Vraag & Antwoord
HJT-logje (Gaat goed zo)
4 antwoorden
- ik heb hier nog een logje, maar even een paar gedaan.. :wink:
Logfile of HijackThis v1.99.1
Scan saved at 17:15:39, on 15-3-05
Platform: Windows 98 SE (Win9x 4.10.2222A)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\SYSTEM\MDM.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\TASKMON.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\WINDOWS\STARTER.EXE
C:\WINDOWS\SYSTEM\STIMON.EXE
C:\PROGRAM FILES\LOGITECH\SETPOINT\KEM.EXE
C:\PROGRAM FILES\IOMEGA HOTBURN PRO\AUTOLAUNCH.EXE
C:\WINDOWS\LOADQM.EXE
C:\WINDOWS\SYSTEM\SPOOLSRV32.EXE
C:\WINDOWS\SYSTEM\SPOOLSRV32.EXE
C:\WINDOWS\NVSVWC.EXE
C:\PROGRAM FILES\LOGITECH\SETPOINT\KHALMNPR.EXE
C:\WINDOWS\SYSTEM\WMIEXE.EXE
C:\WINDOWS\RUNDLL32.EXE
C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE
C:\WINDOWS\SYSTEM\PSTORES.EXE
C:\WINDOWS\SYSTEM\DDHELP.EXE
C:\WINDOWS\DESKTOP\HIJACKTHIS.EXE
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\TEMP\se.dll/sp.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = res://msn.dll/index
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = res://msn.dll/msn
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\TEMP\se.dll/sp.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = res://msn.dll/msn
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,HomeOldSP = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = res://msn.dll/index
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,HomeOldSP = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
R3 - Default URLSearchHook is missing
O2 - BHO: (no name) - {E5996DA1-9412-11D9-9D75-0050A7DDD318} - C:\WINDOWS\SYSTEM\BDMN.DLL
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
O4 - HKLM\..\Run: [ScanRegistry] c:\windows\scanregw.exe /autorun
O4 - HKLM\..\Run: [Taakcontrole] c:\windows\taskmon.exe
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\Run: [EnsoniqMixer] starter.exe
O4 - HKLM\..\Run: [TaskMonitor] c:\windows\taskmon.exe
O4 - HKLM\..\Run: [COMSMDEXE] comsmd.exe -on
O4 - HKLM\..\Run: [DU Meter] C:\PROGRAM FILES\DU METER\DUMETER.EXE
O4 - HKLM\..\Run: [AudioHQ] C:\PROGRAM FILES\CREATIVE\SBLIVE\AudioHQ\AHQTB.EXE
O4 - HKLM\..\Run: [FinePrint Dispatcher] C:\WINDOWS\SYSTEM\fpdisp3a.exe
O4 - HKLM\..\Run: [Tweak UI] RUNDLL32.EXE TWEAKUI.CPL,TweakMeUp
O4 - HKLM\..\Run: [StillImageMonitor] C:\WINDOWS\SYSTEM\STIMON.EXE
O4 - HKLM\..\Run: [SetPoint] C:\Program Files\Logitech\SetPoint\KEM.EXE
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [Drag'n'Drop_Autolaunch] "C:\Program Files\Iomega HotBurn Pro\Autolaunch.exe"
O4 - HKLM\..\Run: [LoadQM] loadqm.exe
O4 - HKLM\..\Run: [Security iGuard] C:\PROGRAM FILES\SECURITY IGUARD\SECURITY IGUARD.EXE
O4 - HKLM\..\Run: [hbcl] C:\WINDOWS\HBCL.EXE
O4 - HKLM\..\Run: [Srv32 spool service] C:\WINDOWS\System\spoolsrv32.exe
O4 - HKLM\..\Run: [sp] rundll32 C:\TEMP\SE.DLL,DllInstall
O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\RunServices: [Machine Debug Manager] C:\WINDOWS\SYSTEM\MDM.EXE
O4 - HKCU\..\Run: [Srv32 spool service] C:\WINDOWS\System\spoolsrv32.exe
O4 - HKCU\..\Run: [winltmpv] c:\windows\nvsvwc.exe
O4 - Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O12 - Plugin for .mpeg: C:\PROGRA~1\INTERN~1\PLUGINS\npqtplugin3.dll
O12 - Plugin for .mov: C:\PROGRA~1\INTERN~1\PLUGINS\npqtplugin.dll
O12 - Plugin for .mp3: C:\PROGRA~1\INTERN~1\PLUGINS\npqtplugin3.dll
O16 - DPF: {1663ed61-23eb-11d2-b92f-008048fdd814} (MeadCo ScriptX Basic) - http://www.meadroid.com/scriptx/ScriptX.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=36467&clcid=0x409
O18 - Filter: text/html - {279D79CD-9559-11D9-9D75-0050DC15FE66} - C:\WINDOWS\SYSTEM\BDMN.DLL
O18 - Filter: text/plain - {279D79CD-9559-11D9-9D75-0050DC15FE66} - C:\WINDOWS\SYSTEM\BDMN.DLL
O21 - SSODL: Sysctl Desktop Handler - {23456789-0000-0020-0900-00AAFF6D2EA4} - C:\WINDOWS\System32\NTOSV.DLL
Ik weet niet precies wat de problemen zijn maar er zouden problemen zijn.. Er zit 98Se op en er zou veel Spyware opzitten die Ad-aware niet weg zou krijgen.. :cry: - Download startdreck.zip.
Dubbelklik op 'StartDreck.exe'
Klik op config.
Klik op Unmark all.
Selecteer alleen de volgende:
- Bij Registry: run keys
- Bij System/drivers: Running processes
Klik op OK.
Er wordt een logje gemaakt. Post de inhoud van dit logje. - firefox is de oplossinghttp://www.mozilla.org/products/firefox/
- Dit kwam eruit, ik heb gelijk gezegd dat hij Mozilla moet installeren..
Logged in as at OEMCOMPUTER
»Registry
»Run Keys
»Current User
»Run
*Srv32 spool service=C:\WINDOWS\System\spoolsrv32.exe
*winltmpv=c:\windows\nvsvwc.exe
»RunOnce
»Default User
»Run
*Srv32 spool service=C:\WINDOWS\System\spoolsrv32.exe
*winltmpv=c:\windows\nvsvwc.exe
»RunOnce
»Local Machine
»Run
*ScanRegistry=c:\windows\scanregw.exe /autorun
*Taakcontrole=c:\windows\taskmon.exe
*SystemTray=SysTray.Exe
*LoadPowerProfile=Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
*EnsoniqMixer=starter.exe
*TaskMonitor=c:\windows\taskmon.exe
*COMSMDEXE=comsmd.exe -on
*DU Meter=C:\PROGRAM FILES\DU METER\DUMETER.EXE
*FinePrint Dispatcher=C:\WINDOWS\SYSTEM\fpdisp3a.exe
*Tweak UI=RUNDLL32.EXE TWEAKUI.CPL,TweakMeUp
*StillImageMonitor=C:\WINDOWS\SYSTEM\STIMON.EXE
*SetPoint=C:\Program Files\Logitech\SetPoint\KEM.EXE
*Logitech Hardware Abstraction Layer=KHALMNPR.EXE
*Drag'n'Drop_Autolaunch="C:\Program Files\Iomega HotBurn Pro\Autolaunch.exe"
*LoadQM=loadqm.exe
*hbcl=C:\WINDOWS\HBCL.EXE
*Srv32 spool service=C:\WINDOWS\System\spoolsrv32.exe
*sp=rundll32 C:\TEMP\SE.DLL,DllInstall
+OptionalComponents
+IMAIL
*Installed=1
+MAPI
*NoChange=1
*Installed=1
+MAPI
*NoChange=1
*Installed=1
»RunOnce
»RunServices
*LoadPowerProfile=Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
*Machine Debug Manager=C:\WINDOWS\SYSTEM\MDM.EXE
»RunServicesOnce
**so=rundll32 C:\WINDOWS\SCHEDLRG.TXT,DllGetClassObject
»RunOnceEx
»RunServicesOnceEx
»Files
»System/Drivers
»Running Processes
+FF0F6F75=C:\WINDOWS\SYSTEM\KERNEL32.DLL
+FFFF1811=C:\WINDOWS\SYSTEM\MSGSRV32.EXE
+FFFF2F81=C:\WINDOWS\SYSTEM\MPREXE.EXE
+FFFFADFD=C:\WINDOWS\SYSTEM\MDM.EXE
+FFFFBA89=C:\WINDOWS\SYSTEM\mmtask.tsk
+FFFE7959=C:\WINDOWS\RUNDLL32.EXE
+FFFE4BF9=C:\WINDOWS\EXPLORER.EXE
+FFFDD4C5=C:\WINDOWS\TASKMON.EXE
+FFFD7FC9=C:\WINDOWS\SYSTEM\SYSTRAY.EXE
+FFFD3245=C:\WINDOWS\STARTER.EXE
+FFFDC739=C:\WINDOWS\SYSTEM\STIMON.EXE
+FFFDE6CD=C:\PROGRAM FILES\LOGITECH\SETPOINT\KEM.EXE
+FFFC0C5D=C:\PROGRAM FILES\IOMEGA HOTBURN PRO\AUTOLAUNCH.EXE
+FFFC1195=C:\WINDOWS\LOADQM.EXE
+FFFDB4E9=C:\WINDOWS\HBCL.EXE
+FFFC2FE9=C:\WINDOWS\SYSTEM\SPOOLSRV32.EXE
+FFFC3D49=C:\WINDOWS\RUNDLL32.EXE
+FFFC52C1=C:\WINDOWS\SYSTEM\SPOOLSRV32.EXE
+FFFCDA5D=C:\WINDOWS\NVSVWC.EXE
+FFFAC4E1=C:\PROGRAM FILES\LOGITECH\SETPOINT\KHALMNPR.EXE
+FFFA04C1=C:\WINDOWS\SYSTEM\WMIEXE.EXE
+FFF95369=C:\PROGRAM FILES\MSN MESSENGER\MSNMSGR.EXE
+FFF74909=C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE
+FFF7DB31=C:\WINDOWS\SYSTEM\DDHELP.EXE
+FFF7B681=C:\WINDOWS\DESKTOP\STARTDRECK\STARTDRECK.EXE
»Application specific
Beantwoord deze vraag
Dit is een gearchiveerde pagina. Antwoorden is niet meer mogelijk.