Op deze website gebruiken we cookies om content en advertenties te personaliseren, om functies voor social media te bieden en om ons websiteverkeer te analyseren. Ook delen we informatie over uw gebruik van onze site met onze partners voor social media, adverteren en analyse. Deze partners kunnen deze gegevens combineren met andere informatie die u aan ze heeft verstrekt of die ze hebben verzameld op basis van uw gebruik van hun services. Meer informatie.

Akkoord

Vraag & Antwoord

Beveiliging & privacy

nog een logje

jayday
4 antwoorden
  • hier nog een hijackThis log van een vriendin van me…

    Ze kreeg vanalles zoals Casino etc…


    Logfile of HijackThis v1.98.0
    Scan saved at 20:51:04, on 18-7-04
    Platform: Windows 98 SE (Win9x 4.10.2222A)
    MSIE: Internet Explorer v6.00 (6.00.2600.0000)

    Running processes:
    C:\WINDOWS\SYSTEM\KERNEL32.DLL
    C:\WINDOWS\SYSTEM\MSGSRV32.EXE
    C:\WINDOWS\SYSTEM\SPOOL32.EXE
    C:\WINDOWS\SYSTEM\MPREXE.EXE
    C:\PROGRAM FILES\NETWORK ASSOCIATES\MCAFEE VIRUSSCAN\VSHWIN32.EXE
    D:\SYSTEM WORKS\NORTON CLEANSWEEP\CSINJECT.EXE
    C:\PROGRAM FILES\COMMON FILES\SYMANTEC SHARED\SYMTRAY.EXE
    E:\MSN 6.11\MSGPLUS.EXE
    C:\WINDOWS\SYSTEM\mmtask.tsk
    C:\PROGRAM FILES\NETWORK ASSOCIATES\MCAFEE VIRUSSCAN\VSSTAT.EXE
    C:\WINDOWS\EXPLORER.EXE
    C:\WINDOWS\TASKMON.EXE
    C:\WINDOWS\SYSTEM\SYSTRAY.EXE
    C:\WINDOWS\ANVSHELL.EXE
    C:\PROGRAM FILES\NETWORK ASSOCIATES\MCAFEE VIRUSSCAN\AVCONSOL.EXE
    C:\WINDOWS\SYSTEM\STIMON.EXE
    C:\PROGRAM FILES\COMMON FILES\EACCELERATION\DOWNLOAD.EXE
    C:\WINDOWS\LOADQM.EXE
    C:\PROGRAM FILES\NTS\WANADOO CABLE\APP\ENTERNET.EXE
    C:\WINDOWS\SYSTEM\QTTASK.EXE
    C:\PROGRAM FILES\ACCELERATION SOFTWARE\ANTI-VIRUS\DEFSCANGUI.EXE
    C:\WINDOWS\SYSTEM\ID85255.EXE
    C:\PROGRAM FILES\COMMON FILES\CMEII\CMESYS.EXE
    C:\WINDOWS\SYSTEM\MS7531.EXE
    C:\WINDOWS\SYSTEM\MSCNT.EXE
    C:\WINDOWS\RUNDLL32.EXE
    D:\PROGRAM FILES\WANADOO\UPTODATEMATE\UPTODATEMATE.EXE
    C:\PROGRAM FILES\COMMON FILES\EACCELERATION\SYSTIMER.EXE
    C:\PROGRAM FILES\MSN MESSENGER\MSNMSGR.EXE
    D:\PROGRAM FILES\E-COLOR\TRUE INTERNET COLOR\TICICON.EXE
    D:\PROGRAM FILES\CAERE\PAGEKEEPER30\SYSTEM\PKJOBS.EXE
    C:\WINDOWS\SYSTEM\WMIEXE.EXE
    C:\PROGRAM FILES\PRECISIONTIME\PRECISIONTIME.EXE
    D:\SYSTEM WORKS\NORTON CLEANSWEEP\CSINSM32.EXE
    C:\PROGRAM FILES\COMMON FILES\GMT\GMT.EXE
    D:\System Works\Norton CleanSweep\Monwow.exe
    D:\PROGRAM FILES\CAERE\PAGEKEEPER30\SYSTEM\PKTOPASS.EXE
    D:\PROGRAM FILES\CAERE\PAGEKEEPER30\SYSTEM\PKSLAPI.EXE
    C:\WINDOWS\SYSTEM\INTERNAT.EXE
    C:\WINDOWS\SYSTEM\DDHELP.EXE
    E:\MSN 6.11\HIJACKTHIS.EXE

    R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = http://searchbar.linksummary.com/
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.freehqmovies.com/enter.php
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://searchbar.linksummary.com/
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://mysearchnow.com/searchbar.html
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://mysearchnow.com/searchbar.html
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = C:\WINDOWS\SYSTEM\ms7531.html
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.freehqmovies.com/enter.php
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.freehqmovies.com/search/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://searchbar.linksummary.com/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://mysearchnow.com/searchbar.html
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://mysearchnow.com/searchbar.html
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.freehqmovies.com/enter.php
    R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://mysearchnow.com/searchbar.html
    R1 - HKCU\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://www.freehqmovies.com/search/
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://mysearchnow.com/searchbar.html
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://www.freehqmovies.com/search/
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Startpagina = C:\WINDOWS\SYSTEM\ms7531.html
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = http://www.freehqmovies.com/enter.php
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer aangeboden door Cable Wanadoo V1.0b NL
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
    O1 - Hosts: 216.65.3.76 auto.search.msn.com
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\READER\ACTIVEX\ACROIEHELPER.OCX
    O2 - BHO: Hotbar - {B195B3B3-8A05-11D3-97A4-0004ACA6948E} - C:\PROGRAM FILES\HOTBAR\BIN\4.3.5.0\HBHOSTIE.DLL (file missing)
    O2 - BHO: Testthunkadmin - {48A63C7A-A0F5-9838-2AD2-73B2C0A869AC} - C:\PROGRAM FILES\SKIPLONG\DELETEDALE.DLL
    O2 - BHO: URLLink Class - {4A2AACF3-ADF6-11D5-98A9-00E018981B9E} - C:\Program Files\NewDotNet
    ewdotnet6_30.dll
    O3 - Toolbar: &Hotbar - {B195B3B3-8A05-11D3-97A4-0004ACA6948E} - C:\PROGRAM FILES\HOTBAR\BIN\4.3.5.0\HBHOSTIE.DLL (file missing)
    O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
    O3 - Toolbar: Bits Global Funk - {374E9581-706C-822F-0576-E05BF0933798} - C:\PROGRAM FILES\SKIPLONG\DELETEDALE.DLL
    O4 - HKLM\..\Run: [ScanRegistry] C:\WINDOWS\scanregw.exe /autorun
    O4 - HKLM\..\Run: [Taakcontrole] C:\WINDOWS\taskmon.exe
    O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
    O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
    O4 - HKLM\..\Run: [anvshell] anvshell.exe
    O4 - HKLM\..\Run: [hpppta] C:\Program Files\Hewlett-Packard\HP PrecisionScan\PrecisionScan Pro\hpppta.exe /ICON
    O4 - HKLM\..\Run: [AvconsoleEXE] C:\Program Files\Network Associates\McAfee VirusScan\avconsol.exe /minimize
    O4 - HKLM\..\Run: [VsecomrEXE] C:\Program Files\Network Associates\McAfee VirusScan\VSEcomR.EXE
    O4 - HKLM\..\Run: [Vshwin32EXE] C:\PROGRAM FILES\NETWORK ASSOCIATES\MCAFEE VIRUSSCAN\VSHWIN32.EXE
    O4 - HKLM\..\Run: [VsStatEXE] C:\Program Files\Network Associates\McAfee VirusScan\VSSTAT.EXE /SHOWWARNING
    O4 - HKLM\..\Run: [NewsUpd] C:\Program Files\Creative\News\NewsUpd.EXE /q
    O4 - HKLM\..\Run: [StillImageMonitor] C:\WINDOWS\SYSTEM\STIMON.EXE
    O4 - HKLM\..\Run: [Eac_Download] C:\PROGRAM FILES\COMMON FILES\EACCELERATION\DOWNLOAD.EXE -k
    O4 - HKLM\..\Run: [LoadQM] loadqm.exe
    O4 - HKLM\..\Run: [KAZAA] D:\KAZAA\KAZAA.EXE /SYSTRAY
    O4 - HKLM\..\Run: [$EnterNet] C:\PROGRAM FILES\NTS\WANADOO CABLE\APP\EnterNet.exe -AutoStart
    O4 - HKLM\..\Run: [QuickTime Task] C:\WINDOWS\SYSTEM\QTTASK.EXE
    O4 - HKLM\..\Run: [WebScan] C:\PROGRAM FILES\ACCELERATION SOFTWARE\ANTI-VIRUS\DEFSCANGUI.EXE -k
    O4 - HKLM\..\Run: [Id8525] "C:\WINDOWS\SYSTEM\ID85255.EXE"
    O4 - HKLM\..\Run: [No Credit Card] c:\windows\plugin-19-nl.exe /m
    O4 - HKLM\..\Run: [Netherlands_sex] c:\program files\dialers
    etherlands_sex
    etherlands_sex.exe /noconnect
    O4 - HKLM\..\Run: [CMESys] "C:\PROGRAM FILES\COMMON FILES\CMEII\CMESYS.EXE"
    O4 - HKLM\..\Run: [startl.exe] "C:\PROGRAM FILES\LINGOCOM\startl.exe" ###
    O4 - HKLM\..\Run: [MS7531] "C:\WINDOWS\SYSTEM\MS7531.EXE"
    O4 - HKLM\..\Run: [NPROTECT] D:\System Works\Norton Utilities\NPROTECT.EXE
    O4 - HKLM\..\Run: [Mscnt] c:\windows\system\mscnt.exe /noconnect
    O4 - HKLM\..\Run: [Hotbar] C:\PROGRAM FILES\HOTBAR\BIN\4.3.5.0\HBINST.EXE /Upgrade
    O4 - HKLM\..\Run: [doespeak] C:\WINDOWS\APPLIC~1\slowfreedent\Hopeiso.exe
    O4 - HKLM\..\Run: [New.net Startup] rundll32 C:\PROGRA~1\NEWDOT~1\NEWDOT~1.DLL,NewDotNetStartup -s
    O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
    O4 - HKLM\..\RunServices: [SchedulingAgent] mstask.exe
    O4 - HKLM\..\RunServices: [Vshwin32EXE] C:\PROGRAM FILES\NETWORK ASSOCIATES\MCAFEE VIRUSSCAN\VSHWIN32.EXE
    O4 - HKLM\..\RunServices: [CSINJECT.EXE] D:\System Works\Norton CleanSweep\CSINJECT.EXE
    O4 - HKLM\..\RunServices: [NPROTECT] D:\System Works\Norton Utilities\NPROTECT.EXE
    O4 - HKLM\..\RunServices: [SymTray - Norton SystemWorks] C:\Program Files\Common Files\Symantec Shared\SymTray.exe "Norton SystemWorks"
    O4 - HKLM\..\RunServices: [MessengerPlus3] "E:\MSN 6.11\MsgPlus.exe"
    O4 - HKLM\..\RunOnce: [MPE0] "D:\System Works\Norton CleanSweep\csinsm32.exe" -s "D:\System Works\Norton CleanSweep\IM010280.CIL" rundll32.exe streamci,StreamingDeviceSetup {8E60217D-A2EE-47f8-B0C5-0F44C55F66DC},GLOBAL,{FD0A5AF4-B41D-11d2-9C95-00C04F7971E0},C:\WINDOWS\INF\mpe.inf,BDAcodec
    O4 - HKCU\..\Run: [UpToDateMate] D:\Program Files\Wanadoo\UpToDateMate\UpToDateMate.exe
    O4 - HKCU\..\Run: [Babylon Translator] D:\Program Files\Babylon\Babylon.exe
    O4 - HKCU\..\Run: [5-1-25-560] c:\windows\5-1-25-560.exe -m
    O4 - HKCU\..\Run: [5-1-26-38] c:\windows\5-1-26-38.exe -m
    O4 - HKCU\..\Run: [MessengerPlus3] "E:\MSN 6.11\MsgPlus.exe" /WinStart
    O4 - HKCU\..\Run: [msnmsgr] "C:\PROGRAM FILES\MSN MESSENGER\MSNMSGR.EXE" /background
    O4 - Startup: True Internet Color Icon.lnk = D:\Program Files\E-Color\True Internet Color\TICIcon.exe
    O4 - Startup: Microsoft Office.lnk = D:\Program Files\Microsoft Office\Office\OSA9.EXE
    O4 - Startup: SonnReg.lnk = D:\Program Files\E-Color\Registration\SonnReg.exe
    O4 - Startup: Adobe Gamma Loader.exe.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
    O4 - Startup: PageKeeper Taken.lnk = D:\Program Files\Caere\PageKeeper30\system\PKJobs.exe
    O4 - Startup: 3Deep.lnk = D:\Program Files\E-Color\3Deep\3Deepctl.exe
    O4 - Startup: GStartup.lnk = C:\Program Files\Common Files\GMT\GMT.exe
    O4 - Startup: PrecisionTime.lnk = C:\Program Files\PrecisionTime\PrecisionTime.exe
    O4 - Startup: EPSON Status Monitor 3 Environment Check.lnk = C:\WINDOWS\SYSTEM\E_SRCV03.EXE
    O4 - Startup: Date Manager.lnk = C:\Program Files\ecdc_v403a_up.exe
    O4 - Startup: CleanSweep Smart Sweep-Internet Sweep.lnk = D:\System Works\Norton CleanSweep\csinsm32.exe
    O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
    O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
    O9 - Extra button: ICQ Pro - {6224f700-cba3-4071-b251-47cb894244cd} - C:\Program Files\ICQ\ICQ.exe
    O9 - Extra 'Tools' menuitem: ICQ - {6224f700-cba3-4071-b251-47cb894244cd} - C:\Program Files\ICQ\ICQ.exe
    O9 - Extra button: Translate - {87680762-4A83-11B4-885B-0000E8ECA40F} - C:\PROGRAM FILES\LINGOCOM\Translator.lnk (file missing)
    O9 - Extra 'Tools' menuitem: Translator - {87680762-4A83-11B4-885B-0000E8ECA40F} - C:\PROGRAM FILES\LINGOCOM\Translator.lnk (file missing)
    O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe (file missing)
    O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe (file missing)
    O9 - Extra button: Winipcfg - {EA3F4D00-D938-11D4-A0DC-9CD60F37186D} - C:\WINDOWS\WINIPCFG.EXE (HKCU)
    O10 - Hijacked Internet access by New.Net
    O10 - Hijacked Internet access by New.Net
    O10 - Hijacked Internet access by New.Net
    O10 - Hijacked Internet access by New.Net
    O10 - Hijacked Internet access by New.Net
    O12 - Plugin for .spop: C:\PROGRA~1\INTERN~1\Plugins\NPDocBox.dll
    O20 - AppInit_DLLs: APITRAP.DLL

    BVD…


  • Daar staat zo verschrikkelijk veel rotzooi op, dat we eerst opruiming gaan houden.

    Download en update dan Ad-Aware en Spybot, herstart je computer in [b:dc545f9480]veilige modus[/b:dc545f9480] en scan je computer met deze twee programma's.
    Klaar herstart je computer dan.
    Download nu CWShredder. Run het programma en klik op de 'fix-button'.
    Herstart je computer nu.
    Draai nu een nieuw Hijacklog.
    Kopieer en plak de inhoud van dat logbestand in je volgende bericht.

    Dan gaan we de hijacker aanpakken met de lspfix, maar voer eerst bovenstaande uit.
  • Ja sorry het is niet mijn pc e die persoon kan ik waarschijnlijk morgen pas helpen maar tot zover bedankt…
  • babette zeker? :P

Beantwoord deze vraag

Dit is een gearchiveerde pagina. Antwoorden is niet meer mogelijk.