Vraag & Antwoord

Beveiliging & privacy

Hijack log

Anoniem
Kjiratsiekoedel
4 antwoorden
  • Zou iemand hier even naar kunnen kijken??

    Bij voorbaat dank!!!

    ====================
    Logfile of HijackThis v1.97.7
    Scan saved at 21:04:22, on 8-7-2004
    Platform: Windows XP SP1 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\LEXBCES.EXE
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\AVPersonal\AVGUARD.EXE
    C:\WINDOWS\system32\LEXPPS.EXE
    C:\Program Files\AVPersonal\AVWUPSRV.EXE
    C:\WINDOWS\System32\DRIVERS\CDANTSRV.EXE
    C:\WINDOWS\system32\cisvc.exe
    C:\WINDOWS\system32\crypserv.exe
    C:\Program Files\Kerio\Personal Firewall 4\kpf4ss.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
    C:\WINDOWS\System32
    vsvc32.exe
    C:\WINDOWS\System32\tcpsvcs.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Kerio\Personal Firewall 4\kpf4gui.exe
    C:\Program Files\Kerio\Personal Firewall 4\kpf4gui.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
    C:\WINDOWS\System32\PRISMSTA.EXE
    C:\Program Files\SpeedUpMyPC\SpeedUpMyPC.exe
    C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe
    C:\Program Files\Power Management\PwrGui.EXE
    C:\Program Files\Lexmark X1100 Series\lxbkbmon.exe
    C:\WINDOWS\SOUNDMAN.EXE
    C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
    C:\WINDOWS\System32\taskswitch.exe
    C:\Program Files\AVPersonal\AVGNT.EXE
    C:\Program Files\MSN Messenger\MsnMsgr.Exe
    C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe
    C:\Program Files\SpeedUpMyPC\helper.exe
    C:\WINDOWS\system32\cidaemon.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Adobe\Acrobat 6.0\Reader\AcroRd32.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Documents and Settings\Mark van Katwijk\Bureaublad\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = C:\Program Files\Copernic Agent\Web\SearchBar.htm
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.nl/
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
    O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
    O2 - BHO: (no name) - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\RoboForm.dll
    O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
    O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\System32\\NeroCheck.exe
    O4 - HKLM\..\Run: [PRISMSTA.EXE] PRISMSTA.EXE START
    O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
    O4 - HKLM\..\Run: [SpeedUpMyPC] C:\Program Files\SpeedUpMyPC\SpeedUpMyPC.exe traybar
    O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
    O4 - HKLM\..\Run: [Lexmark X1100 Series] "C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe"
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [PowerManagement] C:\Program Files\Power Management\PwrGui.EXE
    O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
    O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
    O4 - HKLM\..\Run: [CoolSwitch] C:\WINDOWS\System32\taskswitch.exe
    O4 - HKLM\..\Run: [AVGCtrl] C:\Program Files\AVPersonal\AVGNT.EXE /min
    O4 - HKLM\..\RunServices: [SchedulingAgent] C:\WINDOWS\System32\mstask.exe
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [RoboForm] "C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe"
    O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
    O8 - Extra context menu item: &ToolbarCounter search - res://C:\Program Files\ToolbarCounter\toolbar.dll/SEARCH.HTML
    O8 - Extra context menu item: Aanpassen &Menu - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html
    O8 - Extra context menu item: InvulFormulieren &] - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
    O8 - Extra context menu item: Opslaan Formulieren &^ - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
    O8 - Extra context menu item: Search Using Copernic Agent - C:\Program Files\Copernic Agent\Web\SearchExt.htm
    O9 - Extra 'Tools' menuitem: Sun Java Console (HKLM)
    O9 - Extra 'Tools' menuitem: Launch Copernic Agent (HKLM)
    O9 - Extra button: InvulFormulieren (HKLM)
    O9 - Extra 'Tools' menuitem: InvulFormulieren &] (HKLM)
    O9 - Extra button: Opslaan (HKLM)
    O9 - Extra 'Tools' menuitem: Opslaan Formulieren &^ (HKLM)
    O9 - Extra button: Copernic Agent (HKLM)
    O9 - Extra button: RoboForm (HKLM)
    O9 - Extra 'Tools' menuitem: RoboForm Werkbalk &2 (HKLM)
    O9 - Extra button: Messenger (HKLM)
    O9 - Extra 'Tools' menuitem: Messenger (HKLM)
    O12 - Plugin for .mp3: C:\Program Files\Internet Explorer\PLUGINS
    pqtplugin4.dll
    O12 - Plugin for .mpeg: C:\Program Files\Internet Explorer\PLUGINS
    pqtplugin3.dll
    O12 - Plugin for ¸æ7: C:\Program Files\Internet Explorer\PLUGINS
    pqtplugin4.dll
    O16 - DPF: {003FADA5-8FEE-11D6-AFB7-0004768F6183} (CryptoRSA Control) - https://www.p3.postbank.nl/sesam/CAX.cab
    O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://www.apple.com/qtactivex/qtplugin.cab
    O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab
    O16 - DPF: {3E68E405-C6DE-49FF-83AE-41EE9F4C36CE} (Office Update Installation Engine) - http://office.microsoft.com/officeupdate/content/opuc.cab
    O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://software-dl.real.com/314f3a1d88bdbdc55415/netzip/RdxIE601.cab
    O16 - DPF: {70BA88C8-DAE8-4CE9-92BB-979C4A75F53B} (GSDACtl Class) - http://launch.gamespyarcade.com/software/launch/alaunch.cab
    O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab
    O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://www.pandasoftware.com/activescan/as5/asinst.cab
    O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class) - http://v4.windowsupdate.microsoft.com/CAB/x86/unicode/iuctl.CAB?37794.3371875
    O16 - DPF: {B0A2C7FC-8666-44D6-A990-2FCE3B933341} (ING Bank Autorisatiescherm) - http://secure.ingbank.nl/download/DigiSign.cab
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
    O16 - DPF: {DE591B16-A452-11D6-AED1-0001030A4E46} (PBGNX Control) - https://gto.postbank.nl/GTO/PBGNX.cab
    O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - http://download.mcafee.com/molbin/iss-loc/vso/en-us/tools/mcfscan/1,5,0,4288/mcfscan.cab
    O17 - HKLM\System\CCS\Services\Tcpip\..\{D92B9EE6-4E72-4E2B-A53E-AEC518F08A3B}: NameServer = 212.45.32.3,212.43.33.3



  • ik ben bezig
  • O8 - Extra context menu item: &ToolbarCounter search - res://C:\Program Files\ToolbarCounter\toolbar.dll/SEARCH.HTML
    O16 - DPF: {70BA88C8-DAE8-4CE9-92BB-979C4A75F53B} (GSDACtl Class) - http://launch.gamespyarcade.com/software/launch/alaunch.cab

    De tweede is je bekend? Zo niet, dan beide items aanvinken en laten fixen.

    Oops…
  • rieske is me voor (ik kon er een niet vinden :oops:)

Beantwoord deze vraag

Dit is een gearchiveerde pagina. Antwoorden is niet meer mogelijk.

Op deze website gebruiken we cookies om content en advertenties te personaliseren, om functies voor social media te bieden en om ons websiteverkeer te analyseren. Ook delen we informatie over uw gebruik van onze site met onze partners voor social media, adverteren en analyse. Deze partners kunnen deze gegevens combineren met andere informatie die u aan ze heeft verstrekt of die ze hebben verzameld op basis van uw gebruik van hun services. Meer informatie.

Akkoord