antivirus.startpagina.nl

Pop-Ups

  • Anonymous avatar

    Robert

    Hallo….ik krijg sinds een tijd vervelende pop-ups en krijg ze niet weg met norton en hitman pro….kan iemand me helpen ?

    Alvast bedankt…

    Robert

    Logfile of HijackThis v1.99.0

    Scan saved at 19:32:12, on 1-11-2005

    Platform: Windows XP SP2 (WinNT 5.01.2600)

    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

    Running processes:

    C:\WINDOWS\System32\smss.exe

    C:\WINDOWS\system32\winlogon.exe

    C:\WINDOWS\system32\services.exe

    C:\WINDOWS\system32\lsass.exe

    C:\WINDOWS\system32\svchost.exe

    C:\WINDOWS\System32\svchost.exe

    C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe

    C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe

    C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe

    C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe

    C:\WINDOWS\Explorer.EXE

    C:\WINDOWS\system32\spoolsv.exe

    C:\Program Files\Common Files\Real\Update_OB\realsched.exe

    C:\Program Files\Spyware Nuker 2004\swn2.exe

    C:\WINDOWS\Dit.exe

    C:\WINDOWS\system32\RunDll32.exe

    C:\Program Files\Common Files\Symantec Shared\ccApp.exe

    C:\WINDOWS\DitExp.exe

    C:\WINDOWS\system32\RUNDLL32.EXE

    C:\Program Files\SurfAccuracy\SAcc.exe

    C:\Program Files\Messenger\msmsgs.exe

    C:\WINDOWS\system32\ctfmon.exe

    C:\Program Files\WinZip\WZQKPICK.EXE

    C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe

    C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe

    C:\Program Files\Norton AntiVirus\navapsvc.exe

    C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe

    C:\WINDOWS\system32\nvsvc32.exe

    C:\WINDOWS\System32\svchost.exe

    C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe

    C:\Program Files\Internet Explorer\iexplore.exe

    C:\Program Files\NewsLeecher\newsLeecher.exe

    C:\Program Files\NewsLeecher\newsLeecher.exe

    C:\Program Files\MSN Messenger\msnmsgr.exe

    C:\Program Files\Internet Explorer\iexplore.exe

    C:\Documents and Settings\Robert.ROBERT-AAQO9X24\Bureaublad\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.nl/0SENLNL/SAOS01

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.nld.chello.nl/

    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.nld.chello.nl/

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer aangeboden door chello broadband n.v.

    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen

    R3 - Default URLSearchHook is missing

    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

    O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll

    O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.4000.1001\nl\msntb.dll

    O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll

    O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll

    O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.4000.1001\nl\msntb.dll

    O4 - HKLM\..\Run: “C:\Program Files\Common Files\Real\Update_OB\realsched.exe” -osboot

    O4 - HKLM\..\Run: C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer

    O4 - HKLM\..\Run: C:\Program Files\Spyware Nuker 2004\swn2.exe /h

    O4 - HKLM\..\Run: C:\WINDOWS\system32\PSDrvCheck.exe -CheckReg

    O4 - HKLM\..\Run: Dit.exe

    O4 - HKLM\..\Run: RunDll32 cmicnfg.cpl,CMICtrlWnd

    O4 - HKLM\..\Run: “C:\Program Files\Common Files\Symantec Shared\ccApp.exe”

    O4 - HKLM\..\Run: %systemroot%\system32\dumprep 0 -u

    O4 - HKLM\..\Run: RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

    O4 - HKLM\..\Run: nwiz.exe /install

    O4 - HKLM\..\Run: RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit

    O4 - HKLM\..\Run: C:\Program Files\SurfAccuracy\SAcc.exe

    O4 - HKLM\..\Run: C:\WINDOWS\system32\NeroCheck.exe

    O4 - HKCU\..\Run: “C:\Program Files\Messenger\msmsgs.exe” /background

    O4 - HKCU\..\Run: C:\WINDOWS\system32\ctfmon.exe

    O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE

    O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE

    O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office10\EXCEL.EXE/3000

    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

    O9 - Extra ‘Tools’ menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

    O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll

    O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab28177.cab

    O16 - DPF: {1D185838-009D-47C8-824B-B65B4854430E} (Installer Class) - http://quickfix2.chello.nl/quickfix2/asp/chelloInstall.CAB

    O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab28578.cab

    O16 - DPF: {2AF5BD25-90C5-4EEC-88C5-B44DC2905D8B} (DownloadManager Control) - http://dlmanager.akamaitools.com.edgesuite.net/dlmanager/versions/activex/dlm-activex-2.0.3.5.cab

    O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://spaces.msn.com//PhotoUpload/MsnPUpld.cab

    O16 - DPF: {6211AC26-A1B4-422A-AC52-1E70B7D24465} (FileSharingCtrl Class) - http://appdirectory.messenger.msn.com/AppDirectory/P4Apps/FileSharing/nl/filesharingctrl.cab

    O16 - DPF: {665585FD-2068-4C5E-A6D3-53AC3270ECD4} (FileSharingCtrl Class) - http://appdirectory.messenger.msn.com/AppDirectory/P4Apps/FileSharing/en/filesharingctrl.cab

    O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab28177.cab

    O16 - DPF: {C58EFA10-2CC0-4C50-8C77-B326555EC1B7} (clsDefault Class) - http://quickfix2.chello.nl/quickfix2/asp/LaunchApp.CAB

    O17 - HKLM\System\CCS\Services\Tcpip\..\{67A5AB24-1681-4A7F-9E0C-00543A62F138}: NameServer = 62.108.1.65,62.108.1.66

    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - “C:\PROGRA~1\MSNMES~1\msgrapp.dll” (file missing)

    O23 - Service: Symantec Event Manager - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe

    O23 - Service: Symantec Password Validation - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe

    O23 - Service: Symantec Settings Manager - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe

    O23 - Service: EpsonBidirectionalService - Unknown - C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe

    O23 - Service: EPSON Printer Status Agent2 - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe

    O23 - Service: Norton AntiVirus Auto-Protect-service - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe

    O23 - Service: Norton AntiVirus Firewall Monitor Service - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe

    O23 - Service: NVIDIA Display Driver Service - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

    O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe

    O23 - Service: ScriptBlocking Service - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe

    O23 - Service: Symantec Network Drivers Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe

    O23 - Service: Symantec SPBBCSvc - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe

    O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe

    O23 - Service: SymWMI Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe

    O23 - Service: X10 Device Network Service - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe

  • Anonymous avatar

    Auk

    Robert schreef:

    > krijg ze niet weg met hitman pro…

    Wat lees ik dat toch vaak.

    Waarom dacht je dat het WEL zou lukken met Hitman Prut ?

    Auk

  • Anonymous avatar

    beek

    auk

    hij vraagt om hulp en niet om hitman pro gezeik

    DAT LEES IK VAAK

  • Anonymous avatar

    Auk

    beek schreef:

    > hij vraagt om hulp en niet om hitman pro gezeik

    Geef 'm dat dan.

    Auk

  • Anonymous avatar

    Peter

    Auk schreef:

    > Geef 'm dat dan.

    >

    > Auk

    Okee :-)

    Hoi Robert,

    Klik bovenaan de pagina eens op het rode ‘lees dit eerst’, volg even de aangegeven stappen en plaats dan het logbestand in dit topic. Eén van de experts zal je dan verder helpen.

  • Anonymous avatar

    MANONNA

    Je hebt een oude Hijakthis en die spywarenuker kan er alvast af..dat is een nepscanner.

  • Anonymous avatar

    Knutselsmurf

    Tis de 2004 spywarenuker,..

    Note on SpywareNuker & pcOrion: Spyware Nuker and pcOrion are re-branded clones of one another; both are distributed by TrekBlue/TrekData. Spyware Nuker and pcOrion were listed on this page on this page primarily because of issues surrounding Version 1 of Spyware Nuker, because of TrekBlue's murky relationship with the adware distributor BlueHaven Media, and because of objectionable advertising that used to appear on the pcOrion home page.

    Version 1 of Spyware Nuker had a deservedly poor reputation. It was a clone of BPS Spyware & Adware Remover, which itself is a rip-off of Ad-aware (1, 2) and Spybot Search & Destroy (1, 2, 3, 4, 5). Moreover, it was prone to ridiculous false positives, like the other clones of BPS Spyware & Adware Remover. (Contrary to allegations on the Net, no version of SpywareNuker or pcOrion, so far as we can tell, has itself installed adware or spyware.)

    In the late spring or early summer of 2004, TrekBlue released a new version of SpywareNuker (version 2, also known as SpywareNuker 2004) which is not built on the codebase licensed from BPS (1). Testing with this new version – also released under the name pcOrion – indicates that it does detect and remove spyware and adware. Moreover it is not prone to inexcusable false positives, as its predecessor was. Thus, the new SpywareNuker 2004 is a significant improvement on the justly discredited original version of SpywareNuker. Still further, the objectionable advertising on the pcOrion home page has been removed, and TrekBlue/TrekData has taken steps to clarify the history of its relationship with BlueHaven, which is no longer a TrekBlue/TrekData company. (1, 2)

    Given that the issues surrounding Spyware Nuker and pcOrion have been addressed by the TrekBlue/TrekData, we can no longer consider Spyware Nuker or pcOrion to be “rogue/suspect” anti-spyware

    smurfie:)

  • Anonymous avatar

    MANONNA

    Hij heeft op de lijst gestaan en dan vertrouw ik hem nog steeds niet..Leven gebeterd of niet.

    Dus voor mij geen spywarenuker..xoftspy of meer van die vage progjes..Jammer voor ze.

  • Anonymous avatar

    Auk

    MANONNA schreef:

    > Hij heeft op de lijst gestaan en dan vertrouw ik hem nog

    > steeds niet..Leven gebeterd of niet.

    Zo is dat.

    Auk

  • Anonymous avatar

    Knutselsmurf

    Tja, tis mijn proggie ook niet, kopieerde alleen een stukkie van de hier

    alom geroemde rogue list :) voor war het waard is dus.