Op deze website gebruiken we cookies om content en advertenties te personaliseren, om functies voor social media te bieden en om ons websiteverkeer te analyseren. Ook delen we informatie over uw gebruik van onze site met onze partners voor social media, adverteren en analyse. Deze partners kunnen deze gegevens combineren met andere informatie die u aan ze heeft verstrekt of die ze hebben verzameld op basis van uw gebruik van hun services. Meer informatie.

Akkoord

Vraag & Antwoord

Beveiliging & privacy

hijackthis log

None
3 antwoorden
  • Wie kan mijn Hijackthis logfile bekijken en beoordelen

    Logfile of HijackThis v1.97.7
    Scan saved at 21:53:01, on 22-9-2004
    Platform: Windows XP (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 (6.00.2600.0000)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\System32\inetsrv\inetinfo.exe
    C:\WINDOWS\System32
    vsvc32.exe
    C:\WINDOWS\System32\tcpsvcs.exe
    C:\WINDOWS\System32\snmp.exe
    C:\WINDOWS\system32\ZoneLabs\vsmon.exe
    C:\WINDOWS\System32\mqsvc.exe
    C:\WINDOWS\System32\mqtgsvc.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\System32\P2P Networking\P2P Networking.exe
    D:\Program Files\SETI@home\SETI@home.exe
    C:\Program Files\Messenger\msmsgs.exe
    D:\Program Files\Zone Labs\ZoneAlarm\zonealarm.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Internet Explorer\IEXPLORE.EXE
    D:\Program Files\wincmd\WinCmd32.exe
    D:\Temp\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.zdefkwabpiakwnbgtaqjpt.uk/yUq1XmuWftIWuLS7MU58ndh_aCpQhABfYIk3c19e_II.htm
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.netscape.com
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://start.home.nl/
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.pvxmxvkobiavckjcqetnnc.net/yUq1XmuWftLdwKZSeCzH813GPwDYAGJ7V5P699V_oZd0CGU35g9OKsF1CpRfbaiq.html
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer aangeboden door @Home
    R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://keyword.netscape.com/keyword/%s
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = proxy:8080
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Startpagina = file:///C:/Program%20Files/Plus18Point/Portal/portal.html
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak = http://zznvpkocjuxpeb.com/yUq1XmuWftIWuLS7MU58ncmbLYFdzIVWYIk3c19e_II.html
    R3 - URLSearchHook: (no name) - _{855F3B16-6D32-4fe6-8A56-BBB695989046} - (no file)
    R3 - URLSearchHook: (no name) - _{00D6A7E7-4A97-456f-848A-3B75BF7554D7} - (no file)
    N1 - Netscape 4: user_pref("browser.startup.homepage", "http://www.rujzyrgqkzdvhxenf.org/yUq1XmuWftIWuLS7MU58nVdF_5BKecB_YIk3c19e_II.jpg"); (C:\Program Files\Netscape\Users\kielman\prefs.js)
    N3 - Netscape 7: user_pref("browser.startup.homepage", "http://start.home.nl"); (C:\Documents and Settings\Bert\Application Data\Mozilla\Profiles\default\q5np22jl.slt\prefs.js)
    N3 - Netscape 7: user_pref("browser.search.defaultengine", "engine://C%3A%5CProgram%20Files%5CNetscape%5CNetscape%5Csearchplugins%5CSBWeb_02.src"); (C:\Documents and Settings\Bert\Application Data\Mozilla\Profiles\default\q5np22jl.slt\prefs.js)
    O2 - BHO: myBar BHO - {0494D0D1-F8E0-41ad-92A3-14154ECE70AC} - C:\Program Files\MyWay\myBar\2.bin\MYBAR.DLL
    O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - D:\Program Files\Spybot - Search & Destroy\SDHelper.dll
    O2 - BHO: (no name) - {DCF7B65F-D35E-CA8B-903C-5FC5CA8EC0DA} - C:\PROGRA~1\DATAVG~1\Live roam.exe
    O3 - Toolbar: MSN Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar\01.01.1601.0
    l\msntb.dll
    O3 - Toolbar: My &Search Bar - {0494D0D9-F8E0-41ad-92A3-14154ECE70AC} - C:\Program Files\MyWay\myBar\2.bin\MYBAR.DLL
    O3 - Toolbar: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQToolbar\toolbaru.dll
    O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [P2P Networking] C:\WINDOWS\System32\P2P Networking\P2P Networking.exe /AUTOSTART
    O4 - HKCU\..\Run: [seticlient] D:\Program Files\SETI@home\SETI@home.exe -min
    O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
    O4 - Global Startup: ZoneAlarm.lnk = D:\Program Files\Zone Labs\ZoneAlarm\zonealarm.exe
    O8 - Extra context menu item: &ICQ Toolbar Search - res://C:\Program Files\ICQToolbar\toolbaru.dll/SEARCH.HTML
    O9 - Extra button: ICQ 4 (HKLM)
    O9 - Extra 'Tools' menuitem: ICQ Lite (HKLM)
    O9 - Extra button: Messenger (HKLM)
    O9 - Extra 'Tools' menuitem: Messenger (HKLM)
    O14 - IERESET.INF: START_PAGE_URL=http://start.home.nl/
    O16 - DPF: {1D6711C8-7154-40BB-8380-3DEA45B69CBF} (Web P2P Installer) -
    O16 - DPF: {33564D57-0000-0010-8000-00AA00389B71} - http://download.microsoft.com/download/F/6/E/F6E491A6-77E1-4E20-9F5F-94901338C922/wmv9VCM.CAB
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5consumer/V5Controls/en/x86/client/wuweb_site.cab?1095186354592
    O16 - DPF: {841A9192-5690-11D4-A258-0040954A01BE} (DialXSCtl Object) - http://dialxs.nl/install/dialxs.ocx
    O16 - DPF: {C3DFA998-A486-11D4-AA25-00C04F72DAEB} (MSN Photo Upload Tool) - http://sc.groups.msn.com/controls/PhotoUC/MsnPUpld.cab
    O16 - DPF: {CA034DCC-A580-4333-B52F-15F98C42E04C} (Downloader Class) - http://www.stopzilla.com/_download/Auto_Installer/dwnldr.cab
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab

  • Deze fixen in hijackthis

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.zdefkwabpiakwnbgtaqjpt.uk/yUq1XmuWftIWuLS7MU58ndh_aCpQhABfYIk3c19e_II.htm
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.pvxmxvkobiavckjcqetnnc.net/yUq1XmuWftLdwKZSeCzH813GPwDYAGJ7V5P699V_oZd0CGU35g9OKsF1CpRfbaiq.html
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Startpagina = file:///C:/Program%20Files/Plus18Point/Portal/portal.html
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak = http://zznvpkocjuxpeb.com/yUq1XmuWftIWuLS7MU58ncmbLYFdzIVWYIk3c19e_II.html
    R3 - URLSearchHook: (no name) - _{855F3B16-6D32-4fe6-8A56-BBB695989046} - (no file)
    R3 - URLSearchHook: (no name) - _{00D6A7E7-4A97-456f-848A-3B75BF7554D7} - (no file)
    O2 - BHO: myBar BHO - {0494D0D1-F8E0-41ad-92A3-14154ECE70AC} - C:\Program Files\MyWay\myBar\2.bin\MYBAR.DLL
    O2 - BHO: (no name) - {DCF7B65F-D35E-CA8B-903C-5FC5CA8EC0DA} - C:\PROGRA~1\DATAVG~1\Live roam.exe
    O3 - Toolbar: My &Search Bar - {0494D0D9-F8E0-41ad-92A3-14154ECE70AC} - C:\Program Files\MyWay\myBar\2.bin\MYBAR.DLL
    O4 - HKLM\..\Run: [P2P Networking] C:\WINDOWS\System32\P2P Networking\P2P Networking.exe /AUTOSTART
    O16 - DPF: {1D6711C8-7154-40BB-8380-3DEA45B69CBF} (Web P2P Installer) -
    O16 - DPF: {841A9192-5690-11D4-A258-0040954A01BE} (DialXSCtl Object) - http://dialxs.nl/install/dialxs.ocx

    Hmmm.. ik mis hier wel iets, nl. de exe die verantwoordelijk is voor je plus18point, tenzij het weer een
    nieuwe variant is.. en ik die blijkbaar over het hoofd zie..

    Verder pc in veilige mode rebooten en volgende wissen:

    C:\WINDOWS\System32\P2P Networking\ <== deze map
    C:\PROGRA~1\DATAVG~1\Live roam.exe
    C:\Program Files\MyWay\ <== deze map
  • Probeer van tevoren switch te deinstaleren in software in het configuratiescherm,

    Volg de instructies van Miekiemoes op, daarna even herstarten en een nieuwe log posten met deze versie:
    http://www.majorgeeks.com/downloadget.php?id=3155&file=3&evp=3304750663b552982a8baee6434cfc13

    @Miekiemoes, ik zie ook geen ander item van switch, probeer trouwens wel altijd switch in het configuratiescherm onder software eruit te gooien,

    Edit: deze ook fixen, is pretpakket van msn+ in netscape versie,
    [list:6c8def0961][b:6c8def0961]
    N1 - Netscape 4: user_pref("browser.startup.homepage", "http://www.rujzyrgqkzdvhxenf.org/yUq1XmuWftIWuLS7MU58nVdF_5BKecB_YIk3c19e_II.jpg"); (C:\Program Files\Netscape\Users\kielman\prefs.js)[/b:6c8def0961][/list:u:6c8def0961]

Beantwoord deze vraag

Dit is een gearchiveerde pagina. Antwoorden is niet meer mogelijk.