Mededeling

Collapse
No announcement yet.

Nazicht HijackThis op Spyware

Collapse
X
Collapse
  •  
  • Page of 2
  • Filter
  • Tijd
  • Show
Clear All
new posts
Vorige 1 2 template Volgende
  • #1

    Nazicht HijackThis op Spyware

    Logfile of HijackThis v1.98.2
    Scan saved at 14:48:05, on 10/12/2004
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\avpcc.exe
    C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\avpm.exe
    C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\RunDll32.exe
    C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\avpcc.exe
    C:\PROGRA~1\TELENE~1\SMARTB~1\MotiveSB.exe
    C:\WINDOWS\system32\rundll32.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\MSN Messenger\MsnMsgr.Exe
    C:\WINDOWS\NCLAUNCH.EXe
    C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
    C:\Program Files\RFA\rfagent.exe
    C:\Program Files\Telenet EasyCare\bin\mpbtn.exe
    C:\PROGRA~1\MICROS~2\Office10\OUTLOOK.EXE
    C:\Program Files\Microsoft Office\Office10\WINWORD.EXE
    C:\WINDOWS\msagent\AgentSvr.exe
    C:\Documents and Settings\Administrator\Mijn documenten\Programma's Software PC\hijackthis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.be/
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.be
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = c:\WINDOWS\PCHEALTH\HELPCTR\System\panels\blank.htm
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
    O2 - BHO: DownloadRedirect Class - {00000000-6CB0-410C-8C3D-8FA8D2011D0A} - C:\Program Files\iMesh\iMesh5\iMeshBHO.dll
    O2 - BHO: URLLink Class - {4A2AACF3-ADF6-11D5-98A9-00E018981B9E} - C:\Program Files\NewDotNet\newdotnet6_38.dll
    O3 - Toolbar: PopUpCop - {DB43E4E6-FF8A-4018-8C8E-F68587A44A73} - C:\PROGRA~1\PopUpCop\PopUpCop.dll
    O4 - HKLM\..\Run: [Cmaudio] RunDll32 c:\WINDOWS\system\cmicnfg.cpl,CMICtrlWnd
    O4 - HKLM\..\Run: [AVPCC] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\avpcc.exe" /wait
    O4 - HKLM\..\Run: [Motive SmartBridge] C:\PROGRA~1\TELENE~1\SMARTB~1\MotiveSB.exe
    O4 - HKLM\..\Run: [New.net Startup] rundll32 C:\PROGRA~1\NEWDOT~1\NEWDOT~2.DLL,NewDotNetStartup -s
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [NCLaunch] C:\WINDOWS\NCLAUNCH.EXe
    O4 - HKCU\..\Run: [SpySweeper] "C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe" /0
    O4 - HKCU\..\Run: [RFAgent] C:\Program Files\RFA\rfagent.exe
    O4 - Startup: iMesh.lnk = C:\Program Files\iMesh\Client\iMeshClient.exe
    O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
    O4 - Global Startup: Telenet EasyCare.lnk = C:\Program Files\Telenet EasyCare\bin\matcli.exe
    O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
    O8 - Extra context menu item: Figuur openen in &Microsoft PhotoDraw - res://C:\PROGRA~1\MICROS~2\Office\1043\phdintl.dll/phdContext.htm
    O8 - Extra context menu item: Open Image in New Window - res://C:\Program Files\PopUpCop\popupcop.dll/imagenew
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O10 - Hijacked Internet access by New.Net
    O10 - Hijacked Internet access by New.Net
    O10 - Hijacked Internet access by New.Net
    O10 - Hijacked Internet access by New.Net
    O10 - Hijacked Internet access by New.Net
    O16 - DPF: {4D7F48C0-CB49-4EA6-97D4-04F4EACC2F3B} - http://sib1.od2.com/common/Member/ClientInstall/10.01.0004/OCI/setup.exe
    O16 - DPF: {5D7334F5-CF58-4F22-8502-6CC0ACB2FEFF} - http://www.dialer-shop.com/protected/code/axrbpt.cab
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5consumer/V5Controls/en/x86/client/wuweb_site.cab?1100459582294
    O16 - DPF: {6814A9EF-FBF1-46B2-A46E-56B401079C26} - http://www.dialer-shop.com/cexe/b200999.exe
    Labels: Geen
    • Citaat
  • #2
    Hoi Weyn Frank,

    1. Ga naar Start - Configuratiescherm - Software, en de-installeer:
    - New.Net / NewDotNet

    2. Start opnieuw op, maak een nieuw logje aan, en post dat hier
    • Citaat

    Comment

    • #3
      T.A.V. Hans
      Via start > configuratiescherm > software kan ik map New.Net/NewDotNet niet vinden.In map programme files via mijn computer staat de map wel,maar kan deze niet verwijderen > geeft fout aan "geweigerd kijk of schijf vol of tegen schrijven is beveiligd of in gebruik is".Hoe moet het nu verder

      Groetjes Frank
      • Citaat

      Comment

      • #4
        Kun je even een nieuw logje plaatsen?
        • Citaat

        Comment

        • #5
          log 13-12-04

          Logfile of HijackThis v1.98.2
          Scan saved at 23:03:28, on 13/12/2004
          Platform: Windows XP SP2 (WinNT 5.01.2600)
          MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

          Running processes:
          C:\WINDOWS\System32\smss.exe
          C:\WINDOWS\system32\winlogon.exe
          C:\WINDOWS\system32\services.exe
          C:\WINDOWS\system32\lsass.exe
          C:\WINDOWS\system32\svchost.exe
          C:\WINDOWS\System32\svchost.exe
          C:\WINDOWS\system32\spoolsv.exe
          C:\WINDOWS\Explorer.EXE
          C:\WINDOWS\system32\RunDll32.exe
          C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\avpcc.exe
          C:\PROGRA~1\TELENE~1\SMARTB~1\MotiveSB.exe
          C:\WINDOWS\system32\rundll32.exe
          C:\WINDOWS\system32\ctfmon.exe
          C:\Program Files\MSN Messenger\MsnMsgr.Exe
          C:\WINDOWS\NCLAUNCH.EXe
          C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
          C:\Program Files\RFA\rfagent.exe
          C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\avpcc.exe
          C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\avpm.exe
          C:\Program Files\Telenet EasyCare\bin\mpbtn.exe
          C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
          C:\PROGRA~1\MICROS~2\Office10\OUTLOOK.EXE
          C:\Program Files\Microsoft Office\Office10\WINWORD.EXE
          C:\WINDOWS\msagent\AgentSvr.exe
          C:\Program Files\Internet Explorer\iexplore.exe
          C:\Program Files\Mozilla Firefox\firefox.exe
          C:\Documents and Settings\Administrator\Mijn documenten\Programma's Software PC\hijackthis 2.exe

          R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.be/
          R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.be
          R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = c:\WINDOWS\PCHEALTH\HELPCTR\System\panels\blank.htm
          R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
          R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
          O2 - BHO: DownloadRedirect Class - {00000000-6CB0-410C-8C3D-8FA8D2011D0A} - C:\Program Files\iMesh\iMesh5\iMeshBHO.dll
          O2 - BHO: Acronis Popup Blocker - {E24AD748-155E-4254-B674-4EDF86E7E1DF} - (no file)
          O3 - Toolbar: PopUpCop - {DB43E4E6-FF8A-4018-8C8E-F68587A44A73} - C:\PROGRA~1\PopUpCop\PopUpCop.dll
          O4 - HKLM\..\Run: [Cmaudio] RunDll32 c:\WINDOWS\system\cmicnfg.cpl,CMICtrlWnd
          O4 - HKLM\..\Run: [AVPCC] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\avpcc.exe" /wait
          O4 - HKLM\..\Run: [Motive SmartBridge] C:\PROGRA~1\TELENE~1\SMARTB~1\MotiveSB.exe
          O4 - HKLM\..\Run: [New.net Startup] rundll32 C:\PROGRA~1\NEWDOT~1\NEWDOT~2.DLL,NewDotNetStartup -s
          O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
          O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
          O4 - HKCU\..\Run: [NCLaunch] C:\WINDOWS\NCLAUNCH.EXe
          O4 - HKCU\..\Run: [SpySweeper] "C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe" /0
          O4 - HKCU\..\Run: [RFAgent] C:\Program Files\RFA\rfagent.exe
          O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
          O4 - Global Startup: Telenet EasyCare.lnk = C:\Program Files\Telenet EasyCare\bin\matcli.exe
          O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
          O8 - Extra context menu item: Figuur openen in &Microsoft PhotoDraw - res://C:\PROGRA~1\MICROS~2\Office\1043\phdintl.dll/phdContext.htm
          O8 - Extra context menu item: Open Image in New Window - res://C:\Program Files\PopUpCop\popupcop.dll/imagenew
          O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
          O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
          O10 - Hijacked Internet access by New.Net
          O10 - Hijacked Internet access by New.Net
          O10 - Hijacked Internet access by New.Net
          O10 - Hijacked Internet access by New.Net
          O10 - Hijacked Internet access by New.Net
          • Citaat

          Comment

          • #6
            Hoi Frank,

            Kun je even updaten naar HijackThis 1.99.0:

            radiosplace
            http://radiosplace.com


            Maak hiermee een nieuw logje aan, en post dat hier.
            • Citaat

            Comment

            • #7
              Nieuwe log met 1.99.0

              Logfile of HijackThis v1.99.0
              Scan saved at 16:01:49, on 17/12/2004
              Platform: Windows XP SP2 (WinNT 5.01.2600)
              MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

              Running processes:
              C:\WINDOWS\System32\smss.exe
              C:\WINDOWS\system32\winlogon.exe
              C:\WINDOWS\system32\services.exe
              C:\WINDOWS\system32\lsass.exe
              C:\WINDOWS\system32\svchost.exe
              C:\WINDOWS\System32\svchost.exe
              C:\WINDOWS\system32\spoolsv.exe
              C:\WINDOWS\Explorer.EXE
              C:\WINDOWS\system32\RunDll32.exe
              C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\avpcc.exe
              C:\PROGRA~1\TELENE~1\SMARTB~1\MotiveSB.exe
              C:\WINDOWS\system32\rundll32.exe
              C:\WINDOWS\system32\ctfmon.exe
              C:\Program Files\MSN Messenger\MsnMsgr.Exe
              C:\WINDOWS\NCLAUNCH.EXe
              C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
              C:\Program Files\RFA\rfagent.exe
              C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\avpcc.exe
              C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\avpm.exe
              C:\Program Files\Telenet EasyCare\bin\mpbtn.exe
              C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
              C:\PROGRA~1\MICROS~2\Office10\OUTLOOK.EXE
              C:\WINDOWS\msagent\AgentSvr.exe
              C:\WINDOWS\System32\svchost.exe
              C:\Program Files\Microsoft Office\Office10\WINWORD.EXE
              C:\Program Files\Mozilla Firefox\firefox.exe
              C:\Documents and Settings\Administrator\Mijn documenten\Programma's Software PC\Hijackthis\HijackThis.exe

              R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.be/
              R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.be
              R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = c:\WINDOWS\PCHEALTH\HELPCTR\System\panels\blank.htm
              R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
              R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
              O2 - BHO: DownloadRedirect Class - {00000000-6CB0-410C-8C3D-8FA8D2011D0A} - C:\Program Files\iMesh\iMesh5\iMeshBHO.dll
              O2 - BHO: Acronis Popup Blocker - {E24AD748-155E-4254-B674-4EDF86E7E1DF} - (no file)
              O3 - Toolbar: PopUpCop - {DB43E4E6-FF8A-4018-8C8E-F68587A44A73} - C:\PROGRA~1\PopUpCop\PopUpCop.dll
              O4 - HKLM\..\Run: [Cmaudio] RunDll32 c:\WINDOWS\system\cmicnfg.cpl,CMICtrlWnd
              O4 - HKLM\..\Run: [AVPCC] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\avpcc.exe" /wait
              O4 - HKLM\..\Run: [Motive SmartBridge] C:\PROGRA~1\TELENE~1\SMARTB~1\MotiveSB.exe
              O4 - HKLM\..\Run: [New.net Startup] rundll32 C:\PROGRA~1\NEWDOT~1\NEWDOT~2.DLL,NewDotNetStartup -s
              O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
              O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
              O4 - HKCU\..\Run: [NCLaunch] C:\WINDOWS\NCLAUNCH.EXe
              O4 - HKCU\..\Run: [SpySweeper] "C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe" /0
              O4 - HKCU\..\Run: [RFAgent] C:\Program Files\RFA\rfagent.exe
              O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
              O4 - Global Startup: Telenet EasyCare.lnk = C:\Program Files\Telenet EasyCare\bin\matcli.exe
              O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
              O8 - Extra context menu item: Figuur openen in &Microsoft PhotoDraw - res://C:\PROGRA~1\MICROS~2\Office\1043\phdintl.dll/phdContext.htm
              O8 - Extra context menu item: Open Image in New Window - res://C:\Program Files\PopUpCop\popupcop.dll/imagenew
              O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
              O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
              O10 - Hijacked Internet access by New.Net
              O10 - Hijacked Internet access by New.Net
              O10 - Hijacked Internet access by New.Net
              O10 - Hijacked Internet access by New.Net
              O10 - Hijacked Internet access by New.Net
              O23 - Service: AVP Control Centre Service - Kaspersky Labs. - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\avpcc.exe
              O23 - Service: KAV Monitor Service - Kaspersky Labs. - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\avpm.exeLogfile of HijackThis v1.99.0
              Scan saved at 22:49:10, on 17/12/2004
              Platform: Windows XP SP2 (WinNT 5.01.2600)
              MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

              Running processes:
              C:\WINDOWS\System32\smss.exe
              C:\WINDOWS\system32\winlogon.exe
              C:\WINDOWS\system32\services.exe
              C:\WINDOWS\system32\lsass.exe
              C:\WINDOWS\system32\svchost.exe
              C:\WINDOWS\System32\svchost.exe
              C:\WINDOWS\system32\spoolsv.exe
              C:\WINDOWS\Explorer.EXE
              C:\WINDOWS\system32\RunDll32.exe
              C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\avpcc.exe
              C:\PROGRA~1\TELENE~1\SMARTB~1\MotiveSB.exe
              C:\WINDOWS\system32\rundll32.exe
              C:\WINDOWS\system32\ctfmon.exe
              C:\Program Files\MSN Messenger\MsnMsgr.Exe
              C:\WINDOWS\NCLAUNCH.EXe
              C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
              C:\Program Files\RFA\rfagent.exe
              C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\avpcc.exe
              C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\avpm.exe
              C:\Program Files\Telenet EasyCare\bin\mpbtn.exe
              C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
              C:\PROGRA~1\MICROS~2\Office10\OUTLOOK.EXE
              C:\Program Files\Microsoft Office\Office10\WINWORD.EXE
              C:\WINDOWS\msagent\AgentSvr.exe
              C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
              C:\Documents and Settings\Administrator\Mijn documenten\Programma's Software PC\Hijackthis\HijackThis.exe

              R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.be/
              R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.be
              R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = c:\WINDOWS\PCHEALTH\HELPCTR\System\panels\blank.htm
              R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
              R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
              O2 - BHO: Acronis Popup Blocker - {E24AD748-155E-4254-B674-4EDF86E7E1DF} - (no file)
              O3 - Toolbar: PopUpCop - {DB43E4E6-FF8A-4018-8C8E-F68587A44A73} - C:\PROGRA~1\PopUpCop\PopUpCop.dll
              O4 - HKLM\..\Run: [Cmaudio] RunDll32 c:\WINDOWS\system\cmicnfg.cpl,CMICtrlWnd
              O4 - HKLM\..\Run: [AVPCC] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\avpcc.exe" /wait
              O4 - HKLM\..\Run: [Motive SmartBridge] C:\PROGRA~1\TELENE~1\SMARTB~1\MotiveSB.exe
              O4 - HKLM\..\Run: [New.net Startup] rundll32 C:\PROGRA~1\NEWDOT~1\NEWDOT~2.DLL,NewDotNetStartup -s
              O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
              O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
              O4 - HKCU\..\Run: [NCLaunch] C:\WINDOWS\NCLAUNCH.EXe
              O4 - HKCU\..\Run: [SpySweeper] "C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe" /0
              O4 - HKCU\..\Run: [RFAgent] C:\Program Files\RFA\rfagent.exe
              O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
              O4 - Global Startup: Telenet EasyCare.lnk = C:\Program Files\Telenet EasyCare\bin\matcli.exe
              O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
              O8 - Extra context menu item: Figuur openen in &Microsoft PhotoDraw - res://C:\PROGRA~1\MICROS~2\Office\1043\phdintl.dll/phdContext.htm
              O8 - Extra context menu item: Open Image in New Window - res://C:\Program Files\PopUpCop\popupcop.dll/imagenew
              O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
              O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
              O10 - Hijacked Internet access by New.Net
              O10 - Hijacked Internet access by New.Net
              O10 - Hijacked Internet access by New.Net
              O10 - Hijacked Internet access by New.Net
              O10 - Hijacked Internet access by New.Net
              O23 - Service: AVP Control Centre Service - Kaspersky Labs. - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\avpcc.exe
              O23 - Service: KAV Monitor Service - Kaspersky Labs. - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\avpm.exe
              Last edited by Weyn Frank; 17-12-04, 22:06. Reden: Nieuw logje van 23:02
              • Citaat

              Comment

              • #8
                Hoi Frank,

                Ik moet even bekijken hoe we die O10-regels gaan wegkrijgen. Belangrijk: Ga ze niet zelf proberen te fixen met hijackThis! Dit kan internet problemen veroorzaken!

                De-installeer iMesh, het is een verkeerd programma:
                http://www.spywareinfo.com/articles/p2p/


                Start opnieuw op, maak een nieuw logje aan, en post dat hier
                • Citaat

                Comment

                • #9
                  nieuwe log 18-12-2004

                  Logfile of HijackThis v1.99.0
                  Scan saved at 10:34:35, on 18/12/2004
                  Platform: Windows XP SP2 (WinNT 5.01.2600)
                  MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

                  Running processes:
                  C:\WINDOWS\System32\smss.exe
                  C:\WINDOWS\system32\winlogon.exe
                  C:\WINDOWS\system32\services.exe
                  C:\WINDOWS\system32\lsass.exe
                  C:\WINDOWS\system32\svchost.exe
                  C:\WINDOWS\System32\svchost.exe
                  C:\WINDOWS\system32\spoolsv.exe
                  C:\WINDOWS\Explorer.EXE
                  C:\WINDOWS\system32\RunDll32.exe
                  C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\avpcc.exe
                  C:\PROGRA~1\TELENE~1\SMARTB~1\MotiveSB.exe
                  C:\WINDOWS\system32\rundll32.exe
                  C:\WINDOWS\system32\ctfmon.exe
                  C:\Program Files\MSN Messenger\MsnMsgr.Exe
                  C:\WINDOWS\NCLAUNCH.EXe
                  C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
                  C:\Program Files\RFA\rfagent.exe
                  C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\avpcc.exe
                  C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\avpm.exe
                  C:\Program Files\Telenet EasyCare\bin\mpbtn.exe
                  C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
                  C:\PROGRA~1\MICROS~2\Office10\OUTLOOK.EXE
                  C:\Program Files\Microsoft Office\Office10\WINWORD.EXE
                  C:\WINDOWS\msagent\AgentSvr.exe
                  C:\Program Files\Mozilla Firefox\firefox.exe
                  C:\Documents and Settings\Administrator\Mijn documenten\Programma's Software PC\Hijackthis\HijackThis.exe

                  R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.be/
                  R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.be
                  R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = c:\WINDOWS\PCHEALTH\HELPCTR\System\panels\blank.htm
                  R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
                  R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
                  O2 - BHO: Acronis Popup Blocker - {E24AD748-155E-4254-B674-4EDF86E7E1DF} - (no file)
                  O3 - Toolbar: PopUpCop - {DB43E4E6-FF8A-4018-8C8E-F68587A44A73} - C:\PROGRA~1\PopUpCop\PopUpCop.dll
                  O4 - HKLM\..\Run: [Cmaudio] RunDll32 c:\WINDOWS\system\cmicnfg.cpl,CMICtrlWnd
                  O4 - HKLM\..\Run: [AVPCC] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\avpcc.exe" /wait
                  O4 - HKLM\..\Run: [Motive SmartBridge] C:\PROGRA~1\TELENE~1\SMARTB~1\MotiveSB.exe
                  O4 - HKLM\..\Run: [New.net Startup] rundll32 C:\PROGRA~1\NEWDOT~1\NEWDOT~2.DLL,NewDotNetStartup -s
                  O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
                  O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
                  O4 - HKCU\..\Run: [NCLaunch] C:\WINDOWS\NCLAUNCH.EXe
                  O4 - HKCU\..\Run: [SpySweeper] "C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe" /0
                  O4 - HKCU\..\Run: [RFAgent] C:\Program Files\RFA\rfagent.exe
                  O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
                  O4 - Global Startup: Telenet EasyCare.lnk = C:\Program Files\Telenet EasyCare\bin\matcli.exe
                  O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
                  O8 - Extra context menu item: Figuur openen in &Microsoft PhotoDraw - res://C:\PROGRA~1\MICROS~2\Office\1043\phdintl.dll/phdContext.htm
                  O8 - Extra context menu item: Open Image in New Window - res://C:\Program Files\PopUpCop\popupcop.dll/imagenew
                  O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
                  O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
                  O10 - Hijacked Internet access by New.Net
                  O10 - Hijacked Internet access by New.Net
                  O10 - Hijacked Internet access by New.Net
                  O10 - Hijacked Internet access by New.Net
                  O10 - Hijacked Internet access by New.Net
                  O23 - Service: AVP Control Centre Service - Kaspersky Labs. - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\avpcc.exe
                  O23 - Service: KAV Monitor Service - Kaspersky Labs. - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\avpm.exe
                  • Citaat

                  Comment

                  • #10
                    Hoi Frank,

                    1. Dubbelklik op Deze Computer
                    2. Dubbelklik op C:/
                    3. Dubbelklik op de Program Files map
                    4. Zoek de NewDotNet map op en dubbelklik erop.
                    5. Zoek naar het bestand "uninstallX_XX.exe ("X" houdt de versie van de uninstaller in). Dubbelklik hierop.
                    6. Start opnieuw op wanneer dit gevraagd wordt.

                    Laat me weten of New.Net hiermee verdwenen is
                    • Citaat

                    Comment

                    • #11
                      kan map Newdotnet niet verwijderen 20-12-2004

                      T.A.V.Hans
                      onder progr.files staat maar 1 map" newdotnet6_38.dll 6.0.0.38 New.net.Domains" > kan deze niet verwijderen > heb verborgen mappen weergegeven en staat geen verborgen map in prog.files
                      Vorige keer hebt u het zelfde aangeraden > zonder resultaat
                      moet ik eerst dit niet proberen te verwijderen ??
                      O4 - HKLM\..\Run: [New.net Startup] rundll32 C:\PROGRA~1\NEWDOT~1\NEWDOT~2.DLL,NewDotNetStartup -s
                      • Citaat

                      Comment

                      • #12
                        Probeer dat maar, start opnieuw op, en kijk of je de map dan wel kan verwijderen
                        • Citaat

                        Comment

                        • #13
                          Log:22-12-04

                          Dag Mr Hans,Alles geprobeerd om deze map eruit te halen en niks lukt er.Wat nu?
                          Logfile of HijackThis v1.99.0
                          Scan saved at 11:46:55, on 22/12/2004
                          Platform: Windows XP SP2 (WinNT 5.01.2600)
                          MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

                          Running processes:
                          C:\WINDOWS\System32\smss.exe
                          C:\WINDOWS\system32\winlogon.exe
                          C:\WINDOWS\system32\services.exe
                          C:\WINDOWS\system32\lsass.exe
                          C:\WINDOWS\system32\svchost.exe
                          C:\WINDOWS\System32\svchost.exe
                          C:\WINDOWS\system32\spoolsv.exe
                          C:\WINDOWS\Explorer.EXE
                          C:\WINDOWS\system32\RunDll32.exe
                          C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\avpcc.exe
                          C:\PROGRA~1\TELENE~1\SMARTB~1\MotiveSB.exe
                          C:\Program Files\Telemeter 3.0\telemeter3.exe
                          C:\WINDOWS\system32\rundll32.exe
                          C:\WINDOWS\system32\ctfmon.exe
                          C:\Program Files\MSN Messenger\MsnMsgr.Exe
                          C:\WINDOWS\NCLAUNCH.EXe
                          C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
                          C:\Program Files\RFA\rfagent.exe
                          C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\avpcc.exe
                          C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\avpm.exe
                          C:\Program Files\Telenet EasyCare\bin\mpbtn.exe
                          C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
                          C:\Program Files\Microsoft Office\OFFICE11\OUTLOOK.EXE
                          C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE
                          C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
                          C:\WINDOWS\msagent\AgentSvr.exe
                          C:\Documents and Settings\Administrator\Mijn documenten\Programma's Software PC\Hijackthis\HijackThis.exe

                          R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.be/
                          R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.be
                          R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = c:\WINDOWS\PCHEALTH\HELPCTR\System\panels\blank.htm
                          R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
                          R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
                          O2 - BHO: Acronis Popup Blocker - {E24AD748-155E-4254-B674-4EDF86E7E1DF} - (no file)
                          O3 - Toolbar: PopUpCop - {DB43E4E6-FF8A-4018-8C8E-F68587A44A73} - C:\PROGRA~1\PopUpCop\PopUpCop.dll
                          O4 - HKLM\..\Run: [Cmaudio] RunDll32 c:\WINDOWS\system\cmicnfg.cpl,CMICtrlWnd
                          O4 - HKLM\..\Run: [AVPCC] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\avpcc.exe" /wait
                          O4 - HKLM\..\Run: [Motive SmartBridge] C:\PROGRA~1\TELENE~1\SMARTB~1\MotiveSB.exe
                          O4 - HKLM\..\Run: [Telemeter 3.0] "C:\Program Files\Telemeter 3.0\telemeter3.exe"
                          O4 - HKLM\..\Run: [New.net Startup] rundll32 C:\PROGRA~1\NEWDOT~1\NEWDOT~2.DLL,NewDotNetStartup -s
                          O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
                          O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
                          O4 - HKCU\..\Run: [NCLaunch] C:\WINDOWS\NCLAUNCH.EXe
                          O4 - HKCU\..\Run: [SpySweeper] "C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe" /0
                          O4 - HKCU\..\Run: [RFAgent] C:\Program Files\RFA\rfagent.exe
                          O4 - Global Startup: Telenet EasyCare.lnk = C:\Program Files\Telenet EasyCare\bin\matcli.exe
                          O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
                          O8 - Extra context menu item: Figuur openen in &Microsoft PhotoDraw - res://C:\PROGRA~1\MICROS~2\Office\1043\phdintl.dll/phdContext.htm
                          O8 - Extra context menu item: Open Image in New Window - res://C:\Program Files\PopUpCop\popupcop.dll/imagenew
                          O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
                          O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
                          O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
                          O10 - Hijacked Internet access by New.Net
                          O10 - Hijacked Internet access by New.Net
                          O10 - Hijacked Internet access by New.Net
                          O10 - Hijacked Internet access by New.Net
                          O10 - Hijacked Internet access by New.Net
                          O23 - Service: AVP Control Centre Service - Kaspersky Labs. - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\avpcc.exe
                          O23 - Service: KAV Monitor Service - Kaspersky Labs. - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\avpm.exe
                          • Citaat

                          Comment

                          • #14
                            Aan Mr Hans.

                            Ik heb al een prive berichtje gestuurd,maar voor alle zekerheid zet ik hier ook hetzelfde. Aan heel het ASO-team de beste wensen voor het nieuwe jaar gewenst. Mr Hans,in mijn laatste logje heb ik u uitgelecht dat ik die beruchte map er niet uit krijg.Ondanks alles wat U vetelde en wat ik tot hier toe geprobeerd heb.Op mijn laatste logje 22/12/04 heb ik geen reactie meer gekregen.Ik hoop op uw bekwaamheid nog eens beroep te kunnen doen.De groeten Frank.
                            • Citaat

                            Comment

                            • #15
                              Kun je even een vers logje plaatsen? Aangezien je laatste logje al aardig oud is en er dingen veranderd kunnen zijn
                              • Citaat

                              Comment

                              Vorige 1 2 template Volgende
                              Sorry, you are not authorized to view this page
                              Working...
                              X