Vraag & Antwoord

Beveiliging & privacy

Hijack This log, startpagina

Anoniem
pcguy
14 antwoorden
 • ze zijn er wel uit, deze lijkt me schoon :wink:

  edit: er staat ook niet voor niks: indien aanwezig :wink:
 • pcguy hartelijk bedankt voor je hulp!!!

  De startpagina blijft nu ook bestaan na een reboot.
 • Op de computer van m'n zus zit het startpagina probleem.
  Ik heb het stappenplan doorgewerkt om hier vanaf te komen, dus ad-aware, spybot en shredder na elke
  behandeling fixen en rebooten.
  Toch blijft de startpagina "blazefind.com"
  Ook Hijack gedraaid en de tweede R0 regel laten fixen, doch na een reboot komt hij toch weer terug.
  Staat er nog meer vervuiling in onderstaande log file?
  Met dank voor de hulp.
  (Ik kan niet direct antwoorden op mogelijke reacties omdat ik daarvoor weer eerst naar m'n zus toe moet,
  maar antwoorden doe ik!)

  Logfile of HijackThis v1.98.0
  Scan saved at 16:29:33, on 12-7-2004
  Platform: Windows XP (WinNT 5.01.2600)
  MSIE: Internet Explorer v6.00 SP1 (6.00.2600.0000)

  Running processes:
  C:\WINDOWS\System32\smss.exe
  C:\WINDOWS\system32\winlogon.exe
  C:\WINDOWS\system32\services.exe
  C:\WINDOWS\system32\lsass.exe
  C:\WINDOWS\system32\svchost.exe
  C:\WINDOWS\System32\svchost.exe
  C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
  C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
  C:\WINDOWS\system32\spoolsv.exe
  C:\WINDOWS\System32\DRIVERS\CDANTSRV.EXE
  C:\WINDOWS\System32\dnetc.exe
  C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
  C:\Program Files\Norton AntiVirus\navapsvc.exe
  C:\Program Files\Norton AntiVirus\AdvTools\NPROTECT.EXE
  C:\WINDOWS\System32\svchost.exe
  C:\WINDOWS\Explorer.EXE
  C:\Program Files\Logitech\ImageStudio\LogiTray.exe
  C:\Program Files\D-Tools\daemon.exe
  C:\Program Files\Common Files\Symantec Shared\ccApp.exe
  C:\Program Files\Messenger Plus! 3\MsgPlus.exe
  C:\Program Files\WindUpdates\WinUpdt.exe
  C:\Program Files\WindUpdates\WinKA.exe
  C:\WINDOWS\System32\LVComS.exe
  C:\Program Files\Logitech\ImageStudio\LowLight.exe
  C:\Program Files\MSN Messenger\msnmsgr.exe
  C:\Program Files\Norton AntiVirus\SAVScan.exe
  C:\Program Files\Messenger\msmsgs.exe
  C:\Program Files\Internet Explorer\IEXPLORE.EXE
  C:\temp\Hijack\HijackThis.exe

  R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.startpagina.nl/
  R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.blazefind.com/search_page.php?account_id=3004
  R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
  R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak = http://www.startpagina.nl/
  R3 - URLSearchHook: AutoSearch Class - {1E432263-6841-4653-8F02-366A2F77E339} - C:\PROGRA~1\WIACA5~1\WinSB1.DLL
  R3 - URLSearchHook: (no name) - {707E6F76-9FFB-4920-A976-EA101271BC25} - C:\Program Files\TV Media\TvmBho.dll
  O2 - BHO: (no name) - SOFTWARE - (no file)
  O2 - BHO: CSIECore Class - {00000000-0000-0000-0000-000000000221} - C:\PROGRA~1\Lycos\IEagent\CSIE.DLL
  O2 - BHO: CExtension Object - {0019C3E2-DD48-4A6D-ABCD-8D32436323D9} - C:\WINDOWS\bxxs5.dll
  O2 - BHO: (no name) - {49E0E0F0-5C30-11D4-945D-000000000000} - C:\WINDOWS\system32\IEHelper.dll (file missing)
  O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
  O2 - BHO: EventHandler Class - {9FB534E3-67CB-4307-AE0A-9E8B5581BE2C} - C:\PROGRA~1\WIACA5~1\WinSB1.DLL
  O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
  O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
  O3 - Toolbar: Windows Search Bar - {A1DD937D-71E1-4BB5-BD5D-1B01B9CB1C2F} - C:\PROGRA~1\WIACA5~1\WinSB1.DLL
  O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
  O4 - HKLM\..\Run: [hpppta] C:\Program Files\Hewlett-Packard\HP PrecisionScan\PrecisionScan Pro\hpppta.exe /ICON
  O4 - HKLM\..\Run: [LogitechGalleryRepair] C:\Program Files\Logitech\ImageStudio\ISStart.exe
  O4 - HKLM\..\Run: [LogitechImageStudioTray] C:\Program Files\Logitech\ImageStudio\LogiTray.exe
  O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033
  O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
  O4 - HKLM\..\Run: [Advanced Tools Check] C:\PROGRA~1\NORTON~1\AdvTools\ADVCHK.EXE
  O4 - HKLM\..\Run: [websx] C:\Program Files\websx\int139749.exe -auto
  O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
  O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\Messenger Plus! 3\MsgPlus.exe"
  O4 - HKLM\..\Run: [bxxs5] RunDLL32.EXE C:\WINDOWS\bxxs5.dll,DllRun
  O4 - HKLM\..\Run: [TV Media] C:\Program Files\TV Media\Tvm.exe
  O4 - HKLM\..\Run: [WindUpdates] C:\Program Files\WindUpdates\WinUpdt.exe
  O4 - HKLM\..\RunOnce: [TV Media] C:\Program Files\TV Media\Tvm.exe
  O4 - HKCU\..\Run: [TV Media] C:\Program Files\TV Media\Tvm.exe
  O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\Messenger Plus! 3\MsgPlus.exe" /WinStart
  O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
  O4 - HKCU\..\RunOnce: [TV Media] C:\Program Files\TV Media\Tvm.exe
  O4 - Startup: iMesh.lnk = C:\Program Files\iMesh\Client\iMeshClient.exe
  O4 - Startup: PowerReg Scheduler V3.exe
  O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
  O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
  O4 - Global Startup: PageKeeper Taken.lnk = C:\Program Files\Caere\PageKeeper30\system\PKJobs.exe
  O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
  O8 - Extra context menu item: Backward &Links - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
  O8 - Extra context menu item: Cac&hed Snapshot of Page - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
  O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
  O8 - Extra context menu item: Si&milar Pages - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
  O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab
  O16 - DPF: {15AD4789-CDB4-47E1-A9DA-992EE8E6BAD6} - http://public.windupdates.com/get_file.php?bt=ie&p=ba9e5852dc980b986fee61c992c908c8c4aec16057356878cb33e09dd16b4cf022ee4f03b5e10bcc02ba107b27ceffe90e3fd70ec204a8ea059f9bce3429:7de6395213b713f896a76337b174f90e
  O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab
  O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab
  O16 - DPF: {C3DFA998-A486-11D4-AA25-00C04F72DAEB} (MSN Photo Upload Tool) - http://sc.groups.msn.com/controls/PhotoUC/MsnPUpld.cab
  O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://fdl.msn.com/public/chat/msnchat45.cab
  O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab
 • kijk wel ff
 • uninstaleer eerst imesh bij software in het configuratiescherm.

  sluit alle vensters en run hjt opnieuw en fix de volgende items indien aanwezig:
  [list:0d5720e4f6]R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.blazefind.com/search_page.php?account_id=3004
  R3 - URLSearchHook: (no name) - {707E6F76-9FFB-4920-A976-EA101271BC25} - C:\Program Files\TV Media\TvmBho.dll
  O2 - BHO: (no name) - SOFTWARE - (no file)
  O2 - BHO: CExtension Object - {0019C3E2-DD48-4A6D-ABCD-8D32436323D9} - C:\WINDOWS\bxxs5.dll
  O2 - BHO: (no name) - {49E0E0F0-5C30-11D4-945D-000000000000} - C:\WINDOWS\system32\IEHelper.dll (file missing)
  O2 - BHO: CSIECore Class - {00000000-0000-0000-0000-000000000221} - C:\PROGRA~1\Lycos\IEagent\CSIE.DLL
  O2 - BHO: EventHandler Class - {9FB534E3-67CB-4307-AE0A-9E8B5581BE2C} - C:\PROGRA~1\WIACA5~1\WinSB1.DLL
  O3 - Toolbar: Windows Search Bar - {A1DD937D-71E1-4BB5-BD5D-1B01B9CB1C2F} - C:\PROGRA~1\WIACA5~1\WinSB1.DLL
  O4 - HKLM\..\Run: [websx] C:\Program Files\websx\int139749.exe -auto
  O4 - HKLM\..\Run: [bxxs5] RunDLL32.EXE C:\WINDOWS\bxxs5.dll,DllRun
  O4 - HKLM\..\Run: [WindUpdates] C:\Program Files\WindUpdates\WinUpdt.exe
  O4 - HKLM\..\RunOnce: [TV Media] C:\Program Files\TV Media\Tvm.exe
  O4 - HKCU\..\Run: [TV Media] C:\Program Files\TV Media\Tvm.exe
  O4 - HKCU\..\RunOnce: [TV Media] C:\Program Files\TV Media\Tvm.exe
  O4 - HKLM\..\Run: [TV Media] C:\Program Files\TV Media\Tvm.exe
  O4 - Startup: iMesh.lnk = C:\Program Files\iMesh\Client\iMeshClient.exe
  O16 - DPF: {15AD4789-CDB4-47E1-A9DA-992EE8E6BAD6} - http://public.windupdates.com/get_file.php?bt=ie&p=ba9e5852dc980b986fee61c992c908c8c4aec16057356878cb33e09dd16b4cf022ee4f03b5e10bcc02ba107b27ceffe90e3fd70ec204a8ea059f9bce3429:7de6395213b713f896a76337b174f90e[/list:u:0d5720e4f6]

  daarna zorg je dat allle verborgen bestanden worden weergegeven en dan verwijder je de volgende items indien aanwezig:
  [list:0d5720e4f6]C:\Program Files\TV Media <— deze map
  C:\Program Files\WindUpdates <— deze map
  C:\WINDOWS\bxxs5.dll <— dit bestand
  C:\Program Files\websx <— deze map
  C:\PROGRA~1\WIACA5~1 <— deze map[/list:u:0d5720e4f6]

  daarna reboot je en meld je je met een nieuwe log\]


  ik heb er even een paar bij gezet waar ik overheen had gekeken :oops: (@ m@rc, heb ik ze nu allemaal gehad? en thnks dat je me waarschuwde)

  greetz dion
 • pcguy, bedankt alvast voor je reactie.

  Pas morgen kan ik een nieuwe log sturen.
  ik ga dan weer naar m'n zus.

  Je hoort van mij!
 • owja, ik lees het nu, nou dan zien we het morgen wel verder

  greetz
 • deze ook verwijderen:
  [b:a8e4df1ce2]R3 - URLSearchHook: AutoSearch Class - {1E432263-6841-4653-8F02-366A2F77E339} - C:\PROGRA~1\WIACA5~1\WinSB1.DLL[/b:a8e4df1ce2]
 • [hoofdtegendemuurbeuksmiley][img:95ca5f0b78]http://www.nbproducties.nl/smilies/kopstoter.gif[/img:95ca5f0b78]
 • AU!!!!!!
 • Bedankt ook voor de aanvullende reactie.

  Alles gefixt en daarna in veilige modus de mappen en het dll bestand verwijderd.
  De als laatst genoemde map (in de reactie van pcguy) "C:\PROGRA~1\WIACA5~1 heb ik nergens kunnen vinden, hoewel ik alle verborgen mappen en bestanden zichtbaar had staan.

  Hier volgt de nieuwe log en gaarne weer reactie a.u.b.

  Logfile of HijackThis v1.98.0
  Scan saved at 11:29:51, on 13-7-2004
  Platform: Windows XP (WinNT 5.01.2600)
  MSIE: Internet Explorer v6.00 SP1 (6.00.2600.0000)

  Running processes:
  C:\WINDOWS\System32\smss.exe
  C:\WINDOWS\system32\winlogon.exe
  C:\WINDOWS\system32\services.exe
  C:\WINDOWS\system32\lsass.exe
  C:\WINDOWS\system32\svchost.exe
  C:\WINDOWS\System32\svchost.exe
  C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
  C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
  C:\WINDOWS\system32\spoolsv.exe
  C:\WINDOWS\System32\DRIVERS\CDANTSRV.EXE
  C:\WINDOWS\System32\dnetc.exe
  C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
  C:\Program Files\Norton AntiVirus\navapsvc.exe
  C:\Program Files\Norton AntiVirus\AdvTools\NPROTECT.EXE
  C:\WINDOWS\System32\svchost.exe
  C:\WINDOWS\Explorer.EXE
  C:\Program Files\Logitech\ImageStudio\LogiTray.exe
  C:\Program Files\D-Tools\daemon.exe
  C:\Program Files\Common Files\Symantec Shared\ccApp.exe
  C:\Program Files\Messenger Plus! 3\MsgPlus.exe
  C:\WINDOWS\System32\LVComS.exe
  C:\Program Files\Logitech\ImageStudio\LowLight.exe
  C:\Program Files\MSN Messenger\msnmsgr.exe
  C:\Program Files\Norton AntiVirus\SAVScan.exe
  C:\Program Files\Messenger\msmsgs.exe
  C:\Program Files\Internet Explorer\IEXPLORE.EXE
  C:\temp\Hijack\HijackThis.exe

  R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
  R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak = http://www.startpagina.nl/
  O2 - BHO: CSIECore Class - {00000000-0000-0000-0000-000000000221} - C:\PROGRA~1\Lycos\IEagent\CSIE.DLL
  O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
  O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
  O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
  O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
  O4 - HKLM\..\Run: [hpppta] C:\Program Files\Hewlett-Packard\HP PrecisionScan\PrecisionScan Pro\hpppta.exe /ICON
  O4 - HKLM\..\Run: [LogitechGalleryRepair] C:\Program Files\Logitech\ImageStudio\ISStart.exe
  O4 - HKLM\..\Run: [LogitechImageStudioTray] C:\Program Files\Logitech\ImageStudio\LogiTray.exe
  O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033
  O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
  O4 - HKLM\..\Run: [Advanced Tools Check] C:\PROGRA~1\NORTON~1\AdvTools\ADVCHK.EXE
  O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
  O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\Messenger Plus! 3\MsgPlus.exe"
  O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\Messenger Plus! 3\MsgPlus.exe" /WinStart
  O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
  O4 - Startup: iMesh.lnk = C:\Program Files\iMesh\Client\iMeshClient.exe
  O4 - Startup: PowerReg Scheduler V3.exe
  O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
  O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
  O4 - Global Startup: PageKeeper Taken.lnk = C:\Program Files\Caere\PageKeeper30\system\PKJobs.exe
  O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
  O8 - Extra context menu item: Backward &Links - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
  O8 - Extra context menu item: Cac&hed Snapshot of Page - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
  O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
  O8 - Extra context menu item: Si&milar Pages - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
  O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab
  O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab
  O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab
  O16 - DPF: {C3DFA998-A486-11D4-AA25-00C04F72DAEB} (MSN Photo Upload Tool) - http://sc.groups.msn.com/controls/PhotoUC/MsnPUpld.cab
  O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://fdl.msn.com/public/chat/msnchat45.cab
  O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab
 • je hebt imesh nog niet verwijderd in software in het configuratiescherm? of wel? hij moet er igg af, het is wel een p2p programma maar het is ook rommel. (dat zijn bijna alle p2p progs)


  daarna nog een keer hijackthis runnen en deze fixen:
  [list:12e9ee34e6]O2 - BHO: CSIECore Class - {00000000-0000-0000-0000-000000000221} - C:\PROGRA~1\Lycos\IEagent\CSIE.DLL
  O4 - Startup: iMesh.lnk = C:\Program Files\iMesh\Client\iMeshClient.exe [/list:u:12e9ee34e6]

  vervolgens gooi je de volgende mappen weg indien aanwezig:
  [list:12e9ee34e6]C:\PROGRA~1\Lycos\IEagent <— deze map
  C:\Program Files\iMesh <— deze map[/list:u:12e9ee34e6]

  en post voor de zekerheid weer een nieuwe log
 • Bedankt voor je reactie.

  In software komt het programma imesh niet voor!

  Zowel de O2 als de O 4 kunnen verwijderen.

  De 2 programma´s die je noemt komen bij de verkenner beslist niet voor, alle verborgen mappen en files staan op weergeven.

  Hier nu de nieuwe log.

  Logfile of HijackThis v1.98.0
  Scan saved at 14:56:43, on 13-7-2004
  Platform: Windows XP (WinNT 5.01.2600)
  MSIE: Internet Explorer v6.00 SP1 (6.00.2600.0000)

  Running processes:
  C:\WINDOWS\System32\smss.exe
  C:\WINDOWS\system32\winlogon.exe
  C:\WINDOWS\system32\services.exe
  C:\WINDOWS\system32\lsass.exe
  C:\WINDOWS\system32\svchost.exe
  C:\WINDOWS\System32\svchost.exe
  C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
  C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
  C:\WINDOWS\system32\spoolsv.exe
  C:\WINDOWS\Explorer.EXE
  C:\Program Files\Logitech\ImageStudio\LogiTray.exe
  C:\Program Files\D-Tools\daemon.exe
  C:\Program Files\Common Files\Symantec Shared\ccApp.exe
  C:\Program Files\Messenger Plus! 3\MsgPlus.exe
  C:\WINDOWS\System32\LVComS.exe
  C:\WINDOWS\System32\DRIVERS\CDANTSRV.EXE
  C:\WINDOWS\System32\dnetc.exe
  C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
  C:\Program Files\Norton AntiVirus\navapsvc.exe
  C:\Program Files\Logitech\ImageStudio\LowLight.exe
  C:\Program Files\Norton AntiVirus\AdvTools\NPROTECT.EXE
  C:\WINDOWS\System32\svchost.exe
  C:\Program Files\MSN Messenger\msnmsgr.exe
  C:\Program Files\Messenger\msmsgs.exe
  C:\Program Files\Norton AntiVirus\SAVScan.exe
  C:\WINDOWS\System32\ctfmon.exe
  C:\temp\Hijack\HijackThis.exe

  R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
  R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak = http://www.startpagina.nl/
  O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
  O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
  O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
  O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
  O4 - HKLM\..\Run: [hpppta] C:\Program Files\Hewlett-Packard\HP PrecisionScan\PrecisionScan Pro\hpppta.exe /ICON
  O4 - HKLM\..\Run: [LogitechGalleryRepair] C:\Program Files\Logitech\ImageStudio\ISStart.exe
  O4 - HKLM\..\Run: [LogitechImageStudioTray] C:\Program Files\Logitech\ImageStudio\LogiTray.exe
  O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033
  O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
  O4 - HKLM\..\Run: [Advanced Tools Check] C:\PROGRA~1\NORTON~1\AdvTools\ADVCHK.EXE
  O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
  O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\Messenger Plus! 3\MsgPlus.exe"
  O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\Messenger Plus! 3\MsgPlus.exe" /WinStart
  O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
  O4 - Startup: PowerReg Scheduler V3.exe
  O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
  O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
  O4 - Global Startup: PageKeeper Taken.lnk = C:\Program Files\Caere\PageKeeper30\system\PKJobs.exe
  O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
  O8 - Extra context menu item: Backward &Links - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
  O8 - Extra context menu item: Cac&hed Snapshot of Page - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
  O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
  O8 - Extra context menu item: Si&milar Pages - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
  O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab
  O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab
  O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab
  O16 - DPF: {C3DFA998-A486-11D4-AA25-00C04F72DAEB} (MSN Photo Upload Tool) - http://sc.groups.msn.com/controls/PhotoUC/MsnPUpld.cab
  O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://fdl.msn.com/public/chat/msnchat45.cab
  O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab
 • ik zal nog ff (noujah niet te ff dit keer) kijken

Beantwoord deze vraag

Dit is een gearchiveerde pagina. Antwoorden is niet meer mogelijk.