SSL-certificaat van Xolphin Powered by Cloud VPS - High Availability Cloud Servers Steun Nucia, doneer!
Resultaten 1 tot 5 van de 5
  1. #1

    Post mywebsearch - lop.com

    Bij deze het log van de werkbalk van MyWebSearch of Lop.Com die steeds terugkomt. Het verwijderen van MSN+ is niet genoeg gebleken. Balken blijven terugkomen en zijn niet te verwijderen.
    Graag jullie hulp.

    Fam. Brand

    Logfile of HijackThis v1.99.0
    Scan saved at 21:08:17, on 24-1-2005
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\SYSTEM32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\System32\nvsvc32.exe
    C:\Program Files\Common Files\Panda Software\PavShld\pavprsrv.exe
    C:\Program Files\Panda Software\Panda Titanium Antivirus 2004\pavsrv51.exe
    C:\Program Files\Panda Software\Panda Titanium Antivirus 2004\AVENGINE.EXE
    C:\Program Files\Panda Software\Panda Titanium Antivirus 2004\PsImSvc.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\SOUNDMAN.EXE
    C:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe
    C:\Program Files\Logitech\Video\LogiTray.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
    C:\Program Files\Ulead Systems\Ulead Photo Express 4.0 SE\CalCheck.exe
    C:\WINDOWS\system32\LVComS.exe
    C:\Program Files\WinZip\WZQKPICK.EXE
    C:\WINDOWS\SYSTEM32\winlogon.exe
    C:\WINDOWS\System32\HPZipm12.exe
    C:\Program Files\Panda Software\Panda Titanium Antivirus 2004\apvxdwin.exe
    C:\Program Files\Panda Software\Panda Titanium Antivirus 2004\WebProxy.exe
    C:\Program Files\Outlook Express\msimn.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\HJT\hijackthis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.tiscali.nl/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.paradigit.nl
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
    R3 - Default URLSearchHook is missing
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
    O2 - BHO: (no name) - {3BC04DF1-F16C-C1C5-D480-E778A5AD3B71} - C:\DOCUME~1\Yvonne\APPLIC~1\ProcLove\poll eggs.exe
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O3 - Toolbar: SuperBar - {A6BE4905-6EFB-47D2-9039-1711F4C135EB} - C:\Program Files\_SUPERBAR\_SUPERBAR.dll (file missing)
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
    O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\System32\PSDrvCheck.exe
    O4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe" /icon
    O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
    O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
    O4 - HKLM\..\Run: [jenkn] C:\WINDOWS\jenkn.exe
    O4 - HKLM\..\Run: [ibwterep] C:\WINDOWS\ibwterep.exe
    O4 - HKLM\..\Run: [APVXDWIN] "C:\Program Files\Panda Software\Panda Titanium Antivirus 2004\APVXDWIN.EXE" /s
    O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
    O4 - HKLM\..\Run: [morebodyantecool] C:\Documents and Settings\All Users\Application Data\Dentatommorebody\itch second.exe
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - Global Startup: hp psc 2000 Series.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpobnz08.exe
    O4 - Global Startup: hpoddt01.exe.lnk = ?
    O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
    O4 - Global Startup: Ulead Photo Express 4.0 SE Calendar Checker .lnk = C:\Program Files\Ulead Systems\Ulead Photo Express 4.0 SE\CalCheck.exe
    O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O14 - IERESET.INF: START_PAGE_URL=http://www.paradigit.nl
    O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
    O16 - DPF: {9AA73F41-EC64-489E-9A73-9CD52E528BC4} (ZoneAxRcMgr Class) - http://messenger.zone.msn.com/binary/ZAxRcMgr.cab
    O17 - HKLM\System\CCS\Services\Tcpip\..\{1828B146-FC2C-42DA-A862-94A5914DC7B6}: NameServer = 195.241.48.33 195.241.49.33
    O23 - Service: NVIDIA Driver Helper Service - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
    O23 - Service: Panda Process Protection Service - Unknown - C:\Program Files\Common Files\Panda Software\PavShld\pavprsrv.exe
    O23 - Service: Panda anti-virus service - Unknown - C:\Program Files\Panda Software\Panda Titanium Antivirus 2004\pavsrv51.exe
    O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe
    O23 - Service: Panda IManager Service - Panda Software Internacional - C:\Program Files\Panda Software\Panda Titanium Antivirus 2004\PsImSvc.exe

  2. #2
    Erelid Schermafbeelding van Buffy
    Technische vaardigheid
    5. Expert
    Besturingssysteem
    Windows 8 Pro 64
    Firewall
    Berichten
    13.965
    Hoi,


    1. Scan met HijackThis en vink de volgende items aan:

    R3 - Default URLSearchHook is missing

    O2 - BHO: (no name) - {3BC04DF1-F16C-C1C5-D480-E778A5AD3B71} - C:\DOCUME~1\Yvonne\APPLIC~1\ProcLove\poll eggs.exe

    O3 - Toolbar: SuperBar - {A6BE4905-6EFB-47D2-9039-1711F4C135EB} - C:\Program Files\_SUPERBAR\_SUPERBAR.dll (file missing)

    O4 - HKLM\..\Run: [jenkn] C:\WINDOWS\jenkn.exe
    O4 - HKLM\..\Run: [ibwterep] C:\WINDOWS\ibwterep.exe

    O4 - HKLM\..\Run: [morebodyantecool] C:\Documents and Settings\All Users\Application Data\Dentatommorebody\itch second.exe
    Sluit alle vensters behalve HijackThis zelf en klik op "Fix checked".

    2. Herstart de pc in veilige modus.
    Mocht je niet weten hoe dat moet, kijk dan hier even: http://users.telenet.be/marcvn/spyware/1378056.htm

    Zorg ervoor dat verborgen bestanden en mappen worden weergegeven.
    Hier kun je lezen hoe dat moet: http://users.telenet.be/marcvn/spyware/1117602.htm

    Verwijder nu, in veilige modus dus, de volgende twee mappen:

    C:\Documents and Settings\All Users\Application Data\Dentatommorebody <- die map

    C:\Documents and Settings\Yvonne\Application Data\ProcLove <- die map

    3. Herstart de pc in 'normale modus'.

    4. Maak een nieuw log en plaats dat hier.

  3. #3
    Hallo,

    Instructies opgevolgd en hier is het nieuwe log.

    Fam. Brand

    Logfile of HijackThis v1.99.0
    Scan saved at 21:38:26, on 24-1-2005
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\SYSTEM32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\System32\nvsvc32.exe
    C:\Program Files\Common Files\Panda Software\PavShld\pavprsrv.exe
    C:\Program Files\Panda Software\Panda Titanium Antivirus 2004\pavsrv51.exe
    C:\Program Files\Panda Software\Panda Titanium Antivirus 2004\PsImSvc.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Panda Software\Panda Titanium Antivirus 2004\AVENGINE.EXE
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\SOUNDMAN.EXE
    C:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe
    C:\Program Files\Logitech\Video\LogiTray.exe
    C:\Program Files\Panda Software\Panda Titanium Antivirus 2004\APVXDWIN.EXE
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpobnz08.exe
    C:\WINDOWS\system32\LVComS.exe
    C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
    C:\Program Files\Ulead Systems\Ulead Photo Express 4.0 SE\CalCheck.exe
    C:\Program Files\WinZip\WZQKPICK.EXE
    C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe
    C:\WINDOWS\System32\HPZipm12.exe
    C:\Program Files\Panda Software\Panda Titanium Antivirus 2004\WebProxy.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\Program Files\Hewlett-Packard\Digital Imaging\Bin\hpoSTS08.exe
    C:\HJT\hijackthis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.tiscali.nl/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.paradigit.nl
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
    O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\System32\PSDrvCheck.exe
    O4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe" /icon
    O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
    O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
    O4 - HKLM\..\Run: [APVXDWIN] "C:\Program Files\Panda Software\Panda Titanium Antivirus 2004\APVXDWIN.EXE" /s
    O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - Global Startup: hp psc 2000 Series.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpobnz08.exe
    O4 - Global Startup: hpoddt01.exe.lnk = ?
    O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
    O4 - Global Startup: Ulead Photo Express 4.0 SE Calendar Checker .lnk = C:\Program Files\Ulead Systems\Ulead Photo Express 4.0 SE\CalCheck.exe
    O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O14 - IERESET.INF: START_PAGE_URL=http://www.paradigit.nl
    O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
    O16 - DPF: {9AA73F41-EC64-489E-9A73-9CD52E528BC4} (ZoneAxRcMgr Class) - http://messenger.zone.msn.com/binary/ZAxRcMgr.cab
    O17 - HKLM\System\CCS\Services\Tcpip\..\{1828B146-FC2C-42DA-A862-94A5914DC7B6}: NameServer = 195.241.48.33 195.241.49.33
    O23 - Service: NVIDIA Driver Helper Service - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
    O23 - Service: Panda Process Protection Service - Unknown - C:\Program Files\Common Files\Panda Software\PavShld\pavprsrv.exe
    O23 - Service: Panda anti-virus service - Unknown - C:\Program Files\Panda Software\Panda Titanium Antivirus 2004\pavsrv51.exe
    O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe
    O23 - Service: Panda IManager Service - Panda Software Internacional - C:\Program Files\Panda Software\Panda Titanium Antivirus 2004\PsImSvc.exe

  4. #4
    Erelid Schermafbeelding van Buffy
    Technische vaardigheid
    5. Expert
    Besturingssysteem
    Windows 8 Pro 64
    Firewall
    Berichten
    13.965
    Ziet er goed uit. Zijn de problemen er nu nog?

  5. #5

    werkbalk foetsie

    De werkbalk is op dit moment vertrokken. Ik hoop van harte dat dit ook zo blijft. Heel veel dank.

    Fam. Brand

Forum Rechten

  • Je mag geen nieuwe onderwerpen plaatsen
  • Je mag geen reacties plaatsen
  • Je mag geen bijlagen toevoegen
  • Je mag jouw berichten niet wijzigen