Vraag & Antwoord

Beveiliging & privacy

Rare startpagina

Anoniem
M@rc
1 antwoord
  • Beste mensen,

    mijn startpagina kan niet meer veranderd worden, hij veranderd steeds terug in; [b:db582fb265]file:///C:/Program%20Files/eMakeSV/Portal/portal.html[/b:db582fb265].

    [code:1:db582fb265]Logfile of HijackThis v1.99.1
    Scan saved at 16:10:11, on 5-7-05
    Platform: Windows 98 Gold (Win9x 4.10.1998)
    MSIE: Internet Explorer v6.00 (6.00.2600.0000)

    Running processes:
    C:\WINDOWS\SYSTEM\KERNEL32.DLL
    C:\WINDOWS\SYSTEM\MSGSRV32.EXE
    C:\WINDOWS\SYSTEM\MPREXE.EXE
    C:\WINDOWS\SYSTEM\mmtask.tsk
    C:\WINDOWS\SYSTEM\MSTASK.EXE
    C:\PROGRAM FILES\COMMON FILES\SYMANTEC SHARED\SYMTRAY.EXE
    C:\PROGRAM FILES\ROXIO\GOBACK\GBPOLL.EXE
    C:\PROGRAM FILES\COMMON FILES\SYMANTEC SHARED\CCEVTMGR.EXE
    C:\WINDOWS\EXPLORER.EXE
    C:\WINDOWS\TASKMON.EXE
    C:\WINDOWS\SYSTEM\SYSTRAY.EXE
    C:\WINDOWS\SYSTEM\ATITASK.EXE
    C:\WINDOWS\SYSTEM\SPOOL32.EXE
    C:\WINDOWS\SYSTEM\PSTORES.EXE
    C:\WINDOWS\SYSTEM\DDHELP.EXE
    D:\PROGRAM FILES\WINZIP\WZQKPICK.EXE
    C:\WINDOWS\SYSTEM\MDM.EXE
    C:\PROGRAM FILES\WINAMP\WINAMP.EXE
    C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE
    C:\WINDOWS\SYSTEM\MDM.EXE
    D:\PROGRAM FILES\HIJACKTHIS\HIJACKTHIS.EXE

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar =
    http://g.msn.be/0SENLBE/SAOS01
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
    file:///C:/Program%20Files/eMakeSV/Portal/portal.html
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
    http://www.tiscali.be
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = C:\Program
    Files\Copernic 2000\Search Bar.htm
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.be/
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Startpagina =
    file:///C:/Program%20Files/eMakeSV/Portal/portal.html
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL
    = http://pac.telenet.be:8080
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
    R3 - URLSearchHook: (no name) - {C12B4EC1-1F65-11D3-91CA-00104B9C4765} - (no
    file)
    O1 - Hosts: 64.233.167.104 www.sophos.com
    O1 - Hosts: 64.233.167.104 www.mcafee.com
    O1 - Hosts: 64.233.167.104 www.viruslist.com
    O1 - Hosts: 64.233.167.104 www.f-secure.com
    O1 - Hosts: 64.233.167.104 www.avp.com
    O1 - Hosts: 64.233.167.104 www.kaspersky.com
    O1 - Hosts: 64.233.167.104 www.networkassociates.com
    O1 - Hosts: 64.233.167.104 www.ca.com
    O1 - Hosts: 64.233.167.104 www.my-etrust.com
    O1 - Hosts: 64.233.167.104 www.nai.com
    O1 - Hosts: 64.233.167.104 www.trendmicro.com
    O1 - Hosts: 64.233.167.104 www.grisoft.com
    O1 - Hosts: 64.233.167.104 sophos.com
    O1 - Hosts: 64.233.167.104 mcafee.com
    O1 - Hosts: 64.233.167.104 viruslist.com
    O1 - Hosts: 64.233.167.104 f-secure.com
    O1 - Hosts: 64.233.167.104 kaspersky.com
    O1 - Hosts: 64.233.167.104 kaspersky-labs.com
    O1 - Hosts: 64.233.167.104 avp.com
    O1 - Hosts: 64.233.167.104 networkassociates.com
    O1 - Hosts: 64.233.167.104 ca.com
    O1 - Hosts: 64.233.167.104 mast.mcafee.com
    O1 - Hosts: 64.233.167.104 my-etrust.com
    O1 - Hosts: 64.233.167.104 download.mcafee.com
    O1 - Hosts: 64.233.167.104 dispatch.mcafee.com
    O1 - Hosts: 64.233.167.104 secure.nai.com
    O1 - Hosts: 64.233.167.104 nai.com
    O1 - Hosts: 64.233.167.104 us.mcafee.com
    O1 - Hosts: 64.233.167.104 rads.mcafee.com
    O1 - Hosts: 64.233.167.104 trendmicro.com
    O1 - Hosts: 64.233.167.104 grisoft.com
    O1 - Hosts: 64.233.167.104 sandbox.norman.no
    O1 - Hosts: 64.233.167.104 www.pandasoftware.com
    O1 - Hosts: 64.233.167.104 uk.trendmicro-europe.com
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -
    C:\PROGRAM FILES\ADOBE\ACROBAT
    5.0\READER\ACTIVEX\ACROIEHELPER.OCX
    O2 - BHO: IEHlprObj Class - {CA8C8CF8-6B66-88D8-ABED-709549C10000} -
    C:\WINDOWS\SYSTEM\IEVIEW~1.DLL
    O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} -
    C:\Program Files\Norton AntiVirus\NavShExt.dll
    O2 - BHO: (no name) - {49E0E0F0-5C30-11D4-945D-000000000000} -
    C:\WINDOWS\SYSTEM\IEHelper.dll
    O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} -
    C:\WINDOWS\SYSTEM\MSDXM.OCX
    O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} -
    C:\Program Files\Norton AntiVirus\NavShExt.dll
    O4 - HKLM\..\Run: [Taakcontrole] c:\windows\taskmon.exe
    O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
    O4 - HKLM\..\Run: [Atikey] Atitask.exe
    O4 - HKLM\..\Run: [AtiCwd32] Aticwd32.exe
    O4 - HKLM\..\Run: [StillImageMonitor] C:\WINDOWS\SYSTEM\STIMON.EXE
    O4 - HKLM\..\Run: [Adaptec DirectCD]
    C:\PROGRA~1\CD-WRI~1\DIRECTCD\DIRECTCD.EXE
    O4 - HKLM\..\Run: [LXSUPMON] C:\WINDOWS\SYSTEM\LXSUPMON.EXE RUN
    O4 - HKLM\..\Run: [LoadQM] loadqm.exe
    O4 - HKLM\..\Run: [NPROTECT] c:\Program Files\Norton SystemWorks\Norton
    Utilities\NPROTECT.EXE
    O4 - HKLM\..\Run: [ATI Scheduler] C:\ATI\ATIDESK\ATISched.EXE
    O4 - HKLM\..\Run: [Tweak UI] RUNDLL32.EXE TWEAKUI.CPL,TweakMeUp
    O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
    O4 - HKLM\..\Run: [ccRegVfy] "C:\Program Files\Common Files\Symantec
    Shared\ccRegVfy.exe"
    O4 - HKLM\..\Run: [Advanced Tools Check]
    C:\PROGRA~1\NORTON~2\ADVTOOLS\ADVCHK.EXE
    O4 - HKLM\..\Run: [QD FastAndSafe] C:\PROGRAM FILES\NORTON
    SYSTEMWORKS\NORTON CLEANSWEEP\QDCSFS.exe /scheduler
    O4 - HKLM\..\Run: [ativopen] C:\WINDOWS\SYSTEM\ATIVOPEN.EXE
    O4 - HKLM\..\Run: [avnort] C:\WINDOWS\SYSTEM\formatsys.exe
    O4 - HKLM\..\Run: [serpe] C:\WINDOWS\SYSTEM\serbw.exe
    O4 - HKLM\..\Run: [ltwob] C:\WINDOWS\SYSTEM\formatsys.exe
    O4 - HKLM\..\Run: [Symantec NetDriver Monitor]
    C:\PROGRA~1\SYMNET~1\SNDMON.EXE
    O4 - HKLM\..\Run: [eMakeSV] C:\WINDOWS\SYSTEM\EMAKESV.EXE
    O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe
    powrprof.dll,LoadCurrentPwrScheme
    O4 - HKLM\..\RunServices: [SchedulingAgent] mstask.exe
    O4 - HKLM\..\RunServices: [CSINJECT.EXE] c:\Program Files\Norton
    SystemWorks\Norton CleanSweep\CSINJECT.EXE
    O4 - HKLM\..\RunServices: [NPROTECT] c:\Program Files\Norton SystemWorks\Norton
    Utilities\NPROTECT.EXE
    O4 - HKLM\..\RunServices: [SymTray - Norton SystemWorks] c:\Program Files\Common
    Files\Symantec Shared\SymTray.exe "Norton SystemWorks"
    O4 - HKLM\..\RunServices: [GoBack Polling Service] C:\Program
    Files\Roxio\GoBack\GBPoll.exe
    O4 - HKLM\..\RunServices: [ccEvtMgr] "C:\Program Files\Common Files\Symantec
    Shared\ccEvtMgr.exe"
    O4 - HKLM\..\RunServices: [ScriptBlocking] "C:\Program Files\Common Files\Symantec
    Shared\Script Blocking\SBServ.exe" -reg
    O4 - HKLM\..\RunServices: [Machine Debug Manager]
    C:\WINDOWS\SYSTEM\MDM.EXE
    O4 - HKLM\..\RunServices: [avnort] C:\WINDOWS\SYSTEM\formatsys.exe
    O4 - HKLM\..\RunServices: [serpe] C:\WINDOWS\SYSTEM\serbw.exe
    O4 - HKLM\..\RunServices: [ltwob] C:\WINDOWS\SYSTEM\formatsys.exe
    O4 - HKCU\..\Run: [ALUAlert] C:\Program Files\Symantec\LiveUpdate\ALUNotify.exe
    O4 - Startup: WinZip Quick Pick.lnk = D:\Program Files\WinZip\WZQKPICK.EXE
    O4 - Startup: Webshots.lnk = C:\Program Files\Webshots\WebshotsTray.exe
    O8 - Extra context menu item: Search Using Copernic - file://C:\Program Files\Copernic
    2000\Search Extension.htm
    O9 - Extra button: (no name) - {2A465934-E5F0-11D2-91B5-00104B9C4765} - C:\Program
    Files\Copernic 2000\Copernic.exe (file missing)
    O9 - Extra 'Tools' menuitem: Launch Copernic -
    {2A465934-E5F0-11D2-91B5-00104B9C4765} - C:\Program Files\Copernic
    2000\Copernic.exe (file missing)
    O9 - Extra button: Copernic - {2A465936-E5F0-11D2-91B5-00104B9C4765} - C:\Program
    Files\Copernic 2000\Copernic.exe (file missing)
    O9 - Extra button: popup - {B17DB9D4-F9F1-4566-B46B-87503D771F75} - C:\Program
    Files\Popup Preventer\Popup.exe
    O9 - Extra 'Tools' menuitem: &Popup - {B17DB9D4-F9F1-4566-B46B-87503D771F75} -
    C:\Program Files\Popup Preventer\Popup.exe
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} -
    C:\WINDOWS\SYSTEM\MSJAVA.DLL
    O9 - Extra 'Tools' menuitem: Sun Java Console -
    {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\SYSTEM\MSJAVA.DLL
    O14 - IERESET.INF: START_PAGE_URL=http://www.tiscali.be
    O16 - DPF: Win32 Classes - file://c:\windows\Java\classes\win32ie4.cab
    O16 - DPF: {C2FCEF52-ACE9-11D3-BEBD-00105AA9B6AE} (Symantec RuFSI Registry
    Information Class) - http://security.symantec.com/SSC/SharedContent/common/bin/cabsa.cab
    O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class)
    - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab
    O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) -
    http://messenger.zone.msn.com/binary/msgrchkr.cab
    O16 - DPF: {6211AC26-A1B4-422A-AC52-1E70B7D24465} (FileSharingCtrl Class) -
    http://appdirectory.messenger.msn.com/AppDirectory/P4Apps/FileSharing/nl/filesharingctrl.c
    ab
    O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) -
    http://messenger.zone.msn.com/binary/MineSweeper.cab
    O16 - DPF: {B77F4487-9ABE-11D5-AFDD-00500460AA49} (Brainlane Lingu@Tor
    ActiveX) - http://downloads.woltersplantyn.be/licenses/plugins/linguatoractivex.cab
    O16 - DPF: {F00F4763-7355-4725-82F7-0DA94A256D46} (IncrediMail) -
    http://www5.incredimail.com/contents/setup/downloader_sp1/imloader.cab
    O16 - DPF: {C4925E65-7A1E-11D2-8BB4-00A0C9CC72C3} (Virtools WebPlayer Class) -
    http://a532.g.akamai.net/f/532/6712/4h/player.virtools.com/downloads/player/Install3.0/Install
    er.exe[/code:1:db582fb265]

    Mvg

Beantwoord deze vraag

Dit is een gearchiveerde pagina. Antwoorden is niet meer mogelijk.