lop.com

Status
Niet open voor verdere reacties.
W

wullybully

Gebruiker
Lid geworden
3 sep 2001
Berichten
199
hallo allemaal.. ik heb nu ook zo een rare xtra werkbalk in mij internet explorer!

na ff snuffelen op het forum heb ik Hijackthis gedraaid, en dit is het logbestand:

Logfile of HijackThis v1.94.0
Scan saved at 21:13:29, on 22-6-2003
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar=http://V31510.find-quick.com/searchbar.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page=http://V31510.find-quick.com/searchbar.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar=http://V31510.find-quick.com/searchbar.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page=http://V31510.find-quick.com/searchbar.html
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant=http://V31510.find-quick.com/searchbar.html
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page=C:\WINDOWS\System32\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page=%SystemRoot%\system32\blank.htm
O2 - BHO: (no name) - {a9e8eaf9-7063-47b5-b9b4-aea1c61b8232} - C:\DOCUME~1\DaViRuS\APPLIC~1\oolltgdnl.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: (no name) - {62999427-33FC-4baf-9C9C-BCE6BD127F08} - (no file)
O3 - Toolbar: ssprpgmicrg - {b7c3b446-436c-4584-9bec-7ed3b48b5a7c} - C:\DOCUME~1\DaViRuS\APPLIC~1\oolltgdnl.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [ccRegVfy] "C:\Program Files\Common Files\Symantec Shared\ccRegVfy.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [MMTray] MMTray.exe
O4 - HKLM\..\Run: [WINDVDPatch] CTHELPER.EXE
O4 - HKLM\..\Run: [MessengerPlus2] "C:\Program Files\Messenger Plus! 2\MsgPlus.exe"
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [PopUpKiller] C:\Program Files\PopUp Killer\PopUpKiller.EXE
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\Winampa.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O8 - Extra context menu item: &Download with &DAP - C:\PROGRA~1\DAP\dapextie.htm
O8 - Extra context menu item: &NeoTrace It! - C:\PROGRA~1\NEOTRA~1\NTXcontext.htm
O8 - Extra context menu item: Download &all with DAP - C:\PROGRA~1\DAP\dapextie2.htm
O9 - Extra 'Tools' menuitem: Sun Java Console (HKLM)
O9 - Extra button: Messenger (HKLM)
O9 - Extra 'Tools' menuitem: Windows Messenger (HKLM)
O9 - Extra button: NeoTrace It! (HKCU)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = P15776.find-quick.com
O17 - HKLM\Software\..\Telephony: DomainName = P15776.find-quick.com
O17 - HKLM\System\CCS\Services\Tcpip\..\{0013D347-C110-4DD2-9523-67335705F528}: Domain = P15776.find-quick.com
O17 - HKLM\System\CCS\Services\Tcpip\..\{2D34C46A-C6BB-4EAF-B5DC-45CE33CD14BA}: Domain = P15776.find-quick.com
O17 - HKLM\System\CCS\Services\Tcpip\..\{6EA39DFC-BBA3-4B61-B41F-0F869A3D1F6D}: Domain = P15776.find-quick.com
O17 - HKLM\System\CCS\Services\Tcpip\..\{B4F8160D-B709-42B1-B80E-617302D06FA5}: Domain = P15776.find-quick.com
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = P15776.find-quick.com
O17 - HKLM\System\CS1\Services\Tcpip\..\{0013D347-C110-4DD2-9523-67335705F528}: Domain = P15776.find-quick.com
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = P15776.find-quick.com
O17 - HKLM\System\CS2\Services\Tcpip\..\{0013D347-C110-4DD2-9523-67335705F528}: Domain = P15776.find-quick.com

weet er iemand welke files ik moet deleten?
alvast bedankt!
 
De volgende kunnen weg

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar=http://V31510.find-quick.com/searchbar.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page=http://V31510.find-quick.com/searchbar.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar=http://V31510.find-quick.com/searchbar.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page=http://V31510.find-quick.com/searchbar.html
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant=http://V31510.find-quick.com/searchbar.html

O2 - BHO: (no name) - {a9e8eaf9-7063-47b5-b9b4-aea1c61b8232} - C:\DOCUME~1\DaViRuS\APPLIC~1\oolltgdnl.dll

O3 - Toolbar: (no name) - {62999427-33FC-4baf-9C9C-BCE6BD127F08} - (no file)
O3 - Toolbar: ssprpgmicrg - {b7c3b446-436c-4584-9bec-7ed3b48b5a7c} - C:\DOCUME~1\DaViRuS\APPLIC~1\oolltgdnl.dll

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = P15776.find-quick.com
O17 - HKLM\Software\..\Telephony: DomainName = P15776.find-quick.com
O17 - HKLM\System\CCS\Services\Tcpip\..\{0013D347-C110-4DD2-9523-67335705F528}: Domain = P15776.find-quick.com
O17 - HKLM\System\CCS\Services\Tcpip\..\{2D34C46A-C6BB-4EAF-B5DC-45CE33CD14BA}: Domain = P15776.find-quick.com
O17 - HKLM\System\CCS\Services\Tcpip\..\{6EA39DFC-BBA3-4B61-B41F-0F869A3D1F6D}: Domain = P15776.find-quick.com
O17 - HKLM\System\CCS\Services\Tcpip\..\{B4F8160D-B709-42B1-B80E-617302D06FA5}: Domain = P15776.find-quick.com
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = P15776.find-quick.com
O17 - HKLM\System\CS1\Services\Tcpip\..\{0013D347-C110-4DD2-9523-67335705F528}: Domain = P15776.find-quick.com
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = P15776.find-quick.com
O17 - HKLM\System\CS2\Services\Tcpip\..\{0013D347-C110-4DD2-9523-67335705F528}: Domain = P15776.find-quick.com
 
Laat Hijackthis de volgende items fixen. Sluit eerst je browser.

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar=http://V31510.find-quick.com/searchbar.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page=http://V31510.find-quick.com/searchbar.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar=http://V31510.find-quick.com/searchbar.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page=http://V31510.find-quick.com/searchbar.html
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant=http://V31510.find-quick.com/searchbar.html
O2 - BHO: (no name) - {a9e8eaf9-7063-47b5-b9b4-aea1c61b8232} - C:\DOCUME~1\DaViRuS\APPLIC~1\oolltgdnl.dll
O3 - Toolbar: (no name) - {62999427-33FC-4baf-9C9C-BCE6BD127F08} - (no file)
O3 - Toolbar: ssprpgmicrg - {b7c3b446-436c-4584-9bec-7ed3b48b5a7c} - C:\DOCUME~1\DaViRuS\APPLIC~1\oolltgdnl.dll
O4 - HKLM\..\Run: [MMTray] MMTray.exe
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = P15776.find-quick.com
O17 - HKLM\Software\..\Telephony: DomainName = P15776.find-quick.com
O17 - HKLM\System\CCS\Services\Tcpip\..\{0013D347-C110-4DD2-9523-67335705F528}: Domain = P15776.find-quick.com
O17 - HKLM\System\CCS\Services\Tcpip\..\{2D34C46A-C6BB-4EAF-B5DC-45CE33CD14BA}: Domain = P15776.find-quick.com
O17 - HKLM\System\CCS\Services\Tcpip\..\{6EA39DFC-BBA3-4B61-B41F-0F869A3D1F6D}: Domain = P15776.find-quick.com
O17 - HKLM\System\CCS\Services\Tcpip\..\{B4F8160D-B709-42B1-B80E-617302D06FA5}: Domain = P15776.find-quick.com
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = P15776.find-quick.com
O17 - HKLM\System\CS1\Services\Tcpip\..\{0013D347-C110-4DD2-9523-67335705F528}: Domain = P15776.find-quick.com
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = P15776.find-quick.com
O17 - HKLM\System\CS2\Services\Tcpip\..\{0013D347-C110-4DD2-9523-67335705F528}: Domain = P15776.find-quick.com

Start PC daarna opnieuw op.

Groetjes,
Bennie
 
Bennie, heb jij info over die MMtray.exe?

Het enige wat ik erover vindt:
System Tray icon which enables you to call up the configuration utility for the Morgan Multimedia MJPEG Codec.

Recommendation :
Unless you work a lot with MJPEG AVIs and need to change the Codec’s configuration often, we recommend disabling this with Startup Manager (to reduce System Tray clutter) and accessing the configuration screen via the "Control Panel \ Multimedia" icon.

Dus niet echt spyware mijns inziens
 
Nee, dat klopt, dat is geen Spyware, maar om een Codec op te starten. Je kan 'em handmatig opstarten. Hij mag ook blijven staan:)

Groetjes,
Bennie
 
Status
Niet open voor verdere reacties.
Steun Ons

Nieuwste berichten

Terug
Bovenaan Onderaan