Beste mensen,
Ik heb gescant met Ad-aware, spybot enzo, maar ik krijg de balkjes maar niet weg. My web search ofzoiets en een blauwe search balk bovenaan en nog een brede onderaan verschijnen steeds als ik internet explorer open. Kunnen jullie me helpen? Hieronder vinden jullie mijn hijack log.
Dank u
Logfile of HijackThis v1.98.2
Scan saved at 13:19:41, on 24/10/2004
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE
C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe
C:\Program Files\Winamp\winampa.exe
D:\Documents and Settings\Van Hees\Mijn documenten\Mijn ontvangen bestanden\MsgPlus.exe
C:\Program Files\Common Files\CMEII\CMESys.exe
C:\PROGRA~1\AQUATICA\AQ3HEL~1.EXE
C:\Program Files\Java\j2re1.4.2_05\bin\jusched.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\Program Files\Common Files\GMT\GMT.exe
c:\progra~1\intern~1\iexplore.exe
C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
C:\Program Files\Network Associates\VirusScan\Mcshield.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Suzy Van Hees\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.dvjpvbajrcyrcioztwgzvris...Tp7MNJ2YN6zLfXQFcfF0ItrwzGh_/kLYhjbI8uflY.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.be/Default.asp?Ath=f
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = http://pac.telenet.be:8080
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {0FDD7A16-3678-D4B8-D7A1-2F9998801DC8} - C:\PROGRA~1\SURFCR~1\Wipe two.exe (file missing)
O2 - BHO: (no name) - {541E8FB0-ABA6-D0E0-8198-347F5C558504} - C:\DOCUME~1\VANHEE~1\APPLIC~1\SURFCR~1\Wipe two.exe
O3 - Toolbar: DashBar Toolbar - {CC90CDA0-74A0-45b4-80EF-D89CA8C249B8} - C:\Program Files\DashBar\DashBar17.dll
O4 - HKLM\..\Run: [ShStatEXE] "C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE" /STANDALONE
O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe" /StartedFromRunKey
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [MessengerPlus3] "D:\Documents and Settings\Van Hees\Mijn documenten\Mijn ontvangen bestanden\MsgPlus.exe"
O4 - HKLM\..\Run: [Grim Mode Ping Link] C:\Documents and Settings\All Users\Application Data\PART LONG GRIM MODE\Deafmags.exe
O4 - HKLM\..\Run: [CMESys] "C:\Program Files\Common Files\CMEII\CMESys.exe"
O4 - HKLM\..\Run: [AQ3HelperStartUp] C:\PROGRA~1\AQUATICA\AQ3HEL~1.EXE /partner AQ3
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_05\bin\jusched.exe
O4 - HKLM\..\Run: [Cdrom Else Deaf Nurb] C:\Documents and Settings\All Users\Application Data\download option cdrom else\Soft Software.exe
O4 - HKCU\..\Run: [MessengerPlus3] "D:\Documents and Settings\Van Hees\Mijn documenten\Mijn ontvangen bestanden\MsgPlus.exe" /WinStart
O4 - HKCU\..\Run: [locks help] C:\DOCUME~1\VANHEE~1\APPLIC~1\FILMST~1\dvd meet.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O4 - Global Startup: GStartup.lnk = C:\Program Files\Common Files\GMT\GMT.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file)
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {205FF73B-CA67-11D5-99DD-444553540000} (CInstall Class) - http://www.spywarestormer.com/files2/Install.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.c...ls/en/x86/client/wuweb_site.cab?1095176206067
Ik heb gescant met Ad-aware, spybot enzo, maar ik krijg de balkjes maar niet weg. My web search ofzoiets en een blauwe search balk bovenaan en nog een brede onderaan verschijnen steeds als ik internet explorer open. Kunnen jullie me helpen? Hieronder vinden jullie mijn hijack log.
Dank u
Logfile of HijackThis v1.98.2
Scan saved at 13:19:41, on 24/10/2004
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE
C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe
C:\Program Files\Winamp\winampa.exe
D:\Documents and Settings\Van Hees\Mijn documenten\Mijn ontvangen bestanden\MsgPlus.exe
C:\Program Files\Common Files\CMEII\CMESys.exe
C:\PROGRA~1\AQUATICA\AQ3HEL~1.EXE
C:\Program Files\Java\j2re1.4.2_05\bin\jusched.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\Program Files\Common Files\GMT\GMT.exe
c:\progra~1\intern~1\iexplore.exe
C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
C:\Program Files\Network Associates\VirusScan\Mcshield.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Suzy Van Hees\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.dvjpvbajrcyrcioztwgzvris...Tp7MNJ2YN6zLfXQFcfF0ItrwzGh_/kLYhjbI8uflY.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.be/Default.asp?Ath=f
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = http://pac.telenet.be:8080
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {0FDD7A16-3678-D4B8-D7A1-2F9998801DC8} - C:\PROGRA~1\SURFCR~1\Wipe two.exe (file missing)
O2 - BHO: (no name) - {541E8FB0-ABA6-D0E0-8198-347F5C558504} - C:\DOCUME~1\VANHEE~1\APPLIC~1\SURFCR~1\Wipe two.exe
O3 - Toolbar: DashBar Toolbar - {CC90CDA0-74A0-45b4-80EF-D89CA8C249B8} - C:\Program Files\DashBar\DashBar17.dll
O4 - HKLM\..\Run: [ShStatEXE] "C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE" /STANDALONE
O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe" /StartedFromRunKey
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [MessengerPlus3] "D:\Documents and Settings\Van Hees\Mijn documenten\Mijn ontvangen bestanden\MsgPlus.exe"
O4 - HKLM\..\Run: [Grim Mode Ping Link] C:\Documents and Settings\All Users\Application Data\PART LONG GRIM MODE\Deafmags.exe
O4 - HKLM\..\Run: [CMESys] "C:\Program Files\Common Files\CMEII\CMESys.exe"
O4 - HKLM\..\Run: [AQ3HelperStartUp] C:\PROGRA~1\AQUATICA\AQ3HEL~1.EXE /partner AQ3
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_05\bin\jusched.exe
O4 - HKLM\..\Run: [Cdrom Else Deaf Nurb] C:\Documents and Settings\All Users\Application Data\download option cdrom else\Soft Software.exe
O4 - HKCU\..\Run: [MessengerPlus3] "D:\Documents and Settings\Van Hees\Mijn documenten\Mijn ontvangen bestanden\MsgPlus.exe" /WinStart
O4 - HKCU\..\Run: [locks help] C:\DOCUME~1\VANHEE~1\APPLIC~1\FILMST~1\dvd meet.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O4 - Global Startup: GStartup.lnk = C:\Program Files\Common Files\GMT\GMT.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file)
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {205FF73B-CA67-11D5-99DD-444553540000} (CInstall Class) - http://www.spywarestormer.com/files2/Install.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.c...ls/en/x86/client/wuweb_site.cab?1095176206067
