Mededeling

Collapse
No announcement yet.

Ej jp'tje hier is het dan

Collapse
X
Collapse
  •  
  • Page of 2
  • Filter
  • Tijd
  • Show
Clear All
new posts
Vorige 1 2 template Volgende
  • #1

    Ej jp'tje hier is het dan

    Logfile of HijackThis v1.98.2
    Scan saved at 10:45:20, on 27-9-2004
    Platform: Windows XP SP1 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
    C:\WINDOWS\system32\spoolsv.exe
    c:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
    C:\PROGRA~1\COMMON~1\Stardock\SDMCP.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\System32\P2P Networking\P2P Networking.exe
    C:\Program Files\Messenger\msmsgs.exe
    C:\Program Files\SeeStorm\SSM\SSMtray.exe
    C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
    c:\Program Files\Norton AntiVirus\navapsvc.exe
    C:\WINDOWS\System32\r_server.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\MSN Messenger\msnmsgr.exe
    C:\WINDOWS\system32\r_server.exe
    C:\Program Files\Outlook Express\msimn.exe
    C:\Program Files\Internet Explorer\IEXPLORE.EXE
    C:\Do***ents and Settings\Eigenaar\Bureaublad\Rommel\HijackThis.exe

    R3 - Default URLSearchHook is missing
    O10 - Broken Internet access because of LSP provider 'xfire_lsp_9028.dll' missing
    Labels: Geen
    • Citaat
  • #2
    Hoi Mike,

    Zelf al lopen fixen?

    Ga naar HijackThis - Config - Backups, selecteer daar alles en klik op Restore.

    Start opnieuw op, maak een nieuw logje aan, en post dat hier.
    • Citaat

    Comment

    • #3
      Hoe kan ik alles in 1 keer selecteren?
      [aaw6]
      • Citaat

      Comment

      • #4
        Je zult ze helaas stuk voor stuk moeten terug zetten....
        • Citaat

        Comment

        • #5
          Logfile of HijackThis v1.98.2
          Scan saved at 11:02:43, on 27-9-2004
          Platform: Windows XP SP1 (WinNT 5.01.2600)
          MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

          Running processes:
          C:\WINDOWS\System32\smss.exe
          C:\WINDOWS\system32\winlogon.exe
          C:\WINDOWS\system32\services.exe
          C:\WINDOWS\system32\lsass.exe
          C:\WINDOWS\system32\svchost.exe
          C:\WINDOWS\System32\svchost.exe
          C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
          C:\WINDOWS\system32\spoolsv.exe
          c:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
          C:\PROGRA~1\COMMON~1\Stardock\SDMCP.exe
          C:\WINDOWS\Explorer.EXE
          C:\WINDOWS\System32\P2P Networking\P2P Networking.exe
          C:\Program Files\Messenger\msmsgs.exe
          C:\Program Files\SeeStorm\SSM\SSMtray.exe
          C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
          c:\Program Files\Norton AntiVirus\navapsvc.exe
          C:\WINDOWS\System32\r_server.exe
          C:\WINDOWS\System32\svchost.exe
          C:\Program Files\MSN Messenger\msnmsgr.exe
          C:\Program Files\Outlook Express\msimn.exe
          C:\WINDOWS\System32\ctfmon.exe
          C:\Program Files\Internet Explorer\iexplore.exe
          C:\Do***ents and Settings\Eigenaar\Bureaublad\Rommel\HijackThis.exe

          R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINDOWS\mrhop.dll/sp.html
          R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.harfsen.nl/
          R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.etrade.nl
          R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://minisearch.startnow.com
          R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://minisearch.startnow.com
          R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://minisearch.startnow.com
          R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.startnow.com
          R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = res://C:\WINDOWS\mrhop.dll/sp.html
          R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://minisearch.startnow.com
          R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://minisearch.startnow.com
          R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://minisearch.startnow.com
          R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak = http://81.211.105.43/index.php?v=5
          R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
          R3 - URLSearchHook: (no name) - - (no file)
          R3 - URLSearchHook: HyperSearchHook - {A80DA701-2803-4346-AECB-1BB2F95DA444} - C:\Program Files\Common Files\Hyperbar\HyperbarSS3.dll
          O2 - BHO: MxTargetObj Class - {0000607D-D204-42C7-8E46-216055BF9918} - C:\WINDOWS\mxTarget.dll
          O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
          O2 - BHO: Setup.Setup1 - {2E65A557-173C-4DE9-860B-28FC5CACA542} - C:\DO***E~1\ALLUSE~1\APPLIC~1\Setup\Setup.dll (file missing)
          O2 - BHO: HyperBHO - {4B2F5308-2CB0-40E2-8030-59936ED5D22C} - C:\Program Files\Common Files\Hyperbar\Hyperbar.dll
          O2 - BHO: Ipswitch.WsftpBrowserHelper - {601ED020-FB6C-11D3-87D8-0050DA59922B} - C:\Program Files\Ipswitch\WS_FTP Home\wsbho2k0.dll
          O2 - BHO: C:\WINDOWS\lbbho.dll - {72C7E1CE-0F81-4883-A441-81C85596382A} - C:\WINDOWS\lbbho.dll
          O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
          O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - c:\Program Files\Norton AntiVirus\NavShExt.dll
          O2 - BHO: TGTSoft Explorer Toolbar Changer - {C333CF63-767F-4831-94AC-E683D962C63C} - (no file)
          O2 - BHO: Core Library - {E9C1FD9A-46B0-4185-84ED-E2F8ACD4A262} - C:\WINDOWS\System32\KDP448e.dll
          O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
          O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
          O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - c:\Program Files\Norton AntiVirus\NavShExt.dll
          O4 - HKLM\..\Run: [P2P Networking] C:\WINDOWS\System32\P2P Networking\P2P Networking.exe /AUTOSTART
          O4 - HKLM\..\Run: [System] C:\WINDOWS\systray.exe
          O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\Messenger Plus! 3\MsgPlus.exe"
          O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
          O4 - HKLM\..\Run: [moehkwvpb] C:\WINDOWS\System32\wrrfcxaz.exe
          O4 - HKLM\..\Run: [ShowShifter TVTV EPG Daemon] "C:\Program Files\Home Media Networks Limited\ShowShifter\TVTVD.exe"
          O4 - HKLM\..\Run: [Kazaa Download Accelerator Updater (required)] regsvr32 /s C:\WINDOWS\System32\KDP448e.dll
          O4 - HKLM\..\Run: [ccApp] "c:\Program Files\Common Files\Symantec Shared\ccApp.exe"
          O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
          O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
          O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
          O4 - HKLM\..\Run: [StorageGuard] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r
          O4 - HKCU\..\Run: [Spyware Begone] c:\freescan\freescan.exe -FastScan
          O4 - HKCU\..\Run: [CDFoon System-Tray] C:\cdfoon\cdftray.exe
          O4 - HKCU\..\Run: [STYLEXP] C:\Program Files\TGTSoft\StyleXP\StyleXP.exe -Hide
          O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.exe
          O4 - HKCU\..\Run: [TV Media] C:\Program Files\TV Media\Tvm.exe
          O4 - HKCU\..\Run: [Tweak-XP Pro] "C:\Program Files\Tweak-XP Pro 3\autostart.exe"
          O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
          O4 - HKCU\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe
          O4 - Global Startup: SeeStorm Messenger.lnk = C:\Program Files\SeeStorm\SSM\SSMtray.exe
          O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
          O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
          O8 - Extra context menu item: Backward &Links - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
          O8 - Extra context menu item: Backward Links - res://c:\program files\google\googletoolbar1.dll/cmbacklinks.html
          O8 - Extra context menu item: Cac&hed Snapshot of Page - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
          O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\googletoolbar1.dll/cmcache.html
          O8 - Extra context menu item: Si&milar Pages - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
          O8 - Extra context menu item: Similar Pages - res://c:\program files\google\googletoolbar1.dll/cmsimilar.html
          O8 - Extra context menu item: Translate into English - res://c:\program files\google\GoogleToolbar2.dll/cmtrans.html
          O8 - Extra context menu item: Use as &Display Picture - C:\Program Files\IEDP2\IEDP.htm
          O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
          O9 - Extra button: Wallpaper - {c23dd370-cb79-11d2-898a-00c04f80a47f} - C:\Program Files\Internet Explorer\Toolbar\toolbar.hta
          O9 - Extra 'Tools' menuitem: &Toolbar Wallpaper - {c23dd370-cb79-11d2-898a-00c04f80a47f} - C:\Program Files\Internet Explorer\Toolbar\toolbar.hta
          O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
          O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
          O10 - Broken Internet access because of LSP provider 'xfire_lsp_9028.dll' missing
          O12 - Plugin for .mid: C:\Program Files\Internet Explorer\PLUGINS\npvmidi.dll
          O12 - Plugin for .UVR: C:\Program Files\Internet Explorer\Plugins\NPUPano.dll
          O14 - IERESET.INF: START_PAGE_URL=http://www.etrade.nl
          O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab
          O16 - DPF: {15AD4789-CDB4-47E1-A9DA-992EE8E6BAD6} - http://public.windupdates.com/get_file.php?bt=ie&p=168d3f0c8f5ebbd0d83ee5445ae40e55469aa3fdaf24dd3540c41ee1ea302c2d59104a57d59aa8b aedc40580da1dd4eb01d54f:eeba47ee03d937f4aaa2edc6fc4885a4
          O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.imgfarm.com/images/nocache/funwebproducts/ei/SmileyCentralInitialSetup1.0.0.8.cab
          O16 - DPF: {1D6711C8-7154-40BB-8380-3DEA45B69CBF} (Web P2P Installer) -
          O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab
          O16 - DPF: {70BA88C8-DAE8-4CE9-92BB-979C4A75F53B} (GSDACtl Class) - http://launch.gamespyarcade.com/software/launch/alaunch.cab
          O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab
          O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} (CamImage Class) - http://activex.webcam.nl/AxisCamControl.cab
          O16 - DPF: {A676963B-6856-4F1D-8E16-AB393310B39B} (Download Control) - http://www.d9x.net/Redist/dnactivex.cab
          O16 - DPF: {E0CE16CB-741C-4B24-8D04-A817856E07F4} - http://cabs.roings.com/cabs/roing.cab
          O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab
          O16 - DPF: {F9DEAB0B-FF3E-4D99-8698-9B535D164256} (Vacpro.netherland_ver2_new) - http://www.7adpower.com/dialer/netherland_ver2_new.CAB
          Last edited by Mike; 19-09-04, 10:03.
          • Citaat

          Comment

          • #6
            Download, update en draai de volgende programma's, het is aangeraden tussen elk programma even opnieuw op te starten.
            - CWShredder
            >> gebruik de FIX knop (dus NIET de Scan knop). Verwijder alles wat CWShredder vindt.

            - Ad Aware SE
            >> zorg ervoor dat je eerst op "Check for Updates" klikt en daarna op "Connect" om de updates binnen te halen. Klik hierna op "Next", en dan op "Full System Scan".

            - Spybot S&D
            >> Update het door op "Search for Updates" te klikken, en waneer er updates beschikbaar zijn op "Download updates". Klik hierna op "Search & Destroy". Verwijder na de scan ALLEEN de RODE entries (die zijn standaard al aangevinkt).

            - CleanUp!
            >> Spreekt voor zich, installeren en draaien. Klik op de knop "CleanUp!" om al je tijdelijke mappen te legen.

            - Start hierna opnieuw op, maak een nieuw logje aan en post dat hier
            Last edited by [email protected]; 19-09-04, 10:22. Reden: Kleurtjes aangepast...
            • Citaat

            Comment

            • #7
              HOi
              telkens als ik nu een link aanklik loopt internet vast?
              • Citaat

              Comment

              • #8
                Logfile of HijackThis v1.98.2
                Scan saved at 11:47:37, on 27-9-2004
                Platform: Windows XP SP1 (WinNT 5.01.2600)
                MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

                Running processes:
                C:\WINDOWS\System32\smss.exe
                C:\WINDOWS\system32\winlogon.exe
                C:\WINDOWS\system32\services.exe
                C:\WINDOWS\system32\lsass.exe
                C:\WINDOWS\system32\svchost.exe
                C:\WINDOWS\System32\svchost.exe
                C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
                C:\WINDOWS\system32\spoolsv.exe
                c:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
                C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
                c:\Program Files\Norton AntiVirus\navapsvc.exe
                C:\WINDOWS\System32\r_server.exe
                C:\WINDOWS\System32\svchost.exe
                C:\PROGRA~1\COMMON~1\Stardock\SDMCP.exe
                C:\WINDOWS\Explorer.EXE
                C:\WINDOWS\System32\P2P Networking\P2P Networking.exe
                C:\WINDOWS\systray.exe
                C:\Program Files\Messenger Plus! 3\MsgPlus.exe
                C:\HP\KBD\KBD.EXE
                C:\Program Files\Common Files\Symantec Shared\ccApp.exe
                C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
                C:\cdfoon\cdftray.exe
                C:\WINDOWS\System32\ctfmon.exe
                C:\Program Files\Messenger\msmsgs.exe
                C:\Program Files\SeeStorm\SSM\SSMtray.exe
                C:\Program Files\MSN Messenger\msnmsgr.exe
                C:\Program Files\Internet Explorer\iexplore.exe
                C:\Program Files\Internet Explorer\IEXPLORE.EXE
                C:\Documents and Settings\Eigenaar\Bureaublad\Rommel\HijackThis.exe

                R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINDOWS\mrhop.dll/sp.html
                R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.harfsen.nl/
                R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.etrade.nl
                R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://minisearch.startnow.com
                R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://minisearch.startnow.com
                R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://minisearch.startnow.com
                R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.startnow.com
                R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = res://C:\WINDOWS\mrhop.dll/sp.html
                R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://minisearch.startnow.com
                R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://minisearch.startnow.com
                R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://minisearch.startnow.com
                R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
                R3 - URLSearchHook: (no name) - - (no file)
                R3 - URLSearchHook: HyperSearchHook - {A80DA701-2803-4346-AECB-1BB2F95DA444} - C:\Program Files\Common Files\Hyperbar\HyperbarSS3.dll
                O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
                O2 - BHO: HyperBHO - {4B2F5308-2CB0-40E2-8030-59936ED5D22C} - C:\Program Files\Common Files\Hyperbar\Hyperbar.dll
                O2 - BHO: Ipswitch.WsftpBrowserHelper - {601ED020-FB6C-11D3-87D8-0050DA59922B} - C:\Program Files\Ipswitch\WS_FTP Home\wsbho2k0.dll
                O2 - BHO: C:\WINDOWS\lbbho.dll - {72C7E1CE-0F81-4883-A441-81C85596382A} - C:\WINDOWS\lbbho.dll
                O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
                O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - c:\Program Files\Norton AntiVirus\NavShExt.dll
                O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
                O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
                O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - c:\Program Files\Norton AntiVirus\NavShExt.dll
                O4 - HKLM\..\Run: [P2P Networking] C:\WINDOWS\System32\P2P Networking\P2P Networking.exe /AUTOSTART
                O4 - HKLM\..\Run: [System] C:\WINDOWS\systray.exe
                O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\Messenger Plus! 3\MsgPlus.exe"
                O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
                O4 - HKLM\..\Run: [ShowShifter TVTV EPG Daemon] "C:\Program Files\Home Media Networks Limited\ShowShifter\TVTVD.exe"
                O4 - HKLM\..\Run: [Kazaa Download Accelerator Updater (required)] regsvr32 /s C:\WINDOWS\System32\KDP448e.dll
                O4 - HKLM\..\Run: [ccApp] "c:\Program Files\Common Files\Symantec Shared\ccApp.exe"
                O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
                O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
                O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
                O4 - HKLM\..\Run: [StorageGuard] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r
                O4 - HKCU\..\Run: [Spyware Begone] c:\freescan\freescan.exe -FastScan
                O4 - HKCU\..\Run: [CDFoon System-Tray] C:\cdfoon\cdftray.exe
                O4 - HKCU\..\Run: [STYLEXP] C:\Program Files\TGTSoft\StyleXP\StyleXP.exe -Hide
                O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.exe
                O4 - HKCU\..\Run: [Tweak-XP Pro] "C:\Program Files\Tweak-XP Pro 3\autostart.exe"
                O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
                O4 - HKCU\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe
                O4 - Global Startup: SeeStorm Messenger.lnk = C:\Program Files\SeeStorm\SSM\SSMtray.exe
                O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
                O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
                O8 - Extra context menu item: Backward &Links - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
                O8 - Extra context menu item: Backward Links - res://c:\program files\google\googletoolbar1.dll/cmbacklinks.html
                O8 - Extra context menu item: Cac&hed Snapshot of Page - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
                O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\googletoolbar1.dll/cmcache.html
                O8 - Extra context menu item: Si&milar Pages - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
                O8 - Extra context menu item: Similar Pages - res://c:\program files\google\googletoolbar1.dll/cmsimilar.html
                O8 - Extra context menu item: Translate into English - res://c:\program files\google\GoogleToolbar2.dll/cmtrans.html
                O8 - Extra context menu item: Use as &Display Picture - C:\Program Files\IEDP2\IEDP.htm
                O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
                O9 - Extra button: Wallpaper - {c23dd370-cb79-11d2-898a-00c04f80a47f} - C:\Program Files\Internet Explorer\Toolbar\toolbar.hta
                O9 - Extra 'Tools' menuitem: &Toolbar Wallpaper - {c23dd370-cb79-11d2-898a-00c04f80a47f} - C:\Program Files\Internet Explorer\Toolbar\toolbar.hta
                O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
                O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
                O10 - Broken Internet access because of LSP provider 'xfire_lsp_9028.dll' missing
                O12 - Plugin for .mid: C:\Program Files\Internet Explorer\PLUGINS\npvmidi.dll
                O12 - Plugin for .UVR: C:\Program Files\Internet Explorer\Plugins\NPUPano.dll
                O14 - IERESET.INF: START_PAGE_URL=http://www.etrade.nl
                O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab
                O16 - DPF: {15AD4789-CDB4-47E1-A9DA-992EE8E6BAD6} - http://public.windupdates.com/get_file.php?bt=ie&p=168d3f0c8f5ebbd0d83ee5445ae40e55469aa3fdaf24dd3540c41ee1ea302c2d59104a57d59aa8b aedc40580da1dd4eb01d54f:eeba47ee03d937f4aaa2edc6fc4885a4
                O16 - DPF: {1D6711C8-7154-40BB-8380-3DEA45B69CBF} (Web P2P Installer) -
                O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab
                O16 - DPF: {70BA88C8-DAE8-4CE9-92BB-979C4A75F53B} (GSDACtl Class) - http://launch.gamespyarcade.com/software/launch/alaunch.cab
                O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab
                O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} (CamImage Class) - http://activex.webcam.nl/AxisCamControl.cab
                O16 - DPF: {A676963B-6856-4F1D-8E16-AB393310B39B} (Download Control) - http://www.d9x.net/Redist/dnactivex.cab
                O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab
                O16 - DPF: {F9DEAB0B-FF3E-4D99-8698-9B535D164256} (Vacpro.netherland_ver2_new) - http://www.7adpower.com/dialer/netherland_ver2_new.CAB

                • Citaat

                Comment

                • #9
                  Hoi Mike,

                  Probeer deze programma's op een andere - werkende - PC te downloaden, deze te installeren op je eigen PC, en deze te draaien.
                  • Citaat

                  Comment

                  • #10
                    Werken ze niet dan?
                    • Citaat

                    Comment

                    • #11
                      Oorspronkelijk geplaatst door Mike
                      Werken ze niet dan?
                      Sorry, ik dacht dat je met je bericht voor je laatste logje hier bedoelde dat je, als je op die links klikte, een foutmelding kreeg en die programma's dus niet kon downloaden/gebruiken. Ik zal nu naar je logje kijken
                      • Citaat

                      Comment

                      • #12
                        Hoi Mike

                        Volg deze instructies nauwgezet op...

                        1. Ga naar Start - Configuratiescherm - Software, en de-installeer:
                        - SPyware Begone << slecht programma: http://www.spywarewarrior.com/rogue_anti-spyware.htm

                        2. Download http://www.downloads.subratam.org/AboutBuster.zip, maar draai dit nog niet.

                        3. Vink onderstaande aan in HijackThis, sluit alle andere vensters en browsers, en klik op Fix Checked.

                        R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINDOWS\mrhop.dll/sp.html
                        R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://minisearch.startnow.com
                        R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://minisearch.startnow.com
                        R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://minisearch.startnow.com
                        R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.startnow.com
                        R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = res://C:\WINDOWS\mrhop.dll/sp.html
                        R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://minisearch.startnow.com
                        R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://minisearch.startnow.com
                        R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://minisearch.startnow.com

                        R3 - URLSearchHook: (no name) - - (no file)
                        R3 - URLSearchHook: HyperSearchHook - {A80DA701-2803-4346-AECB-1BB2F95DA444} - C:\Program Files\Common Files\Hyperbar\HyperbarSS3.dll

                        O2 - BHO: HyperBHO - {4B2F5308-2CB0-40E2-8030-59936ED5D22C} - C:\Program Files\Common Files\Hyperbar\Hyperbar.dll
                        O2 - BHO: C:\WINDOWS\lbbho.dll - {72C7E1CE-0F81-4883-A441-81C85596382A} - C:\WINDOWS\lbbho.dll

                        O4 - HKLM\..\Run: [P2P Networking] C:\WINDOWS\System32\P2P Networking\P2P Networking.exe /AUTOSTART
                        O4 - HKLM\..\Run: [System] C:\WINDOWS\systray.exe
                        O4 - HKLM\..\Run: [Kazaa Download Accelerator Updater (required)] regsvr32 /s C:\WINDOWS\System32\KDP448e.dll
                        O4 - HKCU\..\Run: [Spyware Begone] c:\freescan\freescan.exe -FastScan

                        O16 - DPF: {15AD4789-CDB4-47E1-A9DA-992EE8E6BAD6} - http://public.windupdates.com/get_fi...a2edc6fc4885a4
                        O16 - DPF: {1D6711C8-7154-40BB-8380-3DEA45B69CBF} (Web P2P Installer) -
                        O16 - DPF: {F9DEAB0B-FF3E-4D99-8698-9B535D164256} (Vacpro.netherland_ver2_new) - http://www.7adpower.com/dialer/netherland_ver2_new.CAB

                        3. Draai nu About:Buster:
                        - Klik op "Update" om te kijken of er updates zijn.
                        - Klik nu op "Start"
                        - Sluit alle andere vensters en browsers (behalve About:Buster dus)
                        - Klik op "OK" om de scan te beginnen.
                        - Wanneer de scan klaar is, klik je op "Save Log". Voeg dit bij je volgende antwoord hier.
                        - Wanneer het vraagt het voor een 2de keer te draaien, kies je "Ja" of "Yes".
                        - Wanneer de scan klaar is, klik je tweemaal op "Exit"

                        4. Start opnieuw op in veilige modus door diverse malen op F8 te drukken tijdens de opstart.
                        Zorg ervoor dat verborgen bestanden en mappen zichtbaar zijn: Verkenner > Extra > Mapopties > Tablad Weergave > scroll naar beneden en vink het vakje voor "Verborgen bestanden en mappen weergeven" aan.

                        5. Verwijder, in veilige modus:
                        Mappen
                        C:\Program Files\Common Files\Hyperbar
                        c:\freescan
                        C:\WINDOWS\System32\P2P Networking

                        Bestanden
                        C:\WINDOWS\System32\KDP448e.dll
                        C:\WINDOWS\systray.exe << alleen het bestand uit C:\Windows, en dus NIET uit C:\Windows\system !!!

                        6. Start opnieuw op in normale modus, maak een nieuw logje aan met HijackThis, en post dat hier, inclusief het About:Buster logje
                        • Citaat

                        Comment

                        • #13
                          Logfile of HijackThis v1.98.2
                          Scan saved at 20:26:57, on 28-9-2004
                          Platform: Windows XP SP1 (WinNT 5.01.2600)
                          MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

                          Running processes:
                          C:\WINDOWS\System32\smss.exe
                          C:\WINDOWS\system32\winlogon.exe
                          C:\WINDOWS\system32\services.exe
                          C:\WINDOWS\system32\lsass.exe
                          C:\WINDOWS\system32\svchost.exe
                          C:\WINDOWS\System32\svchost.exe
                          C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
                          C:\WINDOWS\system32\spoolsv.exe
                          c:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
                          C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
                          c:\Program Files\Norton AntiVirus\navapsvc.exe
                          C:\WINDOWS\System32\r_server.exe
                          C:\WINDOWS\System32\svchost.exe
                          C:\PROGRA~1\COMMON~1\Stardock\SDMCP.exe
                          C:\WINDOWS\Explorer.EXE
                          C:\WINDOWS\System32\P2P Networking\P2P Networking.exe
                          C:\Documents and Settings\Eigenaar\Sjablonen\services.exe
                          C:\Program Files\Messenger\msmsgs.exe
                          C:\Program Files\MSN Messenger\msnmsgr.exe
                          C:\Program Files\Outlook Express\msimn.exe
                          C:\Program Files\Internet Explorer\iexplore.exe
                          C:\Program Files\Adobe\Photoshop 7.0\Photoshop.exe
                          C:\Program Files\SmartFTP\SmartFTP.exe
                          C:\Documents and Settings\Eigenaar\Bureaublad\Rommel\HijackThis.exe

                          R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINDOWS\mrhop.dll/sp.html
                          R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.harfsen.nl/
                          R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.etrade.nl
                          R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://minisearch.startnow.com
                          R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://minisearch.startnow.com
                          R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://minisearch.startnow.com
                          R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.startnow.com
                          R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = res://C:\WINDOWS\mrhop.dll/sp.html
                          R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://minisearch.startnow.com
                          R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://minisearch.startnow.com
                          R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://minisearch.startnow.com
                          R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
                          R3 - URLSearchHook: (no name) - - (no file)
                          R3 - URLSearchHook: HyperSearchHook - {A80DA701-2803-4346-AECB-1BB2F95DA444} - C:\Program Files\Common Files\Hyperbar\HyperbarSS3.dll
                          O2 - BHO: MxTargetObj Class - {0000607D-D204-42C7-8E46-216055BF9918} - C:\WINDOWS\mxTarget.dll
                          O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
                          O2 - BHO: HyperBHO - {4B2F5308-2CB0-40E2-8030-59936ED5D22C} - C:\Program Files\Common Files\Hyperbar\Hyperbar.dll
                          O2 - BHO: Ipswitch.WsftpBrowserHelper - {601ED020-FB6C-11D3-87D8-0050DA59922B} - C:\Program Files\Ipswitch\WS_FTP Home\wsbho2k0.dll
                          O2 - BHO: C:\WINDOWS\lbbho.dll - {72C7E1CE-0F81-4883-A441-81C85596382A} - C:\WINDOWS\lbbho.dll
                          O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
                          O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - c:\Program Files\Norton AntiVirus\NavShExt.dll
                          O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
                          O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - c:\Program Files\Norton AntiVirus\NavShExt.dll
                          O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
                          O4 - HKLM\..\Run: [P2P Networking] C:\WINDOWS\System32\P2P Networking\P2P Networking.exe /AUTOSTART
                          O4 - HKLM\..\Run: [Services Logon] C:\Program Files\Common Files\services.exe
                          O4 - HKLM\..\Run: [System] C:\WINDOWS\systray.exe
                          O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
                          O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\Messenger Plus! 3\MsgPlus.exe"
                          O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
                          O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
                          O4 - HKLM\..\Run: [Kazaa Download Accelerator Updater (required)] regsvr32 /s C:\WINDOWS\System32\KDP448e.dll
                          O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
                          O4 - HKLM\..\Run: [ShowShifter TVTV EPG Daemon] "C:\Program Files\Home Media Networks Limited\ShowShifter\TVTVD.exe"
                          O4 - HKLM\..\Run: [ccApp] "c:\Program Files\Common Files\Symantec Shared\ccApp.exe"
                          O4 - HKLM\..\Run: [StorageGuard] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r
                          O4 - HKLM\..\RunServices: [Services Logon] C:\Program Files\Common Files\services.exe
                          O4 - HKLM\..\RunServicesOnce: [Services Logon] C:\Program Files\Common Files\services.exe
                          O4 - HKCU\..\Run: [Services Logon] C:\Documents and Settings\Eigenaar\Sjablonen\services.exe
                          O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
                          O4 - HKCU\..\Run: [Tweak-XP Pro] "C:\Program Files\Tweak-XP Pro 3\autostart.exe"
                          O4 - HKCU\..\Run: [STYLEXP] C:\Program Files\TGTSoft\StyleXP\StyleXP.exe -Hide
                          O4 - HKCU\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe
                          O4 - HKCU\..\Run: [Spyware Begone] c:\freescan\freescan.exe -FastScan
                          O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.exe
                          O4 - HKCU\..\Run: [CDFoon System-Tray] C:\cdfoon\cdftray.exe
                          O4 - HKCU\..\RunServices: [Services Logon] C:\Documents and Settings\Eigenaar\Sjablonen\services.exe
                          O4 - HKCU\..\RunServicesOnce: [Services Logon] C:\Documents and Settings\Eigenaar\Sjablonen\services.exe
                          O4 - Startup: services.exe
                          O4 - Global Startup: SeeStorm Messenger.lnk = C:\Program Files\SeeStorm\SSM\SSMtray.exe
                          O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
                          O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
                          O8 - Extra context menu item: Backward &Links - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
                          O8 - Extra context menu item: Backward Links - res://c:\program files\google\googletoolbar1.dll/cmbacklinks.html
                          O8 - Extra context menu item: Cac&hed Snapshot of Page - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
                          O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\googletoolbar1.dll/cmcache.html
                          O8 - Extra context menu item: Si&milar Pages - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
                          O8 - Extra context menu item: Similar Pages - res://c:\program files\google\googletoolbar1.dll/cmsimilar.html
                          O8 - Extra context menu item: Translate into English - res://c:\program files\google\GoogleToolbar2.dll/cmtrans.html
                          O8 - Extra context menu item: Use as &Display Picture - C:\Program Files\IEDP2\IEDP.htm
                          O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
                          O9 - Extra button: Wallpaper - {c23dd370-cb79-11d2-898a-00c04f80a47f} - C:\Program Files\Internet Explorer\Toolbar\toolbar.hta
                          O9 - Extra 'Tools' menuitem: &Toolbar Wallpaper - {c23dd370-cb79-11d2-898a-00c04f80a47f} - C:\Program Files\Internet Explorer\Toolbar\toolbar.hta
                          O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
                          O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
                          O10 - Broken Internet access because of LSP provider 'xfire_lsp_9028.dll' missing
                          O12 - Plugin for .mid: C:\Program Files\Internet Explorer\PLUGINS\npvmidi.dll
                          O12 - Plugin for .UVR: C:\Program Files\Internet Explorer\Plugins\NPUPano.dll
                          O14 - IERESET.INF: START_PAGE_URL=http://www.etrade.nl
                          O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab
                          O16 - DPF: {15AD4789-CDB4-47E1-A9DA-992EE8E6BAD6} - http://public.windupdates.com/get_file.php?bt=ie&p=168d3f0c8f5ebbd0d83ee5445ae40e55469aa3fdaf24dd3540c41ee1ea302c2d59104a57d59aa8b aedc40580da1dd4eb01d54f:eeba47ee03d937f4aaa2edc6fc4885a4
                          O16 - DPF: {1D6711C8-7154-40BB-8380-3DEA45B69CBF} (Web P2P Installer) -
                          O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab
                          O16 - DPF: {70BA88C8-DAE8-4CE9-92BB-979C4A75F53B} (GSDACtl Class) - http://launch.gamespyarcade.com/software/launch/alaunch.cab
                          O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab
                          O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} (CamImage Class) - http://activex.webcam.nl/AxisCamControl.cab
                          O16 - DPF: {A676963B-6856-4F1D-8E16-AB393310B39B} (Download Control) - http://www.d9x.net/Redist/dnactivex.cab
                          O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab
                          O16 - DPF: {F9DEAB0B-FF3E-4D99-8698-9B535D164256} (Vacpro.netherland_ver2_new) - http://www.7adpower.com/dialer/netherland_ver2_new.CAB
                          • Citaat

                          Comment

                          • #14
                            Ik heb alles gedaan wat je zei maar ik heb dit nog steeds behoorlijke lange rij.
                            • Citaat

                            Comment

                            • #15
                              En je About:Buster logje?
                              • Citaat

                              Comment

                              Vorige 1 2 template Volgende
                              Sorry, you are not authorized to view this page
                              Working...
                              X