Mededeling

Collapse
No announcement yet.

Mijn hijackthis log (Aart)

Collapse
X
  •  
  • Filter
  • Tijd
  • Show
Clear All
new posts

  • Mijn hijackthis log (Aart)

    Logfile of HijackThis v1.98.2
    Scan saved at 17:40:28, on 17-9-2004
    Platform: Windows 2000 SP4 (WinNT 5.00.2195)
    MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

    Running processes:
    C:\WINNT\System32\smss.exe
    C:\WINNT\system32\csrss.exe
    C:\WINNT\system32\winlogon.exe
    C:\WINNT\system32\services.exe
    C:\WINNT\system32\lsass.exe
    C:\WINNT\system32\svchost.exe
    C:\WINNT\System32\svchost.exe
    C:\WINNT\system32\spoolsv.exe
    C:\phpdev\Apache\Apache.exe
    C:\Program Files\Symantec\Norton Ghost 2003\GhostStartService.exe
    C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
    C:\Norman\Nvc\BIN\Zanda.exe
    C:\WINNT\System32\nvsvc32.exe
    C:\WINNT\system32\regsvc.exe
    C:\phpdev\Apache\Apache.exe
    C:\WINNT\system32\MSTask.exe
    C:\WINNT\system32\stisvc.exe
    C:\WINNT\System32\WBEM\WinMgmt.exe
    C:\Program Files\RealVNC\VNC4\WinVNC4.exe
    C:\WINNT\system32\svchost.exe
    C:\NORMAN\Nvc\BIN\NJEEVES.EXE
    C:\NORMAN\Nvc\BIN\nvcoas.exe
    C:\NORMAN\Nvc\BIN\NVCSCHED.EXE
    C:\NORMAN\Nvc\BIN\nipsvc.exe
    C:\WINNT\Explorer.EXE
    C:\NORMAN\Nvc\BIN\ZLH.EXE
    C:\Program Files\Messenger Plus! 3\MsgPlus.exe
    C:\Program Files\Winamp\winampa.exe
    C:\WINNT\system32\ctfmon.exe
    C:\Program Files\WhatPulse\WhatPulse.exe
    C:\NORMAN\Nvc\BIN\cclaw.exe
    C:\NORMAN\Nvc\BIN\NYMSE.EXE
    C:\NORMAN\Nvc\BIN\NIP.EXE
    C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
    C:\Program Files\Linksys\Wireless-G Notebook Adapter\WPC54CFG.exe
    C:\Program Files\MSN Messenger\msnmsgr.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Do***ents and Settings\Administrator\Bureaublad\hijackthis\HijackThis.exe

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [url="http://www.lunox.nl"]http://www.lunox.nl
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer wordt aangeboden door Aart
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 66.65.106.140 :80
    R3 - Default URLSearchHook is missing
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
    O2 - BHO: Setup.Setup1 - {2E65A557-173C-4DE9-860B-28FC5CACA542} - C:\DO***E~1\ALLUSE~1\APPLIC~1\Setup\Setup.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
    O4 - HKLM\..\Run: [Norman ZANDA] C:\NORMAN\Nvc\BIN\ZLH.EXE /LOAD /SPLASH
    O4 - HKLM\..\Run: [WindUpdates] C:\Program Files\WindUpdates\WinUpdt.exe
    O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
    O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\Messenger Plus! 3\MsgPlus.exe"
    O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
    O4 - HKLM\..\Run: [qagvtmlg] C:\WINNT\system32\iouakxp.exe
    O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\Messenger Plus! 3\MsgPlus.exe" /WinStart
    O4 - HKCU\..\Run: [ctfmon.exe] ctfmon.exe
    O4 - HKCU\..\Run: [WhatPulse] C:\Program Files\WhatPulse\WhatPulse.exe
    O4 - HKCU\..\Run: [SpySweeper] C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe /0
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
    O4 - Startup: WinMySQLadmin.lnk = Webserver\mysql-4.0.20d-win-noinstall\mysql-4.0.20d-win-noinstall\bin\winmysqladmin.exe
    O4 - Global Startup: Wireless-G Notebook Adapter Utility.lnk = C:\Program Files\Linksys\Wireless-G Notebook Adapter\WPC54CFG.exe
    O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar1.dll/cmsearch.html
    O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html
    O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar1.dll/cmcache.html
    O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
    O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar1.dll/cmsimilar.html
    O8 - Extra context menu item: Translate into English - res://c:\program files\google\GoogleToolbar1.dll/cmtrans.html
    O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
    O14 - IERESET.INF: START_PAGE_URL=http://www.lunox.nl
    O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll


    ps. ik zie niet wat ik post klopt dat

    groeten aart
    Last edited by Michael4446; 18-02-09, 00:26.

  • #2
    Hoi Aart,

    Je zou je logje gewoon moeten zien, als het goed is

    Maargoed, je logje

    1. Vink onderstaande aan in HijackThis, sluit alle andere vensters en browsers, en klik op Fix Checked.

    R3 - Default URLSearchHook is missing

    O2 - BHO: Setup.Setup1 - {2E65A557-173C-4DE9-860B-28FC5CACA542} - C:\DO***E~1\ALLUSE~1\APPLIC~1\Setup\Setup.dll

    O4 - HKLM\..\Run: [WindUpdates] C:\Program Files\WindUpdates\WinUpdt.exe
    O4 - HKLM\..\Run: [qagvtmlg] C:\WINNT\system32\iouakxp.exe


    2. Start opnieuw op in veilige modus, en verwijder:
    C:\Program Files\WindUpdates << map
    C:\WINNT\system32\iouakxp.exe << bestand

    3. Start opnieuw op in normale modus, maak een nieuw logje aan met HIjackThis, en post dat hier

    Comment


    • #3
      Logfile of HijackThis v1.98.2
      Scan saved at 18:08:12, on 17-9-2004
      Platform: Windows 2000 SP4 (WinNT 5.00.2195)
      MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

      Running processes:
      C:\WINNT\System32\smss.exe
      C:\WINNT\system32\csrss.exe
      C:\WINNT\system32\winlogon.exe
      C:\WINNT\system32\services.exe
      C:\WINNT\system32\lsass.exe
      C:\WINNT\system32\svchost.exe
      C:\WINNT\System32\svchost.exe
      C:\WINNT\system32\spoolsv.exe
      C:\phpdev\Apache\Apache.exe
      C:\Program Files\Symantec\Norton Ghost 2003\GhostStartService.exe
      C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
      C:\Norman\Nvc\BIN\Zanda.exe
      C:\WINNT\System32\nvsvc32.exe
      C:\WINNT\system32\regsvc.exe
      C:\phpdev\Apache\Apache.exe
      C:\WINNT\system32\MSTask.exe
      C:\WINNT\system32\stisvc.exe
      C:\WINNT\System32\WBEM\WinMgmt.exe
      C:\Program Files\RealVNC\VNC4\WinVNC4.exe
      C:\WINNT\system32\svchost.exe
      C:\NORMAN\Nvc\BIN\NJEEVES.EXE
      C:\NORMAN\Nvc\BIN\nvcoas.exe
      C:\NORMAN\Nvc\BIN\NVCSCHED.EXE
      C:\NORMAN\Nvc\BIN\nipsvc.exe
      C:\WINNT\Explorer.EXE
      C:\NORMAN\Nvc\BIN\ZLH.EXE
      C:\Program Files\Messenger Plus! 3\MsgPlus.exe
      C:\Program Files\Winamp\winampa.exe
      C:\WINNT\system32\ctfmon.exe
      C:\Program Files\WhatPulse\WhatPulse.exe
      C:\NORMAN\Nvc\BIN\cclaw.exe
      C:\NORMAN\Nvc\BIN\NYMSE.EXE
      C:\NORMAN\Nvc\BIN\NIP.EXE
      C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
      C:\Program Files\Linksys\Wireless-G Notebook Adapter\WPC54CFG.exe
      C:\Program Files\MSN Messenger\msnmsgr.exe
      C:\Do***ents and Settings\Administrator\Bureaublad\hijackthis\HijackThis.exe
      C:\WINNT\system32\NOTEPAD.EXE
      C:\Program Files\Outlook Express\msimn.exe

      R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = [url="http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome"]http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [url="http://www.lunox.nl"]http://www.lunox.nl
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = [url="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"]http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
      R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = [url="http://www.msn.com/"]http://www.msn.com/
      R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer wordt aangeboden door Aart
      R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = <local>
      O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
      O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
      O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
      O4 - HKLM\..\Run: [Norman ZANDA] C:\NORMAN\Nvc\BIN\ZLH.EXE /LOAD /SPLASH
      O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
      O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\Messenger Plus! 3\MsgPlus.exe"
      O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
      O4 - Global Startup: Wireless-G Notebook Adapter Utility.lnk = C:\Program Files\Linksys\Wireless-G Notebook Adapter\WPC54CFG.exe
      O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar1.dll/cmsearch.html
      O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html
      O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar1.dll/cmcache.html
      O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
      O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar1.dll/cmsimilar.html
      O8 - Extra context menu item: Translate into English - res://c:\program files\google\GoogleToolbar1.dll/cmtrans.html
      O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
      O14 - IERESET.INF: START_PAGE_URL=http://www.lunox.nl
      O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll


      ik zie het echt slehcht

      groeten aart
      Last edited by Michael4446; 18-02-09, 00:27.

      Comment


      • #4
        Onderaan even klikken bij "Hardwired (Recommended)", en kies daar voor "VBulletin 3.0.3 (recommended)

        Zie je het nu beter?

        Comment


        • #5
          Je logje is schoon nu. Problemen - voor zover je die had - opgelost?

          Comment


          • #6
            ja het is nu wel beter maar vint de ander stijl mooijer al moet ik eerlijk zijn

            ps. ik hat geen probleemen maar ik wouw gewoon kijken waar ik eerder reakzie kreeg op helpmij of hier

            groeten aart

            Comment


            • #7
              Op beiden skins zie ik jouw log pico bello aart.


              Het rapaille dat per Przewalskipaard arriveerde bij het feeëriek gesitueerde etablissement - komma -

              "Verwar de waarheid niet met de mening van de meerderheid"

              Comment

              Sorry, you are not authorized to view this page
              Working...
              X