Vraag & Antwoord

Beveiliging & privacy

Hijack Log

Anoniem
None
4 antwoorden
 • Dat begrijp ik.
  Maar welke problemen ondervind je, of vermoed je besmet te zijn?
 • Hier is mijn eerste log, van een (zeer) oude (1999) computer en niet diegene waar ik vandaag al over geschreven heb (firewall en MWM)

  Logfile of HijackThis v1.98.2
  Scan saved at 19:34:17, on 23-10-04
  Platform: Windows 98 SE (Win9x 4.10.2222A)
  MSIE: Internet Explorer v6.00 (6.00.2600.0000)

  Running processes:
  C:\WINDOWS\SYSTEM\KERNEL32.DLL
  C:\WINDOWS\SYSTEM\MSGSRV32.EXE
  C:\WINDOWS\SYSTEM\MPREXE.EXE
  C:\WINDOWS\SYSTEM\mmtask.tsk
  C:\WINDOWS\SYSTEM\MSTASK.EXE
  C:\WINDOWS\SYSTEM\MDM.EXE
  D:\AVG GRATIS VIRUSSCANNER\AVGSERV9.EXE
  C:\WINDOWS\SYSTEM\ZONELABS\VSMON.EXE
  C:\WINDOWS\EXPLORER.EXE
  C:\WINDOWS\TASKMON.EXE
  C:\WINDOWS\SYSTEM\SYSTRAY.EXE
  C:\WINDOWS\SYSTEM\HPSJVXD.EXE
  C:\WINDOWS\SYSTEM\STIMON.EXE
  C:\WINDOWS\SYSTEM\QTTASK.EXE
  C:\WINDOWS\LOADQM.EXE
  D:\AVG GRATIS VIRUSSCANNER\AVGCC32.EXE
  C:\PROGRAM FILES\MSN APPS\UPDATER\01.02.3000.1001\NL\MSNAPPAU.EXE
  D:\ZONE LABS\ZONEALARM\ZLCLIENT.EXE
  C:\PROGRAM FILES\WINDOWS MEDIA COMPONENTS\ENCODER\WMENCAGT.EXE
  C:\WINDOWS\SYSTEM\WMIEXE.EXE
  C:\WINDOWS\SYSTEM\RNAAPP.EXE
  C:\WINDOWS\SYSTEM\TAPISRV.EXE
  C:\WINDOWS\SYSTEM\DDHELP.EXE
  C:\PROGRAM FILES\HIJACKTHIS\HIJACKTHIS.EXE

  R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.tiscali.nl
  R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.tiscali.nl/
  R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.tiscali.nl
  R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
  F1 - win.ini: run=hpfsched
  O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\PROGRAM FILES\ADOBE\ACROBAT 5.0\READER\ACTIVEX\ACROIEHELPER.OCX
  O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHELPER.DLL
  O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\PROGRAM FILES\MSN APPS\MSN TOOLBAR\01.02.3000.1001\NL\MSNTB.DLL
  O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\PROGRAM FILES\MSN APPS\ST\01.02.3000.1002\EN-XU\STMAIN.DLL
  O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
  O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\PROGRAM FILES\MSN APPS\MSN TOOLBAR\01.02.3000.1001\NL\MSNTB.DLL
  O4 - HKLM\..\Run: [ScanRegistry] C:\WINDOWS\scanregw.exe /autorun
  O4 - HKLM\..\Run: [Taakcontrole] C:\WINDOWS\taskmon.exe
  O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
  O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
  O4 - HKLM\..\Run: [HPSCANMonitor] C:\WINDOWS\SYSTEM\hpsjvxd.exe
  O4 - HKLM\..\Run: [StillImageMonitor] C:\WINDOWS\SYSTEM\STIMON.EXE
  O4 - HKLM\..\Run: [QuickTime Task] C:\WINDOWS\SYSTEM\QTTASK.EXE
  O4 - HKLM\..\Run: [LoadQM] loadqm.exe
  O4 - HKLM\..\Run: [CriticalUpdate] C:\WINDOWS\SYSTEM\wucrtupd.exe -startup
  O4 - HKLM\..\Run: [AVG_CC] D:\AVGGRA~1\avgcc32.exe /STARTUP
  O4 - HKLM\..\Run: [msnappau] "c:\program files\MSN Apps\Updater\01.02.3000.1001\nl\msnappau.exe"
  O4 - HKLM\..\Run: [Zone Labs Client] "D:\Zone Labs\ZoneAlarm\zlclient.exe"
  O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
  O4 - HKLM\..\RunServices: [SchedulingAgent] mstask.exe
  O4 - HKLM\..\RunServices: [Machine Debug Manager] C:\WINDOWS\SYSTEM\MDM.EXE
  O4 - HKLM\..\RunServices: [Avgserv9.exe] D:\AVGGRA~1\Avgserv9.exe
  O4 - HKLM\..\RunServices: [TrueVector] C:\WINDOWS\SYSTEM\ZONELABS\VSMON.EXE -service
  O4 - Startup: Encoder Agent.lnk = C:\Program Files\Windows Media Components\Encoder\WMENCAGT.EXE
  O8 - Extra context menu item: &Download with &DAP - dapextie.htm
  O8 - Extra context menu item: Shorten URL - http://www.cjb.net/menuext.html
  O14 - IERESET.INF: START_PAGE_URL=http://www.tiscali.nl
  O16 - DPF: {1E2941E3-8E63-11D4-9D5A-00902742D6E0} (iNotes Class) - https://eamsg03.saxion.nl/iNotes.cab
  O16 - DPF: {C2FCEF52-ACE9-11D3-BEBD-00105AA9B6AE} (Symantec RuFSI Registry Information Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
  O16 - DPF: {F04A8AE2-A59D-11D2-8792-00C04F8EF29D} (Hotmail Attachments Control) - http://lw10fd.law10.hotmail.msn.com/activex/HMAtchmt.ocx

  BVD
 • Wat is het probleem?
 • Ik zou graag willen dat mensen mij helpen met het beoordelen van deze log en aangeven of er niet gewenste zaken inzitten.

Beantwoord deze vraag

Dit is een gearchiveerde pagina. Antwoorden is niet meer mogelijk.