Vraag & Antwoord

Beveiliging & privacy

Hijackthis log, willen jullie die eens bekijken

3 antwoorden
  • Logfile of HijackThis v1.98.0 Scan saved at 21:52:01, on 23-9-2004 Platform: Windows XP SP1 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\csrss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\System32\CTsvcCDA.EXE C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe C:\Program Files\Network Associates\Common Framework\FrameworkService.exe C:\Program Files\Network Associates\VirusScan\Mcshield.exe C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe C:\WINDOWS\System32\nvsvc32.exe C:\PROGRA~1\NETWOR~1\COMMON~1\naPrdMgr.exe C:\WINDOWS\System32\snmp.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\SYSTEM32\ZoneLabs\vsmon.exe C:\WINDOWS\System32\MsPMSPSv.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Creative\ShareDLL\CtNotify.exe C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE C:\Program Files\QuickTime\qttask.exe C:\Program Files\Messenger Plus! 3\MsgPlus.exe C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe C:\Program Files\Common Files\Logitech\QCDriver2\LVCOMS.EXE C:\Program Files\ahead\InCD\InCD.exe C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb06.exe C:\Program Files\Creative\ShareDLL\MediaDet.Exe C:\Program Files\Creative\SBLive\AudioHQ\AHQTB.EXE c:\progra~1\intern~1\iexplore.exe C:\WINDOWS\System32\int1.exe C:\WINDOWS\System32\devldr32.exe C:\Program Files\Microsoft Office\Office\MSOFFICE.EXE C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\MSN Messenger\msnmsgr.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe C:\Download\HijackThis.EXE R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.sasuttkkepixnsdw.us/fceL7TnwHNI/IJw/9Cvqv_Z0WhXmLHz2FlVcjDvy7Og.html R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.cghzvmmtzcpxijg.net/fceL7TnwHNJceg4aunZEJNEQoM1JKYID/3XdayyT_d7BKEjjtxAi_Zw_UveB15He.html F0 - system.ini: Shell= F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe, O4 - HKLM\..\Run: [Disc Detector] C:\Program Files\Creative\ShareDLL\CtNotify.exe O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\Updreg.exe O4 - HKLM\..\Run: [ShStatEXE] "C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE" /STANDALONE O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE NvQTwk,NvCplDaemon initialize O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\Messenger Plus! 3\MsgPlus.exe" O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe" /StartedFromRunKey O4 - HKLM\..\Run: [LVCOMS] C:\Program Files\Common Files\Logitech\QCDriver2\LVCOMS.EXE O4 - HKLM\..\Run: [InCD] C:\Program Files\ahead\InCD\InCD.exe O4 - HKLM\..\Run: [hpsjbmgr] C:\SCANJET\PrecisionScanLT\hpsjbmgr.exe O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb06.exe O4 - HKLM\..\Run: [CTRegRun] C:\WINDOWS\CTRegRun.EXE O4 - HKLM\..\Run: [beep2] C:\PROGRA~1\TRAYLO~1\ATOMAXIS.exe O4 - HKLM\..\Run: [AudioHQ] C:\Program Files\Creative\SBLive\AudioHQ\AHQTB.EXE O4 - HKLM\..\Run: [AHQInit] C:\Program Files\Creative\SBLive\Program\AHQInit.exe O4 - HKLM\..\Run: [Classes] C:\WINDOWS\System32\int1.exe O4 - HKCU\..\Run: [SpySweeper] "C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe" /0 O4 - Startup: ASE Scheduler.lnk = C:\Program Files\Aluria Software\ASE\ASE Scheduler.exe O4 - Startup: Microsoft Office Werkbalk.Lnk = C:\Program Files\Microsoft Office\Office\MSOFFICE.EXE O4 - Global Startup: Cisco Systems VPN Client.lnk = C:\Program Files\Cisco Systems\VPN Client\vpngui.exe O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab30149.cab O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab30149.cab
  • ben bezig
  • Open taakbeheer (ctrl + alt + del) en kill dit process: [list:c92f6fa745][b:c92f6fa745]int1.exe[/b:c92f6fa745][/list:u:c92f6fa745] Sluit alle vensters en laat deze fixen: [list:c92f6fa745][b:c92f6fa745]R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.sasuttkkepixnsdw.us/fceL7TnwHNI/IJw/9Cvqv_Z0WhXmLHz2FlVcjDvy7Og.html R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.cghzvmmtzcpxijg.net/fceL7TnwHNJceg4aunZEJNEQoM1JKYID/3XdayyT_d7BKEjjtxAi_Zw_UveB15He.html O4 - HKLM\..\Run: [Classes] C:\WINDOWS\System32\int1.exe[/b:c92f6fa745][/list:u:c92f6fa745] Scan deze even bij kaspersky:[list:c92f6fa745][b:c92f6fa745]C:\PROGRA~1\TRAYLO~1\ATOMAXIS.exe[/b:c92f6fa745][/list:u:c92f6fa745] Herstart in veilige modus, laat [url=http://users.pandora.be/marcvn/spyware/1117602.htm]alle verborgen bestanden weergeven[/url] en verwijder indien nog aanwezig: [list:c92f6fa745][b:c92f6fa745]C:\WINDOWS\System32\int1.exe <--- deze file[/b:c92f6fa745][/list:u:c92f6fa745] Herstart en post een nieuwe log.

Beantwoord deze vraag

Weet jij het antwoord op deze vraag? Registreer of meld je aan met je account

Dit is een gearchiveerde pagina. Antwoorden is niet meer mogelijk.