Mededeling

Collapse
No announcement yet.

Heb ik nog Spyware in mijn systeem?

Collapse
X
Collapse
  •  
  • Page of 1
  • Filter
  • Tijd
  • Show
Clear All
new posts
Vorige template Volgende
  • #1

    Heb ik nog Spyware in mijn systeem?

    Logfile of HijackThis v1.98.2
    Scan saved at 20:54:13, on 23-10-2004
    Platform: Windows XP SP1 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Winprogr\Ahead\InCD\InCDsrv.exe
    C:\WINDOWS\system32\LEXBCES.EXE
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\system32\LEXPPS.EXE
    C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
    C:\Program Files\Norton Internet Security\NISUM.EXE
    C:\Program Files\Norton Internet Security\ccPxySvc.exe
    C:\Program Files\Norton AntiVirus\navapsvc.exe
    C:\WINDOWS\system32\slserv.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Virtual CD v4 SDK\system\vcssecs.exe
    C:\WINDOWS\System32\MsPMSPSv.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Virtual CD v4 SDK\system\vcsplay.exe
    C:\Program Files\Common Files\Real\Update_OB\realsched.exe
    C:\Program Files\Java\j2re1.4.2_04\bin\jusched.exe
    C:\Program Files\Lexmark X74-X75\lxbbbmgr.exe
    C:\Program Files\Common Files\Real\Update_OB\rnathchk.exe
    C:\Program Files\Lexmark X74-X75\lxbbbmon.exe
    C:\Program Files\Common Files\Symantec Shared\ccApp.exe
    C:\apps\ABoard\ABoard.exe
    C:\apps\ABoard\AOSD.exe
    C:\Winprogr\Ahead\InCD\InCD.exe
    C:\WINDOWS\StartupMonitor.exe
    C:\Program Files\MusicMatch\MusicMatch Jukebox\mmtask.exe
    C:\Program Files\NoAds\NoAds.exe
    C:\Program Files\SpeedFan\speedfan.exe
    C:\Winprogr\SpywareGuard\sgmain.exe
    C:\Winprogr\SpywareGuard\sgbhp.exe
    C:\Winprogr\Windows Commander v5.0\WINCMD32.EXE
    C:\Program Files\Internet Explorer\iexplore.exe
    c:\Winprogr\hijackthis\HijackThis v1.98.2.exe
    C:\Program Files\Common Files\Real\Update_OB\realevent.exe
    C:\WINDOWS\system32\notepad.exe
    C:\Program Files\Messenger\msmsgs.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://format.packardbell.com/cgi-bin/redirect/?country=

    NL&range=AD&phase=6&key=SEARCH
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.wanadoo.nl/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = file://C:\APPS\IE\offline\nl.htm
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\PCHealth\HelpCtr\System\panels\blank.

    htm
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = --> Internet voor Ronny!! <--
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0

    \Reader\ActiveX\AcroIEHelper.dll
    O2 - BHO: SpywareGuard Download Protection - {4A368E80-174F-4872-96B5-0B27DDD11DB2} - C:

    \winprogr\SpywareGuard\dlprotect.dll
    O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
    O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
    O4 - HKLM\..\Run: [VCSPlayer] "C:\Program Files\Virtual CD v4 SDK\system\vcsplay.exe"
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_04\bin\jusched.exe
    O4 - HKLM\..\Run: [Lexmark X74-X75] "C:\Program Files\Lexmark X74-X75\lxbbbmgr.exe"
    O4 - HKLM\..\Run: [ccRegVfy] "C:\Program Files\Common Files\Symantec Shared\ccRegVfy.exe"
    O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
    O4 - HKLM\..\Run: [ACTIVBOARD] c:\apps\ABoard\ABoard.exe
    O4 - HKLM\..\Run: [InCD] C:\Winprogr\Ahead\InCD\InCD.exe
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [Run StartupMonitor] StartupMonitor.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime 6\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [mmtask] c:\Program Files\MusicMatch\MusicMatch Jukebox\mmtask.exe
    O4 - HKCU\..\Run: [Symantec NetDriver Monitor] C:\Program Files\SymNetDrv\SNDMon.EXE
    O4 - Startup: SpeedFan.lnk = C:\Program Files\SpeedFan\speedfan.exe
    O4 - Startup: SpywareGuard.lnk = C:\Winprogr\SpywareGuard\sgmain.exe
    O4 - Global Startup: NoAds.lnk = C:\Program Files\NoAds\NoAds.exe
    O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System

    32\msjava.dll
    O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Winprogr\MICROS~1\OFFICE11

    \REFIEBAR.DLL
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
    O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program

    Files\Messenger\MSMSGS.EXE
    O14 - IERESET.INF: START_PAGE_URL=file://C:\APPS\IE\offline\nl.htm
    O16 - DPF: {31B7EB4E-8B4B-11D1-A789-00A0CC6651A8} (Cult3D ActiveX Player) - http://www.cult3d.com/download/cult

    .cab
    O16 - DPF: {5DBF08EF-4BDE-11D3-B8E4-0080C84E9C66} ([email protected] Control) - http://members.lycos.nl/

    dreamcatcher2003/Stripshow/MediaShow.cab
    O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} (CamImage Class) - http://activex.webcam.nl/AxisCamControl

    .cab
    O16 - DPF: {C2FCEF52-ACE9-11D3-BEBD-00105AA9B6AE} (Symantec RuFSI Registry Information Class) - http://security

    .symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
    O16 - DPF: {E862C832-3A5F-4CEB-BFAA-167B22010A71} (InfosFinder2.InfosFinder) - http://support.packardbell.com/files

    /activex/InfosFinder2.CAB
    O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - http://download.mcafee.com/molbin/iss-

    loc/vso/en-us/tools/mcfscan/2,0,0,4388/mcfscan.cab
    O17 - HKLM\System\CCS\Services\Tcpip\..\{6EBA3258-8348-45B9-B9E6-3C11A17F0563}: NameServer = 192.168.1.1
    Labels: Geen
    • Citaat
  • #2
    Hoi Ronny,

    O16 - DPF: {5DBF08EF-4BDE-11D3-B8E4-0080C84E9C66} ([email protected] Control) - http://members.lycos.nl/dreamc atcher2003/Stripshow/MediaS how.cab
    Bovenstaande nog even fixen met HijackThis, voor de rest ziet hij er keurig uit
    Last edited by Eagle Creek; 24-10-04, 11:34.
    • Citaat

    Comment

    • #3
      Bedankt

      Oorspronkelijk geplaatst door [email protected]
      Hoi Ronny,



      Bovenstaande nog even fixen met HijackThis, voor de rest ziet hij er keurig uit
      Hartelijke dank voor uw bijdrage.
      Ik zal die ene sleutel nog even fixen.
      Dank voor deze hulp over de log die ik gepost hebt.
      Zelf scan ik het systeem elke dag wel met AdAware-SE en zorg
      ik dat ik geen spyware enz... op mijn systeem heb.

      Mvrgr. Ronny W
      • Citaat

      Comment

      • #4
        Graag gedaan
        • Citaat

        Comment

        Vorige template Volgende
        Sorry, you are not authorized to view this page
        Working...
        X