Mededeling

Collapse
No announcement yet.

vervelende iconen casino/travel enz

Collapse
This topic is closed.
X
X
Collapse
 
  • Page of 1
  • Tijd
  • Show
Clear All
new posts
Vorige template Volgende
  • #1

    vervelende iconen casino/travel enz

    ik hoop dat dit voldoende is

    Logfile of HijackThis v1.99.0
    Scan saved at 13:45:07, on 31-12-2004
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

    Running processes:
    E:\WINDOWS\System32\smss.exe
    E:\WINDOWS\system32\winlogon.exe
    E:\WINDOWS\system32\services.exe
    E:\WINDOWS\system32\lsass.exe
    E:\WINDOWS\system32\svchost.exe
    E:\WINDOWS\System32\svchost.exe
    E:\WINDOWS\system32\devldr32.exe
    E:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
    E:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
    E:\WINDOWS\Explorer.EXE
    E:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
    E:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
    E:\WINDOWS\system32\spoolsv.exe
    E:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
    E:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
    D:\Program Files\Sitecom\Bluetooth Software\bin\btwdins.exe
    E:\WINDOWS\System32\cisvc.exe
    E:\WINDOWS\System32\CTsvcCDA.EXE
    E:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
    E:\Program Files\Norton AntiVirus\navapsvc.exe
    E:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
    E:\WINDOWS\System32\nvsvc32.exe
    E:\WINDOWS\System32\svchost.exe
    E:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
    E:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
    E:\WINDOWS\System32\MsPMSPSv.exe
    E:\Program Files\Spam Inspector Outlook Express\Spam Inspector Outlook Express Edition\piiserviceOE.exe
    E:\WINDOWS\System32\ezSP_Px.exe
    D:\Program Files\SlySoft\AnyDVD\AnyDVD.exe
    E:\Program Files\Java\j2re1.4.2_05\bin\jusched.exe
    D:\Program Files\Messenger Plus! 3\MsgPlus.exe
    E:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
    E:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
    E:\Program Files\Common Files\Symantec Shared\ccApp.exe
    E:\Program Files\Internet Explorer\iexplore.exe
    E:\WINDOWS\System32\svchost.exe
    D:\Program Files\Sitecom\Bluetooth Software\BTTray.exe
    e:\progra~1\intern~1\iexplore.exe
    D:\Program Files\Skype\Phone\Skype.exe
    D:\PROGRA~2\Sitecom\BLUETO~1\BTSTAC~1.EXE
    E:\Program Files\Outlook Express\msimn.exe
    E:\Program Files\Spam Inspector Outlook Express\Spam Inspector Outlook Express Edition\PostalInspectorOE.exe
    E:\PROGRA~1\MOZILL~1\FIREFOX.EXE
    E:\WINDOWS\system32\cidaemon.exe
    E:\Program Files\Messenger\msmsgs.exe
    D:\Lunatic\hijackthis-1.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = about:blank
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.ozkwkvaxkjzhi.net/K4L7WQoO2/AqaoLGOtQuL3_Trp30bAmmnWWiXMCmnxbDlj_ysqdEum8RApLsUGs1.htm
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak = http://www.telegraaf.nl/
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
    R3 - Default URLSearchHook is missing
    O2 - BHO: HelperObject Class - {00C6482D-C502-44C8-8409-FCE54AD9C208} - E:\Program Files\TechSmith\SnagIt 7\SnagItBHO.dll
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - E:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
    O2 - BHO: (no name) - {38C085F5-0F94-4C46-4239-624550253FF8} - E:\DOCUME~1\familie\APPLIC~1\CAMPLO~1\bait noun.exe
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - d:\PROGRA~2\SPYBOT~1\SDHelper.dll
    O2 - BHO: (no name) - {625C25E3-246D-0273-EAFC-4410DAF12ACB} - E:\PROGRA~1\CAMPLO~1\bait noun.exe (file missing)
    O2 - BHO: Var2Helper Class - {7412C042-43B8-4F63-AEF3-E786DFAD1484} - E:\WINDOWS\system32\imwire29.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - e:\program files\google\googletoolbar2.dll
    O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - E:\Program Files\Norton AntiVirus\NavShExt.dll
    O3 - Toolbar: SnagIt - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - E:\Program Files\TechSmith\SnagIt 7\SnagItIEAddin.dll
    O3 - Toolbar: &Translator Internet - {8E4AA109-7239-4B85-8196-7377A53DDEFF} - E:\PROGRA~1\Antadis\TRANSL~1\DELPHI~1.DLL
    O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - E:\Program Files\Norton AntiVirus\NavShExt.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - e:\program files\google\googletoolbar2.dll
    O4 - HKLM\..\Run: [piiserviceOE] "E:\Program Files\Spam Inspector Outlook Express\Spam Inspector Outlook Express Edition\piiserviceOE.exe"
    O4 - HKLM\..\Run: [ezShieldProtector for Px] E:\WINDOWS\System32\ezSP_Px.exe
    O4 - HKLM\..\Run: [AnyDVD] D:\Program Files\SlySoft\AnyDVD\AnyDVD.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] E:\Program Files\Java\j2re1.4.2_05\bin\jusched.exe
    O4 - HKLM\..\Run: [MessengerPlus3] "d:\Program Files\Messenger Plus! 3\MsgPlus.exe"
    O4 - HKLM\..\Run: [AVG7_CC] E:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
    O4 - HKLM\..\Run: [AVG7_EMC] E:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
    O4 - HKLM\..\Run: [ccApp] "E:\Program Files\Common Files\Symantec Shared\ccApp.exe"
    O4 - HKLM\..\Run: [4 kind wait extra] E:\Documents and Settings\All Users\Application Data\BOOKFUNK4KIND\Meta Comp.exe
    O4 - HKLM\..\Run: [Windows ControlAd] E:\Program Files\Windows ControlAd\WinCtlAd.exe
    O4 - HKCU\..\Run: [Skype] "D:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
    O4 - HKCU\..\Run: [MessengerPlus3] "E:\Program Files\Messenger Plus! 3\MsgPlus.exe" /WinStart
    O4 - HKCU\..\Run: [Grey media] E:\DOCUME~1\familie\APPLIC~1\SETUPO~1\BatTool.exe
    O4 - Global Startup: BTTray.lnk = ?
    O8 - Extra context menu item: &Download with &DAP - D:\PROGRA~2\DAP\dapextie.htm
    O8 - Extra context menu item: &Google Search - res://e:\program files\google\GoogleToolbar2.dll/cmsearch.html
    O8 - Extra context menu item: Backward Links - res://e:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
    O8 - Extra context menu item: Cached Snapshot of Page - res://e:\program files\google\GoogleToolbar2.dll/cmcache.html
    O8 - Extra context menu item: Download &all with DAP - D:\PROGRA~2\DAP\dapextie2.htm
    O8 - Extra context menu item: Download &Flash Movies - E:\Program Files\Flash2X\Flash Hunter\save.htm
    O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://E:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
    O8 - Extra context menu item: Ontvang alles met FlashGet - D:\PROGRA~2\FLASHGET\jc_all.htm
    O8 - Extra context menu item: Ontvang met FlashGet - D:\PROGRA~2\FLASHGET\jc_link.htm
    O8 - Extra context menu item: Shorten URL - http://www.cjb.net/menuext.html
    O8 - Extra context menu item: Similar Pages - res://e:\program files\google\GoogleToolbar2.dll/cmsimilar.html
    O8 - Extra context menu item: Translate into English - res://e:\program files\google\GoogleToolbar2.dll/cmtrans.html
    O8 - Extra context menu item: Verzenden naar &Bluetooth - D:\Program Files\Sitecom\Bluetooth Software\btsendto_ie_ctx.htm
    O9 - Extra button: Messenger - {-FB5F1910-F110-11d2-BB9E-00C04F795683} - E:\Program Files\Messenger\MSMSGS.EXE
    O9 - Extra 'Tools' menuitem: Messenger - {-FB5F1910-F110-11d2-BB9E-00C04F795683} - E:\Program Files\Messenger\MSMSGS.EXE
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - E:\WINDOWS\System32\msjava.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - E:\WINDOWS\System32\msjava.dll
    O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - E:\WINDOWS\System32\shdocvw.dll
    O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - E:\WINDOWS\System32\shdocvw.dll
    O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - E:\WINDOWS\System32\shdocvw.dll
    O9 - Extra button: (no name) - {9819CC0E-9669-4D01-9CD7-2C66DA43AC6C} - (no file)
    O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - D:\Program Files\Sitecom\Bluetooth Software\btsendto_ie.htm
    O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - D:\Program Files\Sitecom\Bluetooth Software\btsendto_ie.htm
    O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - E:\WINDOWS\System32\Shdocvw.dll
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - E:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - E:\Program Files\Messenger\msmsgs.exe
    O9 - Extra button: Flash2X Flash Hunter - {77B563A5-2A35-4E6B-BFC8-F4B6BB65D5DF} - E:\Program Files\Flash2X\Flash Hunter\save.htm (file missing) (HKCU)
    O9 - Extra 'Tools' menuitem: &Launch Flash Hunter - {77B563A5-2A35-4E6B-BFC8-F4B6BB65D5DF} - E:\Program Files\Flash2X\Flash Hunter\save.htm (file missing) (HKCU)
    O16 - DPF: {003FADA5-8FEE-11D6-AFB7-0004768F6183} (CryptoRSA Control) - https://www.p3.postbank.nl/sesam/CAX.cab
    O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab30149.cab
    O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
    O16 - DPF: {175D860B-BC50-4CFA-9D50-68FFC4FDF9FB} - http://www.myfreecursors.com/cursors/goldfish.cab
    O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
    O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
    O16 - DPF: {4D7F48C0-CB49-4EA6-97D4-04F4EACC2F3B} - http://sib1.od2.com/common/Member/ClientInstall/10.01.0004/OCI/setup.exe
    O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
    O16 - DPF: {6CB5E471-C305-11D3-99A8-000086395495} -
    O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab30149.cab
    O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab31267.cab
    O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary/Bankshot.cab31267.cab
    O16 - DPF: {DE591B16-A452-11D6-AED1-0001030A4E46} (PBGNX Control) - https://www.p3.postbank.nl/GTO/PBGNX.cab
    O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab30149.cab
    O23 - Service: Adobe LM Service - Unknown - E:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
    O23 - Service: AVG7 Alert Manager Server - GRISOFT, s.r.o. - E:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
    O23 - Service: AVG7 Update Service - GRISOFT, s.r.o. - E:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
    O23 - Service: pcAnywhere-hostservice - Symantec Corporation - D:\Program Files\Symantec\pcAnywhere\awhost32.exe
    O23 - Service: Bluetooth Service - WIDCOMM, Inc. - D:\Program Files\Sitecom\Bluetooth Software\bin\btwdins.exe
    O23 - Service: Symantec Event Manager - Symantec Corporation - E:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
    O23 - Service: Symantec Password Validation - Symantec Corporation - E:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
    O23 - Service: Symantec Settings Manager - Symantec Corporation - E:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
    O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - E:\WINDOWS\System32\CTsvcCDA.EXE
    O23 - Service: iPod Service - Apple Computer, Inc. - E:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: Norton AntiVirus Auto-Protect Service - Symantec Corporation - E:\Program Files\Norton AntiVirus\navapsvc.exe
    O23 - Service: Norton AntiVirus Firewall Monitor Service - Symantec Corporation - E:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
    O23 - Service: NVIDIA Driver Helper Service - NVIDIA Corporation - E:\WINDOWS\System32\nvsvc32.exe
    O23 - Service: SAVScan - Symantec Corporation - E:\Program Files\Norton AntiVirus\SAVScan.exe
    O23 - Service: ScriptBlocking Service - Symantec Corporation - E:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
    O23 - Service: Symantec Network Drivers Service - Symantec Corporation - E:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
    O23 - Service: Symantec SPBBCSvc - Symantec Corporation - E:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
    O23 - Service: Symantec Core LC - Symantec Corporation - E:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
    O23 - Service: SymWMI Service - Symantec Corporation - E:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
    O23 - Service: Ulead Burning Helper - Ulead Systems, Inc. - E:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
    Labels: Geen
    • #2
      Hoi buijt,

      1. Vink onderstaande regels aan in HijackThis:

      R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = about:blank
      R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.ozkwkvaxkjzhi.net/K4L7WQo...8RApLsUGs1.htm

      R3 - Default URLSearchHook is missing

      O2 - BHO: (no name) - {38C085F5-0F94-4C46-4239-624550253FF8} - E:\DOCUME~1\familie\APPLIC~1\CAMPLO~1\bait noun.exe
      O2 - BHO: (no name) - {625C25E3-246D-0273-EAFC-4410DAF12ACB} - E:\PROGRA~1\CAMPLO~1\bait noun.exe (file missing)
      O2 - BHO: Var2Helper Class - {7412C042-43B8-4F63-AEF3-E786DFAD1484} - E:\WINDOWS\system32\imwire29.dll

      O4 - HKLM\..\Run: [4 kind wait extra] E:\Documents and Settings\All Users\Application Data\BOOKFUNK4KIND\Meta Comp.exe
      O4 - HKLM\..\Run: [Windows ControlAd] E:\Program Files\Windows ControlAd\WinCtlAd.exe
      O4 - HKCU\..\Run: [Grey media] E:\DOCUME~1\familie\APPLIC~1\SETUPO~1\BatTool.exe
      2. Sluit alle andere vensters en browsers, en klik op de knop “Fix Checked”.

      3. Start opnieuw op in veilige modus.
      Zorg ervoor dat verborgen bestanden en mappen zichtbaar zijn: Verkenner > Extra > Mapopties > Tablad Weergave > scroll naar beneden en vink het vakje voor "Verborgen bestanden en mappen weergeven" aan.

      4. Ga naar Windows Verkenner (Rechtsklikken op Start - Verkennen). Zoek en verwijder het volgende:
      Mappen:
      E:\Documents and Settings\familie\Application Data\CAMPLO...
      E:\Documents and Settings\familie\Application Data\SETUPO...
      E:\Documents and Settings\All Users\Application Data\BOOKFUNK4KIND
      E:\Program Files\CAMPLO...
      E:\Program Files\Windows ControlAd

      5. Start opnieuw op in normale modus, maak een nieuw logje aan met HijackThis, en post dat hier

        Comment

        • #3
          Aangezien reactie is uitgebleven, veronderstel ik dat het probleem is opgelost en sluit ik deze thread.

            Comment

            Vorige template Volgende
            Working...
            X
            😀
            🥰
            🤢
            😎
            😡
            👍
            👎