Vraag & Antwoord

Beveiliging & privacy

Hijack This

5 antwoorden
  • Wie kan mij helpen wat ik moet verwijderen met Hijack This met behulp van de onderstaande log? Ik heb niet zoveel verstand van hoaxen, spyware, enz. Bijvoorbaat dank: Logfile of HijackThis v1.97.7 Scan saved at 21:38:00, on 24-5-2004 Platform: Windows XP (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 (6.00.2600.0000) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\System32\cisvc.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\System32\CTsvcCDA.EXE C:\WINDOWS\System32\GEARSEC.EXE C:\WINDOWS\System32\inetsrv\inetinfo.exe C:\Program Files\Norton AntiVirus\navapsvc.exe C:\WINDOWS\System32\nvsvc32.exe C:\WINDOWS\System32\tcpsvcs.exe C:\WINDOWS\System32\snmp.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\MsPMSPSv.exe C:\WINDOWS\System32\CTHELPER.EXE C:\Program Files\Messenger Plus! 2\MsgPlus.exe C:\Program Files\Java\j2re1.4.2_01\bin\jusched.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\QuickTime\qttask.exe C:\PROGRA~1\NORTON~1\navapw32.exe C:\Program Files\HighCriteria\TotalRecorder\TotRecSched.exe C:\WINDOWS\System32\avhswq.exe C:\WINDOWS\System32\wuauclt.exe C:\Program Files\VVSN\VVSN.exe C:\WINDOWS\System32\ctfmon.exe C:\Program Files\Creative\TaskBar\CTLTray.exe C:\Program Files\Creative\TaskBar\CTLTask.exe C:\Program Files\iPod\bin\iPodService.exe C:\WINDOWS\System32\cidaemon.exe C:\WINDOWS\System32\cidaemon.exe C:\Program Files\Common Files\Symantec Shared\NMain.exe C:\PROGRA~1\NORTON~1\navw32.exe C:\Program Files\Norton AntiVirus\QSERVER.EXE C:\WINDOWS\system32\ntvdm.exe C:\WINDOWS\System32\dllhost.exe C:\WINDOWS\System32\inetsrv\DavCData.exe C:\Documents and Settings\Piet\Bureaublad\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.nld.chello.nl/ R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen R3 - URLSearchHook: (no name) - _{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file) O2 - BHO: IE Agent - {00000000-0000-0000-0000-000000000221} - C:\Program Files\ClearSearch\CSIE.DLL (file missing) O2 - BHO: (no name) - {000020DD-C72E-4113-AF77-DD56626C6C42} - C:\WINDOWS\twaintec.dll O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\Updreg.exe O4 - HKLM\..\Run: [CTStartup] C:\Program Files\Creative\SBAudigy\Program\CTEaxSpl.EXE /run O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE O4 - HKLM\..\Run: [MessengerPlus2] "C:\Program Files\Messenger Plus! 2\MsgPlus.exe" O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_01\bin\jusched.exe O4 - HKLM\..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\System32\NeroCheck.exe O4 - HKLM\..\Run: [NAV Agent] C:\PROGRA~1\NORTON~1\navapw32.exe O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [76986330.exe] C:\WINDOWS\System32\76986330.exe O4 - HKLM\..\Run: [ynjzeixm] C:\WINDOWS\tjvdws.exe O4 - HKLM\..\Run: [EKRXB] C:\WINDOWS\EKRXB.exe O4 - HKLM\..\Run: [FLSYFMSZG] C:\WINDOWS\FLSYFMSZG.exe O4 - HKLM\..\Run: [PVZGMTZ] C:\WINDOWS\PVZGMTZ.exe O4 - HKLM\..\Run: [QEKRELRY] C:\WINDOWS\QEKRELRY.exe O4 - HKLM\..\Run: [TotalRecorderScheduler] "C:\Program Files\HighCriteria\TotalRecorder\TotRecSched.exe" O4 - HKLM\..\Run: [WeatherOnTray] C:\Program Files\Hotbar\bin\4.4.6.0\WeatherOnTray.exe O4 - HKLM\..\Run: [ogejgcgl] C:\WINDOWS\System32\avhswq.exe O4 - HKLM\..\Run: [VVSN] C:\Program Files\VVSN\VVSN.exe O4 - HKLM\..\Run: [zal] C:\WINDOWS\zal.exe O4 - HKLM\..\Run: [Mwsvm] C:\WINDOWS\mwsvm.exe O4 - HKLM\..\Run: [stcinstaller] c:\installer\id53.exe O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe O4 - HKCU\..\Run: [NOMAD Detector] "C:\Program Files\Creative\SBAudigy\PlayCenter2\CTNMRun.exe" O4 - HKCU\..\Run: [TaskTray] "C:\Program Files\Creative\TaskBar\CTLTray.exe" O4 - HKCU\..\Run: [TaskBar] "C:\Program Files\Creative\TaskBar\CTLTask.exe" O4 - HKCU\..\Run: [MessengerPlus2] "C:\Program Files\Messenger Plus! 2\MsgPlus.exe" /WinStart O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE O9 - Extra 'Tools' menuitem: Sun Java Console (HKLM) O9 - Extra button: Messenger (HKLM) O9 - Extra 'Tools' menuitem: Windows Messenger (HKLM) O16 - DPF: {00000000-0000-0000-0000-000020030000} - http://www.accessoveloce.com/mar/x/igmp1f.exe O16 - DPF: {003FADA5-8FEE-11D6-AFB7-0004768F6183} (CryptoRSA Control) - https://www.p3.postbank.nl/sesam/CAX.cab O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} (Creative Software AutoUpdate) - http://www.creative.com/SU/ocx/12119/CTSUEng.cab O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.imgfarm.com/images/nocache/funwebproducts/ei/SmileyCentralInitialSetup1.0.0.8.cab O16 - DPF: {23B7A816-3647-49D2-9756-6F41CE8F9201} (ddm_download.ddm_control) - http://download.rfwnad.com/cab/ddm_control.CAB O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab O16 - DPF: {31B7EB4E-8B4B-11D1-A789-00A0CC6651A8} (Cult3D ActiveX Player) - http://www.cult3d.com/download/cult.cab O16 - DPF: {33564D57-0000-0010-8000-00AA00389B71} - http://download.microsoft.com/download/F/6/E/F6E491A6-77E1-4E20-9F5F-94901338C922/wmv9VCM.CAB O16 - DPF: {62789780-B744-11D0-986B-00609731A21D} (Autodesk MapGuide ActiveX Control) - http://pub.plan.at/mgaxctrlde.cab O16 - DPF: {841A9192-5690-11D4-A258-0040954A01BE} (DialXSCtl Object) - http://dialxs.nl/install/dialxs.ocx O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab O16 - DPF: {C4925E65-7A1E-11D2-8BB4-00A0C9CC72C3} (Virtools WebPlayer Class) - http://a532.g.akamai.net/f/532/6712/1d/player.virtools.com/downloads/player/Install2.1/Installer.exe O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab O16 - DPF: {F5192746-22D6-41BD-9D2D-1E75D14FBD3C} (ddm_download.ddm_control) - http://download.rfwnad.com/cab/crack.CAB O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://www.creative.com/SU/ocx/12119/CTPID.cab O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab
  • Ik ga even kijken voor je.
  • Open je taakmanager en beieindig het proces: VVSN.EXE Draai HijackThis opnieuw en verwijder de volgende items: R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = O2 - BHO: IE Agent - {00000000-0000-0000-0000-000000000221} - C:\Program Files\ClearSearch\CSIE.DLL (file missing) O2 - BHO: (no name) - {000020DD-C72E-4113-AF77-DD56626C6C42} - C:\WINDOWS\twaintec.dll O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\Updreg.exe O4 - HKLM\..\Run: [76986330.exe] C:\WINDOWS\System32\76986330.exe O4 - HKLM\..\Run: [ynjzeixm] C:\WINDOWS\tjvdws.exe O4 - HKLM\..\Run: [EKRXB] C:\WINDOWS\EKRXB.exe O4 - HKLM\..\Run: [FLSYFMSZG] C:\WINDOWS\FLSYFMSZG.exe O4 - HKLM\..\Run: [PVZGMTZ] C:\WINDOWS\PVZGMTZ.exe O4 - HKLM\..\Run: [QEKRELRY] C:\WINDOWS\QEKRELRY.exe O4 - HKLM\..\Run: [WeatherOnTray] C:\Program Files\Hotbar\bin\4.4.6.0\WeatherOnTray.exe O4 - HKLM\..\Run: [ogejgcgl] C:\WINDOWS\System32\avhswq.exe O4 - HKLM\..\Run: [VVSN] C:\Program Files\VVSN\VVSN.exe O4 - HKLM\..\Run: [zal] C:\WINDOWS\zal.exe O4 - HKLM\..\Run: [Mwsvm] C:\WINDOWS\mwsvm.exe O4 - HKLM\..\Run: [stcinstaller] c:\installer\id53.exe O16 - DPF: {00000000-0000-0000-0000-000020030000} - http://www.accessoveloce.com/mar/x/igmp1f.exe O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.imgfarm.com/images/nocache/funwebproducts/ei/SmileyCentralInitialSetup1.0.0.8.cab O16 - DPF: {23B7A816-3647-49D2-9756-6F41CE8F9201} (ddm_download.ddm_control) - http://download.rfwnad.com/cab/ddm_control.CAB O16 - DPF: {841A9192-5690-11D4-A258-0040954A01BE} (DialXSCtl Object) - http://dialxs.nl/install/dialxs.ocx O16 - DPF: {C4925E65-7A1E-11D2-8BB4-00A0C9CC72C3} (Virtools WebPlayer Class) - http://a532.g.akamai.net/f/532/6712/1d/player.virtools.com/downloads/player/Install2.1/Installer.exe O16 - DPF: {F5192746-22D6-41BD-9D2D-1E75D14FBD3C} (ddm_download.ddm_control) - http://download.rfwnad.com/cab/crack.CAB Herstart nu in veilige modus en met alle bestanden weergeven aan, en verwijder indien aanwezig: C:\WINDOWS\tjvdws.exe <= dit bestand C:\WINDOWS\EKRXB.exe <= dit bestand C:\WINDOWS\FLSYFMSZG.exe <= dit bestand C:\WINDOWS\PVZGMTZ.exe <= dit bestand C:\WINDOWS\QEKRELRY.exe <= dit bestand C:\Program Files\Hotbar <= dit bestand C:\WINDOWS\System32\avhswq.exe <= dit bestand C:\Program Files\VVSN <= dit bestand C:\WINDOWS\zal.exe <= dit bestand C:\WINDOWS\mwsvm.exe <= dit bestand c:\installer\id53.exe <= dit bestand Herstart en zet een nieuw Hijacklog in je volgende bericht.
  • Verplaatst naar Beveiliging & Privacy
  • Enorm bedankt. Het was een supersnelle reactie en alles werkt nu weer prima.

Beantwoord deze vraag

Weet jij het antwoord op deze vraag? Registreer of meld je aan met je account

Dit is een gearchiveerde pagina. Antwoorden is niet meer mogelijk.