Archief - De topics van lang geleden

help!continu foutmelding van trojan startpage!hoe verwijderen?!

06-03-2005, 11:58 door Anoniem, 7 reacties
Logfile of HijackThis v1.99.1
Scan saved at 11:51:38, on 6-3-2005
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Running processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSExplorer.EXE
C:WINDOWSsystem32spoolsv.exe
C:WINDOWSSystem32P2P NetworkingP2P Networking.exe
C:Program FilesJavajre1.5.0_01binjusched.exe
C:Program FilesCommon FilesCMEIICMESys.exe
C:Program FilesCommon FilesRealUpdate_OBrealsched.exe
C:Program FilesHotbarBin4.6.1.0WeatherOnTray.exe
C:Program FilesHotbarBin4.6.1.0HbOEAddOn.exe
C:Program FilesAdaptecEasy CD Creator 5DirectCDDirectCD.exe
C:WINDOWSSystem32rundll32.exe
C:PROGRA~1NORTON~1navapw32.exe
C:WINDOWSSystem32ctfmon.exe
C:Program FilesCommon FilesGMTGMT.exe
C:Program FilesNorton AntiVirusnavapsvc.exe
C:Program FilesInternet Exploreriexplore.exe
C:Program FilesMSN AppsUpdater1.02.3000.1001nl-
bemsnappau.exe
C:Program FilesHotbarBin4.6.1.0HbSrv.exe
C:WINDOWSSystem32wuauclt.exe
C:Documents and SettingsegyptianladyLocal SettingsTemporary
Internet FilesContent.IE5K5I3OHINhijackthis[1].exe

R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Search Bar =
res://C:DOCUME~1EGYPTI~1LOCALS~1Tempse.dll/sp.html
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Search Bar =
res://C:DOCUME~1EGYPTI~1LOCALS~1Tempse.dll/sp.html
R1 - HKCUSoftwareMicrosoftInternet ExplorerSearch,SearchAssistant
= about:blank
R0 - HKLMSoftwareMicrosoftInternet ExplorerSearch,SearchAssistant =
about:blank
R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,HomeOldSP =
about:blank
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,HomeOldSP =
about:blank
R0 - HKCUSoftwareMicrosoftInternet
ExplorerToolbar,LinksFolderName = Koppelingen
O2 - BHO: ShprRprts - {2A8A997F-BB9F-48F6-AA2B-2762D50F9289} -
C:Program FilesShopperReportsBin1.0.4.0ShprRprt.dll
O2 - BHO: InstaFinderK - {4E7BD74F-2B8D-469E-90F0-F66AB581A933} -
C:PROGRA~1INSTAF~1INSTAF~1.DLL
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} -
C:Program FilesMSN AppsST1.02.3000.1002en-xustmain.dll
O2 - BHO: Hotbar - {B195B3B3-8A05-11D3-97A4-0004ACA6948E} -
C:Program FilesHotbarBin4.6.1.0HbHostIE.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-
64B5B4FF55D0} - C:Program FilesMSN AppsMSN
Toolbar1.02.3000.1001nl-bemsntb.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} -
C:Program FilesNorton AntiVirusNavShExt.dll
O2 - BHO: (no name) - {DA32D8F5-F8F5-4FA3-8FE2-C4627FB7D624} -
C:WINDOWSSystem32jkhg.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} -
C:WINDOWSSystem32msdxm.ocx
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} -
C:Program FilesMSN AppsMSN Toolbar1.02.3000.1001nl-
bemsntb.dll
O3 - Toolbar: Hotbar - {B195B3B3-8A05-11D3-97A4-0004ACA6948E} -
C:Program FilesHotbarBin4.6.1.0HbHostIE.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-
7859DF00B1D6} - C:Program FilesNorton AntiVirusNavShExt.dll
O4 - HKLM..Run: [P2P Networking] C:WINDOWSSystem32P2P
NetworkingP2P Networking.exe /AUTOSTART
O4 - HKLM..Run: [SunJavaUpdateSched] C:Program
FilesJavajre1.5.0_01binjusched.exe
O4 - HKLM..Run: [CMESys] "C:Program FilesCommon
FilesCMEIICMESys.exe"
O4 - HKLM..Run: [TkBellExe] "C:Program FilesCommon
FilesRealUpdate_OBrealsched.exe" -osboot
O4 - HKLM..Run: [WeatherOnTray] C:Program FilesHotbarBin4.6.1.0
WeatherOnTray.exe
O4 - HKLM..Run: [Hotbar] C:Program FilesHotbarBin4.6.1.0
HbOEAddOn.exe
O4 - HKLM..Run: [aqbfchtu] C:WINDOWSSystem32ohkgrilv.exe
O4 - HKLM..Run: [AdaptecDirectCD] C:Program FilesAdaptecEasy CD
Creator 5DirectCDDirectCD.exe
O4 - HKLM..Run: [sp] rundll32 C:DOCUME~1EGYPTI~1LOCALS~1
Tempse.dll,DllInstall
O4 - HKLM..Run: [NAV Agent] C:PROGRA~1NORTON~1navapw32.exe
O4 - HKCU..Run: [CTFMON.EXE] C:WINDOWSSystem32ctfmon.exe
O4 - HKCU..Run: [msnmsgr] "C:Program FilesMSN
Messengermsnmsgr.exe" /background
O4 - HKCU..Run: [Skype] "C:Program
FilesSkypePhoneSkype.exe" /nosplash /minimized
O4 - Global Startup: GStartup.lnk = C:Program FilesCommon
FilesGMTGMT.exe
O4 - Global Startup: Microsoft Office.lnk = C:Program FilesMicrosoft
OfficeOfficeOSA9.EXE
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-
00401C608501} - C:Program FilesJavajre1.5.0_01binnpjpi150_01.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-
11CF-AAA5-00401C608501} - C:Program FilesJavajre1.5.0_01
binnpjpi150_01.dll
O9 - Extra button: ShopperReports - Compare travel rates - {946B3E9E-
E21A-49c8-9F63-900533FAFE14} - C:Program
FilesShopperReportsBin1.0.4.0ShprRprt.dll
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} -
C:WINDOWSwebrelated.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-
11d2-a20b-00aa003c157a} - C:WINDOWSwebrelated.htm
O9 - Extra button: ShopperReports - Compare product prices -
{E77EDA01-3C56-4a96-8D08-02B42891C169} - C:Program
FilesShopperReportsBin1.0.4.0ShprRprt.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-
00C04F795683} - C:Program FilesMessengerMSMSGS.EXE
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-
11d2-BB9E-00C04F795683} - C:Program
FilesMessengerMSMSGS.EXE
O16 - DPF: {1D6711C8-7154-40BB-8380-3DEA45B69CBF} (Web P2P
Installer) -
O16 - DPF: {69FD62B1-0216-4C31-8D55-840ED86B7C8F} (HbInstObj) -
http://installs.hotbar.com/installs/hotbar/programs/hotbar.cab
O16 - DPF: {841A9192-5690-11D4-A258-0040954A01BE} (DialXSCtl
Object) - http://dialxs.nl/install/dialxs.ocx
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF}
(MsnMessengerSetupDownloadControl Class) -
http://messenger.msn.com/download/msnmessengersetupdownloader.c
ab
O16 - DPF: {B467A3AF-E45B-4B1B-9983-C035D988FB0F}
(VacPro.belgio_ver10) - http://advnt01.com/dialer/belgio_ver10.CAB
O16 - DPF: {E6A3C1E2-F792-483E-9133-596215172BE9} (AcceptLang
Class) - http://runonce.msn.com/setacceptlang.cab
O16 - DPF: {EF0DBA6F-43CE-4B26-9808-2AB38FA0DB29} (MSN Money
Ticker) - http://fdl.msn.com/public/investor/v13/ticker.cab
O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan
Class) - http://download.mcafee.com/molbin/iss-loc/vso/en-
us/tools/mcfscan/2,0,0,4438/mcfscan.cab
O16 - DPF: {EFB22865-F3BC-4309-ADFA-C8E078A7F762}
(SysWebTelecomInt Class) -
http://www.sponsoradulto.com/cab/14/en/SysWebTelecomInt.cab
O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat
Control 4.5) - http://chat.msn.com/bin/msnchat45.cab
O18 - Filter: text/html - {CDA6CB50-8614-48BA-AF5B-4ED73F8D7886} -
C:WINDOWSSystem32jkhg.dll
O18 - Filter: text/plain - {CDA6CB50-8614-48BA-AF5B-4ED73F8D7886} -
C:WINDOWSSystem32jkhg.dll
O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) -
Symantec Corporation - C:Program FilesNorton AntiVirusnavapsvc.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec
Corporation - C:PROGRA~1COMMON~1SYMANT~1SCRIPT~1
SBServ.exe
Reacties (7)
06-03-2005, 13:10 door Anoniem
kan iemand mij hiermee helpen??

ik krijg via norton continu deze foutmelding (trojan startpage) en kan ze
niet verwijderen

alvast bedankt!
xx
06-03-2005, 15:44 door Glenn _ Mulleners
Al eens proberen te verwijderen in veilige modus ?
07-03-2005, 09:12 door Zarco.nl
Probeer Hitman Pro eens zou ik zeggen
07-03-2005, 13:14 door Anoniem
www.lavasoft.com-->ad-ware
07-03-2005, 14:36 door Anoniem
www.lavasoft.nl-->ad-aware
07-03-2005, 14:41 door SirDice
D'r staat aardig wat rotzooi op die machine.
16-03-2005, 20:29 door Anoniem
Door SirDice
D'r staat aardig wat rotzooi op die machine.

En nog geen klein beetje.. :-)
Reageren

Deze posting is gelocked. Reageren is niet meer mogelijk.