26-10-2004, 23:40 | ||
Citaat:
__________________
Not a shred of evidence exists in favor of the idea that life is serious
|
Advertentie | |
|
27-10-2004, 02:01 | ||
Citaat:
__________________
A Hero has died.. Steve Irwin - 22-02-1962 - 04-09-2006
|
28-10-2004, 13:11 | |
Logfile of HijackThis v1.98.2
Scan saved at 2:07:35, on 10/28/04 Platform: <a href="windows%2098%20se" onmouseover="window.status='Windows 98 SE'; return true;" onmouseout="window.status=''; return true;">Windows 98 SE</a> (Win9x 4.10.2222A) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:\WINDOWS\SYSTEM\KERNEL32.DLL C:\WINDOWS\SYSTEM\MSGSRV32.EXE C:\WINDOWS\SYSTEM\MPREXE.EXE C:\WINDOWS\SYSTEM\mmtask.tsk C:\WINDOWS\SYSTEM\MSTASK.EXE C:\WINDOWS\EXPLORER.EXE C:\WINDOWS\STARTER.EXE C:\WINDOWS\SYSTEM\DDHELP.EXE C:\WINDOWS\DESKTOP\HIJACKTHIS_198\HIJACKTHIS.EXE R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = about:blank R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://members.chello.nl/ R1 - HKCU\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = about:blank R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak = about:blank O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX O4 - HKLM\..\Run: [EnsoniqMixer] starter.exe O4 - HKLM\..\RunServices: [SchedulingAgent] mstask.exe O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm O12 - Plugin for .pan: C:\PROGRA~1\INTERN~1\PLUGINS\NpSmNp.dll O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary...tatsClient.cab O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2...ll/xscan53.cab O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary...r.cab27571.cab O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary...o.cab30149.cab O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary...t.cab30149.cab O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary...t.cab30149.cab O18 - Filter: text/html - {E64E4E60-EF13-4C79-A159-119762E18181} - C:\WINDOWS\SYSTEM\LMF32.DLL Ik had bij "msconfig" alles uitgevinkt bij "startup" (behalve "EnsonicMixer, starter.exe" en "Scheduling Agent, mstast.exe"), omdat hij allemaal vage programma's opstarten maar nu doet internet, word en de printer vaag. Heb ik iets uitgevinkt wat eigenlijk aangevinkt moet zijn?
__________________
I guess a diamond ain't nothing but a rock with a name ... I guess love ain't nuttin but emotion and game
Laatst gewijzigd op 28-10-2004 om 13:30. |
28-10-2004, 18:14 | ||
Citaat:
__________________
Not a shred of evidence exists in favor of the idea that life is serious
|
28-10-2004, 18:19 | |
OKe, kijk eerst bij configuratie - software en dan of daar software bij staat die je niet moet. die uninstallen.
Dan Laat je je Computer scannen met Ad-aware en/of Spybot. Dan laat je weer scannen met hijack this! en als dan deze entrys er nog zijn, laat je die door hijack this verwijderen. O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm Nasty Nasty This entry should be fixed by HijackThis! O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/...all/xscan53.cab mocht niks zijn veranderd: beschijf dan dat vaag doen wat beter
__________________
Not a shred of evidence exists in favor of the idea that life is serious
Laatst gewijzigd op 28-10-2004 om 18:21. |
28-10-2004, 18:44 | ||
Citaat:
Daarom raad ik af om mensen te adviseren om met hun msconfig te kloten, want hiermee zet je de autorun's "tijdelijk" uit.
__________________
"Typefouten zijn gratis" | "Daar is vast wel een knopje voor" | "Ik weet, want ik zoek" | Powered by Firefox, Chromium, Mac OS X, OpenSuse, and Google.
|
28-10-2004, 19:11 | ||
Citaat:
__________________
Not a shred of evidence exists in favor of the idea that life is serious
|
29-10-2004, 13:39 | |
hallo iedereen
sinds ik mn eigen computer heb, heb ik de 'familie computer' gelaten voor wat het is. das alweer een paar maanden geleden, maar nu zit er wel allemaal troep op die ik weer mag opruimen. ik heb al een trojan horse eraf gegooid enzow, en met adaware zitten scannen, maar er zitten nou nog steeds van die zoek balken en hij is echt ontzettend traag. ik heb hier mn hijack this log. kunnen jullie mij helpe? Logfile of HijackThis v1.98.2 Scan saved at 19:17:06, on 28-10-2004 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\csrss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\System32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\System32\PackethSvc.exe C:\WINDOWS\System32\DRIVERS\CDANTSRV.EXE C:\WINDOWS\system32\ZoneLabs\isafe.exe C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe C:\Program Files\Norton AntiVirus\navapsvc.exe C:\Program Files\Norton AntiVirus\SAVScan.exe C:\WINDOWS\htpatch.exe C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe C:\WINDOWS\SOUNDMAN.EXE C:\WINDOWS\Dit.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\DitExp.exe C:\WINDOWS\system32\ZoneLabs\vsmon.exe C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe C:\Program Files\Common Files\Symantec Shared\ccApp.exe C:\Program Files\Java\j2re1.4.2_05\bin\jusched.exe C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe C:\Program Files\Messenger Plus! 3\MsgPlus.exe C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exe C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpobnz08.exe C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hposol08.exe C:\Program Files\Microsoft Office\Office\1043\msoffice.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe C:\WINDOWS\System32\alg.exe C:\PROGRA~1\NORTON~1\navw32.exe C:\WINDOWS\system32\csrss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\htpatch.exe C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe C:\WINDOWS\SOUNDMAN.EXE C:\WINDOWS\Dit.exe C:\WINDOWS\DitExp.exe C:\Program Files\Browser mouse\1.3\mouse32a.exe C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe C:\Program Files\Medionkeyboard\1.3\KbdAp32A.exe C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe C:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exe C:\Program Files\D-Tools\daemon.exe C:\Program Files\Common Files\Symantec Shared\ccApp.exe C:\Program Files\Java\j2re1.4.2_05\bin\jusched.exe C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe C:\Program Files\Messenger Plus! 3\MsgPlus.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\MSN Messenger\msnmsgr.exe C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpobnz08.exe C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hposol08.exe C:\Program Files\Ulead Systems\Ulead Photo Express 4.0 SE\CalCheck.exe C:\Documents and Settings\Maarten\Mijn documenten\Win zipp\winzip\WZQKPICK.EXE C:\Program Files\Microsoft Office\Office\1043\msoffice.exe C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe c:\progra~1\intern~1\iexplore.exe c:\progra~1\intern~1\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Documents and Settings\Maarten\Mijn documenten\HijackThis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.mjaxidrdvougmgyjimdyqk.or.../67nJURh2B.htm R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.aldi.com R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen O2 - BHO: ZIBho Class - {029CA12C-89C1-46a7-A3C7-82F2F98635CB} - C:\Program Files\Kontiki\bin\bh309190.dll O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx O2 - BHO: (no name) - {86C85D74-EF5E-9484-66AD-33777ABE4396} - C:\DOCUME~1\Maarten\APPLIC~1\SITENU~1\GlobalRef.exe O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll O4 - HKLM\..\Run: [HTpatch] C:\WINDOWS\htpatch.exe O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [Dit] Dit.exe O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\System32\\NeroCheck.exe O4 - HKLM\..\Run: [VOBRegCheck] C:\WINDOWS\System32\VOBREGCheck.exe -CheckReg O4 - HKLM\..\Run: [PCMService] C:\Program Files\Medion Home CinemaXL\PowerCinema\PCMService.exe O4 - HKLM\..\Run: [FLMK08KB] C:\Program Files\Medionkeyboard\1.3\MMKEYBD.EXE O4 - HKLM\..\Run: [FLMMEDIONMOUSE] C:\Program Files\Browser mouse\1.3\mouse32a.exe O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe O4 - HKLM\..\Run: [Share-to-Web Namespace Daemon] C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe O4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe" /icon O4 - HKLM\..\Run: [Microsoft Tray] C:\Games\Splinter Cell\system\SplinterCell.exe O4 - HKLM\..\Run: [CloneCDElbyCDFL] "C:\Program Files\CloneCD\ElbyCheck.exe" /L ElbyCDFL O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033 O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_05\bin\jusched.exe O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\Messenger Plus! 3\MsgPlus.exe" O4 - HKLM\..\Run: [user plus inside amen] C:\Documents and Settings\All Users\Application Data\Beep that user plus\Chin Tons.exe O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\Messenger Plus! 3\MsgPlus.exe" /WinStart O4 - Global Startup: hp psc 2000 Series.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpobnz08.exe O4 - Global Startup: IEEE 802.11g Wireless LAN Utility.lnk = ? O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE O4 - Global Startup: officejet 6100.lnk = ? O4 - Global Startup: Ulead Photo Express 4.0 SE Calendar Checker .lnk = C:\Program Files\Ulead Systems\Ulead Photo Express 4.0 SE\CalCheck.exe O4 - Global Startup: WinZip Quick Pick.lnk = Win zipp\winzip\WZQKPICK.EXE O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O12 - Plugin for .mov: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin.dll O12 - Plugin for .mp3: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin3.dll O12 - Plugin for .mpeg: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin3.dll O12 - Plugin for .png: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin4.dll O12 - Plugin for ¸æ: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin3.dll O14 - IERESET.INF: START_PAGE_URL=http://www.aldi.com O16 - DPF: {003FADA5-8FEE-11D6-AFB7-0004768F6183} (CryptoRSA Control) - https://www.p3.postbank.nl/sesam/CAX.cab O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab O16 - DPF: {27527D31-447B-11D5-A46E-0001023B4289} (CoGSManager Class) - http://gamingzone.ubisoft.com/dev/pa.../GSManager.cab O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab O16 - DPF: {48884C41-EFAC-433D-958A-9FADAC41408E} (EGamesPlugin Class) - https://www.e-games.com.my/com/EGamesPlugin.cab O16 - DPF: {54B52E52-8000-4413-BD67-FC7FE24B59F2} (EARTPatchX Class) - http://www.ea.com/downloads/rtpatch/EARTPX.cab O16 - DPF: {6211AC26-A1B4-422A-AC52-1E70B7D24465} (FileSharingCtrl Class) - http://appdirectory.messenger.msn.co...haringctrl.cab O16 - DPF: {6CB5E471-C305-11D3-99A8-000086395495} - http://toolbar.google.com/data/nl/bi.../GoogleNav.cab O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary...tatsClient.cab O16 - DPF: {90C9629E-CD32-11D3-BBFB-00105A1F0D68} (InstallShield International Setup Player) - http://www.installengine.com/engine/isetup.cab O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary...reShowdown.cab
__________________
♥ - I miss all the places we never went. -
heddegijdagezeetgehadmindedawerklukwoarhoedoedegijdahoedoedegijdahoeheddegijdagedoan |
29-10-2004, 14:24 | |
Logfile of HijackThis v1.98.2
Scan saved at 3:20:40, on 10/29/04 Platform: Windows 98 SE (Win9x 4.10.2222A) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:\WINDOWS\SYSTEM\KERNEL32.DLL C:\WINDOWS\SYSTEM\MSGSRV32.EXE C:\WINDOWS\SYSTEM\MPREXE.EXE C:\WINDOWS\SYSTEM\mmtask.tsk C:\WINDOWS\SYSTEM\MSTASK.EXE C:\WINDOWS\EXPLORER.EXE C:\PROGRAM FILES\GRISOFT\AVG6\AVGSERV9.EXE C:\WINDOWS\STARTER.EXE C:\WINDOWS\TASKMON.EXE C:\PROGRAM FILES\WINZIP\WZQKPICK.EXE C:\WINDOWS\SYSTEM\DDHELP.EXE C:\WINDOWS\DESKTOP\HIJACKTHIS_198\HIJACKTHIS.EXE R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = about:blank R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://members.chello.nl/ R1 - HKCU\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = about:blank R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak = about:blank O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX O4 - HKLM\..\Run: [EnsoniqMixer] starter.exe O4 - HKLM\..\Run: [ModemUtility] mdsetspw.exe O4 - HKLM\..\Run: [ScanRegistry] c:\windows\scanregw.exe /autorun O4 - HKLM\..\Run: [TaskMonitor] c:\windows\taskmon.exe O4 - HKLM\..\Run: [SystemTray] SysTray.Exe O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme O4 - HKLM\..\Run: [QuickTime Task] "C:\WINDOWS\SYSTEM\QTTASK.EXE" -atboottime O4 - HKLM\..\Run: [AtiPTA] Atiptaxx.exe O4 - HKLM\..\Run: [Power Scan] C:\Program Files\Power Scan\powerscan.exe O4 - HKLM\..\Run: [systray] C:\WINDOWS\SYSTEM\A.EXE O4 - HKLM\..\RunServices: [SchedulingAgent] mstask.exe O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme O4 - HKLM\..\RunServices: [Avgserv9.exe] C:\PROGRA~1\GRISOFT\AVG6\Avgserv9.exe O4 - Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE O4 - Startup: TextBridge Instant Access OCR.lnk = C:\Program Files\TextBridge Classic\Bin\TBMenu.exe O4 - Startup: WinZip Quick Pick.lnk = C:\Program Files\WINZIP\WZQKPICK.EXE O12 - Plugin for .pan: C:\PROGRA~1\INTERN~1\PLUGINS\NpSmNp.dll O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary...tatsClient.cab O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2...ll/xscan53.cab O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary...r.cab27571.cab O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary...o.cab30149.cab O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary...t.cab30149.cab O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary...t.cab30149.cab O18 - Filter: text/html - {E64E4E60-EF13-4C79-A159-119762E18181} - C:\WINDOWS\SYSTEM\LMF32.DLL O4 - HKLM\..\Run: [Power Scan] C:\Program Files\Power Scan\powerscan.exe O4 - HKLM\..\Run: [systray] C:\WINDOWS\SYSTEM\A.EXE Worden aangegeven als nasty, maar als ik die wil verwijderen zijn ze er niet.
__________________
I guess a diamond ain't nothing but a rock with a name ... I guess love ain't nuttin but emotion and game
|
29-10-2004, 18:04 | ||
Citaat:
Kijk dan noges of hij er niet is, En kan je em anders niet gewoon via hijack this weggooien?
__________________
Not a shred of evidence exists in favor of the idea that life is serious
|
30-10-2004, 10:11 | ||
Citaat:
Als je iets fixt met hijackthis verwijzigt hij alleen iets in z'n register en niet het bestandje wat nog op zijn hd staat. Probeer het zelf maar eens uit: maak een autorun in je register en verwijderer hem met hijackthis. Je zult zien dat het bestand waar die autorun-sleutel naar verwees er nog steeds staat.
__________________
"Typefouten zijn gratis" | "Daar is vast wel een knopje voor" | "Ik weet, want ik zoek" | Powered by Firefox, Chromium, Mac OS X, OpenSuse, and Google.
|
30-10-2004, 12:14 | ||
Citaat:
__________________
Not a shred of evidence exists in favor of the idea that life is serious
|
30-10-2004, 12:50 | ||||
Citaat:
Jij doet eerder moeilijk, om niet de eerste post van dit topic te lezen. Citaat:
Citaat:
__________________
"Typefouten zijn gratis" | "Daar is vast wel een knopje voor" | "Ik weet, want ik zoek" | Powered by Firefox, Chromium, Mac OS X, OpenSuse, and Google.
|
30-10-2004, 13:55 | |
Hey, ik heb een probleem. In IE is de startpagina http://www.easy-search.bizhttp://www.easy-search.biz. Naar welke site je ook gaat, je gaat automatisch naar Google. Ik internet altijd met Mozilla Firefox maar ik heb toch ook graag dat IE spyware vrij is. Ik heb al geprobeerd met Ad-Aware en Spybot de twee regvalues te verwijderen maar dat lukte niet. Ik heb ook al gezocht op Google maar daar kwam ik ook niet uit.
Edit: MSN Messenger doet het ook niet door de RegValues.
__________________
Un electrodoméstico es una máquina que realiza algunas tareas domésticas rutinarias
Laatst gewijzigd op 30-10-2004 om 13:58. |
30-10-2004, 15:16 | ||
Citaat:
"Gebruik eerst adaware & spybot. Als je het dán nog niet weg krijgen, dan....."
__________________
"Typefouten zijn gratis" | "Daar is vast wel een knopje voor" | "Ik weet, want ik zoek" | Powered by Firefox, Chromium, Mac OS X, OpenSuse, and Google.
|
30-10-2004, 16:04 | ||
Citaat:
__________________
Not a shred of evidence exists in favor of the idea that life is serious
|
30-10-2004, 17:48 | |
Logfile of HijackThis v1.97.5
Scan saved at 18:48:15, on 30-10-2004 Platform: Windows XP (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 (6.00.2600.0000) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe C:\Program Files\Common Files\Symantec Shared\ccApp.exe C:\Program Files\Analog Devices\SoundMAX\SMTray.exe C:\Program Files\Messenger Plus! 3.1\MsgPlus.exe C:\Program Files\QuickTime\qttask.exe C:\WINDOWS\iau.exe C:\WINDOWS\stisvsq.exe C:\WINDOWS\svshost.exe C:\WINDOWS\msqdevl.exe C:\WINDOWS\lssas.exe C:\WINDOWS\mservice.exe C:\Program Files\Norton AntiVirus\navapsvc.exe C:\WINDOWS\System32\nvsvc32.exe C:\Program Files\RVS\WCOM\SYSTEM\RVSINST.EXE C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\taskmgr.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\WINDOWS\System32\wuauclt.exe C:\Documents and Settings\gebruiker\Mijn documenten\Mijn ontvangen bestanden\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = http://www.new-search.info/search.html R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://easy-search.biz R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.new-search.info/search.html R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.new-search.info/search.html R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.new-search.info/search.html R1 - HKCU\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://www.new-search.info/search.html R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://easy-search.biz R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINDOWS\System32\gchcg.dll/sp.html (obfuscated) R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.new-search.info/search.html R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.freeler.nl R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.new-search.info/search.html R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://www.new-search.info/search.html R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 127.0.0.1:8080 R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Startpagina = file:///C:/Program%20Files/Plus18Point/Portal/portal.html R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen R1 - HKCU\Software\Microsoft\Internet Explorer,Search = http://www.new-search.info/search.html R1 - HKLM\Software\Microsoft\Internet Explorer,Search = http://www.new-search.info/search.html R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = about:blank O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {2E65A557-173C-4DE9-860B-28FC5CACA542} - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Setup\Setup.dll O2 - BHO: (no name) - {49E0E0F0-5C30-11D4-945D-000000000000} - C:\WINDOWS\system32\IEHelper.dll (file missing) O2 - BHO: (no name) - {9D558E84-C543-456F-9F7B-20BC43DCEF8E} - C:\WINDOWS\System32\gchcg.dll O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll O3 - Toolbar: (no name) - {224530A0-C9CB-4AEE-9C0F-54AC1B533211} - (no file) O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [ccRegVfy] "C:\Program Files\Common Files\Symantec Shared\ccRegVfy.exe" O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\System32\NeroCheck.exe O4 - HKLM\..\Run: [Smapp] C:\Program Files\Analog Devices\SoundMAX\SMTray.exe O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\Messenger Plus! 3.1\MsgPlus.exe" O4 - HKLM\..\Run: [Two fast] C:\PROGRA~1\MESSBR~1\Readme Each.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [Microsoft Internet Acceleration Utility] iau.exe O4 - HKLM\..\Run: [Internet Connection Wizard] stisvsq.exe O4 - HKLM\..\Run: [Games Acceleration] svshost.exe O4 - HKLM\..\Run: [Internet Mail and News] msqdevl.exe O4 - HKLM\..\Run: [Microsoft Management Console] lssas.exe O4 - HKLM\..\Run: [Multimedia extensions] mservice.exe O4 - HKCU\..\Run: [IEengine] C:\Program Files\Internet Explorer\IEengine.exe O4 - HKCU\..\Run: [Microsoft Internet Acceleration Utility] iau.exe O4 - HKCU\..\Run: [Internet Connection Wizard] stisvsq.exe O4 - HKCU\..\Run: [Games Acceleration] svshost.exe O4 - HKCU\..\Run: [Internet Mail and News] msqdevl.exe O4 - HKCU\..\Run: [Microsoft Management Console] lssas.exe O4 - HKCU\..\Run: [Multimedia extensions] mservice.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 O9 - Extra 'Tools' menuitem: Sun Java Console (HKLM) O9 - Extra button: Weight+Loss (HKCU) O9 - Extra 'Tools' menuitem: Weight+Loss (HKCU) O9 - Extra button: Sex Pictures (HKCU) O9 - Extra 'Tools' menuitem: Sex Pictures (HKCU) O9 - Extra button: Craps Online Tour (HKCU) O9 - Extra 'Tools' menuitem: Craps Online Tour (HKCU) O9 - Extra button: Online Pharmacy 24h (HKCU) O9 - Extra 'Tools' menuitem: Online Pharmacy 24h (HKCU) O9 - Extra button: Remover Spyware (HKCU) O9 - Extra 'Tools' menuitem: Remover Spyware (HKCU) O9 - Extra button: Cash Advance (HKCU) O9 - Extra 'Tools' menuitem: Cash Advance (HKCU) O9 - Extra button: New Strip Poker (HKCU) O9 - Extra 'Tools' menuitem: New Strip Poker (HKCU) O9 - Extra button: Free Viagra Video (HKCU) O9 - Extra 'Tools' menuitem: Free Viagra Video (HKCU) O9 - Extra button: Sex Drug Soma (HKCU) O9 - Extra 'Tools' menuitem: Sex Drug Soma (HKCU) O9 - Extra button: Hair Loss (HKCU) O9 - Extra 'Tools' menuitem: Hair Loss (HKCU) O14 - IERESET.INF: START_PAGE_URL=http://www.freeler.nl O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://www.apple.com/qtactivex/qtplugin.cab O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary...t.cab30149.cab O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) - http://download.macromedia.com/pub/s...ctor/swdir.cab O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab O16 - DPF: {6211AC26-A1B4-422A-AC52-1E70B7D24465} (FileSharingCtrl Class) - http://appdirectory.messenger.msn.co...haringctrl.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.co...?1098278392779 O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary...tatsClient.cab O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} - http://v4.windowsupdate.microsoft.co...757.2587384259 O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary...o.cab30149.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/s...sh/swflash.cab O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary...n.cab27571.cab
__________________
Un electrodoméstico es una máquina que realiza algunas tareas domésticas rutinarias
|
31-10-2004, 17:11 | ||
Citaat:
Download Stinger ff en draai die...ik meende namelijk een worm gezien te hebben..en dit proggie kan em vinden...veel virusscanners niet..
__________________
A Hero has died.. Steve Irwin - 22-02-1962 - 04-09-2006
|
31-10-2004, 18:15 | ||
Verwijderd
|
Citaat:
O4 - HKLM\..\Run: [Smapp] C:\Program Files\Analog Devices\SoundMAX\SMTray.exe Als je deze niet kent, ook ff fixen. |
31-10-2004, 18:18 | |
Besmet:
C:\WINDOWS\iau.exe C:\WINDOWS\stisvsq.exe C:\WINDOWS\svshost.exe C:\WINDOWS\msqdevl.exe C:\WINDOWS\mservice.exe Verdacht: C:\Program Files\Norton AntiVirus\navapsvc.exe C:\WINDOWS\System32\nvsvc32.exe C:\Program Files\RVS\WCOM\SYSTEM\RVSINST.EXE R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = http://www.new-search.info/search.html R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://easy-search.biz R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.new-search.info/search.html R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.new-search.info/search.html R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.new-search.info/search.html R1 - HKCU\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://www.new-search.info/search.html R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://easy-search.biz R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINDOWS\System32\gchcg.dll/sp.html (obfuscated) R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.new-search.info/search.html R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.new-search.info/search.html R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://www.new-search.info/search.html R1 - HKCU\Software\Microsoft\Internet Explorer,Search = http://www.new-search.info/search.html R1 - HKLM\Software\Microsoft\Internet Explorer,Search = http://www.new-search.info/search.html O2 - BHO: (no name) - {9D558E84-C543-456F-9F7B-20BC43DCEF8E} - C:\WINDOWS\System32\gchcg.dll O2 - BHO: (no name) - {2E65A557-173C-4DE9-860B-28FC5CACA542} - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Setup\Setup.dll Haal de volgende ff weg R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Startpagina = C:/Program Files/Plus18Point/Portal/portal.html Niet verdacht alleen ff fixen O2 - BHO: (no name) - {49E0E0F0-5C30-11D4-945D-000000000000} - C:\WINDOWS\system32\IEHelper.dll (file missing)
__________________
"Typefouten zijn gratis" | "Daar is vast wel een knopje voor" | "Ik weet, want ik zoek" | Powered by Firefox, Chromium, Mac OS X, OpenSuse, and Google.
|
31-10-2004, 18:32 | |
Oke, zo ziet het er nu uit:
Logfile of HijackThis v1.97.5 Scan saved at 19:32:05, on 31-10-2004 Platform: Windows XP (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 (6.00.2600.0000) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe C:\Program Files\Common Files\Symantec Shared\ccApp.exe C:\Program Files\Analog Devices\SoundMAX\SMTray.exe C:\Program Files\Messenger Plus! 3.1\MsgPlus.exe C:\Program Files\QuickTime\qttask.exe C:\WINDOWS\iau.exe C:\WINDOWS\stisvsq.exe C:\WINDOWS\svshost.exe C:\WINDOWS\msqdevl.exe C:\WINDOWS\mservice.exe C:\Program Files\Norton AntiVirus\navapsvc.exe C:\WINDOWS\System32\nvsvc32.exe C:\Program Files\RVS\WCOM\SYSTEM\RVSINST.EXE C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\lssas.exe F:\Program Files\Kazaa Lite K++\KazaaLite.kpp C:\Program Files\MSN Messenger\msnmsgr.exe C:\Program Files\Microsoft Office\Office10\WINWORD.EXE C:\WINDOWS\msagent\AgentSvr.exe C:\Program Files\Microsoft Office\Office10\POWERPNT.EXE C:\Program Files\Mozilla Firefox\firefox.exe C:\Documents and Settings\gebruiker\Mijn documenten\Mijn ontvangen bestanden\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINDOWS\System32\gchcg.dll/sp.html (obfuscated) R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINDOWS\System32\gchcg.dll/sp.html (obfuscated) R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://easy-search.biz R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = res://C:\WINDOWS\System32\gchcg.dll/sp.html (obfuscated) R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://easy-search.biz R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINDOWS\System32\gchcg.dll/sp.html (obfuscated) R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINDOWS\System32\gchcg.dll/sp.html (obfuscated) R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.freeler.nl R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = res://C:\WINDOWS\System32\gchcg.dll/sp.html (obfuscated) R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 127.0.0.1:8080 R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local R1 - HKCU\Software\Microsoft\Internet Explorer\Main,HomeOldSP = about:blank R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll O3 - Toolbar: (no name) - {224530A0-C9CB-4AEE-9C0F-54AC1B533211} - (no file) O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [ccRegVfy] "C:\Program Files\Common Files\Symantec Shared\ccRegVfy.exe" O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\System32\NeroCheck.exe O4 - HKLM\..\Run: [Smapp] C:\Program Files\Analog Devices\SoundMAX\SMTray.exe O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\Messenger Plus! 3.1\MsgPlus.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [Microsoft Internet Acceleration Utility] iau.exe O4 - HKLM\..\Run: [Internet Connection Wizard] stisvsq.exe O4 - HKLM\..\Run: [Games Acceleration] svshost.exe O4 - HKLM\..\Run: [Internet Mail and News] msqdevl.exe O4 - HKLM\..\Run: [Microsoft Management Console] lssas.exe O4 - HKLM\..\Run: [Multimedia extensions] mservice.exe O4 - HKCU\..\Run: [IEengine] C:\Program Files\Internet Explorer\IEengine.exe O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [Microsoft Internet Acceleration Utility] iau.exe O4 - HKCU\..\Run: [Internet Connection Wizard] stisvsq.exe O4 - HKCU\..\Run: [Games Acceleration] svshost.exe O4 - HKCU\..\Run: [Internet Mail and News] msqdevl.exe O4 - HKCU\..\Run: [Microsoft Management Console] lssas.exe O4 - HKCU\..\Run: [Multimedia extensions] mservice.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 O9 - Extra 'Tools' menuitem: Sun Java Console (HKLM) O14 - IERESET.INF: START_PAGE_URL=http://www.freeler.nl O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://www.apple.com/qtactivex/qtplugin.cab O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary...t.cab30149.cab O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) - http://download.macromedia.com/pub/s...ctor/swdir.cab O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab O16 - DPF: {6211AC26-A1B4-422A-AC52-1E70B7D24465} (FileSharingCtrl Class) - http://appdirectory.messenger.msn.co...haringctrl.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.co...?1098278392779 O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary...tatsClient.cab O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} - http://v4.windowsupdate.microsoft.co...757.2587384259 O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary...o.cab30149.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/s...sh/swflash.cab O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary...n.cab27571.cab
__________________
Un electrodoméstico es una máquina que realiza algunas tareas domésticas rutinarias
|
31-10-2004, 18:33 | ||
Citaat:
__________________
"Typefouten zijn gratis" | "Daar is vast wel een knopje voor" | "Ik weet, want ik zoek" | Powered by Firefox, Chromium, Mac OS X, OpenSuse, and Google.
|
31-10-2004, 18:49 | ||
De volgende vertrouw ik niet 100%:
Citaat:
__________________
"Typefouten zijn gratis" | "Daar is vast wel een knopje voor" | "Ik weet, want ik zoek" | Powered by Firefox, Chromium, Mac OS X, OpenSuse, and Google.
Laatst gewijzigd op 31-10-2004 om 18:52. |
31-10-2004, 19:09 | ||
Citaat:
__________________
"Typefouten zijn gratis" | "Daar is vast wel een knopje voor" | "Ik weet, want ik zoek" | Powered by Firefox, Chromium, Mac OS X, OpenSuse, and Google.
|
31-10-2004, 19:11 | ||
Citaat:
__________________
What experience and history teach is this — that people and governments never have learned anything from history, or acted on principles deduced from it.
|
31-10-2004, 19:41 | ||
Citaat:
Dus de update doet het niet. Dus [?] Ad-Aware vind niks. En hij is klaar bij 19886 files in plaats van 44700
__________________
Un electrodoméstico es una máquina que realiza algunas tareas domésticas rutinarias
|
31-10-2004, 19:56 | |
Ad-aware 6? Je moet ook ff de nieuwste downloaden, Adware SE.
http://www.download.com/3000-2144-10045910.html
__________________
What experience and history teach is this — that people and governments never have learned anything from history, or acted on principles deduced from it.
|
02-11-2004, 20:16 | ||
Citaat:
Oja, bij SpywareBlaster staat de homepage ingesteld als die spyware site ,zie paar posts hierboven, als ik 'm verander blijft-ie 't zelfde, hoe verander ik 'm permanent? (Ik zie nu zo'n de-pagina-kan-niet-worden-weergegeven-scherm bij IE zeg maar.)
__________________
Un electrodoméstico es una máquina que realiza algunas tareas domésticas rutinarias
|
02-11-2004, 20:32 | ||
Citaat:
__________________
Not a shred of evidence exists in favor of the idea that life is serious
|
02-11-2004, 20:39 | |
Verwijderd
|
Hallo,
Ik heb een vermoeden dat er ad/spyware op mijn pc zit, jullie hebben er meer Know-how van. kunnen jullie even kijken Logfile of HijackThis v1.98.2 Scan saved at 10:36:23, on 2-11-2004 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Common Files\Symantec Shared\ccProxy.exe C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe C:\Program Files\Norton Internet Security\ISSVC.exe C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe C:\WINDOWS\system32\nvsvc32.exe C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe C:\WINDOWS\system32\Tablet.exe C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Common Files\Symantec Shared\ccApp.exe C:\Program Files\Messenger Plus! 3\MsgPlus.exe C:\Program Files\Microsoft Hardware\Keyboard\type32.exe C:\Program Files\Microsoft Hardware\Mouse\point32.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Webroot\Washer\wwDisp.exe C:\WINDOWS\system32\WTablet\TabUserW.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\MSN Messenger\msnmsgr.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Common Files\Symantec Shared\AdBlocking\NSMdtr.exe C:\DOCUME~1\DJSAFR~1\LOCALS~1\Temp\Tijdelijke map 1 voor hijackthis_198.zip\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.planet.nl/planet/show/id=70921/sc=e9a5be R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft.com/isapi/redir...r=6&ar=msnhome R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com/isapi/redir...ie&ar=iesearch R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir...ie&ar=iesearch R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak = http://www.microsoft.com/isapi/redir...r=6&ar=msnhome R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.microsoft.com/isapi/redir...r=6&ar=msnhome R3 - URLSearchHook: (no name) - _{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file) O2 - BHO: (no name) - {00000010-6F7D-442C-93E3-4A4827C2E4C8} - (no file) O2 - BHO: (no name) - {0000CC75-ACF3-4cac-A0A9-DD3868E06852} - (no file) O2 - BHO: LocalNRDObj Class - {00320615-B6C2-40A6-8F99-F1C52D674FAD} - C:\WINDOWS\localNRD.dll O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll O2 - BHO: Norton Internet Security - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll O2 - BHO: BAHelper Class - {A3FDD654-A057-4971-9844-4ED8E67DBBB8} - C:\Program Files\SideFind\sfbho.dll O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll O3 - Toolbar: Norton Internet Security - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll O3 - Toolbar: (no name) - {62999427-33FC-4baf-9C9C-BCE6BD127F08} - (no file) O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [Jet Detection] "C:\Program Files\Creative\SBLive\PROGRAM\ADGJDet.exe" O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\Messenger Plus! 3\MsgPlus.exe" O4 - HKLM\..\Run: [IntelliType] "C:\Program Files\Microsoft Hardware\Keyboard\type32.exe" O4 - HKLM\..\Run: [POINTER] point32.exe O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [Window Washer] C:\Program Files\Webroot\Washer\wwDisp.exe O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\Messenger Plus! 3\MsgPlus.exe" /WinStart O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background O4 - Global Startup: TabUserW.exe.lnk = C:\WINDOWS\system32\WTablet\TabUserW.exe O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 O17 - HKLM\System\CCS\Services\Tcpip\..\{E912B80D-196A-4E5A-855C-171DEA05343D}: NameServer = 195.121.1.66,195.121.1.34 Ik heb al gescant met Spy-bot, NAV2005, en Ad-Aware. Alvast bedankt! |
02-11-2004, 21:24 | |
Ik zie zo 123 niet echt iets bijzonders. Je kunt ook deze logfile laten analyseren op www.hijackthis.de
__________________
What experience and history teach is this — that people and governments never have learned anything from history, or acted on principles deduced from it.
|
Advertentie |
|
Topictools | Zoek in deze topic |
|
|
Soortgelijke topics | ||||
Forum | Topic | Reacties | Laatste bericht | |
Software & Hardware |
Centraal spyware, adware & virussen topic [5] M@rco | 499 | 26-03-2008 13:10 | |
Software & Hardware |
[Centraal] Spy-, adware & virussen [4] M@rco | 500 | 01-12-2006 11:27 | |
Software & Hardware |
[Centraal] Spyware & Adware [3] Enlightenment | 461 | 24-01-2006 09:53 |