anoniem Geplaatst: 27 januari 2004 Delen Geplaatst: 27 januari 2004 Ik heb het programma hijackthis al toegepast, misschien kan iemand mij helpen. Ik krijg die PORTAL er maar niet uit. Alvast bedankt. Logfile of HijackThis v1.97.7 Scan saved at 17:02:47, on 27-1-2004 Platform: Windows XP (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 (6.00.2600.0000) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe C:\Program Files\ahead\InCD\InCD.exe C:\WINDOWS\System32\RunDll32.exe C:\Program Files\Common Files\Symantec Shared\ccApp.exe C:\Program Files\ScanSoft\OmniPageSE\opware32.exe C:\Program Files\Common Files\Real\Update_OB\realsched.exe C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe C:\Program Files\iPod\bin\iPodManager.exe C:\Program Files\Common Files\Logitech\QCDriver3\LVCOMS.EXE C:\Program Files\Logitech\ImageStudio\LogiTray.exe C:\WINDOWS\System32\hit.exe C:\WINDOWS\System32\ctfmon.exe C:\Program Files\WinZip\WZQKPICK.EXE C:\Program Files\Wacom\TabUserW.exe C:\Program Files\Logitech\ImageStudio\LowLight.exe C:\WINDOWS\system32\crypserv.exe C:\Program Files\Norton AntiVirus\navapsvc.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\Tablet.exe C:\Program Files\iPod\bin\iPodService.exe C:\WINDOWS\system32\osk.exe C:\WINDOWS\system32\MSSWCHX.EXE D:\Downloads\hijackthis\HijackThis.exe C:\Program Files\Messenger\msmsgs.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.chello.nl/search/nl_iesearch.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.nld.chello.nl/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.chello.nl/ R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = http://www.chello.nl/autoconfig/nlnl.ins R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Startpagina = file:///C:/Program%20Files/Startportal/Portal/portal.html R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb04.exe O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [InCD] C:\Program Files\ahead\InCD\InCD.exe O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [ccRegVfy] "C:\Program Files\Common Files\Symantec Shared\ccRegVfy.exe" O4 - HKLM\..\Run: [Omnipage] C:\Program Files\ScanSoft\OmniPageSE\opware32.exe O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [MMTray] C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe O4 - HKLM\..\Run: [iPodManager] C:\Program Files\iPod\bin\iPodManager.exe O4 - HKLM\..\Run: [SheenCal 2] "C:\Program Files\SheenCal 2\SheenCal 2.exe" O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe O4 - HKLM\..\Run: [LVCOMS] C:\Program Files\Common Files\Logitech\QCDriver3\LVCOMS.EXE O4 - HKLM\..\Run: [LogitechGalleryRepair] C:\Program Files\Logitech\ImageStudio\ISStart.exe O4 - HKLM\..\Run: [LogitechImageStudioTray] C:\Program Files\Logitech\ImageStudio\LogiTray.exe O4 - HKLM\..\Run: [Diskstart] C:\WINDOWS\System32\hit.exe O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE O4 - Global Startup: TabUserW.lnk = C:\Program Files\Wacom\TabUserW.exe O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe O9 - Extra button: Related (HKLM) O9 - Extra 'Tools' menuitem: Show &Related Links (HKLM) O9 - Extra button: Real.com (HKLM) O9 - Extra button: Messenger (HKLM) O9 - Extra 'Tools' menuitem: Windows Messenger (HKLM) O14 - IERESET.INF: START_PAGE_URL=http://www.chello.nl/ O16 - DPF: {00000000-CDDC-0704-0B53-2C8830E9FAEC} (IELoaderCtl Class) - http://install.global-netcom.de/ieloader.cab O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://www.apple.com/qtactivex/qtplugin.cab O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) - http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab O16 - DPF: {41F17733-B041-4099-A042-B518BB6A408C} - http://a1540.g.akamai.net/7/1540/52/20030523/qtinstall.info.apple.com/drakken/nl/win/QuickTimeInstaller.exe O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab Quote Link naar reactie
anoniem Geplaatst: 27 januari 2004 Auteur Delen Geplaatst: 27 januari 2004 Laat HijackThis de volgende fixen: R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Startpagina = file:///C:/Program%20Files/Startportal/Portal/portal.html O4 - HKLM\..\Run: [Diskstart] C:\WINDOWS\System32\hit.exe <dat is de schuldige> O16 - DPF: {00000000-CDDC-0704-0B53-2C8830E9FAEC} (IELoaderCtl Class) - http://install.global-netcom.de/ieloader.cab Start opnieuw op. Vergewis je ervan dat: C:\WINDOWS\System32\hit.exe weg is. Quote Link naar reactie
anoniem Geplaatst: 28 januari 2004 Auteur Delen Geplaatst: 28 januari 2004 Bedankt voor je, alles werkt weer perfect. Thx Quote Link naar reactie
Aanbevolen berichten
Om een reactie te plaatsen, moet je eerst inloggen