Op deze website gebruiken we cookies om content en advertenties te personaliseren, om functies voor social media te bieden en om ons websiteverkeer te analyseren. Ook delen we informatie over uw gebruik van onze site met onze partners voor social media, adverteren en analyse. Deze partners kunnen deze gegevens combineren met andere informatie die u aan ze heeft verstrekt of die ze hebben verzameld op basis van uw gebruik van hun services. Meer informatie.

Akkoord

Vraag & Antwoord

Beveiliging & privacy

spyware search2.com

Anoniem
None
32 antwoorden
  • Hallo,
    ik heb een vervelende te pakken, ondanks adaware, spybot en cwsshredder blijf ik besmet. Bij opstarten wil m'n homepage veranderen in http://search2.com/passtrough/index.html. Ook blijft er een vervelende toolbar in IE. IE is ook erg traag geworden.
    hieonder m'n hjt log

    Logfile of HijackThis v1.97.7
    Scan saved at 12:11:47, on 28-7-2004
    Platform: Windows XP (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 (6.00.2600.0000)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\System32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
    D:\Program Files\Norton Personal Firewall\NISUM.EXE
    D:\Program Files\Norton Personal Firewall\ccPxySvc.exe
    C:\Program Files\NavNT\defwatch.exe
    C:\PROGRA~1\NORTON~1\NORTON~4\GHOSTS~2.EXE
    C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
    C:\Program Files\NavNT\rtvscan.exe
    C:\Program Files\Norton SystemWorks\Norton Utilities\NPROTECT.EXE
    C:\PROGRA~1\NORTON~1\SPEEDD~1
    opdb.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\System32\MsgSys.EXE
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
    D:\Program Files\Elaborate Bytes\CloneCD\CloneCDTray.exe
    D:\Program Files\Logitech\iTouch\iTouch.exe
    D:\PROGRA~1\Logitech\MOUSEW~1\SYSTEM\EM_EXEC.EXE
    C:\Program Files\MusicMatch\MusicMatch Jukebox\mm_tray.exe
    C:\Program Files\NavNT\vptray.exe
    C:\Program Files\Norton SystemWorks\Norton Ghost\GhostStartTrayApp.exe
    C:\Program Files\Common Files\Symantec Shared\ccApp.exe
    C:\Documents and Settings\Vincent.JWV\Application Data\Messenger Plus! 3\MsgPlus.exe
    C:\Program Files\MusicMatch\MusicMatch Jukebox\mmtask.exe
    C:\Program Files\Creative\Shared Files\CAMTRAY.EXE
    D:\Program Files\ClocX\ClocX.exe
    C:\WINDOWS\System32\ctfmon.exe
    D:\Program Files\Tweak-XP\blads.exe
    D:\Program Files\HistoryKill\histkill.exe
    C:\Program Files\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
    c:\progra~1\intern~1\iexplore.exe
    c:\progra~1\intern~1\iexplore.exe
    D:\Program Files\Logitech\iTouch\kbdtray.exe
    C:\Program Files\Internet Explorer\IEXPLORE.EXE
    D:\Program Files\HistoryKill\hkPopupKiller.exe
    C:\WINDOWS\System32\msiexec.exe
    F:\download04\hijackthis\hijackthis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.scheldestad.nl/
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
    O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - d:\Program Files\Spybot - Search & Destroy\SDHelper.dll
    O2 - BHO: (no name) - {C773DE51-3F2B-4C9B-A24C-D8989077BA7A} - C:\PROGRA~1\GRIMDO~1\web vga.exe
    O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
    O4 - HKLM\..\Run: [AtiPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
    O4 - HKLM\..\Run: [CloneCDElbyCDFL] "d:\Program Files\Elaborate Bytes\CloneCD\ElbyCheck.exe" /L ElbyCDFL
    O4 - HKLM\..\Run: [CloneCDTray] "d:\Program Files\Elaborate Bytes\CloneCD\CloneCDTray.exe"
    O4 - HKLM\..\Run: [zBrowser Launcher] d:\Program Files\Logitech\iTouch\iTouch.exe
    O4 - HKLM\..\Run: [EM_EXEC] d:\PROGRA~1\Logitech\MOUSEW~1\SYSTEM\EM_EXEC.EXE
    O4 - HKLM\..\Run: [MMTray] C:\Program Files\MusicMatch\MusicMatch Jukebox\mm_tray.exe
    O4 - HKLM\..\Run: [vptray] C:\Program Files\NavNT\vptray.exe
    O4 - HKLM\..\Run: [GhostStartTrayApp] C:\Program Files\Norton SystemWorks\Norton Ghost\GhostStartTrayApp.exe
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
    O4 - HKLM\..\Run: [ccRegVfy] "C:\Program Files\Common Files\Symantec Shared\ccRegVfy.exe"
    O4 - HKLM\..\Run: [MessengerPlus2] C:\Documents and Settings\Vincent.JWV\Application Data\Messenger Plus! 3\MsgPlus.exe
    O4 - HKLM\..\Run: [mmtask] C:\Program Files\MusicMatch\MusicMatch Jukebox\mmtask.exe
    O4 - HKLM\..\Run: [Creative WebCam Tray] C:\Program Files\Creative\Shared Files\CAMTRAY.EXE
    O4 - HKLM\..\Run: [ClocX] D:\Program Files\ClocX\ClocX.exe
    O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\System32\PSDrvCheck.exe -CheckReg
    O4 - HKLM\..\Run: [insidetwo] C:\PROGRA~1\NURBEX~1\pile log book.exe
    O4 - HKLM\..\Run: [amenwipesurfplan] C:\Documents and Settings\All Users.WINDOWS\Application Data\For Readme Amen Wipe\OKAYTYPE.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_05\bin\jusched.exe
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
    O4 - HKCU\..\Run: [BlockAds] D:\Program Files\Tweak-XP\blads.exe
    O4 - HKCU\..\Run: [HistoryKill] D:\Program Files\HistoryKill\histkill.exe /startup
    O4 - HKCU\..\Run: [MessengerPlus2] "C:\Program Files\Messenger Plus! 2\MsgPlus.exe" /WinStart
    O4 - HKCU\..\Run: [LDM] C:\Program Files\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
    O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
    O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Desktop Messenger\8876480\Program\LDMConf.exe
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://D:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
    O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
    O8 - Extra context menu item: Search Using Copernic - D:\Program Files\Copernic 2001 Pro\Search Extension.htm
    O9 - Extra 'Tools' menuitem: Sun Java Console (HKLM)
    O9 - Extra 'Tools' menuitem: Launch Copernic 2001 (HKLM)
    O9 - Extra button: Copernic (HKLM)
    O9 - Extra button: Research (HKLM)
    O9 - Extra button: Translate (HKLM)
    O9 - Extra 'Tools' menuitem: &Translate Using Gist-In-Time (HKLM)
    O9 - Extra button: Messenger (HKLM)
    O9 - Extra 'Tools' menuitem: Windows Messenger (HKLM)
    O12 - Plugin for .pdf: C:\Program Files\Internet Explorer\PLUGINS
    ppdf32.dll
    O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) - http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
    O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab
    O16 - DPF: {3E68E405-C6DE-49FF-83AE-41EE9F4C36CE} (Office Update Installation Engine) - http://office.microsoft.com/officeupdate/content/opuc.cab
    O16 - DPF: {6211AC26-A1B4-422A-AC52-1E70B7D24465} (FileSharingCtrl Class) - http://appdirectory.messenger.msn.com/AppDirectory/P4Apps/FileSharing/nl/filesharingctrl.cab
    O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab
    O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class) - http://v4.windowsupdate.microsoft.com/CAB/x86/unicode/iuctl.CAB?37359.1655324074
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab

  • Ik bliek wel even
  • Wat is deze? Weet jij daar iets van? [list:40e874a741][b:40e874a741]
    O4 - HKLM\..\Run: [insidetwo] C:\PROGRA~1\NURBEX~1\pile log book.exe[/b:40e874a741][/list:u:40e874a741]

    Verder lijkt het me schoon hoor, maar probeer msn plus eens te verwijderen en dan opnieuw te instaleren [b:40e874a741]zonder[/b:40e874a741] sponsor en post dan eens een nieuwe log.
  • In die nurbex dir staan de volgende bestanden:
    blchyppu.exe
    gagkddfe.exe
    Junk Cast Army.exe
    meal manager.exe
    pile log book.exe
    ze staan er sinds 26-7, en ik heb toen geen software geinstalleerd
  • Googlen en zoeken op www.vinden.nl levert niks bruikbaars op (meal manager.exe krijg je dieet dingen enzo :-?) Vraag als het een gezinspc is eens aan uw familie of iemand anders toevallig iets geinstaleerd heeft en kijk anders eens bij software in het configuratie scherm of er iets bij staat wat hiermee te maken kan hebben. Ik vind het nogal een vaag progje en ik kan het zelf ook niet thuisbrengen. (misschien Marc of Andre?)

    Heeft u al geprobeerd om msn plus eraf te gooien en opnieuw te instaleren met sponsor? Als het van uw kinderen of een andere huisgenoot is laat ze dan even meekijken zodat ze bij een eventuele update ook even het vinkje zo zetten dat hij zonder sponsor geinstaleerd word. :wink:

    Edit: nog een vraagje, kunt u met de nieuwe hijackthis scannen (versie 1.98.0 dus en niet 1.97.7) want die geeft net iets meer informatie.
  • [quote:72c4cda239="pcguy"]Wat is deze? Weet jij daar iets van? [list:72c4cda239][b:72c4cda239]
    O4 - HKLM\..\Run: [insidetwo] C:\PROGRA~1\NURBEX~1\pile log book.exe[/b:72c4cda239][/list:u:72c4cda239]
    [/quote:72c4cda239]

    Sleutel mag weg, net als de map NURBEX~1
  • Volgende mogen ook nog weg:

    O2 - BHO: (no name) - {C773DE51-3F2B-4C9B-A24C-D8989077BA7A} - C:\PROGRA~1\GRIMDO~1\web vga.exe
    O4 - HKLM\..\Run: [insidetwo] C:\PROGRA~1\NURBEX~1\pile log book.exe
  • alles uitgevoerd
    Toch vond spybot nog 115 coolwwwsearch entries
    problemen lijken nu opgelost.
    Ik kom nog wel diverse dirs tegen die ik niet kan thuisbrengen:
    Grimdownloadwipe
    C2Media
    SymNetDrv

    M'n nieuwe hjt log

    Logfile of HijackThis v1.98.0
    Scan saved at 11:40:46, on 29-7-2004
    Platform: Windows XP (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 (6.00.2600.0000)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\System32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
    D:\Program Files\Norton Personal Firewall\NISUM.EXE
    D:\Program Files\Norton Personal Firewall\ccPxySvc.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\NavNT\defwatch.exe
    C:\PROGRA~1\NORTON~1\NORTON~4\GHOSTS~2.EXE
    C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
    C:\Program Files\NavNT\rtvscan.exe
    C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
    D:\Program Files\Elaborate Bytes\CloneCD\CloneCDTray.exe
    D:\Program Files\Logitech\iTouch\iTouch.exe
    D:\PROGRA~1\Logitech\MOUSEW~1\SYSTEM\EM_EXEC.EXE
    C:\Program Files\MusicMatch\MusicMatch Jukebox\mm_tray.exe
    C:\Program Files\NavNT\vptray.exe
    C:\Program Files\Norton SystemWorks\Norton Ghost\GhostStartTrayApp.exe
    C:\Program Files\Common Files\Symantec Shared\ccApp.exe
    C:\Documents and Settings\Vincent.JWV\Application Data\Messenger Plus! 3\MsgPlus.exe
    C:\Program Files\MusicMatch\MusicMatch Jukebox\mmtask.exe
    C:\Program Files\Creative\Shared Files\CAMTRAY.EXE
    D:\Program Files\ClocX\ClocX.exe
    C:\Program Files\Java\j2re1.4.2_05\bin\jusched.exe
    C:\Program Files\Norton SystemWorks\Norton Utilities\NPROTECT.EXE
    C:\WINDOWS\System32\ctfmon.exe
    D:\Program Files\Tweak-XP\blads.exe
    D:\Program Files\HistoryKill\histkill.exe
    C:\Program Files\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
    C:\PROGRA~1\NORTON~1\SPEEDD~1
    opdb.exe
    C:\WINDOWS\System32\svchost.exe
    D:\Program Files\HistoryKill\hkPopupKiller.exe
    D:\Program Files\Logitech\iTouch\kbdtray.exe
    C:\WINDOWS\System32\MsgSys.EXE
    F:\download04\hijackthis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.scheldestad.nl/
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.urkolqbgewlspgiqxbacjicc.com/ScsCgm1Z8cgCIT7vaZweCMy24FdtIxN5NPjHCmu1rA/4gClnPVRj74vxxBFs32Yx.php
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - d:\Program Files\Spybot - Search & Destroy\SDHelper.dll
    O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
    O4 - HKLM\..\Run: [AtiPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
    O4 - HKLM\..\Run: [CloneCDElbyCDFL] "d:\Program Files\Elaborate Bytes\CloneCD\ElbyCheck.exe" /L ElbyCDFL
    O4 - HKLM\..\Run: [CloneCDTray] "d:\Program Files\Elaborate Bytes\CloneCD\CloneCDTray.exe"
    O4 - HKLM\..\Run: [zBrowser Launcher] d:\Program Files\Logitech\iTouch\iTouch.exe
    O4 - HKLM\..\Run: [EM_EXEC] d:\PROGRA~1\Logitech\MOUSEW~1\SYSTEM\EM_EXEC.EXE
    O4 - HKLM\..\Run: [MMTray] C:\Program Files\MusicMatch\MusicMatch Jukebox\mm_tray.exe
    O4 - HKLM\..\Run: [vptray] C:\Program Files\NavNT\vptray.exe
    O4 - HKLM\..\Run: [GhostStartTrayApp] C:\Program Files\Norton SystemWorks\Norton Ghost\GhostStartTrayApp.exe
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
    O4 - HKLM\..\Run: [ccRegVfy] "C:\Program Files\Common Files\Symantec Shared\ccRegVfy.exe"
    O4 - HKLM\..\Run: [MessengerPlus2] C:\Documents and Settings\Vincent.JWV\Application Data\Messenger Plus! 3\MsgPlus.exe
    O4 - HKLM\..\Run: [mmtask] C:\Program Files\MusicMatch\MusicMatch Jukebox\mmtask.exe
    O4 - HKLM\..\Run: [Creative WebCam Tray] C:\Program Files\Creative\Shared Files\CAMTRAY.EXE
    O4 - HKLM\..\Run: [ClocX] D:\Program Files\ClocX\ClocX.exe
    O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\System32\PSDrvCheck.exe -CheckReg
    O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_05\bin\jusched.exe
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
    O4 - HKCU\..\Run: [BlockAds] D:\Program Files\Tweak-XP\blads.exe
    O4 - HKCU\..\Run: [HistoryKill] D:\Program Files\HistoryKill\histkill.exe /startup
    O4 - HKCU\..\Run: [MessengerPlus2] "C:\Program Files\Messenger Plus! 2\MsgPlus.exe" /WinStart
    O4 - HKCU\..\Run: [LDM] C:\Program Files\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
    O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
    O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Desktop Messenger\8876480\Program\LDMConf.exe
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://D:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
    O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
    O8 - Extra context menu item: Search Using Copernic - D:\Program Files\Copernic 2001 Pro\Search Extension.htm
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file)
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file)
    O9 - Extra button: (no name) - {2A465934-E5F0-11D2-91B5-00104B9C4765} - D:\Program Files\Copernic 2001 Pro\Copernic.exe
    O9 - Extra 'Tools' menuitem: Launch Copernic 2001 - {2A465934-E5F0-11D2-91B5-00104B9C4765} - D:\Program Files\Copernic 2001 Pro\Copernic.exe
    O9 - Extra button: Copernic - {2A465936-E5F0-11D2-91B5-00104B9C4765} - D:\Program Files\Copernic 2001 Pro\Copernic.exe
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: Translate - {99EFB53C-C965-43CF-9F45-52242D134187} - file://D:\Program Files\Copernic 2001 Pro\Translate.htm
    O9 - Extra 'Tools' menuitem: &Translate Using Gist-In-Time - {99EFB53C-C965-43CF-9F45-52242D134187} - file://D:\Program Files\Copernic 2001 Pro\Translate.htm
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
    O12 - Plugin for .pdf: C:\Program Files\Internet Explorer\PLUGINS
    ppdf32.dll
    O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab
    O16 - DPF: {6211AC26-A1B4-422A-AC52-1E70B7D24465} (FileSharingCtrl Class) - http://appdirectory.messenger.msn.com/AppDirectory/P4Apps/FileSharing/nl/filesharingctrl.cab
    O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab

  • MSIE: Internet Explorer v6.00 (6.00.2600.0000)

    hij mist ook nog enkele belangrijke updates
  • kijk wel even na die log :P
  • Looks clean to me :wink:

    edit 1: En luister naar sjouwer en breng een bezoekje aan windows update

    edit 2: Zijn je probs opgelost?
  • :evil: :evil: :(
    Helaas, nog steeds probs, die search2com wil weer opnieuw mijn homepage worden, die vervelende taakbalk is weer terug en ik krijg steeds de foutmelding dat IE wordt afgesloten terwijl het niet is opgestart.
    mijn hjt log maar weer :

    Logfile of HijackThis v1.98.0
    Scan saved at 12:50:55, on 2-8-2004
    Platform: Windows XP SP1 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\System32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
    C:\Program Files\NavNT\defwatch.exe
    C:\PROGRA~1\NORTON~1\NORTON~4\GHOSTS~2.EXE
    C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
    D:\Program Files\Norton Personal Firewall\NISUM.EXE
    C:\Program Files\NavNT\rtvscan.exe
    C:\Program Files\Norton SystemWorks\Norton Utilities\NPROTECT.EXE
    C:\PROGRA~1\NORTON~1\SPEEDD~1
    opdb.exe
    C:\WINDOWS\System32\svchost.exe
    D:\Program Files\Norton Personal Firewall\ccPxySvc.exe
    C:\WINDOWS\System32\MsgSys.EXE
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
    D:\Program Files\Elaborate Bytes\CloneCD\CloneCDTray.exe
    D:\Program Files\Logitech\iTouch\iTouch.exe
    D:\PROGRA~1\Logitech\MOUSEW~1\SYSTEM\EM_EXEC.EXE
    C:\Program Files\MusicMatch\MusicMatch Jukebox\mm_tray.exe
    C:\Program Files\NavNT\vptray.exe
    C:\Program Files\Norton SystemWorks\Norton Ghost\GhostStartTrayApp.exe
    C:\Program Files\Common Files\Symantec Shared\ccApp.exe
    C:\Documents and Settings\Vincent.JWV\Application Data\Messenger Plus! 3\MsgPlus.exe
    C:\Program Files\MusicMatch\MusicMatch Jukebox\mmtask.exe
    C:\Program Files\Creative\Shared Files\CAMTRAY.EXE
    D:\Program Files\ClocX\ClocX.exe
    C:\Program Files\Java\j2re1.4.2_05\bin\jusched.exe
    c:\progra~1\intern~1\iexplore.exe
    C:\WINDOWS\System32\ctfmon.exe
    D:\Program Files\Tweak-XP\blads.exe
    c:\progra~1\intern~1\iexplore.exe
    D:\Program Files\HistoryKill\histkill.exe
    C:\Program Files\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
    D:\Program Files\Logitech\iTouch\kbdtray.exe
    D:\Program Files\HistoryKill\hkPopupKiller.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    F:\download04\hijackthis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.scheldestad.nl/
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.mzclvsmtxsyfuispveqf.biz/ScsCgm1Z8cgCIT7vaZweCMy24FdtIxN5NPjHCmu1rA/CMlbLmVn7t4vxxBFs32Yx.html
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - d:\Program Files\Spybot - Search & Destroy\SDHelper.dll
    O2 - BHO: (no name) - {C773DE51-3F2B-4C9B-A24C-D8989077BA7A} - C:\PROGRA~1\GRIMDO~1\web vga.exe
    O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
    O4 - HKLM\..\Run: [AtiPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
    O4 - HKLM\..\Run: [CloneCDElbyCDFL] "d:\Program Files\Elaborate Bytes\CloneCD\ElbyCheck.exe" /L ElbyCDFL
    O4 - HKLM\..\Run: [CloneCDTray] "d:\Program Files\Elaborate Bytes\CloneCD\CloneCDTray.exe"
    O4 - HKLM\..\Run: [zBrowser Launcher] d:\Program Files\Logitech\iTouch\iTouch.exe
    O4 - HKLM\..\Run: [EM_EXEC] d:\PROGRA~1\Logitech\MOUSEW~1\SYSTEM\EM_EXEC.EXE
    O4 - HKLM\..\Run: [MMTray] C:\Program Files\MusicMatch\MusicMatch Jukebox\mm_tray.exe
    O4 - HKLM\..\Run: [vptray] C:\Program Files\NavNT\vptray.exe
    O4 - HKLM\..\Run: [GhostStartTrayApp] C:\Program Files\Norton SystemWorks\Norton Ghost\GhostStartTrayApp.exe
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
    O4 - HKLM\..\Run: [ccRegVfy] "C:\Program Files\Common Files\Symantec Shared\ccRegVfy.exe"
    O4 - HKLM\..\Run: [MessengerPlus2] C:\Documents and Settings\Vincent.JWV\Application Data\Messenger Plus! 3\MsgPlus.exe
    O4 - HKLM\..\Run: [mmtask] C:\Program Files\MusicMatch\MusicMatch Jukebox\mmtask.exe
    O4 - HKLM\..\Run: [Creative WebCam Tray] C:\Program Files\Creative\Shared Files\CAMTRAY.EXE
    O4 - HKLM\..\Run: [ClocX] D:\Program Files\ClocX\ClocX.exe
    O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\System32\PSDrvCheck.exe -CheckReg
    O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_05\bin\jusched.exe
    O4 - HKLM\..\Run: [insidetwo] C:\PROGRA~1\NURBEX~1\pile log book.exe
    O4 - HKLM\..\Run: [amenwipesurfplan] C:\Documents and Settings\All Users.WINDOWS\Application Data\For Readme Amen Wipe\Daleonce.exe
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
    O4 - HKCU\..\Run: [BlockAds] D:\Program Files\Tweak-XP\blads.exe
    O4 - HKCU\..\Run: [HistoryKill] D:\Program Files\HistoryKill\histkill.exe /startup
    O4 - HKCU\..\Run: [MessengerPlus2] "C:\Program Files\Messenger Plus! 2\MsgPlus.exe" /WinStart
    O4 - HKCU\..\Run: [LDM] C:\Program Files\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
    O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
    O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Desktop Messenger\8876480\Program\LDMConf.exe
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://D:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
    O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
    O8 - Extra context menu item: Search Using Copernic - D:\Program Files\Copernic 2001 Pro\Search Extension.htm
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
    O9 - Extra button: (no name) - {2A465934-E5F0-11D2-91B5-00104B9C4765} - D:\Program Files\Copernic 2001 Pro\Copernic.exe
    O9 - Extra 'Tools' menuitem: Launch Copernic 2001 - {2A465934-E5F0-11D2-91B5-00104B9C4765} - D:\Program Files\Copernic 2001 Pro\Copernic.exe
    O9 - Extra button: Copernic - {2A465936-E5F0-11D2-91B5-00104B9C4765} - D:\Program Files\Copernic 2001 Pro\Copernic.exe
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: Translate - {99EFB53C-C965-43CF-9F45-52242D134187} - file://D:\Program Files\Copernic 2001 Pro\Translate.htm
    O9 - Extra 'Tools' menuitem: &Translate Using Gist-In-Time - {99EFB53C-C965-43CF-9F45-52242D134187} - file://D:\Program Files\Copernic 2001 Pro\Translate.htm
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
    O12 - Plugin for .pdf: C:\Program Files\Internet Explorer\PLUGINS
    ppdf32.dll
    O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab
    O16 - DPF: {6211AC26-A1B4-422A-AC52-1E70B7D24465} (FileSharingCtrl Class) - http://appdirectory.messenger.msn.com/AppDirectory/P4Apps/FileSharing/nl/filesharingctrl.cab
    O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab

    zouden deze regels de boosdoeners kunnen zijn?
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.mzclvsmtxsyfuispveqf.biz/ScsCgm1Z8cgCIT7vaZweCMy24FdtIxN5NPjHCmu1rA/CMlbLmVn7t4vxxBFs32Yx.html
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen

    Ook deze dir hoort niet in C:/program files:
    nurb extra find de inhoud is identiek aan die nurbex die ik eerder heb verwijderd in de veilige modus

    graag nogmaals jullie advies

  • Edit: voordat je gaat fixen: uninstall msn plus (ik verdenk hem een beetje). Je kan hem als de pc clean is terug zetten (zonder sponsor zoals eerder vertelt)

    Deze had je al goed gevonden en mag je laten fixen:[list:ae5bba53bb][b:ae5bba53bb]R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.mzclvsmtxsyfuispveqf.biz/ScsCgm1Z8cgCIT7vaZweCMy24FdtIxN5NPjHCmu1rA/CMlbLmVn7t4vxxBFs32Yx.html [/b:ae5bba53bb][/list:u:ae5bba53bb]

    en dit mag je ook laten fixen:
    [list:ae5bba53bb][b:ae5bba53bb]O2 - BHO: (no name) - {C773DE51-3F2B-4C9B-A24C-D8989077BA7A} - C:\PROGRA~1\GRIMDO~1\web vga.exe
    O4 - HKLM\..\Run: [insidetwo] C:\PROGRA~1\NURBEX~1\pile log book.exe[/b:ae5bba53bb][/list:u:ae5bba53bb]

    Dan de volgende items in veilige modus met alle bestanden weergeven aan weggooien:
    [list:ae5bba53bb][b:ae5bba53bb]C:\PROGRA~1\GRIMDO~1
    C:\PROGRA~1\NURBEX~1[/b:ae5bba53bb][/list:u:ae5bba53bb]

    dan rebooten en een nieuwe log posten.
  • Ik ben naast
    C:\PROGRA~1\GRIMDO~1
    C:\PROGRA~1\NURBEX~1
    ook nog
    C:\PROGRA~1\180 solutions
    C:\PROGRA~1\180 sol
    C:\PROGRA~1
    Case
    in de veilige modus verwijderd, en MSN er ook helemaal afgegooid.
    Toch kom ik MSN in onderstaande log nog tegen

    Mijn nieuwe hjt log

    Logfile of HijackThis v1.98.0
    Scan saved at 14:43:54, on 5-8-2004
    Platform: Windows XP SP1 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\System32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
    C:\Program Files\NavNT\defwatch.exe
    C:\PROGRA~1\NORTON~1\NORTON~4\GHOSTS~2.EXE
    C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
    D:\Program Files\Norton Personal Firewall\NISUM.EXE
    C:\Program Files\NavNT\rtvscan.exe
    C:\Program Files\Norton SystemWorks\Norton Utilities\NPROTECT.EXE
    C:\PROGRA~1\NORTON~1\SPEEDD~1
    opdb.exe
    C:\WINDOWS\System32\svchost.exe
    D:\Program Files\Norton Personal Firewall\ccPxySvc.exe
    C:\WINDOWS\System32\MsgSys.EXE
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
    D:\Program Files\Elaborate Bytes\CloneCD\CloneCDTray.exe
    D:\Program Files\Logitech\iTouch\iTouch.exe
    D:\PROGRA~1\Logitech\MOUSEW~1\SYSTEM\EM_EXEC.EXE
    C:\Program Files\MusicMatch\MusicMatch Jukebox\mm_tray.exe
    C:\Program Files\NavNT\vptray.exe
    C:\Program Files\Norton SystemWorks\Norton Ghost\GhostStartTrayApp.exe
    C:\Program Files\Common Files\Symantec Shared\ccApp.exe
    C:\Documents and Settings\Vincent.JWV\Application Data\Messenger Plus! 3\MsgPlus.exe
    C:\Program Files\MusicMatch\MusicMatch Jukebox\mmtask.exe
    C:\Program Files\Creative\Shared Files\CAMTRAY.EXE
    D:\Program Files\ClocX\ClocX.exe
    C:\Program Files\Java\j2re1.4.2_05\bin\jusched.exe
    C:\WINDOWS\System32\ctfmon.exe
    D:\Program Files\Tweak-XP\blads.exe
    D:\Program Files\HistoryKill\histkill.exe
    C:\Program Files\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
    c:\progra~1\intern~1\iexplore.exe
    D:\Program Files\HistoryKill\hkPopupKiller.exe
    D:\Program Files\Logitech\iTouch\kbdtray.exe
    F:\download04\hijackthis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.scheldestad.nl/
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - d:\Program Files\Spybot - Search & Destroy\SDHelper.dll
    O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
    O4 - HKLM\..\Run: [AtiPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
    O4 - HKLM\..\Run: [CloneCDElbyCDFL] "d:\Program Files\Elaborate Bytes\CloneCD\ElbyCheck.exe" /L ElbyCDFL
    O4 - HKLM\..\Run: [CloneCDTray] "d:\Program Files\Elaborate Bytes\CloneCD\CloneCDTray.exe"
    O4 - HKLM\..\Run: [zBrowser Launcher] d:\Program Files\Logitech\iTouch\iTouch.exe
    O4 - HKLM\..\Run: [EM_EXEC] d:\PROGRA~1\Logitech\MOUSEW~1\SYSTEM\EM_EXEC.EXE
    O4 - HKLM\..\Run: [MMTray] C:\Program Files\MusicMatch\MusicMatch Jukebox\mm_tray.exe
    O4 - HKLM\..\Run: [vptray] C:\Program Files\NavNT\vptray.exe
    O4 - HKLM\..\Run: [GhostStartTrayApp] C:\Program Files\Norton SystemWorks\Norton Ghost\GhostStartTrayApp.exe
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
    O4 - HKLM\..\Run: [ccRegVfy] "C:\Program Files\Common Files\Symantec Shared\ccRegVfy.exe"
    O4 - HKLM\..\Run: [MessengerPlus2] C:\Documents and Settings\Vincent.JWV\Application Data\Messenger Plus! 3\MsgPlus.exe
    O4 - HKLM\..\Run: [mmtask] C:\Program Files\MusicMatch\MusicMatch Jukebox\mmtask.exe
    O4 - HKLM\..\Run: [Creative WebCam Tray] C:\Program Files\Creative\Shared Files\CAMTRAY.EXE
    O4 - HKLM\..\Run: [ClocX] D:\Program Files\ClocX\ClocX.exe
    O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\System32\PSDrvCheck.exe -CheckReg
    O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_05\bin\jusched.exe
    O4 - HKLM\..\Run: [amenwipesurfplan] C:\Documents and Settings\All Users.WINDOWS\Application Data\For Readme Amen Wipe\Daleonce.exe
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
    O4 - HKCU\..\Run: [BlockAds] D:\Program Files\Tweak-XP\blads.exe
    O4 - HKCU\..\Run: [HistoryKill] D:\Program Files\HistoryKill\histkill.exe /startup
    O4 - HKCU\..\Run: [LDM] C:\Program Files\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
    O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
    O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Desktop Messenger\8876480\Program\LDMConf.exe
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://D:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
    O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
    O8 - Extra context menu item: Search Using Copernic - D:\Program Files\Copernic 2001 Pro\Search Extension.htm
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
    O9 - Extra button: (no name) - {2A465934-E5F0-11D2-91B5-00104B9C4765} - D:\Program Files\Copernic 2001 Pro\Copernic.exe
    O9 - Extra 'Tools' menuitem: Launch Copernic 2001 - {2A465934-E5F0-11D2-91B5-00104B9C4765} - D:\Program Files\Copernic 2001 Pro\Copernic.exe
    O9 - Extra button: Copernic - {2A465936-E5F0-11D2-91B5-00104B9C4765} - D:\Program Files\Copernic 2001 Pro\Copernic.exe
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: Translate - {99EFB53C-C965-43CF-9F45-52242D134187} - file://D:\Program Files\Copernic 2001 Pro\Translate.htm
    O9 - Extra 'Tools' menuitem: &Translate Using Gist-In-Time - {99EFB53C-C965-43CF-9F45-52242D134187} - file://D:\Program Files\Copernic 2001 Pro\Translate.htm
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
    O12 - Plugin for .pdf: C:\Program Files\Internet Explorer\PLUGINS
    ppdf32.dll
    O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab
    O16 - DPF: {6211AC26-A1B4-422A-AC52-1E70B7D24465} (FileSharingCtrl Class) - http://appdirectory.messenger.msn.com/AppDirectory/P4Apps/FileSharing/nl/filesharingctrl.cab
    O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab


  • Bij afwezigheid van Pcguy kijk ik er wel even naar.

    [edit]
    Hijackthis versie is niet de laatste, graag een log met deze:
    http://computercops.biz/downloads-file-328.html
  • Oké hier met de nieuwste hjt

    Logfile of HijackThis v1.98.1
    Scan saved at 19:02:40, on 5-8-2004
    Platform: Windows XP SP1 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\System32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
    C:\Program Files\NavNT\defwatch.exe
    C:\PROGRA~1\NORTON~1\NORTON~4\GHOSTS~2.EXE
    C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
    D:\Program Files\Norton Personal Firewall\NISUM.EXE
    C:\Program Files\NavNT\rtvscan.exe
    C:\Program Files\Norton SystemWorks\Norton Utilities\NPROTECT.EXE
    C:\PROGRA~1\NORTON~1\SPEEDD~1
    opdb.exe
    C:\WINDOWS\System32\svchost.exe
    D:\Program Files\Norton Personal Firewall\ccPxySvc.exe
    C:\WINDOWS\System32\MsgSys.EXE
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
    D:\Program Files\Elaborate Bytes\CloneCD\CloneCDTray.exe
    D:\Program Files\Logitech\iTouch\iTouch.exe
    D:\PROGRA~1\Logitech\MOUSEW~1\SYSTEM\EM_EXEC.EXE
    C:\Program Files\MusicMatch\MusicMatch Jukebox\mm_tray.exe
    C:\Program Files\NavNT\vptray.exe
    C:\Program Files\Norton SystemWorks\Norton Ghost\GhostStartTrayApp.exe
    C:\Program Files\Common Files\Symantec Shared\ccApp.exe
    C:\Documents and Settings\Vincent.JWV\Application Data\Messenger Plus! 3\MsgPlus.exe
    C:\Program Files\MusicMatch\MusicMatch Jukebox\mmtask.exe
    C:\Program Files\Creative\Shared Files\CAMTRAY.EXE
    D:\Program Files\ClocX\ClocX.exe
    C:\Program Files\Java\j2re1.4.2_05\bin\jusched.exe
    C:\WINDOWS\System32\ctfmon.exe
    D:\Program Files\Tweak-XP\blads.exe
    D:\Program Files\HistoryKill\histkill.exe
    C:\Program Files\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
    c:\progra~1\intern~1\iexplore.exe
    D:\Program Files\Logitech\iTouch\kbdtray.exe
    D:\Program Files\HistoryKill\hkPopupKiller.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    F:\download04\hijackthis\hijackthis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.scheldestad.nl/
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - d:\Program Files\Spybot - Search & Destroy\SDHelper.dll
    O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
    O4 - HKLM\..\Run: [AtiPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
    O4 - HKLM\..\Run: [CloneCDElbyCDFL] "d:\Program Files\Elaborate Bytes\CloneCD\ElbyCheck.exe" /L ElbyCDFL
    O4 - HKLM\..\Run: [CloneCDTray] "d:\Program Files\Elaborate Bytes\CloneCD\CloneCDTray.exe"
    O4 - HKLM\..\Run: [zBrowser Launcher] d:\Program Files\Logitech\iTouch\iTouch.exe
    O4 - HKLM\..\Run: [EM_EXEC] d:\PROGRA~1\Logitech\MOUSEW~1\SYSTEM\EM_EXEC.EXE
    O4 - HKLM\..\Run: [MMTray] C:\Program Files\MusicMatch\MusicMatch Jukebox\mm_tray.exe
    O4 - HKLM\..\Run: [vptray] C:\Program Files\NavNT\vptray.exe
    O4 - HKLM\..\Run: [GhostStartTrayApp] C:\Program Files\Norton SystemWorks\Norton Ghost\GhostStartTrayApp.exe
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
    O4 - HKLM\..\Run: [ccRegVfy] "C:\Program Files\Common Files\Symantec Shared\ccRegVfy.exe"
    O4 - HKLM\..\Run: [MessengerPlus2] C:\Documents and Settings\Vincent.JWV\Application Data\Messenger Plus! 3\MsgPlus.exe
    O4 - HKLM\..\Run: [mmtask] C:\Program Files\MusicMatch\MusicMatch Jukebox\mmtask.exe
    O4 - HKLM\..\Run: [Creative WebCam Tray] C:\Program Files\Creative\Shared Files\CAMTRAY.EXE
    O4 - HKLM\..\Run: [ClocX] D:\Program Files\ClocX\ClocX.exe
    O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\System32\PSDrvCheck.exe -CheckReg
    O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_05\bin\jusched.exe
    O4 - HKLM\..\Run: [amenwipesurfplan] C:\Documents and Settings\All Users.WINDOWS\Application Data\For Readme Amen Wipe\Daleonce.exe
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
    O4 - HKCU\..\Run: [BlockAds] D:\Program Files\Tweak-XP\blads.exe
    O4 - HKCU\..\Run: [HistoryKill] D:\Program Files\HistoryKill\histkill.exe /startup
    O4 - HKCU\..\Run: [LDM] C:\Program Files\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
    O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
    O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Desktop Messenger\8876480\Program\LDMConf.exe
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://D:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
    O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
    O8 - Extra context menu item: Search Using Copernic - D:\Program Files\Copernic 2001 Pro\Search Extension.htm
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
    O9 - Extra button: (no name) - {2A465934-E5F0-11D2-91B5-00104B9C4765} - D:\Program Files\Copernic 2001 Pro\Copernic.exe
    O9 - Extra 'Tools' menuitem: Launch Copernic 2001 - {2A465934-E5F0-11D2-91B5-00104B9C4765} - D:\Program Files\Copernic 2001 Pro\Copernic.exe
    O9 - Extra button: Copernic - {2A465936-E5F0-11D2-91B5-00104B9C4765} - D:\Program Files\Copernic 2001 Pro\Copernic.exe
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: Translate - {99EFB53C-C965-43CF-9F45-52242D134187} - file://D:\Program Files\Copernic 2001 Pro\Translate.htm
    O9 - Extra 'Tools' menuitem: &Translate Using Gist-In-Time - {99EFB53C-C965-43CF-9F45-52242D134187} - file://D:\Program Files\Copernic 2001 Pro\Translate.htm
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
    O12 - Plugin for .pdf: C:\Program Files\Internet Explorer\PLUGINS
    ppdf32.dll
    O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab
    O16 - DPF: {6211AC26-A1B4-422A-AC52-1E70B7D24465} (FileSharingCtrl Class) - http://appdirectory.messenger.msn.com/AppDirectory/P4Apps/FileSharing/nl/filesharingctrl.cab
    O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab

    :evil: Ik heb nog steeds/opnieuw die vervelende searchbar waarvan de homepage http://lop.com is.

    kan niemand dan iets doen tegen deze bedrijven, hun website verzieken of zo.

  • Komt goed…ga ermee aan de slag. ;)
  • Rieske is op dit moment offline zo te zien, ik zal wel ff kijken (sorry Rieske als het niet had gemogen)
  • D:\Program Files\ClocX\ClocX.exe
  • Online en alive hoor…ook al zie je me niet. ;)

Beantwoord deze vraag

Dit is een gearchiveerde pagina. Antwoorden is niet meer mogelijk.