teveel search balkenellende

Status
Niet open voor verdere reacties.
A

angelmiro

Gebruiker
Lid geworden
29 sep 2004
Berichten
5
hallo kan iemand dit log eens controlleren, mijn pc is vrij traag en ik heb teveel searchbalken op internet.
Ik speel wel graag spelletjes op internet


Logfile of HijackThis v1.98.2
Scan saved at 15:00:33, on 29-9-2004
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\drivers\dcfssvc.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\QuickTime\qttask.exe
C:\PROGRA~1\NORTON~1\navapw32.exe
C:\Program Files\Messenger Plus! 3\MsgPlus.exe
c:\progra~1\intern~1\iexplore.exe
C:\Program Files\Hotbar\bin\4.5.1.0\WeatherOnTray.exe
C:\WINDOWS\system32\devldr32.exe
C:\Program Files\Common Files\CMEII\CMESys.exe
C:\Program Files\Hotbar\bin\4.5.1.0\HbInst.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Common Files\GMT\GMT.exe
C:\Program Files\Kodak\KODAK Bildübertragungssoftware\pts.exe
C:\Program Files\KODAK\KODAK Software Updater\7288971\Program\backWeb-7288971.exe
C:\Program Files\Ulead Systems\Ulead Photo Express 3.0 SE\calcheck.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Hotbar\bin\4.5.1.0\HbSrv.exe
C:\DOCUME~1\ANGELI~1\LOCALS~1\Temp\Tijdelijke map 1 voor hijackthis.zip\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.extkaljaude.com/5OfFL7eLdiB__dFAaNuu/IdRLP/va4HR9zeYQd7MiEA.html
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.gyfnqwgyddahbylqriudnx.i...68duznZDeGPP6ZPZL_nQC0T9poS7IYAUqQLrAIoO.html
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
O2 - BHO: (no name) - {0EE1EAC8-DF27-56EB-BB84-D43C3C3EC193} - C:\PROGRA~1\SECOND~1\meta third.exe
O2 - BHO: (no name) - {55221F6E-42F9-52B3-EDBD-CFDAF8EB595F} - C:\PROGRA~1\SECOND~1\programboob.exe (file missing)
O2 - BHO: Hotbar - {B195B3B3-8A05-11D3-97A4-0004ACA6948E} - C:\Program Files\Hotbar\bin\4.5.1.0\HbHostIE.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Hotbar - {B195B3B3-8A05-11D3-97A4-0004ACA6948E} - C:\Program Files\Hotbar\bin\4.5.1.0\HbHostIE.dll
O3 - Toolbar: DashBar Toolbar - {CC90CDA0-74A0-45b4-80EF-D89CA8C249B8} - C:\Program Files\DashBar\DashBar17.dll
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [NAV Agent] C:\PROGRA~1\NORTON~1\navapw32.exe
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\Messenger Plus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [amenjugs] C:\PROGRA~1\DUMBTI~1\TitleBookSize.exe
O4 - HKLM\..\Run: [WeatherOnTray] C:\Program Files\Hotbar\bin\4.5.1.0\WeatherOnTray.exe
O4 - HKLM\..\Run: [mpegrectlovesect] C:\Documents and Settings\All Users\Application Data\LOAD SAFE MPEG RECT\SignSixth.exe
O4 - HKLM\..\Run: [CMESys] "C:\Program Files\Common Files\CMEII\CMESys.exe"
O4 - HKLM\..\Run: [AQ3HelperStartUp] C:\PROGRA~1\Aquatica\AQ3HEL~1.EXE /partner AQ3
O4 - HKLM\..\Run: [way lies name junk] C:\Documents and Settings\All Users\Application Data\Software gpl way lies\Gram Byte.exe
O4 - HKLM\..\Run: [Hotbar] C:\Program Files\Hotbar\bin\4.5.1.0\HbInst.exe /Upgrade
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe
O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\Messenger Plus! 3\MsgPlus.exe" /WinStart
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - Global Startup: GStartup.lnk = C:\Program Files\Common Files\GMT\GMT.exe
O4 - Global Startup: KODAK Bildübertragungssoftware.lnk = ?
O4 - Global Startup: KODAK Software Updater.lnk = C:\Program Files\KODAK\KODAK Software Updater\7288971\Program\backWeb-7288971.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: Ulead Photo Express 3.0 SE Calendar Checker.lnk = C:\Program Files\Ulead Systems\Ulead Photo Express 3.0 SE\calcheck.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.imgfarm.com/images/nocache/funwebproducts/ei/SmileyCentralInitialSetup1.0.0.8.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab30149.cab
O16 - DPF: {CE69F98F-2AF3-4306-BAC6-A79070EDA1B4} (Zylom Loader Object) - http://game12.zylomgames.com/activex/zylomloader.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab30149.cab
 
Laatst bewerkt:
Download lop.com uninstall en run het

Daarna zoek je in je softwarelijst of hotbar/webtools en dashbar erin aanwezig is en deinstalleer het.

Hijackthis runnen en volgende items fixen:

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.extkaljaude.com/5OfFL7eL...zeYQd7MiEA.html
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.gyfnqwgyddahbylqriudnx.i...AUqQLrAIoO.html
O2 - BHO: (no name) - {0EE1EAC8-DF27-56EB-BB84-D43C3C3EC193} - C:\PROGRA~1\SECOND~1\meta third.exe
O2 - BHO: (no name) - {55221F6E-42F9-52B3-EDBD-CFDAF8EB595F} - C:\PROGRA~1\SECOND~1\programboob.exe (file missing)
O2 - BHO: Hotbar - {B195B3B3-8A05-11D3-97A4-0004ACA6948E} - C:\Program Files\Hotbar\bin\4.5.1.0\HbHostIE.dll
O3 - Toolbar: DashBar Toolbar - {CC90CDA0-74A0-45b4-80EF-D89CA8C249B8} - C:\Program Files\DashBar\DashBar17.dll
O4 - HKLM\..\Run: [amenjugs] C:\PROGRA~1\DUMBTI~1\TitleBookSize.exe
O4 - HKLM\..\Run: [WeatherOnTray] C:\Program Files\Hotbar\bin\4.5.1.0\WeatherOnTray.exe
O4 - HKLM\..\Run: [mpegrectlovesect] C:\Documents and Settings\All Users\Application Data\LOAD SAFE MPEG RECT\SignSixth.exe
O4 - HKLM\..\Run: [CMESys] "C:\Program Files\Common Files\CMEII\CMESys.exe"
O4 - HKLM\..\Run: [AQ3HelperStartUp] C:\PROGRA~1\Aquatica\AQ3HEL~1.EXE /partner AQ3
O4 - HKLM\..\Run: [way lies name junk] C:\Documents and Settings\All Users\Application Data\Software gpl way lies\Gram Byte.exe
O4 - HKLM\..\Run: [Hotbar] C:\Program Files\Hotbar\bin\4.5.1.0\HbInst.exe /Upgrade
O4 - Global Startup: GStartup.lnk = C:\Program Files\Common Files\GMT\GMT.exe


Daarna pc in veilige mode opstarten en volgende items manueel verwijderen indien aanwezig:

C:\PROGRAM FILES\SECOND~1\<==deze map
C:\Program Files\Hotbar\<==deze map
C:\Program Files\DashBar\<==deze map
C:\PROGRAM FILES\DUMBTI~1\<==deze map
C:\Program Files\Common Files\CMEII\ <==deze map
C:\PROGRAM FILES\Aquatica\<==deze map
C:\Documents and Settings\All Users\Application Data\LOAD SAFE MPEG RECT\<==deze map
C:\Documents and Settings\All Users\Application Data\Software gpl way lies <==deze map
C:\Program Files\Common Files\GMT\<==deze map

Post daarna een nieuw logje.
Succes. ;-)
 
dank voor het s6.
Ik denk dat het gelukt is, alhoewel ik niet veel te verwijderen items kon terugvinden na gebruik van lop.com uninstall.

Hier is in ieder geval het nieuwe log.
Ikweet echter niet wanneer ik weer aan de pc ben, ga morgen weekendje weg.



Logfile of HijackThis v1.98.2
Scan saved at 20:07:12, on 30-9-2004
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\drivers\dcfssvc.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\QuickTime\qttask.exe
C:\PROGRA~1\NORTON~1\navapw32.exe
C:\Program Files\Messenger Plus! 3\MsgPlus.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\devldr32.exe
C:\Program Files\Kodak\KODAK Bildübertragungssoftware\pts.exe
C:\Program Files\KODAK\KODAK Software Updater\7288971\Program\backWeb-7288971.exe
C:\Program Files\Ulead Systems\Ulead Photo Express 3.0 SE\calcheck.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\hijackthis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.nl/Default.asp?Ath=f
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.mjtoqjgiqc.com/IZ4aTZKWJz7GN8WKRByockPMAY5/7jtcazx82l4YFhLcT9UMXyIhR9MT/Mf85wmv.html
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [NAV Agent] C:\PROGRA~1\NORTON~1\navapw32.exe
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\Messenger Plus! 3\MsgPlus.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe
O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\Messenger Plus! 3\MsgPlus.exe" /WinStart
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - Global Startup: KODAK Bildübertragungssoftware.lnk = ?
O4 - Global Startup: KODAK Software Updater.lnk = C:\Program Files\KODAK\KODAK Software Updater\7288971\Program\backWeb-7288971.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: Ulead Photo Express 3.0 SE Calendar Checker.lnk = C:\Program Files\Ulead Systems\Ulead Photo Express 3.0 SE\calcheck.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.imgfarm.com/images/nocache/funwebproducts/ei/SmileyCentralInitialSetup1.0.0.8.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Besturing) - http://a840.g.akamai.net/7/840/537/2004061001/housecall.trendmicro.com/housecall/xscan53.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab30149.cab
O16 - DPF: {CE69F98F-2AF3-4306-BAC6-A79070EDA1B4} (Zylom Loader Object) - http://game12.zylomgames.com/activex/zylomloader.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab30149.cab
 
Ik raad je wel aan om je messenger plus te deïnstalleren en daarna terug te installeren ZONDER sponsers.

Het volgende nog fixen in hjthis:

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.mjtoqjgiqc.com/IZ4aTZKWJ...MT/Mf85wmv.html

Deze mag eigenlijk ook nog weg:
O4 - Global Startup: KODAK Software Updater.lnk = C:\Program Files\KODAK\KODAK Software Updater\7288971\Program\backWeb-7288971.exe

Groetjes.
 
is gefixed, en tevens het nieuwe log
PS> messenger moet nog worden geregeld



Logfile of HijackThis v1.98.2
Scan saved at 14:33:11, on 3-10-2004
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\drivers\dcfssvc.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\QuickTime\qttask.exe
C:\PROGRA~1\NORTON~1\navapw32.exe
C:\Program Files\Messenger Plus! 3\MsgPlus.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Kodak\KODAK Bildübertragungssoftware\pts.exe
C:\Program Files\KODAK\KODAK Software Updater\7288971\Program\backWeb-7288971.exe
C:\Program Files\Ulead Systems\Ulead Photo Express 3.0 SE\calcheck.exe
C:\WINDOWS\system32\devldr32.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\hijackthis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.nl/Default.asp?Ath=f
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=runonce&pver=6.0&plcid=0x0413
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [NAV Agent] C:\PROGRA~1\NORTON~1\navapw32.exe
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\Messenger Plus! 3\MsgPlus.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe
O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\Messenger Plus! 3\MsgPlus.exe" /WinStart
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - Global Startup: KODAK Bildübertragungssoftware.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: Ulead Photo Express 3.0 SE Calendar Checker.lnk = C:\Program Files\Ulead Systems\Ulead Photo Express 3.0 SE\calcheck.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.imgfarm.com/images/nocache/funwebproducts/ei/SmileyCentralInitialSetup1.0.0.8.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Besturing) - http://a840.g.akamai.net/7/840/537/2004061001/housecall.trendmicro.com/housecall/xscan53.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab30149.cab
O16 - DPF: {CE69F98F-2AF3-4306-BAC6-A79070EDA1B4} (Zylom Loader Object) - http://game12.zylomgames.com/activex/zylomloader.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab30149.cab
 
Ok bedankt Miekiemoes

Tot een volgende keer :thumb: :thumb: :thumb: :thumb:
 
Status
Niet open voor verdere reacties.
                    Steun ons                    

Nieuwste berichten

Terug
Bovenaan Onderaan