Hallo,
Ik heb een Enter one probleem. spybot en ad aware gedraaid maar dat hielp niet. Dus hieronder maar even een HJT log.
Gr Erik
Logfile of HijackThis v1.99.0
Scan saved at 10:12:09, on 30-12-2004
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\poweroff.exe
C:\PROGRA~1\AGROVI~1\Ibms\CMVTaak.exe
C:\WINDOWS\System32\ntcpl.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\System32\ctfmon.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Rabotwin\RaboComm\RaboSessionMon.exe
C:\Program Files\802.11 Wireless LAN\802.11b Wireless USB Adapter HW.00 V1.20\Wireless Configuration Utility HW.00.exe
C:\Program Files\Agrovision\Ibms\Ibms.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Mts de Boer-Boverhof\Bureaublad\hijackthis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = file:///C:/Program%20Files/EnterOne/Portal/portal.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Startpagina = file:///C:/Program%20Files/EnterOne/Portal/portal.html
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\SYSTEM\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = proxy.worldonline.nl:8080
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
O2 - BHO: DAPBHO Class - {0096CC0A-623C-4829-AD9C-19AF0DC9D8FE} - (no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\PROGRAM FILES\ADOBE\ACROBAT 5.0\READER\ACTIVEX\ACROIEHELPER.OCX
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [Agrovision taakplanner] C:\PROGRA~1\AGROVI~1\Ibms\CMVTaak.exe
O4 - HKLM\..\Run: [NvCplD] C:\WINDOWS\System32\ntcpl.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - Global Startup: Rabo Session Monitor.lnk = C:\Program Files\Rabotwin\RaboComm\RaboSessionMon.exe
O4 - Global Startup: Wireless Configuration Utility HW.00.lnk = ?
O8 - Extra context menu item: &Frame in een nieuw venster openen - C:\WINDOWS\WEB\frm2new.htm
O8 - Extra context menu item: &Inzoomen - C:\WINDOWS\WEB\zoomin.htm
O8 - Extra context menu item: &Lijst met koppelingen - C:\WINDOWS\WEB\urllist.htm
O8 - Extra context menu item: &Markeren - C:\WINDOWS\WEB\highlight.htm
O8 - Extra context menu item: Lij&st met afbeeldingen - C:\WINDOWS\Web\imglist.htm
O8 - Extra context menu item: Uit&zoomen - C:\WINDOWS\WEB\zoomout.htm
O8 - Extra context menu item: Zoeken op het &web - C:\WINDOWS\WEB\selsearch.htm
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O12 - Plugin for .spop: C:\PROGRA~1\INTERN~1\Plugins\NPDocBox.dll
O16 - DPF: {05D96F71-87C6-11D3-9BE4-00902742D6E0} (QuickPlace Class) - http://edunet.vhall.nl/qp2.cab
O16 - DPF: {29C13B62-B9F7-4CD3-8CEF-0A58A1A99441} (MSN Chat Control 4.1) - http://fdl.msn.com/public/chat/msnchat41.cab
O16 - DPF: {31B7EB4E-8B4B-11D1-A789-00A0CC6651A8} (Cult3D ActiveX Player) - http://www.cult3d.com/download/cult.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5consumer/V5Controls/en/x86/client/wuweb_site.cab?1093985641252
O16 - DPF: {7147947B-5D1D-11D1-AF68-0000929101FF} (GifViewerX Control) - http://www.chatbox.com/chatbox/java/GifViewerX.cab
O16 - DPF: {A3009861-330C-4E10-822B-39D16EC8829D} (CRAVOnline Object) - http://www.ravantivirus.com/scan/ravonline.cab
O16 - DPF: {D67280B0-CDE3-4AF1-A3E4-053862CFF113} (Opgave Gewaspercelen 2004 Produktie) - https://www.gewaspercelen.nl/interkom/app/InterkomClientProd.cab
O16 - DPF: {FE8287E9-5F43-11D3-ABCA-00105A5C1F46} (HouseCall Control) - http://www.housecall.nl/housecall/xscan4.cab
O19 - User stylesheet: (file missing)
O23 - Service: Poweroff - Jorgen Bosman - C:\WINDOWS\System32\poweroff.exe
Ik heb een Enter one probleem. spybot en ad aware gedraaid maar dat hielp niet. Dus hieronder maar even een HJT log.
Gr Erik
Logfile of HijackThis v1.99.0
Scan saved at 10:12:09, on 30-12-2004
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\poweroff.exe
C:\PROGRA~1\AGROVI~1\Ibms\CMVTaak.exe
C:\WINDOWS\System32\ntcpl.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\System32\ctfmon.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Rabotwin\RaboComm\RaboSessionMon.exe
C:\Program Files\802.11 Wireless LAN\802.11b Wireless USB Adapter HW.00 V1.20\Wireless Configuration Utility HW.00.exe
C:\Program Files\Agrovision\Ibms\Ibms.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Mts de Boer-Boverhof\Bureaublad\hijackthis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = file:///C:/Program%20Files/EnterOne/Portal/portal.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Startpagina = file:///C:/Program%20Files/EnterOne/Portal/portal.html
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\SYSTEM\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = proxy.worldonline.nl:8080
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
O2 - BHO: DAPBHO Class - {0096CC0A-623C-4829-AD9C-19AF0DC9D8FE} - (no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\PROGRAM FILES\ADOBE\ACROBAT 5.0\READER\ACTIVEX\ACROIEHELPER.OCX
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [Agrovision taakplanner] C:\PROGRA~1\AGROVI~1\Ibms\CMVTaak.exe
O4 - HKLM\..\Run: [NvCplD] C:\WINDOWS\System32\ntcpl.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - Global Startup: Rabo Session Monitor.lnk = C:\Program Files\Rabotwin\RaboComm\RaboSessionMon.exe
O4 - Global Startup: Wireless Configuration Utility HW.00.lnk = ?
O8 - Extra context menu item: &Frame in een nieuw venster openen - C:\WINDOWS\WEB\frm2new.htm
O8 - Extra context menu item: &Inzoomen - C:\WINDOWS\WEB\zoomin.htm
O8 - Extra context menu item: &Lijst met koppelingen - C:\WINDOWS\WEB\urllist.htm
O8 - Extra context menu item: &Markeren - C:\WINDOWS\WEB\highlight.htm
O8 - Extra context menu item: Lij&st met afbeeldingen - C:\WINDOWS\Web\imglist.htm
O8 - Extra context menu item: Uit&zoomen - C:\WINDOWS\WEB\zoomout.htm
O8 - Extra context menu item: Zoeken op het &web - C:\WINDOWS\WEB\selsearch.htm
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O12 - Plugin for .spop: C:\PROGRA~1\INTERN~1\Plugins\NPDocBox.dll
O16 - DPF: {05D96F71-87C6-11D3-9BE4-00902742D6E0} (QuickPlace Class) - http://edunet.vhall.nl/qp2.cab
O16 - DPF: {29C13B62-B9F7-4CD3-8CEF-0A58A1A99441} (MSN Chat Control 4.1) - http://fdl.msn.com/public/chat/msnchat41.cab
O16 - DPF: {31B7EB4E-8B4B-11D1-A789-00A0CC6651A8} (Cult3D ActiveX Player) - http://www.cult3d.com/download/cult.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5consumer/V5Controls/en/x86/client/wuweb_site.cab?1093985641252
O16 - DPF: {7147947B-5D1D-11D1-AF68-0000929101FF} (GifViewerX Control) - http://www.chatbox.com/chatbox/java/GifViewerX.cab
O16 - DPF: {A3009861-330C-4E10-822B-39D16EC8829D} (CRAVOnline Object) - http://www.ravantivirus.com/scan/ravonline.cab
O16 - DPF: {D67280B0-CDE3-4AF1-A3E4-053862CFF113} (Opgave Gewaspercelen 2004 Produktie) - https://www.gewaspercelen.nl/interkom/app/InterkomClientProd.cab
O16 - DPF: {FE8287E9-5F43-11D3-ABCA-00105A5C1F46} (HouseCall Control) - http://www.housecall.nl/housecall/xscan4.cab
O19 - User stylesheet: (file missing)
O23 - Service: Poweroff - Jorgen Bosman - C:\WINDOWS\System32\poweroff.exe
Comment