Mededeling

Collapse
No announcement yet.

[ie7] Blijft haken!

Collapse
X
  •  
  • Filter
  • Tijd
  • Show
Clear All
new posts

  • [ie7] Blijft haken!

    Hoi,

    Als ik IE opstart en ik wil aar een website gaan blijgt ie doodleuk stilstaan. Hij bevriest als t ware.. Ik gebruik IE7.

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 14:44:57, on 16-5-2008
    Platform: Windows Vista (WinNT 6.00.1904)
    MSIE: Internet Explorer v7.00 (7.00.6000.16643)
    Boot mode: Normal

    Running processes:
    C:\Windows\system32\Dwm.exe
    C:\Windows\system32\taskeng.exe
    C:\Windows\System32\rundll32.exe
    C:\Program Files\McAfee.com\Agent\mcagent.exe
    C:\Windows\PixArt\Pac207\Monitor.exe
    C:\Windows\System32\rundll32.exe
    C:\Windows\ehome\ehtray.exe
    C:\Windows\System32\rundll32.exe
    C:\Windows\ehome\ehmsas.exe
    C:\Windows\system32\wbem\unsecapp.exe
    C:\Windows\system32\rundll32.exe
    C:\Windows\system32\rundll32.exe
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Windows\explorer.exe
    C:\Users\Yoran\Desktop\HiJackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.nl/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.aldi.com/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    O1 - Hosts: 85.17.169.12 www.digibattles.net
    O1 - Hosts: 91.196.168.113 www.iwsclan.com
    O1 - Hosts: 208.113.147.216 a-lost-angel.mkwiakaku.net
    O1 - Hosts: 83.125.39.180 www.alternate.nl
    O1 - Hosts: 80.190.48.119 amazing-news.se
    O1 - Hosts: 66.29.36.89 anonymizer.nntime.com
    O1 - Hosts: 208.75.184.16 www.bebo.com
    O1 - Hosts: 62.240.68.100 www.cadred.org
    O1 - Hosts: 69.16.209.82 www.game-monitor.com
    O1 - Hosts: 65.254.55.36 www.fpsbanana.com
    O1 - Hosts: 38.114.169.64 www.mobiles24.com
    O1 - Hosts: 216.239.113.186 www.gamefaqs.com
    O1 - Hosts: 212.79.247.24 www.helpmij.nl
    O1 - Hosts: 67.15.216.132 www.funnyjunk.com
    O1 - Hosts: 209.17.74.13 i27.tinypic.com
    O1 - Hosts: 78.46.51.77 infprod.germangaming.eu
    O1 - Hosts: 91.196.168.113 www.iwsclan.com
    O1 - Hosts: 213.160.215.4 lesrooster.rocfriesepoort.nl
    O1 - Hosts: 195.8.208.72 www.noordnlcracked.nl
    O1 - Hosts: 87.238.162.34 www2.istudio.be
    O1 - Hosts: 217.114.110.226 partyflock.nl
    O1 - Hosts: 62.75.221.236 www.emutalk.net
    O1 - Hosts: 85.92.138.114 www.sitedeals.nl
    O1 - Hosts: 81.169.145.83 www.spyderweb.nl
    O1 - Hosts: 91.189.124.21 www.style-productions.net
    O1 - Hosts: 82.103.129.229 www.thc-torrents.org
    O1 - Hosts: 209.17.68.33 tinypic.com
    O1 - Hosts: 194.204.43.132 uplaymedia.net
    O1 - Hosts: 81.23.247.230 www.dumpert.nl
    O1 - Hosts: 81.23.247.230 www.dumpert.nl
    O1 - Hosts: 87.106.210.231 www.private-servers.info
    O1 - Hosts: 85.17.175.233 yoran058.hyves.nl
    O1 - Hosts: 213.193.223.117 www.zeldanederland.nl
    O1 - Hosts: 195.242.98.75 www.appelkiwi.nl
    O2 - BHO: Adobe PDF Reader Help bij koppelingen - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
    O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptsn.dll
    O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: (no name) - {FBD7BA4E-EA4D-4442-97B0-61DEF9521409} - C:\Windows\system32\sSMfedca.dll
    O4 - HKLM\..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe -hide
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
    O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [mcagent_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey
    O4 - HKLM\..\Run: [Monitor] C:\Windows\PixArt\PAC207\Monitor.exe
    O4 - HKLM\..\Run: [MSServer] rundll32.exe C:\Windows\system32\khfFWpOg.dll,#1
    O4 - HKLM\..\Run: [d09031b6] rundll32.exe "C:\Windows\system32\hnbsuiwn.dll",b
    O4 - HKLM\..\Run: [BMd3a3022a] Rundll32.exe "C:\Windows\system32\qjxglwyl.dll",s
    O4 - HKCU\..\Run: [VentriloMIX] C:\Program Files\VentriloMIX\VentriloMIX.exe
    O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
    O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
    O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
    O8 - Extra context menu item: &ieSpell Options - res://C:\Program Files\ieSpell\iespell.dll/SPELLOPTION.HTM
    O8 - Extra context menu item: Check &Spelling - res://C:\Program Files\ieSpell\iespell.dll/SPELLCHECK.HTM
    O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
    O8 - Extra context menu item: Lookup on Merriam Webster - file://C:\Program Files\ieSpell\Merriam Webster.HTM
    O8 - Extra context menu item: Lookup on Wikipedia - file://C:\Program Files\ieSpell\wikipedia.HTM
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file)
    O9 - Extra button: ieSpell - {0E17D5B7-9F5D-4fee-9DF6-CA6EE38B68A8} - C:\Program Files\ieSpell\iespell.dll
    O9 - Extra 'Tools' menuitem: ieSpell - {0E17D5B7-9F5D-4fee-9DF6-CA6EE38B68A8} - C:\Program Files\ieSpell\iespell.dll
    O9 - Extra button: (no name) - {1606D6F9-9D3B-4aea-A025-ED5B2FD488E7} - C:\Program Files\ieSpell\iespell.dll
    O9 - Extra 'Tools' menuitem: ieSpell Options - {1606D6F9-9D3B-4aea-A025-ED5B2FD488E7} - C:\Program Files\ieSpell\iespell.dll
    O13 - Gopher Prefix:
    O15 - Trusted Zone: http://asia.msi.com.tw
    O15 - Trusted Zone: http://global.msi.com.tw
    O15 - Trusted Zone: http://www.msi.com.tw
    O16 - DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} - http://www.eset.eu/buxus/docs/OnlineScanner.cab
    O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) - http://www.systemrequirementslab.com/sysreqlab2.cab
    O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
    O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} (Image Uploader Control) - http://partyflock.nl/components/ImageUploader4.cab
    O16 - DPF: {8167C273-DF59-4416-B647-C8BB2C7EE83E} (WebSDev Control) - http://liveupdate.msi.com.tw/autobios/LOnline/install.cab
    O16 - DPF: {85D1F3B2-2A21-11D7-97B9-0010DC2A6243} (SecureLogin class) - http://secure2.comned.com/signuptemplates/securelogin-devel.cab
    O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
    O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
    O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
    O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
    O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
    O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
    O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
    O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
    O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan\McShield.exe
    O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
    O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
    O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
    O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
    O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
    O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
    O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
    O23 - Service: @%SystemRoot%\System32\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software GmbH - C:\Windows\System32\TuneUpDefragService.exe
    O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe

    --
    End of file - 10051 bytes
    Heil Nucia

  • #2
    Hallo,

    Sla deze instructies op in kladblokbestand of een word document, en plaats dit op je bureablad.

    Download ATF cleaner (gemaakt door Atribune) en plaats het op je bureablad.

    Start de computer op in veilige modus zonder netwerkondersteuning. Hoe je dit doet kan je hier lezen.


    Dubbelklik op ATF cleaner om het programma te starten.
    In het venster "Main", plaats je een vinkje bij Select All.
    Klik op de knop Empty Selected.

    Gebruik je ook Firefox als browser:
    Klik op het tabblad "Firefox" en plaats een vinkje bij Select All.
    Wil je de door Firefox opgeslagen wachtwoorden behouden, dan klik je in het venster dat verschijnt op "No".
    (dit haalt het vinkje weer weg bij "Firefox saved passwords")
    Klik op de knop Empty Selected.

    Gebruik je ook Opera als browser:
    Klik op het tabblad "Opera" en plaats een vinkje bij Select All.
    Wil je de door Opera opgeslagen wachtwoorden behouden, dan klik je in het venster dat verschijnt op "No".
    Klik op de knop Empty Selected.

    Ga naar het menu "Main" en klik op de knop Exit om het programma af te sluiten.


    Rechtsklik op C:\Users\Yoran\Desktop\HiJackThis.exe en kies voor "Als Administrator uitvoeren".
    Bevestig de melding die je krijgt van Gebruikersaccountbeheer, door op "Toestaan" te klikken.
    Klik daarna op knop "Scan".
    Plaats een vinkje bij de volgende items:

    O1 - Hosts: 85.17.169.12 www.digibattles.net
    O1 - Hosts: 91.196.168.113 www.iwsclan.com
    O2 - BHO: (no name) - {FBD7BA4E-EA4D-4442-97B0-61DEF9521409} - C:\Windows\system32\sSMfedca.dll
    O4 - HKLM\..\Run: [MSServer] rundll32.exe C:\Windows\system32\khfFWpOg.dll,#1
    O4 - HKLM\..\Run: [d09031b6] rundll32.exe "C:\Windows\system32\hnbsuiwn.dll",b
    O4 - HKLM\..\Run: [BMd3a3022a] Rundll32.exe "C:\Windows\system32\qjxglwyl.dll",s
    O15 - Trusted Zone: http://asia.msi.com.tw
    O15 - Trusted Zone: http://global.msi.com.tw
    O15 - Trusted Zone: http://www.msi.com.tw
    O16 - DPF: {85D1F3B2-2A21-11D7-97B9-0010DC2A6243} (SecureLogin class) - http://secure2.comned.com/signuptemp...ogin-devel.cab


    Klik daarna op "Fix checked" en sluit HijackThis af.

    Herstart de computer in normale windows modus.

    Start HijackThis opnieuw, maak een nieuwe log en post deze.

    Comment

    Sorry, you are not authorized to view this page
    Working...
    X