Op deze website gebruiken we cookies om content en advertenties te personaliseren, om functies voor social media te bieden en om ons websiteverkeer te analyseren. Ook delen we informatie over uw gebruik van onze site met onze partners voor social media, adverteren en analyse. Deze partners kunnen deze gegevens combineren met andere informatie die u aan ze heeft verstrekt of die ze hebben verzameld op basis van uw gebruik van hun services. Meer informatie.

Akkoord

Vraag & Antwoord

Beveiliging & privacy

hijackthis log

M@rc
1 antwoord
  • Ik heb bij een kennis de pc naar gekeken en naar gescaned te hebben met adaware en ewido en uren bezig geweest te zijn met het weg klikken van besmette bestanden (1454) plaats ik hier een log om door iemand te laten checken wat er nog meer verwijdert kan worden op die pc.

    alvast vriendelijk bedankt!!

    Logfile of HijackThis v1.99.1
    Scan saved at 1:28:02 AM, on 4/13/2006
    Platform: Windows XP (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 (6.00.2600.0000)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\rundll32.exe C:\Apps\ActivBoard
    hksrv.exe C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe C:\Program Files\ewido anti-malware\ewidoctrl.exe C:\Program Files\ewido anti-malware\ewidoguard.exe C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe C:\WINDOWS\System32
    vsvc32.exe C:\WINDOWS\system32\slserv.exe C:\Program Files\Virtual CD v4 SDK\system\vcssecs.exe C:\PROGRA~1\MOUSEW~1\SYSTEM\EM_EXEC.EXE
    C:\Apps\ActivBoard\MMKeybd.exe C:\apps\ActivSurf\4448364\Program\backweb-4448364.exe
    C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE
    C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe
    C:\Program Files\QuickTime\qttask.exe C:\Apps\ActivBoard\TrayMon.exe C:\Apps\ActivBoard\OSD.exe C:\Program Files\@Home veiligheid\AntiVirus\AVRealTime.exe
    C:\Program Files\Messenger\msmsgs.exe
    C:\Program Files\MSN Messenger\MsnMsgr.Exe
    C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe
    C:\Program Files\Samsung\Digimax Viewer 2.1\STImgBrowser.exe C:\Program Files\LimeWire\LimeWire.exe C:\WINDOWS\explorer.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Documents and Settings\Huub\Local Settings\Temp\Tijdelijke map 1 voor
    hijackthis.zip\HijackThis.exe

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
    http://start.home.nl/
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) =
    http://g.msn.nl/0SENLNL/SAOS01?FORM=TOOLBR
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft
    Internet Explorer provided by @Home
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet
    Settings,ProxyServer = proxy:8080
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    Koppelingen
    O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} -
    C:\WINDOWS\System32\msdxm.ocx
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE NvQTwk,NvCplDaemon initialize O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet O4 - HKLM\..\Run: [EM_EXEC] C:\PROGRA~1\MOUSEW~1\SYSTEM\EM_EXEC.EXE
    O4 - HKLM\..\Run: [ACTIVBOARD] C:\Apps\ActivBoard\MMKeybd.exe O4 - HKLM\..\Run: [ClickMe] C:\apps\ClickMe\ClickMe.exe O4 - HKLM\..\Run: [ActivSurf]
    C:\apps\ActivSurf\4448364\Program\backweb-4448364.exe
    O4 - HKLM\..\Run: [EPSON Stylus C42 Series]
    C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE /P23 "EPSON Stylus
    C42 Series" /O6 "USB001" /M "Stylus C42"
    O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program
    Files\Java\jre1.5.0_03\bin\jusched.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe"
    -atboottime
    O4 - HKLM\..\Run: [outlook] C:\Program Files\outlook\outlook.exe /auto O4 - HKLM\..\Run: [Preventon RealTime Antivirus] C:\Program Files\@Home
    veiligheid\AntiVirus\AVRealTime.exe
    O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe"
    /background
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe"
    /background
    O4 - HKCU\..\Run: [Gadwin PrintScreen 3.1] C:\Program Files\Gadwin
    Systems\PrintScreen\PrintScreen.exe /nosplash
    O4 - HKCU\..\Run: [Ocrm] "C:\WINDOWS\System32\MBOLS~1\wuauclt.exe" -vt yazr O4 - HKCU\..\Run: [Uol] C:\Documents and Settings\Huub\Mijn
    documenten\??sembly\?canregw.exe
    O4 - Global Startup: Digimax Viewer 2.1.lnk = ?
    O9 - Extra button: Packard Bell - {1D49B7D4-524D-4ac9-BC34-B4822CAE4BB1} -
    C:\Apps\IECustom\script.htm
    O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} -
    C:\WINDOWS\System32\Shdocvw.dll
    O9 - Extra button: Money Viewer - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} -
    C:\Program Files\Microsoft Money\System\mnyviewer.dll
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} -
    C:\Program Files\Messenger\MSMSGS.EXE
    O9 - Extra 'Tools' menuitem: Windows Messenger -
    {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program
    Files\Messenger\MSMSGS.EXE
    O14 - IERESET.INF: START_PAGE_URL=http://start.home.nl/
    O16 - DPF: {193C772A-87BE-4B19-A7BB-445B226FE9A1} (ewidoOnlineScan Control)
    - http://download.ewido.net/ewidoOnlineScan.cab
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) -
    http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1144105684030
    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) -
    http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1144105670077
    O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer
    Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
    O16 - DPF: {AB9820A0-02A9-11D5-A72F-004F4E002BD6} (JFC Classes) -
    http://igweb07.iamgame.com/java2/cabs/swing.cab
    O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF}
    (MsnMessengerSetupDownloadControl Class) -
    http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
    O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) -
    http://game09.zylom.com/activex/zylomgamesplayer.cab
    O16 - DPF: {DEB21AD3-FDA4-42F6-B57D-EE696A675EE8} (IPSUploader Control) -
    http://as.photoprintit.de/ips-opdata/74914090/activex/IPSUploader.cab
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} -
    "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
    O20 - Winlogon Notify: Dynamic Directory -
    C:\WINDOWS\system32\l26olcj31fo.dll
    O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON
    CORPORATION - C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe O23 - Service: ewido security suite control - ewido networks - C:\Program
    Files\ewido anti-malware\ewidoctrl.exe
    O23 - Service: ewido security suite guard - ewido networks - C:\Program
    Files\ewido anti-malware\ewidoguard.exe
    O23 - Service: Netropa NHK Server (nhksrv) - Unknown owner -
    C:\Apps\ActivBoard
    hksrv.exe
    O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation -
    C:\WINDOWS\System32
    vsvc32.exe
    O23 - Service: SmartLinkService (SLService) - -
    C:\WINDOWS\SYSTEM32\slserv.exe
    O23 - Service: Virtual CD v4 Security service (SDK - Version) (VCSSecS) -
    H+H Software GmbH - C:\Program Files\Virtual CD v4
    H+SDK\system\vcssecs.exe
    O23 - Service: wins(WINS) (wins) - Unknown owner -
    C:\WINDOWS\system32\winscntrl.exe (file missing)

    _________________________________________________________________
    Een audiogesprek? Pak Messenger, niet de telefoon
    http://www1.imagine-msn.com/Messenger/Video.aspx



Beantwoord deze vraag

Dit is een gearchiveerde pagina. Antwoorden is niet meer mogelijk.