Jump to content

hijack props with IE

frank

By frank
in Tech and Computers

 Share

Recommended Posts

frank

frank

Posted
Posted

wel it that time of year again and i dont like it :evil:

 

 

 

the prop is that the main page of IE is changed and loads of porn dating pup up when im not even using IE.

 

 

 

 

 

 

 

now i have scanned a few time's with all the scanning progs below the say removed but i just come's back again

 

 

 

 

 

 

 

i use windows xp sp2

 

 

 

IE

 

 

 

firefox

 

 

 

microsoft antispyware

 

 

 

webroot spysweeper

 

 

 

adware pro

 

 

 

sygate firewall

 

 

 

mcafee security center/virus scanner

 

 

 

 

 

 

 

here is my log

 

 

 

Logfile of HijackThis v1.99.0

 

 

 

Scan saved at 15:08:19, on 15-12-2005

 

 

 

Platform: Windows XP SP2 (WinNT 5.01.2600)

 

 

 

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

 

 

 

 

 

 

 

Running processes:

 

 

 

C:\WINDOWS\System32\smss[Caution: ExecutableFile]

 

 

 

C:\WINDOWS\system32\csrss[Caution: ExecutableFile]

 

 

 

C:\WINDOWS\system32\winlogon[Caution: ExecutableFile]

 

 

 

C:\WINDOWS\system32\services[Caution: ExecutableFile]

 

 

 

C:\WINDOWS\system32\lsass[Caution: ExecutableFile]

 

 

 

C:\WINDOWS\system32\svchost[Caution: ExecutableFile]

 

 

 

C:\WINDOWS\system32\svchost[Caution: ExecutableFile]

 

 

 

C:\WINDOWS\System32\svchost[Caution: ExecutableFile]

 

 

 

C:\WINDOWS\system32\svchost[Caution: ExecutableFile]

 

 

 

C:\WINDOWS\system32\svchost[Caution: ExecutableFile]

 

 

 

C:\WINDOWS\system32\spoolsv[Caution: ExecutableFile]

 

 

 

C:\WINDOWS\SOUNDMAN[Caution: ExecutableFile]

 

 

 

C:\WINDOWS\system32\RUNDLL32[Caution: ExecutableFile]

 

 

 

C:\Program Files\CyberLink\PowerDVD\PDVDServ[Caution: ExecutableFile]

 

 

 

c:\progra~1\mcafee.com\vso\mcvsescn[Caution: ExecutableFile]

 

 

 

C:\Program Files\Winamp\winampa[Caution: ExecutableFile]

 

 

 

C:\Program Files\Java\jre1.5.0_05\bin\jusched[Caution: ExecutableFile]

 

 

 

C:\Program Files\Lavasoft\Ad-Aware SE Professional\Ad-Watch[Caution: ExecutableFile]

 

 

 

C:\Program Files\Messenger\msmsgs[Caution: ExecutableFile]

 

 

 

C:\Program Files\Logitech\SetPoint\SetPoint[Caution: ExecutableFile]

 

 

 

C:\WINDOWS\system32\nvsvc32[Caution: ExecutableFile]

 

 

 

C:\WINDOWS\system32\wdfmgr[Caution: ExecutableFile]

 

 

 

C:\Program Files\Common Files\Logitech\KHAL\KHALMNPR[Caution: ExecutableFile]

 

 

 

C:\WINDOWS\System32\alg[Caution: ExecutableFile]

 

 

 

c:\progra~1\mcafee.com\vso\mcvsftsn[Caution: ExecutableFile]

 

 

 

C:\WINDOWS\System32\svchost[Caution: ExecutableFile]

 

 

 

c:\PROGRA~1\mcafee.com\agent\mctskshd[Caution: ExecutableFile]

 

 

 

c:\program files\mcafee.com\agent\mcdetect[Caution: ExecutableFile]

 

 

 

C:\PROGRA~1\McAfee.com\Agent\mcagent[Caution: ExecutableFile]

 

 

 

C:\WINDOWS\explorer[Caution: ExecutableFile]

 

 

 

C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM[Caution: ExecutableFile]

 

 

 

C:\WINDOWS\system32\svchost[Caution: ExecutableFile]

 

 

 

C:\Program Files\QuickTime\qttask[Caution: ExecutableFile]

 

 

 

C:\Program Files\iPod\bin\iPodService[Caution: ExecutableFile]

 

 

 

C:\Program Files\iTunes\iTunesHelper[Caution: ExecutableFile]

 

 

 

c:\PROGRA~1\mcafee.com\vso\mcvsshld[Caution: ExecutableFile]

 

 

 

c:\PROGRA~1\mcafee.com\vso\mcvsrte[Caution: ExecutableFile]

 

 

 

c:\PROGRA~1\mcafee.com\vso\mcshield[Caution: ExecutableFile]

 

 

 

C:\Program Files\Azureus\Azureus[Caution: ExecutableFile]

 

 

 

C:\Program Files\Java\jre1.5.0_05\bin\javaw[Caution: ExecutableFile]

 

 

 

C:\WINDOWS\system32\nvctrl[Caution: ExecutableFile]

 

 

 

C:\Program Files\Sygate\SPF\smc[Caution: ExecutableFile]

 

 

 

C:\WINDOWS\system32\wbem\wmiprvse[Caution: ExecutableFile]

 

 

 

C:\Program Files\Microsoft AntiSpyware\gcasDtServ[Caution: ExecutableFile]

 

 

 

C:\Program Files\Microsoft AntiSpyware\gcasServ[Caution: ExecutableFile]

 

 

 

C:\WINDOWS\system32\mssearchnet[Caution: ExecutableFile]

 

 

 

C:\Program Files\MSN Messenger\msnmsgr[Caution: ExecutableFile]

 

 

 

D:\progs\Spysweeper\SpySweeper[Caution: ExecutableFile]

 

 

 

C:\Program Files\Mozilla Firefox\firefox[Caution: ExecutableFile]

 

 

 

C:\Program Files\WinRAR\WinRAR[Caution: ExecutableFile]

 

 

 

C:\Documents and Settings\franky\Bureaublad\HijackThis[Caution: ExecutableFile]

 

 

 

 

 

 

 

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://google.nl

 

 

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.startpagina.nl/

 

 

 

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.startpagina.nl

 

 

 

R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.startpagina.nl/

 

 

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen

 

 

 

O2 - BHO: HomepageBHO - {1ca480cd-c0e5-4548-874e-b85b17905b3a} - C:\WINDOWS\system32\hpCF4F.tmp

 

 

 

O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:\progra~1\mcafee.com\vso\mcvsshl.dll

 

 

 

O4 - HKLM\..\Run: [soundMan] SOUNDMAN[Caution: ExecutableFile]

 

 

 

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32[Caution: ExecutableFile] C:\WINDOWS\system32\NvCpl.dll,NvStartup

 

 

 

O4 - HKLM\..\Run: [nwiz] nwiz[Caution: ExecutableFile] /install

 

 

 

O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32[Caution: ExecutableFile] C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit

 

 

 

O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ[Caution: ExecutableFile]"

 

 

 

O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck[Caution: ExecutableFile]

 

 

 

O4 - HKLM\..\Run: [VSOCheckTask] "c:\PROGRA~1\mcafee.com\vso\mcmnhdlr[Caution: ExecutableFile]" /checktask

 

 

 

O4 - HKLM\..\Run: [VirusScan Online] "c:\PROGRA~1\mcafee.com\vso\mcvsshld[Caution: ExecutableFile]"

 

 

 

O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent[Caution: ExecutableFile]

 

 

 

O4 - HKLM\..\Run: [MCUpdateExe] c:\PROGRA~1\mcafee.com\agent\mcupdate[Caution: ExecutableFile]

 

 

 

O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa[Caution: ExecutableFile]

 

 

 

O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_05\bin\jusched[Caution: ExecutableFile]

 

 

 

O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon[Caution: ExecutableFile]" -lang 1033

 

 

 

O4 - HKLM\..\Run: [AWMON] "C:\Program Files\Lavasoft\Ad-Aware SE Professional\Ad-Watch[Caution: ExecutableFile]"

 

 

 

O4 - HKLM\..\Run: [smcService] C:\PROGRA~1\Sygate\SPF\smc[Caution: ExecutableFile] -startgui

 

 

 

O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k

 

 

 

O4 - HKLM\..\Run: [CleanUp] C:\PROGRA~1\McAfee.com\Shared\mcappins[Caution: ExecutableFile] /v=3 /cleanup

 

 

 

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper[Caution: ExecutableFile]"

 

 

 

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask[Caution: ExecutableFile]" -atboottime

 

 

 

O4 - HKLM\..\RunOnce: [mcupdmgr[Caution: ExecutableFile]] c:\PROGRA~1\mcafee.com\agent\mcupdmgr[Caution: ExecutableFile] -regserver

 

 

 

O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs[Caution: ExecutableFile]" /background

 

 

 

O4 - HKCU\..\Run: [Window Washer] C:\Program Files\Webroot\Washer\wwDisp[Caution: ExecutableFile]

 

 

 

O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr[Caution: ExecutableFile]" /background

 

 

 

O4 - Global Startup: Adobe Reader Snelle start.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl[Caution: ExecutableFile]

 

 

 

O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint[Caution: ExecutableFile]

 

 

 

O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL[Caution: ExecutableFile]/3000

 

 

 

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_05\bin\npjpi150_05.dll

 

 

 

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_05\bin\npjpi150_05.dll

 

 

 

O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL

 

 

 

O9 - Extra button: eBay - Homepage - {EF79EAC5-3452-4E02-B8BD-BA4C89F1AC7A} - C:\Program Files\IrfanView\Ebay\Ebay.htm

 

 

 

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs[Caution: ExecutableFile]

 

 

 

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs[Caution: ExecutableFile]

 

 

 

O14 - IERESET.INF: START_PAGE_URL=http://www.startpagina.nl

 

 

 

O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)

 

 

 

O23 - Service: InstallDriver Table Manager - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT[Caution: ExecutableFile]

 

 

 

O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService[Caution: ExecutableFile]

 

 

 

O23 - Service: McAfee WSC Integration - McAfee, Inc - c:\program files\mcafee.com\agent\mcdetect[Caution: ExecutableFile]

 

 

 

O23 - Service: McAfee.com McShield - Unknown - c:\PROGRA~1\mcafee.com\vso\mcshield[Caution: ExecutableFile]

 

 

 

O23 - Service: McAfee Task Scheduler - McAfee, Inc - c:\PROGRA~1\mcafee.com\agent\mctskshd[Caution: ExecutableFile]

 

 

 

O23 - Service: McAfee SecurityCenter Update Manager - McAfee, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr[Caution: ExecutableFile]

 

 

 

O23 - Service: McAfee.com VirusScan Online Realtime Engine - McAfee, Inc - c:\PROGRA~1\mcafee.com\vso\mcvsrte[Caution: ExecutableFile]

 

 

 

O23 - Service: NVIDIA Display Driver Service - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32[Caution: ExecutableFile]

 

 

 

O23 - Service: Sygate Personal Firewall - Sygate Technologies, Inc. - C:\Program Files\Sygate\SPF\smc[Caution: ExecutableFile]

 

 

 

 

 

 

 

anny help would be welcome :!:

Link to comment
Share on other sites
Phil

Phil

Posted
Posted

OK first thing, make sure you scan your system with an updated virus scanner - use housecall for a free online one.

 

 

 

Next restart and then download the most recent version of hijackthis - 1.99.1 and post the log here.

 

 

 

There are a few nasties on that log, things from trojans, but will wait till I've seen the updated log.

sig2ho7.jpg
Link to comment
Share on other sites
frank

frank

Posted
  • Author
Posted

wel here is the new log

 

 

 

i have scanned my comp with every thing updated in safe mode

 

 

 

 

 

 

 

and still

 

 

 

my ie start page is changed :cry:

 

 

 

small not the new start up page offers me to download

 

 

 

2 progs

 

 

 

Spy Axe

 

 

 

Spy Trooper

 

 

 

 

 

 

 

now i wont download these but it might tell you guys what adware is on my comp

 

 

 

 

 

 

 

Logfile of HijackThis v1.99.1

 

 

 

Scan saved at 17:22:04, on 15-12-2005

 

 

 

Platform: Windows XP SP2 (WinNT 5.01.2600)

 

 

 

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

 

 

 

 

 

 

 

Running processes:

 

 

 

C:\WINDOWS\System32\smss[Caution: ExecutableFile]

 

 

 

C:\WINDOWS\system32\winlogon[Caution: ExecutableFile]

 

 

 

C:\WINDOWS\system32\services[Caution: ExecutableFile]

 

 

 

C:\WINDOWS\system32\lsass[Caution: ExecutableFile]

 

 

 

C:\WINDOWS\system32\svchost[Caution: ExecutableFile]

 

 

 

C:\WINDOWS\System32\svchost[Caution: ExecutableFile]

 

 

 

C:\Program Files\Sygate\SPF\smc[Caution: ExecutableFile]

 

 

 

C:\WINDOWS\Explorer[Caution: ExecutableFile]

 

 

 

C:\WINDOWS\system32\spoolsv[Caution: ExecutableFile]

 

 

 

C:\WINDOWS\SOUNDMAN[Caution: ExecutableFile]

 

 

 

C:\WINDOWS\system32\RUNDLL32[Caution: ExecutableFile]

 

 

 

C:\Program Files\CyberLink\PowerDVD\PDVDServ[Caution: ExecutableFile]

 

 

 

C:\PROGRA~1\mcafee.com\vso\mcvsshld[Caution: ExecutableFile]

 

 

 

C:\PROGRA~1\mcafee.com\agent\mcagent[Caution: ExecutableFile]

 

 

 

c:\progra~1\mcafee.com\vso\mcvsescn[Caution: ExecutableFile]

 

 

 

C:\Program Files\Winamp\winampa[Caution: ExecutableFile]

 

 

 

C:\Program Files\Java\jre1.5.0_05\bin\jusched[Caution: ExecutableFile]

 

 

 

C:\Program Files\DAEMON Tools\daemon[Caution: ExecutableFile]

 

 

 

C:\Program Files\Lavasoft\Ad-Aware SE Professional\Ad-Watch[Caution: ExecutableFile]

 

 

 

C:\Program Files\iTunes\iTunesHelper[Caution: ExecutableFile]

 

 

 

C:\Program Files\QuickTime\qttask[Caution: ExecutableFile]

 

 

 

C:\Program Files\Messenger\msmsgs[Caution: ExecutableFile]

 

 

 

C:\Program Files\Webroot\Washer\wwDisp[Caution: ExecutableFile]

 

 

 

C:\Program Files\MSN Messenger\MsnMsgr[Caution: ExecutableFile]

 

 

 

c:\program files\mcafee.com\agent\mcdetect[Caution: ExecutableFile]

 

 

 

C:\Program Files\Logitech\SetPoint\SetPoint[Caution: ExecutableFile]

 

 

 

c:\PROGRA~1\mcafee.com\agent\mctskshd[Caution: ExecutableFile]

 

 

 

c:\PROGRA~1\mcafee.com\vso\mcvsrte[Caution: ExecutableFile]

 

 

 

C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM[Caution: ExecutableFile]

 

 

 

C:\WINDOWS\system32\nvsvc32[Caution: ExecutableFile]

 

 

 

c:\progra~1\mcafee.com\vso\mcvsftsn[Caution: ExecutableFile]

 

 

 

C:\Program Files\Common Files\Logitech\KHAL\KHALMNPR[Caution: ExecutableFile]

 

 

 

C:\Program Files\iPod\bin\iPodService[Caution: ExecutableFile]

 

 

 

c:\PROGRA~1\mcafee.com\vso\mcshield[Caution: ExecutableFile]

 

 

 

C:\WINDOWS\System32\svchost[Caution: ExecutableFile]

 

 

 

C:\WINDOWS\system32\wuauclt[Caution: ExecutableFile]

 

 

 

C:\Program Files\Mozilla Firefox\firefox[Caution: ExecutableFile]

 

 

 

C:\Program Files\WinRAR\WinRAR[Caution: ExecutableFile]

 

 

 

C:\Documents and Settings\franky\Bureaublad\HijackThis[Caution: ExecutableFile]

 

 

 

 

 

 

 

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://google.nl

 

 

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.startpagina.nl/

 

 

 

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.startpagina.nl

 

 

 

R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.startpagina.nl/

 

 

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen

 

 

 

O2 - BHO: HomepageBHO - {1ca480cd-c0e5-4548-874e-b85b17905b3a} - C:\WINDOWS\system32\hpCF4F.tmp

 

 

 

O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:\progra~1\mcafee.com\vso\mcvsshl.dll

 

 

 

O4 - HKLM\..\Run: [soundMan] SOUNDMAN[Caution: ExecutableFile]

 

 

 

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32[Caution: ExecutableFile] C:\WINDOWS\system32\NvCpl.dll,NvStartup

 

 

 

O4 - HKLM\..\Run: [nwiz] nwiz[Caution: ExecutableFile] /install

 

 

 

O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32[Caution: ExecutableFile] C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit

 

 

 

O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ[Caution: ExecutableFile]"

 

 

 

O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck[Caution: ExecutableFile]

 

 

 

O4 - HKLM\..\Run: [VSOCheckTask] "c:\PROGRA~1\mcafee.com\vso\mcmnhdlr[Caution: ExecutableFile]" /checktask

 

 

 

O4 - HKLM\..\Run: [VirusScan Online] "c:\PROGRA~1\mcafee.com\vso\mcvsshld[Caution: ExecutableFile]"

 

 

 

O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent[Caution: ExecutableFile]

 

 

 

O4 - HKLM\..\Run: [MCUpdateExe] c:\PROGRA~1\mcafee.com\agent\mcupdate[Caution: ExecutableFile]

 

 

 

O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa[Caution: ExecutableFile]

 

 

 

O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_05\bin\jusched[Caution: ExecutableFile]

 

 

 

O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon[Caution: ExecutableFile]" -lang 1033

 

 

 

O4 - HKLM\..\Run: [AWMON] "C:\Program Files\Lavasoft\Ad-Aware SE Professional\Ad-Watch[Caution: ExecutableFile]"

 

 

 

O4 - HKLM\..\Run: [smcService] C:\PROGRA~1\Sygate\SPF\smc[Caution: ExecutableFile] -startgui

 

 

 

O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k

 

 

 

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper[Caution: ExecutableFile]"

 

 

 

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask[Caution: ExecutableFile]" -atboottime

 

 

 

O4 - HKLM\..\Run: [CleanUp] C:\PROGRA~1\McAfee.com\Shared\mcappins[Caution: ExecutableFile] /v=3 /cleanup

 

 

 

O4 - HKLM\..\RunOnce: [mcupdmgr[Caution: ExecutableFile]] c:\PROGRA~1\mcafee.com\agent\mcupdmgr[Caution: ExecutableFile] -regserver

 

 

 

O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs[Caution: ExecutableFile]" /background

 

 

 

O4 - HKCU\..\Run: [Window Washer] C:\Program Files\Webroot\Washer\wwDisp[Caution: ExecutableFile]

 

 

 

O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr[Caution: ExecutableFile]" /background

 

 

 

O4 - Global Startup: Adobe Reader Snelle start.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl[Caution: ExecutableFile]

 

 

 

O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint[Caution: ExecutableFile]

 

 

 

O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL[Caution: ExecutableFile]/3000

 

 

 

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_05\bin\npjpi150_05.dll

 

 

 

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_05\bin\npjpi150_05.dll

 

 

 

O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL

 

 

 

O9 - Extra button: eBay - Homepage - {EF79EAC5-3452-4E02-B8BD-BA4C89F1AC7A} - C:\Program Files\IrfanView\Ebay\Ebay.htm

 

 

 

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs[Caution: ExecutableFile]

 

 

 

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs[Caution: ExecutableFile]

 

 

 

O14 - IERESET.INF: START_PAGE_URL=http://www.startpagina.nl

 

 

 

O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)

 

 

 

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT[Caution: ExecutableFile]

 

 

 

O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService[Caution: ExecutableFile]

 

 

 

O23 - Service: McAfee WSC Integration (McDetect[Caution: ExecutableFile]) - McAfee, Inc - c:\program files\mcafee.com\agent\mcdetect[Caution: ExecutableFile]

 

 

 

O23 - Service: McAfee.com McShield (McShield) - Unknown owner - c:\PROGRA~1\mcafee.com\vso\mcshield[Caution: ExecutableFile]

 

 

 

O23 - Service: McAfee Task Scheduler (McTskshd[Caution: ExecutableFile]) - McAfee, Inc - c:\PROGRA~1\mcafee.com\agent\mctskshd[Caution: ExecutableFile]

 

 

 

O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr[Caution: ExecutableFile]) - McAfee, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr[Caution: ExecutableFile]

 

 

 

O23 - Service: McAfee.com VirusScan Online Realtime Engine (MCVSRte) - McAfee, Inc - c:\PROGRA~1\mcafee.com\vso\mcvsrte[Caution: ExecutableFile]

 

 

 

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32[Caution: ExecutableFile]

 

 

 

O23 - Service: Sygate Personal Firewall (SmcService) - Sygate Technologies, Inc. - C:\Program Files\Sygate\SPF\smc[Caution: ExecutableFile]

Link to comment
Share on other sites
Sharper

Sharper

Posted
Posted

If you don't recognise the URL in this entry then you can safely remove it.

 

 

 

 

 

 

 

O14 - IERESET.INF: START_PAGE_URL=http://www.startpagina.nl

 

 

 

 

 

 

 

Then you can remove this entry:

 

 

 

 

 

 

 

O2 - BHO: HomepageBHO - {1ca480cd-c0e5-4548-874e-b85b17905b3a} - C:\WINDOWS\system32\hpCF4F.tmp

 

 

 

 

 

 

 

Everything else in your log looks fine.

Link to comment
Share on other sites
frank

frank

Posted
  • Author
Posted

wel the startpagina is mine

 

 

 

 

 

 

 

i removed the second one and the add start up page is gone

 

 

 

 

 

 

 

if have run all other scans and im clean

 

 

 

ty for the help

Link to comment
Share on other sites
Mementh

Mementh

Posted
Posted

love your sig man...

 

 

 

 

 

 

 

congrats i hate spammers :(

mementh.jpeg

The following statement is true. The previous statement is false. 60% of all statistics are made up 90% of the time

andrew i love you & want you to have my babys!!! <3:

Finally, I get to save the Earth with deadly lasers instead of deadly slide shows!

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing
×
×
  • Create New...

Important Information

By using this site, you agree to our Terms of Use.

  I accept