hijackthis log file

[anoniem]

hey, weet niet of ik beetje oké zit op die pc hier wat spyware/brol betreft, iemand zin om te checken? bedankt! Logfile of HijackThis v1.97.7 Scan saved at 12:37:10, on 13/12/03 Platform: Windows 98 SE (Win9x 4.10.2222A) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:\WINDOWS\SYSTEM\KERNEL32.DLL C:\WINDOWS\SYSTEM\MSGSRV32.EXE C:\WINDOWS\SYSTEM\MPREXE.EXE C:\WINDOWS\SYSTEM\MSTASK.EXE C:\PROGRAM FILES\MCAFEE\MCAFEE VIRUSSCAN\AVSYNMGR.EXE C:\PROGRAM FILES\MCAFEE\MCAFEE INTERNET SECURITY\GUARDDOG.EXE C:\PROGRAM FILES\MCAFEE\MCAFEE FIREWALL\CPD.EXE C:\PROGRAM FILES\MCAFEE\MCAFEE INTERNET SECURITY\GUARDDOG.EXE C:\WINDOWS\SYSTEM\mmtask.tsk C:\PROGRAM FILES\MCAFEE\MCAFEE FIREWALL\CPD.EXE C:\WINDOWS\EXPLORER.EXE C:\WINDOWS\SYSTEM\TAPISRV.EXE C:\PROGRAM FILES\MCAFEE\MCAFEE VIRUSSCAN\VSSTAT.EXE C:\WINDOWS\TASKMON.EXE C:\WINDOWS\SYSTEM\SYSTRAY.EXE C:\SBPCI\CTMIX32.EXE C:\PROGRAM FILES\WMPCI54G WLAN MONITOR\WMP54G.EXE C:\WINDOWS\SYSTEM\STIMON.EXE C:\PROGRAM FILES\MCAFEE\MCAFEE SHARED COMPONENTS\GUARDIAN\CMGRDIAN.EXE C:\WINDOWS\LOADQM.EXE C:\PROGRAM FILES\INTERNET OPTIMIZER\OPTIMIZE.EXE C:\WINDOWS\CWKQWB.EXE C:\PROGRAM FILES\MCAFEE\MCAFEE SHARED COMPONENTS\INSTANT UPDATER\RULAUNCH.EXE C:\PROGRAM FILES\MCAFEE\MCAFEE VIRUSSCAN\VSHWIN32.EXE C:\WINDOWS\SYSTEM\WMIEXE.EXE C:\PROGRAM FILES\MCAFEE\MCAFEE VIRUSSCAN\AVCONSOL.EXE C:\WINDOWS\SYSTEM\PSTORES.EXE C:\WINDOWS\SYSTEM\DDHELP.EXE C:\PROGRAM FILES\HIJACKTHIS - SPYWARE DETECTION\HIJACKTHIS.EXE R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.blazefind.com/search.php?search=%s R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.blazefind.com R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.blazefind.com/search_page.php R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.blazefind.com R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen R3 - URLSearchHook: (no name) - _{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file) F1 - win.ini: run=hpfsched O2 - BHO: (no name) - {00000EF1-0786-4633-87C6-1AA7A44296DA} - C:\WINDOWS\SYSTEM\DDM3DIA.DLL O2 - BHO: (no name) - {000E7270-CC7A-0786-8E7A-DA09B51938A6} - C:\WINDOWS\SYSTEM\N3TPA1.DLL O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX O4 - HKLM\..\Run: [ScanRegistry] C:\WINDOWS\scanregw.exe /autorun O4 - HKLM\..\Run: [Taakcontrole] C:\WINDOWS\taskmon.exe O4 - HKLM\..\Run: [SystemTray] SysTray.ExE O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme O4 - HKLM\..\Run: [CreativeMixer] C:\SBPCI\ctmix32.exe /T O4 - HKLM\..\Run: [WMLAN54G.exe] C:\Program Files\WMPCI54G WLAN Monitor\WMP54G.exe O4 - HKLM\..\Run: [StillImageMonitor] C:\WINDOWS\SYSTEM\STIMON.EXE O4 - HKLM\..\Run: [McAfee Guardian] "C:\PROGRAM FILES\MCAFEE\MCAFEE SHARED COMPONENTS\GUARDIAN\CMGRDIAN.EXE" /SU O4 - HKLM\..\Run: [CriticalUpdate] C:\WINDOWS\SYSTEM\wucrtupd.exe -startup O4 - HKLM\..\Run: [LoadQM] loadqm.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\WINDOWS\SYSTEM\QTTASK.EXE" -atboottime O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme O4 - HKLM\..\RunServices: [SchedulingAgent] mstask.exe O4 - HKLM\..\RunServices: [McAfeeVirusScanService] C:\Program Files\McAfee\McAfee VirusScan\AVSYNMGR.EXE O4 - HKLM\..\RunServices: [GuardDogEXE] "C:\PROGRAM FILES\MCAFEE\MCAFEE INTERNET SECURITY\GUARDDOG.EXE" /SERVICE O4 - HKLM\..\RunServices: [McAfee Firewall] "C:\PROGRAM FILES\MCAFEE\MCAFEE FIREWALL\CPD.EXE" /SERVICE O4 - HKCU\..\Run: [McAfee.InstantUpdate.Monitor] "C:\Program Files\McAfee\McAfee Shared Components\Instant Updater\RuLaunch.exe" /STARTMONITOR O4 - HKLM\..\RunOnce: [SpyBotSnD] "C:\PROGRAM FILES\MCAFEE\SPYBOT\SPYBOT - SEARCH & DESTROY\SPYBOTSD.EXE" /autocheck O4 - Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE O9 - Extra button: Onderzoekscentrum (HKLM) O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class) - http://v4.windowsupdate.microsoft.com/CAB/x86/ansi/iuctl.CAB?37915.5705787037 O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab O16 - DPF: {70BA88C8-DAE8-4CE9-92BB-979C4A75F53B} (GSDACtl Class) - http://launch.gamespyarcade.com/software/launch/alaunch.cab O16 - DPF: {F5192746-22D6-41BD-9D2D-1E75D14FBD3C} (ddm_download.ddm_control) - http://216.65.38.226/crack.CAB leek me nogal lang vergeleken met de andere die ik gezien had... pc van bureau van papa gekregen aan lager prijsje nu alles wat niet nodig is eraf :D

[anoniem]

Je hebt wat last van een homepage hijacker en spyware Internet optimizer is ongewenst : www.doxdesk.com/parasite/InternetOptimizer.html Verwijder hem eerst in het configuratiescherm > software zoek naar 'Active Alert' of 'Internet Optimizer' Vink in Hijackthis ALLEEN die regels aan die hieronder staan beschreven (je kan altijd weer een backup terugzetten). Sluit de browser en andere vensters behalve hijackthis en klik op "fix checked". START DAARNA OPNIEUW OP. R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.blazefind.com/search.php?search=%s R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.blazefind.com R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.blazefind.com/search_page.php R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.blazefind.com O2 - BHO: (no name) - {00000EF1-0786-4633-87C6-1AA7A44296DA} - C:\WINDOWS\SYSTEM\DDM3DIA.DLL O2 - BHO: (no name) - {000E7270-CC7A-0786-8E7A-DA09B51938A6} - C:\WINDOWS\SYSTEM\N3TPA1.DLL O16 - DPF: {F5192746-22D6-41BD-9D2D-1E75D14FBD3C} (ddm_download.ddm_control) - http://216.65.38.226/crack.CAB Verwijder na de herstart deze (eventueel nog) aanwezige bestanden of mappen (let: op sommige kunnen verborgen staan dus eerst even dit uitvoeren: Start > instellngen > configuratiescherm > Mapopties > tabblad Weergave > klik verborgen bestanden en mappen weergeven > OK): C:\WINDOWS\SYSTEM\DDM3DIA.DLL <=dit bestand C:\WINDOWS\SYSTEM\N3TPA1.DLL <=dit bestand

[anoniem]

hartelijk bedankt! 8)