misschien conflicteren met ComboFix. Hier is een handleiding over hoe je ze kan uitschakelen:
Klik hier (http://www.bleepingcomputer.com/forums/topic114351.html)
Als het je niet lukt om ze uit te schakelen, ga dan gewoon door naar de volgende stap. Dubbeklik op ComboFix.exe en volg de meldingen op het scherm. ComboFix zal controleren of dat de Microsoft Windows Recovery Console reeds is geïnstalleerd.
**Let op: Als de Microsoft Windows Recovery Console al is geïnstalleerd, dan krijg je de volgende schermen niet te zien en zal ComboFix automatisch verder gaan met het scannen naar malware. Volg de meldingen op het scherm om ComboFix de Microsoft Windows Recovery Console te laten downloaden en installeren.https://vorming.minatica.be/handleiding/canned_speech/cf-rc-auto.jpg

Je krijgt de volgende melding te zien wanneer ComboFix de Microsoft Windows Recovery Console succesvol heeft geïnstalleerd:

https://vorming.minatica.be/handleiding/canned_speech/rc-auto-done.jpg

Klik op Ja om verder te gaan met het scannen naar malware.

Wanneer ComboFix klaar is, zal het het een logbestand voor je maken. Post de inhoud van dit logbestand (te vinden als C:\ComboFix.txt) in je volgende bericht.

italianboy
2 April 2011, 13:44
ComboFix 11-04-01.01 - DiMeo 02/04/2011 13:08:38.1.2 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.31.1043.18.1022.562 [GMT 2:00]
Gestart vanuit: d:\documents and settings\DiMeo\Bureaublad\ComboFix.exe
AV: McAfee Antivirus en antispyware *Disabled/Updated* {84B5EE75-6421-4CDE-A33A-DD43BA9FAD83}
FW: McAfee Firewall *Enabled* {94894B63-8C7F-4050-BDA4-813CA00DA3E8}
* Aanwezig AV is actief
.
.
.
(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
d:\windows\system32\logs
.
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_UacFlt
-------\Service_UacFlt
.
.
(((((((((((((((((((( Bestanden Gemaakt van 2011-03-02 to 2011-04-02 ))))))))))))))))))))))))))))))
.
.
2011-04-02 11:04 . 2011-04-02 11:04 -------- d--h--r- d:\documents and settings\DiMeo\Onlangs geopend
2011-03-26 16:57 . 2011-03-26 16:57 -------- d-----w- d:\program files\Neoretix
2011-03-26 16:57 . 2011-03-26 16:57 -------- d-----w- d:\windows\Downloaded Installations
2011-03-25 21:44 . 2010-11-12 13:17 9344 ----a-w- d:\windows\system32\drivers\mfeclnk.sys
2011-03-25 21:44 . 2010-11-12 13:17 141792 ----a-w- d:\windows\system32\mfevtps.exe
2011-03-25 21:12 . 2011-03-25 21:12 -------- d-----w- d:\windows\system32\wbem\Repository
2011-03-25 19:23 . 2011-03-25 19:23 -------- d-----w- d:\documents and settings\All Users\Application Data\Office Genuine Advantage
2011-03-23 17:09 . 2011-03-23 17:09 -------- d-----w- d:\documents and settings\DiMeo\Application Data\Malwarebytes
2011-03-23 17:09 . 2011-03-23 17:09 -------- d-----w- d:\documents and settings\All Users\Application Data\Malwarebytes
2011-03-23 17:09 . 2010-12-20 17:09 38224 ----a-w- d:\windows\system32\drivers\mbamswissarmy.sys
2011-03-23 17:09 . 2011-03-23 17:09 -------- d-----w- d:\program files\Malwarebytes' Anti-Malware
2011-03-23 17:09 . 2010-12-20 17:08 20952 ----a-w- d:\windows\system32\drivers\mbam.sys
2011-03-23 14:43 . 2011-03-25 21:12 -------- d-----w- d:\documents and settings\Administrator
2011-03-22 17:22 . 2011-03-22 17:37 -------- dc-h--w- d:\documents and settings\All Users\Application Data\{42E04EE4-AB57-407A-9691-3FFA8B8FEBBE}
2011-03-21 19:39 . 2011-03-21 19:39 -------- d-----w- d:\documents and settings\LocalService\Bureaublad
2011-03-21 18:39 . 2011-03-21 18:39 98392 ----a-w- d:\windows\system32\drivers\SBREDrv.sys
2011-03-21 18:17 . 2011-03-21 18:17 -------- d-----w- d:\documents and settings\DiMeo\Local Settings\Application Data\Sunbelt Software
2011-03-21 18:13 . 2011-03-22 17:36 -------- d-----w- d:\documents and settings\All Users\Application Data\Lavasoft
2011-03-21 18:13 . 2011-03-21 18:13 -------- d-----w- d:\program files\Lavasoft
2011-03-21 18:08 . 2011-03-21 21:31 -------- d-----w- d:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2011-03-10 10:38 . 2011-03-10 10:38 -------- d-----w- d:\documents and settings\DiMeo\Application Data\DVDVideoSoftIEHelpers
2011-03-10 10:38 . 2011-03-10 10:38 -------- d-----w- d:\program files\Common Files\DVDVideoSoft
2011-03-10 10:38 . 2011-03-10 10:38 -------- d-----w- d:\program files\DVDVideoSoft
2011-03-06 15:21 . 2011-03-06 15:21 -------- d-----w- d:\program files\Softexe
2011-03-04 18:44 . 2011-03-04 18:44 -------- d-----w- d:\program files\Nuclear Coffee
.
.
((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))) ))
.
2011-02-16 19:00 . 2008-12-12 11:30 691560 ----a-w- d:\windows\system32\OGACheckControl.dll
2011-02-16 19:00 . 2011-02-16 19:00 502120 ----a-w- d:\windows\system32\OGAAddin.dll
2011-02-16 18:59 . 2011-02-16 19:00 528744 ----a-w- d:\windows\system32\OGAVerify.exe
2011-02-15 17:48 . 2011-02-15 18:12 485920 ----a-w- d:\windows\system32\nvudisp.exe
2011-02-15 17:48 . 2011-02-15 17:48 155648 ----a-w- d:\windows\system32\nvcodins.dll
2011-02-15 17:48 . 2011-02-15 17:48 155648 ----a-w- d:\windows\system32\nvcod.dll
2011-02-15 17:08 . 2011-02-15 17:09 73728 ----a-w- d:\windows\system32\javacpl.cpl
2011-02-15 17:08 . 2011-02-15 17:09 472808 ----a-w- d:\windows\system32\deployJava1.dll
2011-02-09 13:54 . 2008-04-14 20:32 270848 ----a-w- d:\windows\system32\sbe.dll
2011-02-09 13:54 . 2008-04-14 20:32 186880 ----a-w- d:\windows\system32\encdec.dll
2011-02-02 07:58 . 2011-02-15 00:33 2067456 ----a-w- d:\windows\system32\mstscax.dll
2011-01-27 11:57 . 2011-02-15 00:33 677888 ----a-w- d:\windows\system32\mstsc.exe
2011-01-25 17:54 . 2011-02-15 01:23 6321768 ----a-w- d:\windows\system32\drivers\RtkHDAud.sys
2011-01-24 12:29 . 2011-02-15 17:48 1284712 ----a-w- d:\windows\RtlExUpd.dll
2011-01-21 17:27 . 2011-02-15 01:23 20026472 ----a-w- d:\windows\RTHDCPL.EXE
2011-01-21 14:42 . 2008-04-14 20:32 441856 ----a-w- d:\windows\system32\shimgvw.dll
2011-01-11 21:04 . 2011-01-11 21:04 183296 ----a-w- d:\windows\system32\Ncs2Setp.dll
2011-01-11 20:56 . 2011-01-11 20:56 659576 ----a-w- d:\windows\system32\ncs2dmix.dll
2011-01-11 20:56 . 2011-01-11 20:56 514168 ----a-w- d:\windows\system32\accesor.dll
2011-01-11 20:25 . 2011-01-11 20:25 135288 ----a-w- d:\windows\system32\ncs2instutility.dll
2011-01-11 20:01 . 2011-01-11 20:01 1930360 ----a-w- d:\windows\system32\ncscolib.dll
2011-01-11 12:51 . 2011-02-16 14:29 266440 ----a-w- d:\windows\system32\PROUnstl.exe
2011-01-08 03:27 . 2011-02-16 14:34 941160 ----a-w- d:\windows\system32\nvdispco322090.dll
2011-01-08 03:27 . 2011-02-16 14:34 837736 ----a-w- d:\windows\system32\nvgenco322040.dll
2011-01-08 03:27 . 2011-02-16 14:34 61440 ----a-w- d:\windows\system32\OpenCL.dll
2011-01-08 03:27 . 2011-02-16 14:34 13004800 ----a-w- d:\windows\system32\nvcompiler.dll
2011-01-08 03:27 . 2011-02-15 17:48 4980736 ----a-w- d:\windows\system32\nvcuda.dll
2011-01-08 03:27 . 2011-02-15 17:48 2916968 ----a-w- d:\windows\system32\nvcuvid.dll
2011-01-08 03:27 . 2011-02-15 17:48 2251368 ----a-w- d:\windows\system32\nvcuvenc.dll
2011-01-08 03:27 . 2011-02-15 17:48 14671872 ----a-w- d:\windows\system32\nvoglnt.dll
2011-01-08 03:27 . 2011-02-15 17:48 1958400 ----a-w- d:\windows\system32\nvapi.dll
2011-01-08 03:27 . 2011-02-15 01:19 9888672 ----a-w- d:\windows\system32\drivers\nv4_mini.sys
2011-01-08 03:27 . 2011-02-15 01:19 6397824 ----a-w- d:\windows\system32\nv4_disp.dll
2011-01-07 18:58 . 2011-01-07 18:58 282624 ----a-w- d:\windows\system32\nvrsel.dll
2011-01-07 18:58 . 2011-01-07 18:58 274432 ----a-w- d:\windows\system32\nvrsesm.dll
2011-01-07 18:58 . 2011-01-07 18:58 253952 ----a-w- d:\windows\system32\nvrsth.dll
2011-01-07 18:58 . 2011-01-07 18:58 249856 ----a-w- d:\windows\system32\nvrseng.dll
2011-01-07 18:58 . 2011-01-07 18:58 126976 ----a-w- d:\windows\system32\nvrszht.dll
2011-01-07 18:58 . 2011-01-07 18:58 331776 ----a-w- d:\windows\system32\nvrshe.dll
2011-01-07 18:58 . 2011-01-07 18:58 286720 ----a-w- d:\windows\system32\nvrsfr.dll
2011-01-07 18:58 . 2011-01-07 18:58 274432 ----a-w- d:\windows\system32\nvrsnl.dll
2011-01-07 18:58 . 2011-01-07 18:58 270336 ----a-w- d:\windows\system32\nvrsru.dll
2011-01-07 18:58 . 2011-01-07 18:58 262144 ----a-w- d:\windows\system32\nvrshu.dll
2011-01-07 18:58 . 2011-01-07 18:58 258048 ----a-w- d:\windows\system32\nvrssl.dll
2011-01-07 18:58 . 2011-01-07 18:58 253952 ----a-w- d:\windows\system32\nvrsda.dll
2011-01-07 18:58 . 2011-01-07 18:58 249856 ----a-w- d:\windows\system32\nvrsfi.dll
2011-01-07 18:58 . 2011-01-07 18:58 229376 ----a-w- d:\windows\system32\nvrszhc.dll
2011-01-07 18:58 . 2011-01-07 18:58 335872 ----a-w- d:\windows\system32\nvrsar.dll
2011-01-07 18:58 . 2011-01-07 18:58 282624 ----a-w- d:\windows\system32\nvrses.dll
2011-01-07 18:58 . 2011-01-07 18:58 278528 ----a-w- d:\windows\system32\nvrsde.dll
2011-01-07 18:58 . 2011-01-07 18:58 270336 ----a-w- d:\windows\system32\nvrsptb.dll
2011-01-07 18:58 . 2011-01-07 18:58 266240 ----a-w- d:\windows\system32\nvrsko.dll
2011-01-07 18:58 . 2011-01-07 18:58 258048 ----a-w- d:\windows\system32\nvrstr.dll
2011-01-07 18:58 . 2011-01-07 18:58 258048 ----a-w- d:\windows\system32\nvrssk.dll
2011-01-07 18:58 . 2011-01-07 18:58 253952 ----a-w- d:\windows\system32\nvrssv.dll
2011-01-07 18:58 . 2011-01-07 18:58 253952 ----a-w- d:\windows\system32\nvrsno.dll
2011-01-07 18:58 . 2011-01-07 18:58 249856 ----a-w- d:\windows\system32\nvrscs.dll
2011-01-07 18:58 . 2011-01-07 18:58 282624 ----a-w- d:\windows\system32\nvrsit.dll
2011-01-07 18:58 . 2011-01-07 18:58 274432 ----a-w- d:\windows\system32\nvrspt.dll
2011-01-07 18:58 . 2011-01-07 18:58 270336 ----a-w- d:\windows\system32\nvrsja.dll
2011-01-07 18:58 . 2011-01-07 18:58 258048 ----a-w- d:\windows\system32\nvrspl.dll
2011-01-07 18:58 . 2011-01-07 18:58 81920 ----a-w- d:\windows\system32\nvwddi.dll
2011-01-07 18:58 . 2011-01-07 18:58 580200 ----a-w- d:\windows\system32\easyUpdatusAPIU.dll
2011-01-07 18:58 . 2011-01-07 18:58 277608 ----a-w- d:\windows\system32\nvmccs.dll
2011-01-07 18:58 . 2011-01-07 18:58 156776 ----a-w- d:\windows\system32\nvsvc32.exe
2011-01-07 18:58 . 2011-01-07 18:58 145000 ----a-w- d:\windows\system32\nvcolor.exe
2011-01-07 18:58 . 2011-01-07 18:58 13880424 ----a-w- d:\windows\system32\nvcpl.dll
2011-01-07 18:58 . 2011-01-07 18:58 111208 ----a-w- d:\windows\system32\nvmctray.dll
2011-01-07 14:09 . 2008-04-14 20:30 290048 ----a-w- d:\windows\system32\atmfd.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))) )
.
.
*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Run]
"uTorrent"="d:\program files\uTorrent\uTorrent.exe" [2011-03-24 399736]
"ctfmon.exe"="d:\windows\system32\ctfmon.exe" [2008-04-14 15360]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run]
"mcui_exe"="d:\program files\McAfee.com\Agent\mcagent.exe" [2011-01-17 1193848]
"NvCplDaemon"="d:\windows\system32\NvCpl.dll" [2011-01-07 13880424]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\Cur rentVersion\Run]
"CTFMON.EXE"="d:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\Cur rentVersion\RunOnce]
"ShowDeskFix"="shell32" [X]
.
d:\documents and settings\DiMeo\Menu Start\Programma's\Opstarten\
Cursor Hider.lnk - d:\program files\Softexe\Cursor Hider\CursorHider.exe [2007-12-27 498688]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\SafeBoot\Minimal\mcmscsvc]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\SafeBoot\Minimal\MCODS]
@=""
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]
2010-04-16 21:12 3872080 ----a-w- d:\program files\Windows Live\Messenger\msnmsgr.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiVirus]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeFirewall]
"DisableMonitoring"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpo licy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpo licy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"d:\\Program Files\\uTorrent\\uTorrent.exe"=
"d:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"d:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"d:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"d:\\Program Files\\Common Files\\Mcafee\\McSvcHost\\McSvHost.exe"=
.
S0 Lbd;Lbd;d:\windows\system32\DRIVERS\Lbd.sys --> d:\windows\system32\DRIVERS\Lbd.sys [?]
S1 mfetdi2k;McAfee Inc. mfetdi2k;d:\windows\system32\drivers\mfetdi2k.sys [15/02/2011 19:08 84072]
S2 Intel(R) PROSet Monitoring Service;Intel(R) PROSet Monitoring Service;d:\windows\system32\IPROSetMonitor.exe [16/02/2011 16:29 109728]
S2 MBAMService;MBAMService;d:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [23/03/2011 19:09 363344]
S2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;"d:\program files\Common Files\Mcafee\McSvcHost\McSvHost.exe" /McCoreSvc [25/03/2011 23:54 271480]
S2 McMPFSvc;McAfee Personal Firewall Service;"d:\program files\Common Files\Mcafee\McSvcHost\McSvHost.exe" /McCoreSvc [25/03/2011 23:54 271480]
S2 McNaiAnn;McAfee VirusScan Announcer;"d:\program files\Common Files\Mcafee\McSvcHost\McSvHost.exe" /McCoreSvc [25/03/2011 23:54 271480]
S2 mfefire;McAfee Firewall Core Service;d:\program files\Common Files\Mcafee\SystemCore\mfefire.exe [25/03/2011 23:44 188136]
S2 mfevtp;McAfee Validation Trust Protection Service;d:\windows\system32\mfevtps.exe [25/03/2011 23:44 141792]
S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;d:\program files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe [1/03/2010 21:03 1047880]
S3 Cap713x;Cap713x Video Capture;d:\windows\system32\drivers\Cap713x.sys [16/02/2011 16:32 751104]
S3 cfwids;McAfee Inc. cfwids;d:\windows\system32\drivers\cfwids.sys [15/02/2011 19:08 55840]
S3 MBAMProtector;MBAMProtector;d:\windows\system32\dr ivers\mbam.sys [23/03/2011 19:09 20952]
S3 mfefirek;McAfee Inc. mfefirek;d:\windows\system32\drivers\mfefirek.sys [15/02/2011 19:08 313288]
S3 mfendisk;McAfee Core NDIS Intermediate Filter;d:\windows\system32\drivers\mfendisk.sys [15/02/2011 19:08 88544]
S3 mfendiskmp;mfendiskmp;d:\windows\system32\drivers\ mfendisk.sys [15/02/2011 19:08 88544]
S3 mferkdet;McAfee Inc. mferkdet;d:\windows\system32\drivers\mferkdet.sys [15/02/2011 19:08 84264]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;d:\program files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys [24/02/2010 14:41 10064]
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
Inhoud van de 'Gedeelde Taken' map
.
2011-03-23 d:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1614895754-308236825-1177238915-1005Core.job
- d:\documents and settings\DiMeo\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2011-02-15 06:55]
.
2011-04-02 d:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1614895754-308236825-1177238915-1005UA.job
- d:\documents and settings\DiMeo\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2011-02-15 06:55]
.
2011-03-27 d:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1614895754-308236825-1177238915-1006Core.job
- d:\documents and settings\Mario\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2011-02-16 15:41]
.
2011-04-02 d:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1614895754-308236825-1177238915-1006UA.job
- d:\documents and settings\Mario\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2011-02-16 15:41]
.
.
------- Bijkomende Scan -------
.
uStart Page = www.google.nl
IE: E&xporteren naar Microsoft Excel - d:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
IE: Free YouTube to MP3 Converter - d:\documents and settings\DiMeo\Application Data\DVDVideoSoftIEHelpers\freeyoutubetomp3convert er.htm
.
- - - - ORPHANS VERWIJDERD - - - -
.
WebBrowser-{8FF5E180-ABDE-46EB-B09E-D2AAB95CABE3} - (no file)
.
.
.
************************************************** ************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-04-02 13:19
Windows 5.1.2600 Service Pack 3 NTFS
.
scannen van verborgen processen ...
.
scannen van verborgen autostart items ...
.
scannen van verborgen bestanden ...
.
Scan succesvol afgerond
verborgen bestanden: 0
.
************************************************** ************************

--------------------- DLLs Geladen Onder Lopende Processen ---------------------
.
- - - - - - - > 'explorer.exe'(1128)
d:\windows\system32\msi.dll
d:\windows\system32\portabledeviceapi.dll
d:\program files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll
d:\program files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.NLD
d:\program files\Microsoft Silverlight\xapauthenticodesip.dll
.
------------------------ Andere Aktieve Processen ------------------------
.
d:\progra~1\mcafee.com\agent\mcagent.exe
.
************************************************** ************************
.
Voltooingstijd: 2011-04-02 13:24:19 - machine werd herstart
ComboFix-quarantined-files.txt 2011-04-02 11:24
.
Pre-Run: 117.629.222.912 bytes beschikbaar
Post-Run: 118.650.540.032 bytes beschikbaar
.
- - End Of File - - D2154D39B6CAC843A1A169EC5F65F877

Rosty
2 April 2011, 16:18
Mag ik ook een nieuw HijackThis logje?

italianboy
2 April 2011, 18:48
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:47:00, on 2/04/2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.21297)
Boot mode: Normal

Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\nvsvc32.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\system32\spoolsv.exe
D:\WINDOWS\system32\IProsetMonitor.exe
D:\Program Files\Java\jre6\bin\jqs.exe
D:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
D:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
D:\WINDOWS\system32\mfevtps.exe
D:\WINDOWS\system32\svchost.exe
D:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe
D:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
D:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
D:\WINDOWS\Explorer.EXE
D:\WINDOWS\system32\rundll32.exe
D:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe
D:\Program Files\McAfee.com\Agent\mcagent.exe
D:\WINDOWS\system32\ctfmon.exe
D:\Program Files\uTorrent\uTorrent.exe
D:\Program Files\Softexe\Cursor Hider\CursorHider.exe
D:\Documents and Settings\DiMeo\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
D:\Documents and Settings\DiMeo\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
D:\Documents and Settings\DiMeo\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
D:\Documents and Settings\DiMeo\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
D:\Documents and Settings\DiMeo\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
D:\Documents and Settings\DiMeo\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
D:\Documents and Settings\DiMeo\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
D:\Documents and Settings\DiMeo\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
D:\Documents and Settings\DiMeo\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
D:\Documents and Settings\DiMeo\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
D:\Documents and Settings\DiMeo\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
D:\Documents and Settings\DiMeo\Bureaublad\Downloads\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.nl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
R3 - URLSearchHook: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - d:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O2 - BHO: SnagIt Toolbar Loader - {00C6482D-C502-44C8-8409-FCE54AD9C208} - D:\Program Files\TechSmith\Snagit 10\SnagitBHO.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - D:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: McAfee Phishing Filter - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - d:\progra~1\mcafee\msk\mskapbho.dll
O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - D:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll
O2 - BHO: Use the DivX Plus Web Player to watch web videos with less interruptions and smoother playback on supported sites - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - D:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - D:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20110326093204.dl l
O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - d:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - D:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - D:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Snagit - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - D:\Program Files\TechSmith\Snagit 10\SnagitIEAddin.dll
O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - d:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O4 - HKLM\..\Run: [mcui_exe] "D:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE D:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKCU\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [uTorrent] "D:\Program Files\uTorrent\uTorrent.exe"
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'Netwerkservice')
O4 - HKUS\S-1-5-20\..\RunOnce: [ShowDeskFix] regsvr32 /s /n /i:u shell32 (User 'Netwerkservice')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [ShowDeskFix] regsvr32 /s /n /i:u shell32 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [ShowDeskFix] regsvr32 /s /n /i:u shell32 (User 'Default user')
O4 - Startup: Cursor Hider.lnk = D:\Program Files\Softexe\Cursor Hider\CursorHider.exe
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://D:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Free YouTube to MP3 Converter - D:\Documents and Settings\DiMeo\Application Data\DVDVideoSoftIEHelpers\freeyoutubetomp3convert er.htm
O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - D:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - D:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - d:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - d:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O20 - Winlogon Notify: Antiwpa - antiwpa.dll (file missing)
O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - D:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - D:\WINDOWS\system32\browseui.dll
O23 - Service: Intel(R) PROSet Monitoring Service - Intel Corporation - D:\WINDOWS\system32\IProsetMonitor.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - D:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: MBAMService - Malwarebytes Corporation - D:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: McAfee SiteAdvisor Service - McAfee, Inc. - D:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
O23 - Service: McAfee Personal Firewall Service (McMPFSvc) - McAfee, Inc. - D:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - D:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
O23 - Service: McAfee VirusScan Announcer (McNaiAnn) - McAfee, Inc. - D:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - D:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - D:\Program Files\McAfee\VirusScan\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - D:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
O23 - Service: McShield - McAfee, Inc. - D:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe
O23 - Service: McAfee Firewall Core Service (mfefire) - McAfee, Inc. - D:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - McAfee, Inc. - D:\WINDOWS\system32\mfevtps.exe
O23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - D:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - D:\WINDOWS\system32\nvsvc32.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software - D:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - D:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe

--
End of file - 9524 bytes

Rosty
3 April 2011, 08:40
Hoihoihoi,

juist wat ik vermoedde!! Je gebruikt of gebruikte een crack voor windows!! En dat zie ik aan deze regel: O20 - Winlogon Notify: Antiwpa - antiwpa.dll (file missing)

Hopelijk ben je van die mails af maar zolang je een illegale versie van windows gebruikt is het voor ons dweilen met de kraan wijd open!!!!

italianboy
3 April 2011, 09:46
Wist ik ook wel ;)
Maar deze bevat geen virus of dergelijke.

Is dit een reden om me niet verder te helpen?

Rosty
3 April 2011, 09:53
Wist ik ook wel ;)
Maar deze bevat geen virus of dergelijke.

Is dit een reden om me niet verder te helpen?
Aangezien deze regel niet in je eerste HijackThis logje voorkomt vermoed ik dat je dit wou verbergen! Aan het CF logje zie ik dat deze regel aanwezig iw/was en daarom vroeg ik een nieuw HijackThis logje.
Een reden om je niet verder te helpen is het niet maar het gaat hier over principes!! De tijd die we als helper aan "Cracked software" moeten besteden kunnen we niet aan andere hulpbehoevenden besteden!!
Krijg je nog altijd die mails nu? Verwijder je MSN anders eens volledig en herinstaleer hem dan, meestal doet dit het wel!

italianboy
3 April 2011, 12:42
Nop, ik heb windows xp 30dagen geleden geinstalleerd en ik had een 30dagen trail, dus moest ik nog geen crack gebruiken.
Kheb trouwens wel een legale serial maar die werkt niet. (geen idee waarom)

Zie je nog iets verdachts in m'n logje?

Juisterr
3 April 2011, 14:23
Sorry dat ik me ermee bemoei, het maakt je blijkbaar helemaal niet uit dat je een illegale versie hebt ? Ons wel dus en ik voel me dus genoodzaakt je hierbij verdere hulp te ontzeggen tot je je Windows aantoonbaar legitieme gemaakt hebt.
Ik sluit dus dit topic.