Tanja1968
Meubilair
- Lid geworden
- 29 sep 2002
- Berichten
- 7.918
Wie wil het log nakijken van een radeloze kennis van me? Internet is supertraag, veel popups en virussen die niet weg willen.
Ben er zelf ook al enige uren mee bezig geweest maar het log laat ik liever aan de experts over.
Logfile of HijackThis v1.98.2
Scan saved at 19:17:43, on 31-10-2004
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\system32\sessmgr.exe
C:\WINDOWS\System32\winssv.exe
C:\WINDOWS\System32\windowsupdate.exe
C:\WINDOWS\system32\cmd.exe
C:\WINDOWS\System32\regexpress.exe
C:\WINDOWS\System32\windnsd.exe
C:\WINDOWS\System32\servicelog.exe
C:\WINDOWS\System32\sistray.EXE
C:\WINDOWS\System32\csrss32.exe
C:\WINDOWS\System32\firewallsp2.exe
C:\WINDOWS\System32\systemm.exe
C:\WINDOWS\System32\RunDll32.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Documents and Settings\Eigenaar\Application Data\ress.exe
C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Eigenaar\Local Settings\Temp\Tijdelijke map 1 voor hijackthis.zip\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.pagina.nl/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak = http://www.startpagina.nl/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
R3 - Default URLSearchHook is missing
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: YourSiteBar - {86227D9C-0EFE-4f8a-AA55-30386A3F5686} - C:\Program Files\YourSiteBar\ysb.dll (file missing)
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\system32\msdxm.ocx
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [SiSUSBRG] C:\WINDOWS\SiSUSBrg.exe
O4 - HKLM\..\Run: [SiS Tray] C:\WINDOWS\System32\sistray.EXE
O4 - HKLM\..\Run: [Windows SSL File] winssv.exe
O4 - HKLM\..\Run: [HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run] windowsupdate.exe
O4 - HKLM\..\Run: [Windows Registry Express Loader] regexpress.exe
O4 - HKLM\..\Run: [Microsoft CSRSS32 Protocol] csrss32.exe
O4 - HKLM\..\Run: [Sys29] C:\windows\system32\wintro32.exe
O4 - HKLM\..\Run: [Microsoft Firewall] firewallsp2.exe
O4 - HKLM\..\Run: [ccApp] C:\Program Files\Common Files\Symantec Shared\ccApp.exe
O4 - HKLM\..\Run: [ccRegVfy] C:\Program Files\Common Files\Symantec Shared\ccRegVfy.exe
O4 - HKLM\..\Run: [USB Device] servicelog.exe
O4 - HKLM\..\Run: [MsUpdater Frequence] udpfra.exe
O4 - HKLM\..\Run: [Microsoft update service] systemm.exe
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [Windows DNS Daemon] windnsd.exe
O4 - HKLM\..\RunServices: [autoupdate] winsvc.exe
O4 - HKLM\..\RunServices: [Windows SSL File] winssv.exe
O4 - HKLM\..\RunServices: [HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run] windowsupdate.exe
O4 - HKLM\..\RunServices: [Windows Registry Express Loader] regexpress.exe
O4 - HKLM\..\RunServices: [Windows DNS Daemon] windnsd.exe
O4 - HKLM\..\RunServices: [Microsoft CSRSS32 Protocol] csrss32.exe
O4 - HKLM\..\RunServices: [alt CTRLx Shift] et3rd.exe
O4 - HKLM\..\RunServices: [Auto Update] AUP.exe
O4 - HKLM\..\RunServices: [Microsoft Firewall] firewallsp2.exe
O4 - HKLM\..\RunServices: [Microsoft None] Sea.exe
O4 - HKLM\..\RunServices: [Microsoft update service] systemm.exe
O4 - HKLM\..\RunServices: [USB Device] servicelog.exe
O4 - HKLM\..\RunServices: [Windows Update Manager for NT] wupdmgr32.exe
O4 - HKLM\..\RunServices: [MsUpdater Frequence] udpfra.exe
O4 - HKLM\..\RunOnce: [Windows SSL File] winssv.exe
O4 - HKLM\..\RunOnce: [HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run] windowsupdate.exe
O4 - HKLM\..\RunOnce: [Windows Registry Express Loader] regexpress.exe
O4 - HKLM\..\RunOnce: [Windows DNS Daemon] windnsd.exe
O4 - HKLM\..\RunOnce: [USB Device] servicelog.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [autoupdate] winsvc.exe
O4 - HKCU\..\Run: [Windows SSL File] winssv.exe
O4 - HKCU\..\Run: [HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run] windowsupdate.exe
O4 - HKCU\..\Run: [Windows Registry Express Loader] regexpress.exe
O4 - HKCU\..\Run: [Windows DNS Daemon] windnsd.exe
O4 - HKCU\..\Run: [Microsoft CSRSS32 Protocol] csrss32.exe
O4 - HKCU\..\Run: [Seua] C:\Documents and Settings\Eigenaar\Application Data\ress.exe
O4 - HKCU\..\Run: [USB Device] servicelog.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\RunOnce: [Windows SSL File] winssv.exe
O4 - HKCU\..\RunOnce: [Windows DNS Daemon] windnsd.exe
O4 - HKCU\..\RunOnce: [HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run] windowsupdate.exe
O4 - HKCU\..\RunOnce: [USB Device] servicelog.exe
O4 - HKCU\..\RunOnce: [Windows Registry Express Loader] regexpress.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: Backward &Links - res://C:\Program Files\Google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Cac&hed Snapshot of Page - res://C:\Program Files\Google\GoogleToolbar2.dll/cmcache.html
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Si&milar Pages - res://C:\Program Files\Google\GoogleToolbar2.dll/cmsimilar.html
O16 - DPF: v3cab - http://searchmiracle.com/cab/v3cab.cab
O16 - DPF: {15AD4789-CDB4-47E1-A9DA-992EE8E6BAD6} - http://public.windupdates.com/get_f...fb72d88b5ced:bcbeac9adb4287dd435f5ab0907ede44
O16 - DPF: {771A1334-6B08-4A6B-AEDC-CF994BA2CEBE} (Installer Class) - http://www.ysbweb.com/ist/softwares/v4.0/ysb_regular.cab
Alvast bedankt
:thumb:
Edit: Sorry, zie dat ik het log in een tijdelijke map heb staan.
Ben er zelf ook al enige uren mee bezig geweest maar het log laat ik liever aan de experts over.
Logfile of HijackThis v1.98.2
Scan saved at 19:17:43, on 31-10-2004
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\system32\sessmgr.exe
C:\WINDOWS\System32\winssv.exe
C:\WINDOWS\System32\windowsupdate.exe
C:\WINDOWS\system32\cmd.exe
C:\WINDOWS\System32\regexpress.exe
C:\WINDOWS\System32\windnsd.exe
C:\WINDOWS\System32\servicelog.exe
C:\WINDOWS\System32\sistray.EXE
C:\WINDOWS\System32\csrss32.exe
C:\WINDOWS\System32\firewallsp2.exe
C:\WINDOWS\System32\systemm.exe
C:\WINDOWS\System32\RunDll32.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Documents and Settings\Eigenaar\Application Data\ress.exe
C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Eigenaar\Local Settings\Temp\Tijdelijke map 1 voor hijackthis.zip\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.pagina.nl/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak = http://www.startpagina.nl/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
R3 - Default URLSearchHook is missing
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: YourSiteBar - {86227D9C-0EFE-4f8a-AA55-30386A3F5686} - C:\Program Files\YourSiteBar\ysb.dll (file missing)
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\system32\msdxm.ocx
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [SiSUSBRG] C:\WINDOWS\SiSUSBrg.exe
O4 - HKLM\..\Run: [SiS Tray] C:\WINDOWS\System32\sistray.EXE
O4 - HKLM\..\Run: [Windows SSL File] winssv.exe
O4 - HKLM\..\Run: [HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run] windowsupdate.exe
O4 - HKLM\..\Run: [Windows Registry Express Loader] regexpress.exe
O4 - HKLM\..\Run: [Microsoft CSRSS32 Protocol] csrss32.exe
O4 - HKLM\..\Run: [Sys29] C:\windows\system32\wintro32.exe
O4 - HKLM\..\Run: [Microsoft Firewall] firewallsp2.exe
O4 - HKLM\..\Run: [ccApp] C:\Program Files\Common Files\Symantec Shared\ccApp.exe
O4 - HKLM\..\Run: [ccRegVfy] C:\Program Files\Common Files\Symantec Shared\ccRegVfy.exe
O4 - HKLM\..\Run: [USB Device] servicelog.exe
O4 - HKLM\..\Run: [MsUpdater Frequence] udpfra.exe
O4 - HKLM\..\Run: [Microsoft update service] systemm.exe
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [Windows DNS Daemon] windnsd.exe
O4 - HKLM\..\RunServices: [autoupdate] winsvc.exe
O4 - HKLM\..\RunServices: [Windows SSL File] winssv.exe
O4 - HKLM\..\RunServices: [HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run] windowsupdate.exe
O4 - HKLM\..\RunServices: [Windows Registry Express Loader] regexpress.exe
O4 - HKLM\..\RunServices: [Windows DNS Daemon] windnsd.exe
O4 - HKLM\..\RunServices: [Microsoft CSRSS32 Protocol] csrss32.exe
O4 - HKLM\..\RunServices: [alt CTRLx Shift] et3rd.exe
O4 - HKLM\..\RunServices: [Auto Update] AUP.exe
O4 - HKLM\..\RunServices: [Microsoft Firewall] firewallsp2.exe
O4 - HKLM\..\RunServices: [Microsoft None] Sea.exe
O4 - HKLM\..\RunServices: [Microsoft update service] systemm.exe
O4 - HKLM\..\RunServices: [USB Device] servicelog.exe
O4 - HKLM\..\RunServices: [Windows Update Manager for NT] wupdmgr32.exe
O4 - HKLM\..\RunServices: [MsUpdater Frequence] udpfra.exe
O4 - HKLM\..\RunOnce: [Windows SSL File] winssv.exe
O4 - HKLM\..\RunOnce: [HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run] windowsupdate.exe
O4 - HKLM\..\RunOnce: [Windows Registry Express Loader] regexpress.exe
O4 - HKLM\..\RunOnce: [Windows DNS Daemon] windnsd.exe
O4 - HKLM\..\RunOnce: [USB Device] servicelog.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [autoupdate] winsvc.exe
O4 - HKCU\..\Run: [Windows SSL File] winssv.exe
O4 - HKCU\..\Run: [HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run] windowsupdate.exe
O4 - HKCU\..\Run: [Windows Registry Express Loader] regexpress.exe
O4 - HKCU\..\Run: [Windows DNS Daemon] windnsd.exe
O4 - HKCU\..\Run: [Microsoft CSRSS32 Protocol] csrss32.exe
O4 - HKCU\..\Run: [Seua] C:\Documents and Settings\Eigenaar\Application Data\ress.exe
O4 - HKCU\..\Run: [USB Device] servicelog.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\RunOnce: [Windows SSL File] winssv.exe
O4 - HKCU\..\RunOnce: [Windows DNS Daemon] windnsd.exe
O4 - HKCU\..\RunOnce: [HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run] windowsupdate.exe
O4 - HKCU\..\RunOnce: [USB Device] servicelog.exe
O4 - HKCU\..\RunOnce: [Windows Registry Express Loader] regexpress.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: Backward &Links - res://C:\Program Files\Google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Cac&hed Snapshot of Page - res://C:\Program Files\Google\GoogleToolbar2.dll/cmcache.html
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Si&milar Pages - res://C:\Program Files\Google\GoogleToolbar2.dll/cmsimilar.html
O16 - DPF: v3cab - http://searchmiracle.com/cab/v3cab.cab
O16 - DPF: {15AD4789-CDB4-47E1-A9DA-992EE8E6BAD6} - http://public.windupdates.com/get_f...fb72d88b5ced:bcbeac9adb4287dd435f5ab0907ede44
O16 - DPF: {771A1334-6B08-4A6B-AEDC-CF994BA2CEBE} (Installer Class) - http://www.ysbweb.com/ist/softwares/v4.0/ysb_regular.cab
Alvast bedankt
:thumb:
Edit: Sorry, zie dat ik het log in een tijdelijke map heb staan.