hijackthislog

miss-tess · 31 okt 2004

ik wil graag offeroptimizer weg hebben!!!dit is mijn log:

Logfile of HijackThis v1.98.2
Scan saved at 21:39:53, on 31-10-2004
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
G:\WINDOWS\System32\smss.exe
G:\WINDOWS\system32\winlogon.exe
G:\WINDOWS\system32\services.exe
G:\WINDOWS\system32\lsass.exe
G:\WINDOWS\system32\svchost.exe
G:\WINDOWS\System32\svchost.exe
G:\WINDOWS\system32\spoolsv.exe
G:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
G:\Program Files\Norton SystemWorks\Norton AntiVirus\navapsvc.exe
G:\Program Files\Norton SystemWorks\Norton Utilities\NPROTECT.EXE
G:\PROGRA~1\NORTON~1\SPEEDD~1\nopdb.exe
G:\WINDOWS\System32\svchost.exe
G:\WINDOWS\Explorer.EXE
G:\Program Files\Common Files\Symantec Shared\ccApp.exe
G:\Program Files\VIAudioi\SBADeck\ADeck.exe
G:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe
G:\Program Files\Windows SyncroAd\SyncroAd.exe
G:\WINDOWS\system32\qyzbhx.exe
G:\Program Files\Common files\SearchUpgrader\SearchUpgrader.exe
G:\Program Files\Java\jre1.5.0\bin\jusched.exe
G:\WINDOWS\system32\ctfmon.exe
G:\Program Files\Internet Explorer\iexplore.exe
G:\Program Files\Messenger\msmsgs.exe
G:\DOCUME~1\tesa\LOCALS~1\Temp\Rar$EX00.740\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
O2 - BHO: LocalNRDObj Class - {00320615-B6C2-40A6-8F99-F1C52D674FAD} - G:\WINDOWS\localNRD.dll
O2 - BHO: NavErrRedir Class - {00D6A7E7-4A97-456f-848A-3B75BF7554D7} - (no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - G:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {83DE62E0-5805-11D8-9B25-00E04C60FAF2} - G:\WINDOWS\2_0_1browserhelper2.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - G:\Program Files\Norton SystemWorks\Norton AntiVirus\NavShExt.dll
O2 - BHO: Core Library - {E9C1FD9A-46B0-4185-84ED-E2F8ACD4A262} - G:\WINDOWS\system32\KDP52c2.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - G:\Program Files\Norton SystemWorks\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [ccApp] "G:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [ccRegVfy] "G:\Program Files\Common Files\Symantec Shared\ccRegVfy.exe"
O4 - HKLM\..\Run: [AudioDeck] G:\Program Files\VIAudioi\SBADeck\ADeck.exe 1
O4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "G:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe" /icon
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] G:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb05.exe
O4 - HKLM\..\Run: [Windows SyncroAd] G:\Program Files\Windows SyncroAd\SyncroAd.exe
O4 - HKLM\..\Run: [msbb] g:\temp\msbb.exe
O4 - HKLM\..\Run: [foh] G:\WINDOWS\foh.exe
O4 - HKLM\..\Run: [ncnclbhdkreni] G:\WINDOWS\system32\qyzbhx.exe
O4 - HKLM\..\Run: [conscorr] G:\WINDOWS\conscorr.exe
O4 - HKLM\..\Run: [Kazaa Download Accelerator Updater] regsvr32 /s G:\WINDOWS\system32\kdpupd.dll
O4 - HKLM\..\Run: [Kazaa Download Accelerator Updater (required)] regsvr32 /s G:\WINDOWS\system32\KDP52c2.dll
O4 - HKLM\..\Run: [SearchUpgrader] G:\Program Files\Common files\SearchUpgrader\SearchUpgrader.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] G:\Program Files\Java\jre1.5.0\bin\jusched.exe
O4 - HKLM\..\Run: [KAZAA] "G:\Program Files\Kazaa Lite Revolution\kpp.exe" "G:\Program Files\Kazaa Lite Revolution\kazaalite.kpp" /SYSTRAY
O4 - HKCU\..\Run: [CTFMON.EXE] G:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "G:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - Global Startup: Adobe Gamma Loader.lnk = G:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Microsoft Office.lnk = G:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://G:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file)
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - G:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - G:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {15AD4789-CDB4-47E1-A9DA-992EE8E6BAD6} - http://public.windupdates.com/get_f...521e465c0731:4bf9e5f754d65d14399f92c372c739a3
O16 - DPF: {ED6D016A-12F8-4871-BEDC-CE13AAAB4F0B} (DD_v4_Member.DDv4) - http://www.drivershq.com/members/DD_v4_Member.CAB
O17 - HKLM\System\CCS\Services\Tcpip\..\{83843A86-744B-4F61-AE4E-3FC587F6B2E4}: NameServer = 194.109.104.104 194.109.6.66

buffy · 31 okt 2004

1. Installeer AdAware SE Personal 1.05: http://www.majorgeeks.com/download506.html
Haal de nieuwste updates op, doe de volledige scan en laat alles verwijderen wat wordt gevonden.
(NB: géén oudere versie van AdAware gebruiken; AdAware 6 is verouderd.)
Start daarna de pc opnieuw op.

2. Installeer Spybot - Search & Destroy 1.3: http://www.majorgeeks.com/download2471.html
Haal de nieuwste updates op, laat het programma scannen en laat alle in rood aangegeven items (die automatisch geselecteerd worden) fixen.
Start daarna de pc opnieuw op.

3. Maak een nieuw HijackThis-log en plaats dat hier.

miss-tess · 31 okt 2004

okeej bedankt, is gelukt!
hier mijn nieuwe log:"

Logfile of HijackThis v1.98.2
Scan saved at 22:38:24, on 31-10-2004
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
G:\WINDOWS\System32\smss.exe
G:\WINDOWS\system32\winlogon.exe
G:\WINDOWS\system32\services.exe
G:\WINDOWS\system32\lsass.exe
G:\WINDOWS\system32\svchost.exe
G:\WINDOWS\System32\svchost.exe
G:\WINDOWS\system32\spoolsv.exe
G:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
G:\Program Files\Norton SystemWorks\Norton AntiVirus\navapsvc.exe
G:\Program Files\Norton SystemWorks\Norton Utilities\NPROTECT.EXE
G:\PROGRA~1\NORTON~1\SPEEDD~1\nopdb.exe
G:\WINDOWS\System32\svchost.exe
G:\WINDOWS\Explorer.EXE
G:\Program Files\Common Files\Symantec Shared\ccApp.exe
G:\Program Files\VIAudioi\SBADeck\ADeck.exe
G:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe
G:\Program Files\Java\jre1.5.0\bin\jusched.exe
G:\WINDOWS\system32\ctfmon.exe
G:\WINDOWS\system32\wuauclt.exe
G:\Program Files\Messenger\msmsgs.exe
G:\Program Files\WinRAR\WinRAR.exe
G:\Program Files\Microsoft Office\Office10\OUTLOOK.EXE
G:\DOCUME~1\tesa\LOCALS~1\Temp\Rar$EX00.906\HijackThis.exe
G:\Program Files\Microsoft Office\Office10\WINWORD.EXE

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - G:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - G:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - G:\Program Files\Norton SystemWorks\Norton AntiVirus\NavShExt.dll
O2 - BHO: Core Library - {E9C1FD9A-46B0-4185-84ED-E2F8ACD4A262} - G:\WINDOWS\system32\KDP52c2.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - G:\Program Files\Norton SystemWorks\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [ccApp] "G:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [ccRegVfy] "G:\Program Files\Common Files\Symantec Shared\ccRegVfy.exe"
O4 - HKLM\..\Run: [AudioDeck] G:\Program Files\VIAudioi\SBADeck\ADeck.exe 1
O4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "G:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe" /icon
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] G:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb05.exe
O4 - HKLM\..\Run: [Kazaa Download Accelerator Updater] regsvr32 /s G:\WINDOWS\system32\kdpupd.dll
O4 - HKLM\..\Run: [Kazaa Download Accelerator Updater (required)] regsvr32 /s G:\WINDOWS\system32\KDP52c2.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] G:\Program Files\Java\jre1.5.0\bin\jusched.exe
O4 - HKLM\..\Run: [KAZAA] "G:\Program Files\Kazaa Lite Revolution\kpp.exe" "G:\Program Files\Kazaa Lite Revolution\kazaalite.kpp" /SYSTRAY
O4 - HKCU\..\Run: [CTFMON.EXE] G:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "G:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - Global Startup: Adobe Gamma Loader.lnk = G:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Microsoft Office.lnk = G:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://G:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file)
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - G:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - G:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {ED6D016A-12F8-4871-BEDC-CE13AAAB4F0B} (DD_v4_Member.DDv4) - http://www.drivershq.com/members/DD_v4_Member.CAB
O17 - HKLM\System\CCS\Services\Tcpip\..\{83843A86-744B-4F61-AE4E-3FC587F6B2E4}: NameServer = 194.109.104.104 194.109.6.66

buffy · 31 okt 2004

Mooi zo, AdAware en Spybot hebben vrijwel alles al verwijderd.

1. Scan met HijackThis en vink de volgende items aan:

O2 - BHO: Core Library - {E9C1FD9A-46B0-4185-84ED-E2F8ACD4A262} - G:\WINDOWS\system32\KDP52c2.dll

O4 - HKLM\..\Run: [Kazaa Download Accelerator Updater] regsvr32 /s G:\WINDOWS\system32\kdpupd.dll
O4 - HKLM\..\Run: [Kazaa Download Accelerator Updater (required)] regsvr32 /s G:\WINDOWS\system32\KDP52c2.dll

Sluit alle vensters behalve HijackThis zelf en klik op "Fix checked".

2. Start de pc opnieuw op.

3. Maak een nieuw log en plaats dat hier.

miss-tess · 1 nov 2004

thanks!

Logfile of HijackThis v1.98.2
Scan saved at 20:24:09, on 1-11-2004
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
G:\WINDOWS\System32\smss.exe
G:\WINDOWS\system32\winlogon.exe
G:\WINDOWS\system32\services.exe
G:\WINDOWS\system32\lsass.exe
G:\WINDOWS\system32\svchost.exe
G:\WINDOWS\System32\svchost.exe
G:\WINDOWS\system32\spoolsv.exe
G:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
G:\Program Files\Norton SystemWorks\Norton AntiVirus\navapsvc.exe
G:\Program Files\Norton SystemWorks\Norton Utilities\NPROTECT.EXE
G:\PROGRA~1\NORTON~1\SPEEDD~1\nopdb.exe
G:\WINDOWS\System32\svchost.exe
G:\WINDOWS\Explorer.EXE
G:\Program Files\Common Files\Symantec Shared\ccApp.exe
G:\Program Files\VIAudioi\SBADeck\ADeck.exe
G:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe
G:\Program Files\Java\jre1.5.0\bin\jusched.exe
G:\WINDOWS\system32\ctfmon.exe
G:\Program Files\Messenger\msmsgs.exe
G:\DOCUME~1\tesa\LOCALS~1\Temp\Rar$EX00.389\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - G:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - G:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - G:\Program Files\Norton SystemWorks\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - G:\Program Files\Norton SystemWorks\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [ccApp] "G:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [ccRegVfy] "G:\Program Files\Common Files\Symantec Shared\ccRegVfy.exe"
O4 - HKLM\..\Run: [AudioDeck] G:\Program Files\VIAudioi\SBADeck\ADeck.exe 1
O4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "G:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe" /icon
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] G:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb05.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] G:\Program Files\Java\jre1.5.0\bin\jusched.exe
O4 - HKLM\..\Run: [KAZAA] "G:\Program Files\Kazaa Lite Revolution\kpp.exe" "G:\Program Files\Kazaa Lite Revolution\kazaalite.kpp" /SYSTRAY
O4 - HKCU\..\Run: [CTFMON.EXE] G:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "G:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - Global Startup: Adobe Gamma Loader.lnk = G:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Microsoft Office.lnk = G:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://G:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file)
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - G:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - G:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {ED6D016A-12F8-4871-BEDC-CE13AAAB4F0B} (DD_v4_Member.DDv4) - http://www.drivershq.com/members/DD_v4_Member.CAB
O17 - HKLM\System\CCS\Services\Tcpip\..\{83843A86-744B-4F61-AE4E-3FC587F6B2E4}: NameServer = 194.109.104.104 194.109.6.66

bedankt he!!!

buffy · 1 nov 2004

Dat is een keurig log.:thumb:

miss-tess · 1 nov 2004

thanks again!

dankjewel buffy!

buffy · 1 nov 2004

Graag gedaan.

Maak er nu een gewoonte van om regelmatig te scannen met AdAware en Spybot. Lees dit ook even: http://www.helpmij.nl/forum/showthread.php?threadid=184512

hijackthislog

miss-tess

Gebruiker

buffy

Meubilair

miss-tess

Gebruiker

buffy

Meubilair

miss-tess

Gebruiker

buffy

Meubilair

miss-tess

Gebruiker

buffy

Meubilair

Nieuwste berichten

Wij waarderen jouw privacy