Vraag & Antwoord

Beveiliging & privacy

Hijack log v1.1

2 antwoorden
  • Logfile of HijackThis v1.99.0 Scan saved at 13:41:19, on 30/12/2004 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\RunDll32.exe C:\WINDOWS\system32\rundll32.exe C:\Program Files\F-Secure\Common\FSM32.EXE C:\WINDOWS\system32\ctfmon.exe C:\Program Files\MSN Messenger\msnmsgr.exe C:\WINDOWS\system32\NotifyPhoneBook.exe C:\Program Files\F-Secure\BackWeb\7681197\Program\BackWeb-7681197.exe C:\Program Files\Internet Explorer\iexplore.exe c:\progra~1\intern~1\iexplore.exe C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe C:\Program Files\Hijack\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.jnknjgfsbbngjyyqlh.net/lGXvIJTBg_XmvoVqVwUhSfq4a_ACEyWVLc97U/SV3bjyawHeFpD7pKG9yEgJLAN3.html R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.iltliwipdqxaegsu.com/lGXvIJTBg_U38hsM_Y2Rp9KGqrwPe0J3SN2JwIqiyk0.html R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: C:\WINDOWS\lbbho.dll - {E603EAFE-2950-4D72-BBEA-8D8608C87C15} - C:\WINDOWS\lbbho.dll O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll O4 - HKLM\..\Run: [SiSUSBRG] C:\WINDOWS\SiSUSBrg.exe O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd O4 - HKLM\..\Run: [AME_CSA] rundll32 amecsa.cpl,RUN_DLL O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\F-Secure\Common\FSM32.EXE" /splash O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\F-Secure\TNB\TNBUtil.exe" /CHECKALL O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [Easy-PrintToolBox] C:\Program Files\Canon\Easy-PrintToolBox\BJPSMAIN.EXE /logon O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [movebags] C:\DOCUME~1\Debora\APPLIC~1\ABOUTS~1\Jump Rect.exe O4 - HKCU\..\Run: [FragPureSiteMove] C:\Documents and Settings\All Users\Application Data\dalespamfragpure\flaw copy.exe O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O17 - HKLM\System\CCS\Services\Tcpip\..\{22C7AF7B-C6CA-4ABF-A203-D77FD7B78441}: NameServer = 195.238.2.22 195.238.2.21 O23 - Service: F-Secure Automatic Update - Unknown - C:\PROGRA~1\F-Secure\BackWeb\7681197\Program\SERVIC~1.EXE O23 - Service: F-Secure Gatekeeper Handler Starter - Unknown - C:\Program Files\F-Secure\Anti-Virus\fsgk32st.exe O23 - Service: F-Secure Network Request Broker - F-Secure Corporation - C:\Program Files\F-Secure\Common\FNRB32.EXE O23 - Service: fsbwsys - Unknown - C:\Program Files\F-Secure\BackWeb\7681197\program\fsbwsys.exe O23 - Service: F-Secure Anti-Virus Firewall Daemon - F-Secure Corporation - C:\Program Files\F-Secure\FWES\Program\fsdfwd.exe O23 - Service: F-Secure Management Agent - F-Secure Corporation - C:\Program Files\F-Secure\Common\FSMA32.EXE
  • Volgende fixen: [b:992f9fa680]R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.jnknjgfsbbngjyyqlh.net/lGXvIJTBg_XmvoVqVwUhSfq4a_ACEyWVLc97U/SV3bjyawHeFpD7pKG9yEgJLAN3.html R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.iltliwipdqxaegsu.com/lGXvIJTBg_U38hsM_Y2Rp9KGqrwPe0J3SN2JwIqiyk0.html O2 - BHO: C:\WINDOWS\lbbho.dll - {E603EAFE-2950-4D72-BBEA-8D8608C87C15} - C:\WINDOWS\lbbho.dll [/b:992f9fa680] Daarna in veilige mode C:\WINDOWS\lbbho.dll verwijderen Sjaak

Beantwoord deze vraag

Weet jij het antwoord op deze vraag? Registreer of meld je aan met je account

Dit is een gearchiveerde pagina. Antwoorden is niet meer mogelijk.