Vraag & Antwoord

Beveiliging & privacy

weer een computer met problemen

2 antwoorden
  • dit keer bij mijn vader hierbij de hjt log Logfile of HijackThis v1.97.7 Scan saved at 16:02:26, on 18-1-2004 Platform: Windows XP SP1 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe C:\Apps\ActivBoard\nhksrv.exe C:\WINDOWS\System32\cisvc.exe C:\WINDOWS\system32\drivers\dcfssvc.exe C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe c:\program files\norton antivirus\navapsvc.exe C:\WINDOWS\System32\nvsvc32.exe C:\WINDOWS\system32\slserv.exe C:\Program Files\Virtual CD v4 SDK\system\vcssecs.exe C:\WINDOWS\system32\ZoneLabs\vsmon.exe C:\WINDOWS\Explorer.EXE C:\PROGRA~1\MOUSEW~1\SYSTEM\EM_EXEC.EXE C:\Apps\ActivBoard\MMKeybd.exe C:\Program Files\Virtual CD v4 SDK\system\vcsplay.exe C:\Apps\ActivBoard\TrayMon.exe C:\Apps\ActivBoard\OSD.exe C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb06.exe C:\Program Files\Common Files\Symantec Shared\ccApp.exe C:\Program Files\Hewlett-Packard\hp print screen utility\PrnSys.exe C:\Program Files\QuickTime\qttask.exe C:\Program Files\Java\j2re1.4.2_02\bin\jusched.exe C:\WINDOWS\Twain_32\FlatBed\HotKey.exe C:\WINDOWS\System32\ctfmon.exe C:\Program Files\MSN Messenger\MsnMsgr.Exe C:\Program Files\Corel\WordPerfect Office 2000\programs\dad9.exe C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\backWeb-7288971.exe C:\Program Files\Ulead Systems\Ulead Photo Express 4.0 SE\CalCheck.exe C:\Program Files\Zone Labs\ZoneAlarm\zonealarm.exe C:\Program Files\OpenOffice.org1.1.0\program\soffice.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\cidaemon.exe C:\Program Files\WinRAR\WinRAR.exe C:\DOCUME~1\DEBRAA~1\LOCALS~1\Temp\Rar$EX01.687\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.defaultsearch.com/search/69E3ECB948C14E1F8A3503F1F7690EF6/1033/ie/searchmn.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.wanadoo.nl/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.defaultsearch.com/search/69E3ECB948C14E1F8A3503F1F7690EF6/1033/ie/searchba.htm R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.defaultsearch.com/search/69E3ECB948C14E1F8A3503F1F7690EF6/1033/ie/searchmn.htm R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.wanadoo.nl/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.defaultsearch.com/search/69E3ECB948C14E1F8A3503F1F7690EF6/1033/ie/searchmn.htm R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://www.defaultsearch.com/search/69E3ECB948C14E1F8A3503F1F7690EF6/1033/ie/searchcs.htm R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.defaultsearch.com/search/69E3ECB948C14E1F8A3503F1F7690EF6/1033/ie/searchsa.htm R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Wanadoo R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen R1 - HKCU\Software\Microsoft\Internet Connection Wizard,Shellnext = http://www.wanadoo.nl/ O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\apps\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx O2 - BHO: Surfairy - {BB9AAAF3-4F8D-48B5-A565-FF3E58433DC2} - C:\Program Files\Surfairy\SurfairyHlp.dll O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - C:\Program Files\Microsoft Money\System\mnyviewer.dll O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [EM_EXEC] C:\PROGRA~1\MOUSEW~1\SYSTEM\EM_EXEC.EXE O4 - HKLM\..\Run: [ACTIVBOARD] C:\Apps\ActivBoard\MMKeybd.exe O4 - HKLM\..\Run: [ActivSurf] C:\apps\ActivSurf\4448364\Program\backweb-4448364.exe O4 - HKLM\..\Run: [VCSPlayer] "C:\Program Files\Virtual CD v4 SDK\system\vcsplay.exe" O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb06.exe O4 - HKLM\..\Run: [CleanEasyImg] c:\apps\easydvd\cleanall.exe O4 - HKLM\..\Run: [Microsoft Works Portfolio] C:\Program Files\Microsoft Works\WksSb.exe /AllUsers O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Microsoft Works\WkDetect.exe O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [ccRegVfy] "C:\Program Files\Common Files\Symantec Shared\ccRegVfy.exe" O4 - HKLM\..\Run: [PrnSys Executable] C:\Program Files\Hewlett-Packard\hp print screen utility\PrnSys.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_02\bin\jusched.exe O4 - HKLM\..\Run: [HotKey] C:\WINDOWS\Twain_32\FlatBed\HotKey.exe O4 - HKCU\..\Run: [MoneyAgent] "C:\Program Files\Microsoft Money\System\Money Express.exe" O4 - HKCU\..\Run: [Update Service] C:\PROGRA~1\COMMON~1\TEKNUM~1\update.exe /startup O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.exe O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O4 - Startup: OpenOffice.org 1.1.0.lnk = C:\Program Files\OpenOffice.org1.1.0\program\quickstart.exe O4 - Global Startup: Desktop Application Director 9.LNK = C:\Program Files\Corel\WordPerfect Office 2000\programs\dad9.exe O4 - Global Startup: Kodak EasyShare Software.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe O4 - Global Startup: KODAK Software Updater.lnk = C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\backWeb-7288971.exe O4 - Global Startup: Ulead Photo Express 4.0 SE Calendar Checker .lnk = C:\Program Files\Ulead Systems\Ulead Photo Express 4.0 SE\CalCheck.exe O4 - Global Startup: ZoneAlarm.lnk = C:\Program Files\Zone Labs\ZoneAlarm\zonealarm.exe O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present O8 - Extra context menu item: Download with GetRight - C:\Program Files\GetRight\GRdownload.htm O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MI1933~1\Office10\EXCEL.EXE/3000 O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MI1933~1\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: Open with GetRight Browser - C:\Program Files\GetRight\GRbrowse.htm O9 - Extra 'Tools' menuitem: Sun Java Console (HKLM) O9 - Extra button: Packard Bell (HKLM) O9 - Extra button: Suggestions (HKLM) O9 - Extra button: Onderzoek (HKLM) O9 - Extra button: Related (HKLM) O9 - Extra 'Tools' menuitem: Show &Related Links (HKLM) O9 - Extra button: Real.com (HKLM) O9 - Extra button: Money Viewer (HKLM) O9 - Extra button: Messenger (HKLM) O9 - Extra 'Tools' menuitem: Messenger (HKLM) O9 - Extra button: Winipcfg (HKCU) O9 - Extra button: Help (HKCU) O9 - Extra button: Website (HKCU) O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll O14 - IERESET.INF: START_PAGE_URL=http://www.wanadoo.nl/ O16 - DPF: symsupportutil - https://www-secure.symantec.com/techsupp/activedata/symsupportutil.CAB O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://www.apple.com/qtactivex/qtplugin.cab O16 - DPF: {4FDD0CE2-5B46-4945-BD7D-E9D89B15E538} (ReVampMain Control) - http://kitcentral.wanadoo.nl/download/install/win32/nl/revamp/revamp.dll O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Besturing) - http://a840.g.akamai.net/7/840/537/2003120501/housecall.antivirus.com/housecall/xscan53.cab O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class) - http://v4.windowsupdate.microsoft.com/CAB/x86/unicode/iuctl.CAB?37646.4182291667 O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab O16 - DPF: {E77C0D62-882A-456F-AD8F-7C6C9569B8C7} (ActiveDataObj Class) - https://www-secure.symantec.com/techsupp/activedata/ActiveData.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{C5D4DF0D-16FA-4195-BE91-B68894FC9B31}: NameServer = 194.134.5.5 194.134.5.55
  • Wat is het probleem juist? Als gescand met spybot en Adaware?

Beantwoord deze vraag

Weet jij het antwoord op deze vraag? Registreer of meld je aan met je account

Dit is een gearchiveerde pagina. Antwoorden is niet meer mogelijk.