Mededeling

Collapse
No announcement yet.

HijackThis Logs

Collapse
X
  •  
  • Filter
  • Tijd
  • Show
Clear All
new posts

  • HijackThis Logs

    Willen jullie deze voor mij na kijken
    Logfile of HijackThis v1.97.7
    Scan saved at 17:52:38, on 28-10-2004
    Platform: Windows 2000 SP4 (WinNT 5.00.2195)
    MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

    Running processes:
    C:\WINNT\System32\smss.exe
    C:\WINNT\system32\winlogon.exe
    C:\WINNT\system32\services.exe
    C:\WINNT\system32\lsass.exe
    C:\WINNT\system32\svchost.exe
    C:\WINNT\system32\spoolsv.exe
    C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
    C:\WINNT\System32\svchost.exe C:\Program Files\Common Files\Microsoft
    Shared\VS7Debug\mdm.exe C:\Program Files\Norton AntiVirus\navapsvc.exe
    C:\WINNT\system32\regsvc.exe C:\WINNT\system32\MSTask.exe
    C:\WINNT\system32\stisvc.exe C:\WINNT\system32\ZONELABS\vsmon.exe
    C:\WINNT\System32\WBEM\WinMgmt.exe
    C:\WINNT\System32\mspmspsv.exe
    C:\WINNT\system32\svchost.exe
    C:\WINNT\Explorer.EXE
    C:\Program Files\Common Files\Symantec Shared\ccApp.exe
    C:\PROGRA~1\ZONELA~1\ZONEAL~1\zlclient.exe
    C:\PROGRA~1\PHILIP~1\VProperty.exe
    C:\WINNT\system32\ctfmon.exe
    C:\Program Files\Babylon\Babylon.exe
    C:\Program Files\MSN Messenger\msnmsgr.exe C:\Program Files\Ulead
    Systems\Ulead Photo Express 4.0 SE\CalCheck.exe
    C:\Download\WinZip\WZQKPICK.EXE C:\WINNT\twain_32\A4CIS600\WATCH.exe
    C:\WINNT\system32\ntvdm.exe
    C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program
    Files\AntiSpy\hijackthis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
    http://www.startpagina.nl/
    O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
    O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec
    Shared\ccApp.exe"
    O4 - HKLM\..\Run: [ccRegVfy] "C:\Program Files\Common Files\Symantec
    Shared\ccRegVfy.exe"
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe"
    -atboottime
    O4 - HKLM\..\Run: [Zone Labs Client]
    C:\PROGRA~1\ZONELA~1\ZONEAL~1\zlclient.exe
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE
    C:\WINNT\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [ToUcamVProperty] C:\PROGRA~1\PHILIP~1\VProperty.exe
    O4 - HKCU\..\Run: [ctfmon.exe] ctfmon.exe
    O4 - HKCU\..\Run: [FreeRAM XP] "C:\Documents and Settings\Mijn\Local
    Settings\Temp\FreeRAM XP Pro 1.40.exe" -win
    O4 - HKCU\..\Run: [Babylon Translator] C:\Program Files\Babylon\Babylon.exe
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe"
    /background
    O4 - Startup: Watch.lnk = C:\WINNT\twain_32\A4CIS600\WATCH.exe
    O4 - Global Startup: Ulead Photo Express 4.0 SE Calendar Checker .lnk =
    C:\Program Files\Ulead Systems\Ulead Photo Express 4.0 SE\CalCheck.exe
    O4 - Global Startup: WinZip Quick Pick.lnk = C:\Download\WinZip\WZQKPICK.EXE
    O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel
    present
    O8 - Extra context menu item: E&xporteren naar Microsoft Excel -
    res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
    O16 - DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} (Microsoft Office Template
    and Media Control) - http://office.microsoft.com/templates/ieawsdc.cab
    O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX
    Control) - http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
    O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class)
    - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
    O16 - DPF: {45EA0AE7-6656-4A21-98EE-40D18CB24F5A} (XChatroomsClient.client)
    - http://www.ukchatrooms.net/XChatroomsClient.CAB
    O16 - DPF: {77772D3B-E7FD-481D-9613-24BE03C47766} (UKChatroomsClient.client)
    - http://www.ukchatrooms.net/UKChatroomsClient.CAB
    O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient
    Class) -
    http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
    O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class) -
    http://v4.windowsupdate.microsoft.com/CAB/x86/unicode/iuctl.CAB?37964.390324
    0741
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) -
    http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
    O16 - DPF: {F04A8AE2-A59D-11D2-8792-00C04F8EF29D} (Hotmail Attachments
    Control) - http://by22fd.bay22.hotmail.msn.com/activex/HMAtchmt.ocx
    O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) -
    http://chat.msn.com/bin/msnchat45.cab

  • #2
    Hoi Bertus,

    Welkom op ASO!

    Kun je even updaten naar HijackThis 1.98.2:
    http://www.nucia.eu/ne/index.html

    Maak hiermee een nieuw logje aan, en post dat hier.

    Comment


    • #3
      hierbij de nieuwe log

      Logfile of HijackThis v1.98.2
      Scan saved at 15:32:37, on 29-10-2004
      Platform: Windows 2000 SP4 (WinNT 5.00.2195)
      MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

      Running processes:
      C:\WINNT\System32\smss.exe
      C:\WINNT\system32\winlogon.exe
      C:\WINNT\system32\services.exe
      C:\WINNT\system32\lsass.exe
      C:\WINNT\system32\svchost.exe
      C:\WINNT\system32\spoolsv.exe
      C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
      C:\WINNT\System32\svchost.exe
      C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
      C:\Program Files\Norton AntiVirus\navapsvc.exe
      C:\WINNT\system32\regsvc.exe
      C:\WINNT\system32\MSTask.exe
      C:\WINNT\system32\stisvc.exe
      C:\WINNT\system32\ZONELABS\vsmon.exe
      C:\WINNT\System32\WBEM\WinMgmt.exe
      C:\WINNT\System32\mspmspsv.exe
      C:\WINNT\system32\svchost.exe
      C:\WINNT\Explorer.EXE
      C:\Program Files\Common Files\Symantec Shared\ccApp.exe
      C:\PROGRA~1\ZONELA~1\ZONEAL~1\zlclient.exe
      C:\PROGRA~1\PHILIP~1\VProperty.exe
      C:\WINNT\system32\ctfmon.exe
      C:\Program Files\Babylon\Babylon.exe
      C:\Program Files\MSN Messenger\msnmsgr.exe
      C:\Program Files\Ulead Systems\Ulead Photo Express 4.0 SE\CalCheck.exe
      C:\Download\WinZip\WZQKPICK.EXE
      C:\WINNT\twain_32\A4CIS600\WATCH.exe
      C:\WINNT\System32\svchost.exe
      C:\wincmd\WINCMD32.EXE
      C:\Program Files\Internet Explorer\IEXPLORE.EXE
      C:\DOWNLOAD\WINZIP\winzip32.exe
      C:\Documents and Settings\Mijn\Local Settings\Temp\HijackThis.exe

      R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.startpagina.nl/
      O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
      O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
      O4 - HKLM\..\Run: [ccRegVfy] "C:\Program Files\Common Files\Symantec Shared\ccRegVfy.exe"
      O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
      O4 - HKLM\..\Run: [Zone Labs Client] C:\PROGRA~1\ZONELA~1\ZONEAL~1\zlclient.exe
      O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINNT\system32\NvCpl.dll,NvStartup
      O4 - HKLM\..\Run: [ToUcamVProperty] C:\PROGRA~1\PHILIP~1\VProperty.exe
      O4 - HKCU\..\Run: [ctfmon.exe] ctfmon.exe
      O4 - HKCU\..\Run: [FreeRAM XP] "C:\Documents and Settings\Mijn\Local Settings\Temp\FreeRAM XP Pro 1.40.exe" -win
      O4 - HKCU\..\Run: [Babylon Translator] C:\Program Files\Babylon\Babylon.exe
      O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
      O4 - Startup: Watch.lnk = C:\WINNT\twain_32\A4CIS600\WATCH.exe
      O4 - Global Startup: Ulead Photo Express 4.0 SE Calendar Checker .lnk = C:\Program Files\Ulead Systems\Ulead Photo Express 4.0 SE\CalCheck.exe
      O4 - Global Startup: WinZip Quick Pick.lnk = C:\Download\WinZip\WZQKPICK.EXE
      O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
      O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
      O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
      O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
      O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
      O16 - DPF: {45EA0AE7-6656-4A21-98EE-40D18CB24F5A} (XChatroomsClient.client) - http://www.ukchatrooms.net/XChatroomsClient.CAB
      O16 - DPF: {6211AC26-A1B4-422A-AC52-1E70B7D24465} (FileSharingCtrl Class) - http://appdirectory.messenger.msn.com/AppDirectory/P4Apps/FileSharing/nl/filesharingctrl.cab
      O16 - DPF: {77772D3B-E7FD-481D-9613-24BE03C47766} (UKChatroomsClient.client) - http://www.ukchatrooms.net/UKChatroomsClient.CAB
      O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
      O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab31267.cab
      O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary/Bankshot.cab31267.cab
      O16 - DPF: {E6187999-9FEC-46A1-A20F-F4CA977D5643} (ZoneChess Object) - http://messenger.zone.msn.com/binary/Chess.cab31267.cab
      O16 - DPF: {F04A8AE2-A59D-11D2-8792-00C04F8EF29D} (Hotmail Attachments Control) - http://by22fd.bay22.hotmail.msn.com/activex/HMAtchmt.ocx
      O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://chat.msn.com/bin/msnchat45.cab
      O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab31267.cab

      Comment


      • #4
        Ziet er mooi uit

        Comment


        • #5
          dank

          Daar ben ik heel blij mee ik had een heel ander vermoeden
          Maar bedankt voor de onnodige moeite
          Groetent Bertus

          Comment

          Sorry, you are not authorized to view this page
          Working...
          X