Logfile
Moderator: MandersOnline
-
- Beginner
- Berichten: 17
- Lid geworden op: zo 17 dec 2006, 21:18
Logfile
Heb even een log file gemaakt aangezien mijn pc beetje raar doet de laatste tijd.
Logfile of HijackThis v1.97.7
Scan saved at 17:25:23, on 20-3-2007
Platform: Windows 2000 SP3 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\winnt\System32\smss.exe
C:\winnt\system32\winlogon.exe
C:\winnt\system32\services.exe
C:\winnt\system32\lsass.exe
C:\winnt\System32\Ati2evxx.exe
C:\winnt\system32\svchost.exe
C:\winnt\system32\spoolsv.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
C:\Program Files\Sitecom\Bluetooth Software\bin\btwdins.exe
C:\WINNT\System32\svchost.exe
C:\winnt\system32\hidserv.exe
C:\winnt\system32\regsvc.exe
C:\winnt\system32\MSTask.exe
C:\winnt\system32\stisvc.exe
C:\winnt\System32\WBEM\WinMgmt.exe
C:\PROGRA~1\Grisoft\AVG7\avgfwsrv.exe
C:\winnt\system32\Ati2evxx.exe
C:\Program Files\MessengerPlus! 3\MsgPlus.exe
C:\Program Files\Creative\Video Blaster WebCam Control\CAMTRAY.EXE
C:\winnt\System32\CTHELPER.EXE
C:\Program Files\KMaestro\KMaestro.exe
D:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe
C:\Program Files\Omniquad PopUpSlasher\PSlasher.exe
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\winnt\System32\internat.exe
C:\WINNT\system32\msiexec.exe
c:\winnt\system32\msiexec.exe
c:\winnt\system32\msiexec.exe
C:\winnt\explorer.exe
D:\Bewaren\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
F2 - REG:system.ini: UserInit=c:\winnt\system32\userinit.exe,"c:\winnt\symantec-service.exe",
O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Canon Easy Web Print Helper - {68F9551E-0411-48E4-9AAF-4BC42A6A46BE} - D:\Canon\Easy-WebPrint\EWPBrowseLoader.dll
O2 - BHO: (no name) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - D:\Canon\Easy-WebPrint\Toolband.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\System32\msdxm.ocx
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [Creative WebCam Tray] C:\Program Files\Creative\Video Blaster WebCam Control\CAMTRAY.EXE
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [WINDVDPatch] CTHELPER.EXE
O4 - HKLM\..\Run: [UpdReg] C:\WINNT\UpdReg.EXE
O4 - HKLM\..\Run: [Jet Detection] "C:\Program Files\Creative\SBLive\PROGRAM\ADGJDet.exe"
O4 - HKLM\..\Run: [BtcMaestro] "C:\Program Files\KMaestro\KMaestro.exe"
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [OpwareSE4] "D:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe"
O4 - HKLM\..\Run: [PopUpSlasher] "C:\Program Files\Omniquad PopUpSlasher\PSlasher.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [LiveUpdate] "D:\Program Files\Samsung\Samsung PC Studio 3\Update\Copyer.exe" -R
O4 - HKCU\..\Run: [internat.exe] internat.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = D:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: BTTray.lnk = C:\Program Files\Sitecom\Bluetooth Software\BTTray.exe
O4 - Global Startup: Microsoft Office.lnk = D:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: Exporteren naar Microsoft Excel - res://D:\PROGRA~1\MICROS~1\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Easy-WebPrint Afdrukken - res://D:\Canon\Easy-WebPrint\Toolband.dll/RC_Print.html
O8 - Extra context menu item: Easy-WebPrint Afdrukvoorbeeld - res://D:\Canon\Easy-WebPrint\Toolband.dll/RC_Preview.html
O8 - Extra context menu item: Easy-WebPrint Toevoegen aan afdruklijst - res://D:\Canon\Easy-WebPrint\Toolband.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint Versneld afdrukken - res://D:\Canon\Easy-WebPrint\Toolband.dll/RC_HSPrint.html
O8 - Extra context menu item: Verzenden naar &Bluetooth - C:\Program Files\Sitecom\Bluetooth Software\btsendto_ie_ctx.htm
O10 - Unknown file in Winsock LSP: c:\winnt\system32\avgfwafu.dll
O10 - Unknown file in Winsock LSP: c:\winnt\system32\avgfwafu.dll
O10 - Unknown file in Winsock LSP: c:\winnt\system32\avgfwafu.dll
O10 - Unknown file in Winsock LSP: c:\winnt\system32\avgfwafu.dll
O10 - Unknown file in Winsock LSP: c:\winnt\system32\avgfwafu.dll
O16 - DPF: {0000000A-0000-0010-8000-00AA00389B71} - http://download.microsoft.com/download/ ... wmavax.CAB
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) -
O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} (Creative Software AutoUpdate) - http://www.creative.com/su/ocx/15026/CTSUEng.cab
O16 - DPF: {11260943-421B-11D0-8EAC-0000C07D88CF} (iPIX ActiveX Control) - http://www.ipix.com/viewers/ipixx.cab
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) - http://download.macromedia.com/pub/shoc ... tor/sw.cab
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/Shar ... vSniff.cab
O16 - DPF: {33564D57-0000-0010-8000-00AA00389B71} - http://download.microsoft.com/download/ ... mv9VCM.CAB
O16 - DPF: {41564D57-9980-0010-8000-00AA00389B71} - http://download.microsoft.com/download/ ... mvadvd.cab
O16 - DPF: {426784E5-24B2-4708-820D-117342FAD009} (Cimporter Object) - http://www.hyves.nl/cab/Outlookaddressbook.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by108fd.bay108.hotmail.MSN.com/r ... nPUpld.cab
O16 - DPF: {556DDE35-E955-11D0-A707-000000521957} - http://www.xblock.com/download/xclean_micro.exe
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/Shar ... /cabsa.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftup ... 9367730062
O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} (Image Uploader Control) - http://cache.hyves.org/statics/Aurigma/ ... oader4.cab
O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} (CamImage Class) - http://www.leeuwarden.nu/AxisCamControl.cab
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game04.zylom.com/activex/zylomgamesplayer.cab
O16 - DPF: {CA11EB7C-1C85-4577-8A49-9E28EFB30184} (UMediaPlayer Class) - http://www.umediaserver.net/bin/UMediaControl4.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/shoc ... wflash.cab
O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - http://download.McAfee.com/molbin/iss-l ... cfscan.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{46B7ED7E-DEA8-4C68-A04E-7BC5511C8660}: NameServer = 85.255.115.35,85.255.112.122
O17 - HKLM\System\CCS\Services\Tcpip\..\{6C6635DA-0659-4611-B51B-F7C408CCF8BE}: NameServer = 85.255.115.35,85.255.112.122
O17 - HKLM\System\CCS\Services\Tcpip\..\{78FA5814-CF7F-4798-BDDF-53A64C45C9AB}: NameServer = 85.255.115.35,85.255.112.122
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: NameServer = 85.255.115.35 85.255.112.122
O17 - HKLM\System\CS3\Services\Tcpip\Parameters: NameServer = 85.255.115.35 85.255.112.122
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 85.255.115.35 85.255.112.122
Logfile of HijackThis v1.97.7
Scan saved at 17:25:23, on 20-3-2007
Platform: Windows 2000 SP3 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\winnt\System32\smss.exe
C:\winnt\system32\winlogon.exe
C:\winnt\system32\services.exe
C:\winnt\system32\lsass.exe
C:\winnt\System32\Ati2evxx.exe
C:\winnt\system32\svchost.exe
C:\winnt\system32\spoolsv.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
C:\Program Files\Sitecom\Bluetooth Software\bin\btwdins.exe
C:\WINNT\System32\svchost.exe
C:\winnt\system32\hidserv.exe
C:\winnt\system32\regsvc.exe
C:\winnt\system32\MSTask.exe
C:\winnt\system32\stisvc.exe
C:\winnt\System32\WBEM\WinMgmt.exe
C:\PROGRA~1\Grisoft\AVG7\avgfwsrv.exe
C:\winnt\system32\Ati2evxx.exe
C:\Program Files\MessengerPlus! 3\MsgPlus.exe
C:\Program Files\Creative\Video Blaster WebCam Control\CAMTRAY.EXE
C:\winnt\System32\CTHELPER.EXE
C:\Program Files\KMaestro\KMaestro.exe
D:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe
C:\Program Files\Omniquad PopUpSlasher\PSlasher.exe
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\winnt\System32\internat.exe
C:\WINNT\system32\msiexec.exe
c:\winnt\system32\msiexec.exe
c:\winnt\system32\msiexec.exe
C:\winnt\explorer.exe
D:\Bewaren\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
F2 - REG:system.ini: UserInit=c:\winnt\system32\userinit.exe,"c:\winnt\symantec-service.exe",
O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Canon Easy Web Print Helper - {68F9551E-0411-48E4-9AAF-4BC42A6A46BE} - D:\Canon\Easy-WebPrint\EWPBrowseLoader.dll
O2 - BHO: (no name) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - D:\Canon\Easy-WebPrint\Toolband.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\System32\msdxm.ocx
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [Creative WebCam Tray] C:\Program Files\Creative\Video Blaster WebCam Control\CAMTRAY.EXE
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [WINDVDPatch] CTHELPER.EXE
O4 - HKLM\..\Run: [UpdReg] C:\WINNT\UpdReg.EXE
O4 - HKLM\..\Run: [Jet Detection] "C:\Program Files\Creative\SBLive\PROGRAM\ADGJDet.exe"
O4 - HKLM\..\Run: [BtcMaestro] "C:\Program Files\KMaestro\KMaestro.exe"
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [OpwareSE4] "D:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe"
O4 - HKLM\..\Run: [PopUpSlasher] "C:\Program Files\Omniquad PopUpSlasher\PSlasher.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [LiveUpdate] "D:\Program Files\Samsung\Samsung PC Studio 3\Update\Copyer.exe" -R
O4 - HKCU\..\Run: [internat.exe] internat.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = D:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: BTTray.lnk = C:\Program Files\Sitecom\Bluetooth Software\BTTray.exe
O4 - Global Startup: Microsoft Office.lnk = D:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: Exporteren naar Microsoft Excel - res://D:\PROGRA~1\MICROS~1\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Easy-WebPrint Afdrukken - res://D:\Canon\Easy-WebPrint\Toolband.dll/RC_Print.html
O8 - Extra context menu item: Easy-WebPrint Afdrukvoorbeeld - res://D:\Canon\Easy-WebPrint\Toolband.dll/RC_Preview.html
O8 - Extra context menu item: Easy-WebPrint Toevoegen aan afdruklijst - res://D:\Canon\Easy-WebPrint\Toolband.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint Versneld afdrukken - res://D:\Canon\Easy-WebPrint\Toolband.dll/RC_HSPrint.html
O8 - Extra context menu item: Verzenden naar &Bluetooth - C:\Program Files\Sitecom\Bluetooth Software\btsendto_ie_ctx.htm
O10 - Unknown file in Winsock LSP: c:\winnt\system32\avgfwafu.dll
O10 - Unknown file in Winsock LSP: c:\winnt\system32\avgfwafu.dll
O10 - Unknown file in Winsock LSP: c:\winnt\system32\avgfwafu.dll
O10 - Unknown file in Winsock LSP: c:\winnt\system32\avgfwafu.dll
O10 - Unknown file in Winsock LSP: c:\winnt\system32\avgfwafu.dll
O16 - DPF: {0000000A-0000-0010-8000-00AA00389B71} - http://download.microsoft.com/download/ ... wmavax.CAB
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) -
O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} (Creative Software AutoUpdate) - http://www.creative.com/su/ocx/15026/CTSUEng.cab
O16 - DPF: {11260943-421B-11D0-8EAC-0000C07D88CF} (iPIX ActiveX Control) - http://www.ipix.com/viewers/ipixx.cab
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) - http://download.macromedia.com/pub/shoc ... tor/sw.cab
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/Shar ... vSniff.cab
O16 - DPF: {33564D57-0000-0010-8000-00AA00389B71} - http://download.microsoft.com/download/ ... mv9VCM.CAB
O16 - DPF: {41564D57-9980-0010-8000-00AA00389B71} - http://download.microsoft.com/download/ ... mvadvd.cab
O16 - DPF: {426784E5-24B2-4708-820D-117342FAD009} (Cimporter Object) - http://www.hyves.nl/cab/Outlookaddressbook.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by108fd.bay108.hotmail.MSN.com/r ... nPUpld.cab
O16 - DPF: {556DDE35-E955-11D0-A707-000000521957} - http://www.xblock.com/download/xclean_micro.exe
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/Shar ... /cabsa.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftup ... 9367730062
O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} (Image Uploader Control) - http://cache.hyves.org/statics/Aurigma/ ... oader4.cab
O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} (CamImage Class) - http://www.leeuwarden.nu/AxisCamControl.cab
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game04.zylom.com/activex/zylomgamesplayer.cab
O16 - DPF: {CA11EB7C-1C85-4577-8A49-9E28EFB30184} (UMediaPlayer Class) - http://www.umediaserver.net/bin/UMediaControl4.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/shoc ... wflash.cab
O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - http://download.McAfee.com/molbin/iss-l ... cfscan.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{46B7ED7E-DEA8-4C68-A04E-7BC5511C8660}: NameServer = 85.255.115.35,85.255.112.122
O17 - HKLM\System\CCS\Services\Tcpip\..\{6C6635DA-0659-4611-B51B-F7C408CCF8BE}: NameServer = 85.255.115.35,85.255.112.122
O17 - HKLM\System\CCS\Services\Tcpip\..\{78FA5814-CF7F-4798-BDDF-53A64C45C9AB}: NameServer = 85.255.115.35,85.255.112.122
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: NameServer = 85.255.115.35 85.255.112.122
O17 - HKLM\System\CS3\Services\Tcpip\Parameters: NameServer = 85.255.115.35 85.255.112.122
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 85.255.115.35 85.255.112.122
-
- Manders Online
- Berichten: 23688
- Lid geworden op: zo 03 aug 2003, 1:12
- Locatie: Amsterdam
- Contacteer:
Re: Logfile
Servicepack 4 mag er ook nog opBluethunder @ Di 20 Mrt 2007, 17:23 schreef:Heb even een log file gemaakt aangezien mijn pc beetje raar doet de laatste tijd.
Logfile of HijackThis v1.97.7
Scan saved at 17:25:23, on 20-3-2007
Platform: Windows 2000 SP3 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm
F2 - REG:system.ini: UserInit=c:\winnt\system32\userinit.exe,"c:\winnt\symantec-service.exe",
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [internat.exe] internat.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = D:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = D:\Program Files\Microsoft Office\Office10\OSA.EXE
Bezoek ook gerust de website https://mandersonline.nl
-
- Beginner
- Berichten: 17
- Lid geworden op: zo 17 dec 2006, 21:18
-
- Beginner
- Berichten: 17
- Lid geworden op: zo 17 dec 2006, 21:18
Nieuwe log file
Logfile of HijackThis v1.97.7
Scan saved at 20:51:02, on 28-3-2007
Platform: Windows 2000 SP3 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\winnt\System32\smss.exe
C:\winnt\system32\winlogon.exe
C:\winnt\system32\services.exe
C:\winnt\system32\lsass.exe
C:\winnt\System32\Ati2evxx.exe
C:\winnt\system32\svchost.exe
C:\winnt\system32\spoolsv.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
C:\Program Files\Sitecom\Bluetooth Software\bin\btwdins.exe
C:\WINNT\System32\svchost.exe
C:\winnt\system32\hidserv.exe
C:\winnt\system32\regsvc.exe
C:\winnt\system32\MSTask.exe
C:\winnt\system32\stisvc.exe
C:\winnt\System32\WBEM\WinMgmt.exe
C:\PROGRA~1\Grisoft\AVG7\avgfwsrv.exe
C:\winnt\system32\Ati2evxx.exe
C:\winnt\Explorer.EXE
C:\Program Files\MessengerPlus! 3\MsgPlus.exe
C:\Program Files\Creative\Video Blaster WebCam Control\CAMTRAY.EXE
C:\winnt\System32\CTHELPER.EXE
C:\Program Files\KMaestro\KMaestro.exe
D:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe
C:\Program Files\Omniquad PopUpSlasher\PSlasher.exe
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\Program Files\Sitecom\Bluetooth Software\BTTray.exe
C:\PROGRA~1\Sitecom\BLUETO~1\BTSTAC~1.EXE
C:\Program Files\Internet Explorer\IExpLORE.EXE
D:\Bewaren\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Canon Easy Web Print Helper - {68F9551E-0411-48E4-9AAF-4BC42A6A46BE} - D:\Canon\Easy-WebPrint\EWPBrowseLoader.dll
O2 - BHO: (no name) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - D:\Canon\Easy-WebPrint\Toolband.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\System32\msdxm.ocx
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [Creative WebCam Tray] C:\Program Files\Creative\Video Blaster WebCam Control\CAMTRAY.EXE
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [WINDVDPatch] CTHELPER.EXE
O4 - HKLM\..\Run: [UpdReg] C:\WINNT\UpdReg.EXE
O4 - HKLM\..\Run: [Jet Detection] "C:\Program Files\Creative\SBLive\PROGRAM\ADGJDet.exe"
O4 - HKLM\..\Run: [BtcMaestro] "C:\Program Files\KMaestro\KMaestro.exe"
O4 - HKLM\..\Run: [OpwareSE4] "D:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe"
O4 - HKLM\..\Run: [PopUpSlasher] "C:\Program Files\Omniquad PopUpSlasher\PSlasher.exe"
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - Global Startup: BTTray.lnk = C:\Program Files\Sitecom\Bluetooth Software\BTTray.exe
O8 - Extra context menu item: Exporteren naar Microsoft Excel - res://D:\PROGRA~1\MICROS~1\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Easy-WebPrint Afdrukken - res://D:\Canon\Easy-WebPrint\Toolband.dll/RC_Print.html
O8 - Extra context menu item: Easy-WebPrint Afdrukvoorbeeld - res://D:\Canon\Easy-WebPrint\Toolband.dll/RC_Preview.html
O8 - Extra context menu item: Easy-WebPrint Toevoegen aan afdruklijst - res://D:\Canon\Easy-WebPrint\Toolband.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint Versneld afdrukken - res://D:\Canon\Easy-WebPrint\Toolband.dll/RC_HSPrint.html
O8 - Extra context menu item: Verzenden naar &Bluetooth - C:\Program Files\Sitecom\Bluetooth Software\btsendto_ie_ctx.htm
O10 - Unknown file in Winsock LSP: c:\winnt\system32\avgfwafu.dll
O10 - Unknown file in Winsock LSP: c:\winnt\system32\avgfwafu.dll
O10 - Unknown file in Winsock LSP: c:\winnt\system32\avgfwafu.dll
O10 - Unknown file in Winsock LSP: c:\winnt\system32\avgfwafu.dll
O10 - Unknown file in Winsock LSP: c:\winnt\system32\avgfwafu.dll
O16 - DPF: {0000000A-0000-0010-8000-00AA00389B71} - http://download.microsoft.com/download/ ... wmavax.CAB
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) -
O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} (Creative Software AutoUpdate) - http://www.creative.com/su/ocx/15026/CTSUEng.cab
O16 - DPF: {11260943-421B-11D0-8EAC-0000C07D88CF} (iPIX ActiveX Control) - http://www.ipix.com/viewers/ipixx.cab
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) - http://download.macromedia.com/pub/shoc ... tor/sw.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/Shar ... vSniff.cab
O16 - DPF: {33564D57-0000-0010-8000-00AA00389B71} - http://download.microsoft.com/download/ ... mv9VCM.CAB
O16 - DPF: {41564D57-9980-0010-8000-00AA00389B71} - http://download.microsoft.com/download/ ... mvadvd.cab
O16 - DPF: {426784E5-24B2-4708-820D-117342FAD009} (Cimporter Object) - http://www.hyves.nl/cab/Outlookaddressbook.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by108fd.bay108.hotmail.MSN.com/r ... nPUpld.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/Shar ... /cabsa.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftup ... 9367730062
O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} (Image Uploader Control) - http://cache.hyves.org/statics/Aurigma/ ... oader4.cab
O16 - DPF: {CA11EB7C-1C85-4577-8A49-9E28EFB30184} (UMediaPlayer Class) - http://www.umediaserver.net/bin/UMediaControl4.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/shoc ... wflash.cab
O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - http://download.McAfee.com/molbin/iss-l ... cfscan.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{46B7ED7E-DEA8-4C68-A04E-7BC5511C8660}: NameServer = 85.255.115.35,85.255.112.122
O17 - HKLM\System\CCS\Services\Tcpip\..\{6C6635DA-0659-4611-B51B-F7C408CCF8BE}: NameServer = 85.255.115.35,85.255.112.122
O17 - HKLM\System\CCS\Services\Tcpip\..\{78FA5814-CF7F-4798-BDDF-53A64C45C9AB}: NameServer = 85.255.115.35,85.255.112.122
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: NameServer = 85.255.115.35 85.255.112.122
O17 - HKLM\System\CS3\Services\Tcpip\Parameters: NameServer = 85.255.115.35 85.255.112.122
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 85.255.115.35 85.255.112.122
Logfile of HijackThis v1.97.7
Scan saved at 20:51:02, on 28-3-2007
Platform: Windows 2000 SP3 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\winnt\System32\smss.exe
C:\winnt\system32\winlogon.exe
C:\winnt\system32\services.exe
C:\winnt\system32\lsass.exe
C:\winnt\System32\Ati2evxx.exe
C:\winnt\system32\svchost.exe
C:\winnt\system32\spoolsv.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
C:\Program Files\Sitecom\Bluetooth Software\bin\btwdins.exe
C:\WINNT\System32\svchost.exe
C:\winnt\system32\hidserv.exe
C:\winnt\system32\regsvc.exe
C:\winnt\system32\MSTask.exe
C:\winnt\system32\stisvc.exe
C:\winnt\System32\WBEM\WinMgmt.exe
C:\PROGRA~1\Grisoft\AVG7\avgfwsrv.exe
C:\winnt\system32\Ati2evxx.exe
C:\winnt\Explorer.EXE
C:\Program Files\MessengerPlus! 3\MsgPlus.exe
C:\Program Files\Creative\Video Blaster WebCam Control\CAMTRAY.EXE
C:\winnt\System32\CTHELPER.EXE
C:\Program Files\KMaestro\KMaestro.exe
D:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe
C:\Program Files\Omniquad PopUpSlasher\PSlasher.exe
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\Program Files\Sitecom\Bluetooth Software\BTTray.exe
C:\PROGRA~1\Sitecom\BLUETO~1\BTSTAC~1.EXE
C:\Program Files\Internet Explorer\IExpLORE.EXE
D:\Bewaren\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Canon Easy Web Print Helper - {68F9551E-0411-48E4-9AAF-4BC42A6A46BE} - D:\Canon\Easy-WebPrint\EWPBrowseLoader.dll
O2 - BHO: (no name) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - D:\Canon\Easy-WebPrint\Toolband.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\System32\msdxm.ocx
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [Creative WebCam Tray] C:\Program Files\Creative\Video Blaster WebCam Control\CAMTRAY.EXE
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [WINDVDPatch] CTHELPER.EXE
O4 - HKLM\..\Run: [UpdReg] C:\WINNT\UpdReg.EXE
O4 - HKLM\..\Run: [Jet Detection] "C:\Program Files\Creative\SBLive\PROGRAM\ADGJDet.exe"
O4 - HKLM\..\Run: [BtcMaestro] "C:\Program Files\KMaestro\KMaestro.exe"
O4 - HKLM\..\Run: [OpwareSE4] "D:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe"
O4 - HKLM\..\Run: [PopUpSlasher] "C:\Program Files\Omniquad PopUpSlasher\PSlasher.exe"
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - Global Startup: BTTray.lnk = C:\Program Files\Sitecom\Bluetooth Software\BTTray.exe
O8 - Extra context menu item: Exporteren naar Microsoft Excel - res://D:\PROGRA~1\MICROS~1\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Easy-WebPrint Afdrukken - res://D:\Canon\Easy-WebPrint\Toolband.dll/RC_Print.html
O8 - Extra context menu item: Easy-WebPrint Afdrukvoorbeeld - res://D:\Canon\Easy-WebPrint\Toolband.dll/RC_Preview.html
O8 - Extra context menu item: Easy-WebPrint Toevoegen aan afdruklijst - res://D:\Canon\Easy-WebPrint\Toolband.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint Versneld afdrukken - res://D:\Canon\Easy-WebPrint\Toolband.dll/RC_HSPrint.html
O8 - Extra context menu item: Verzenden naar &Bluetooth - C:\Program Files\Sitecom\Bluetooth Software\btsendto_ie_ctx.htm
O10 - Unknown file in Winsock LSP: c:\winnt\system32\avgfwafu.dll
O10 - Unknown file in Winsock LSP: c:\winnt\system32\avgfwafu.dll
O10 - Unknown file in Winsock LSP: c:\winnt\system32\avgfwafu.dll
O10 - Unknown file in Winsock LSP: c:\winnt\system32\avgfwafu.dll
O10 - Unknown file in Winsock LSP: c:\winnt\system32\avgfwafu.dll
O16 - DPF: {0000000A-0000-0010-8000-00AA00389B71} - http://download.microsoft.com/download/ ... wmavax.CAB
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) -
O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} (Creative Software AutoUpdate) - http://www.creative.com/su/ocx/15026/CTSUEng.cab
O16 - DPF: {11260943-421B-11D0-8EAC-0000C07D88CF} (iPIX ActiveX Control) - http://www.ipix.com/viewers/ipixx.cab
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) - http://download.macromedia.com/pub/shoc ... tor/sw.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/Shar ... vSniff.cab
O16 - DPF: {33564D57-0000-0010-8000-00AA00389B71} - http://download.microsoft.com/download/ ... mv9VCM.CAB
O16 - DPF: {41564D57-9980-0010-8000-00AA00389B71} - http://download.microsoft.com/download/ ... mvadvd.cab
O16 - DPF: {426784E5-24B2-4708-820D-117342FAD009} (Cimporter Object) - http://www.hyves.nl/cab/Outlookaddressbook.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by108fd.bay108.hotmail.MSN.com/r ... nPUpld.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/Shar ... /cabsa.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftup ... 9367730062
O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} (Image Uploader Control) - http://cache.hyves.org/statics/Aurigma/ ... oader4.cab
O16 - DPF: {CA11EB7C-1C85-4577-8A49-9E28EFB30184} (UMediaPlayer Class) - http://www.umediaserver.net/bin/UMediaControl4.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/shoc ... wflash.cab
O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - http://download.McAfee.com/molbin/iss-l ... cfscan.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{46B7ED7E-DEA8-4C68-A04E-7BC5511C8660}: NameServer = 85.255.115.35,85.255.112.122
O17 - HKLM\System\CCS\Services\Tcpip\..\{6C6635DA-0659-4611-B51B-F7C408CCF8BE}: NameServer = 85.255.115.35,85.255.112.122
O17 - HKLM\System\CCS\Services\Tcpip\..\{78FA5814-CF7F-4798-BDDF-53A64C45C9AB}: NameServer = 85.255.115.35,85.255.112.122
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: NameServer = 85.255.115.35 85.255.112.122
O17 - HKLM\System\CS3\Services\Tcpip\Parameters: NameServer = 85.255.115.35 85.255.112.122
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 85.255.115.35 85.255.112.122
-
- Manders Online
- Berichten: 23688
- Lid geworden op: zo 03 aug 2003, 1:12
- Locatie: Amsterdam
- Contacteer:
Geen gekke dingen zo te vinden gebruik eens de 1.99.1 versie van Hijackthis krijg je iets meer opties in je scherm die eventueel rare dingen doen
Bezoek ook gerust de website https://mandersonline.nl
-
- Beginner
- Berichten: 17
- Lid geworden op: zo 17 dec 2006, 21:18
Logfile of HijackThis v1.99.1
Scan saved at 0:26:13, on 29-3-2007
Platform: Windows 2000 SP3 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\winnt\System32\smss.exe
C:\winnt\system32\winlogon.exe
C:\winnt\system32\services.exe
C:\winnt\system32\lsass.exe
C:\winnt\System32\Ati2evxx.exe
C:\winnt\system32\svchost.exe
C:\winnt\system32\spoolsv.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
C:\Program Files\Sitecom\Bluetooth Software\bin\btwdins.exe
C:\WINNT\System32\svchost.exe
C:\winnt\system32\hidserv.exe
C:\winnt\system32\regsvc.exe
C:\winnt\system32\MSTask.exe
C:\winnt\system32\stisvc.exe
C:\winnt\System32\WBEM\WinMgmt.exe
C:\PROGRA~1\Grisoft\AVG7\avgfwsrv.exe
C:\winnt\system32\Ati2evxx.exe
C:\winnt\Explorer.EXE
C:\Program Files\MessengerPlus! 3\MsgPlus.exe
C:\Program Files\Creative\Video Blaster WebCam Control\CAMTRAY.EXE
C:\winnt\System32\CTHELPER.EXE
C:\Program Files\KMaestro\KMaestro.exe
D:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe
C:\Program Files\Omniquad PopUpSlasher\PSlasher.exe
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\Program Files\Sitecom\Bluetooth Software\BTTray.exe
C:\PROGRA~1\Sitecom\BLUETO~1\BTSTAC~1.EXE
C:\Program Files\Internet Explorer\IExpLORE.EXE
C:\Program Files\Internet Explorer\IExpLORE.EXE
D:\Nodig\Hack\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Canon Easy Web Print Helper - {68F9551E-0411-48E4-9AAF-4BC42A6A46BE} - D:\Canon\Easy-WebPrint\EWPBrowseLoader.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - D:\Canon\Easy-WebPrint\Toolband.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\System32\msdxm.ocx
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [Creative WebCam Tray] C:\Program Files\Creative\Video Blaster WebCam Control\CAMTRAY.EXE
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [WINDVDPatch] CTHELPER.EXE
O4 - HKLM\..\Run: [UpdReg] C:\WINNT\UpdReg.EXE
O4 - HKLM\..\Run: [Jet Detection] "C:\Program Files\Creative\SBLive\PROGRAM\ADGJDet.exe"
O4 - HKLM\..\Run: [BtcMaestro] "C:\Program Files\KMaestro\KMaestro.exe"
O4 - HKLM\..\Run: [OpwareSE4] "D:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe"
O4 - HKLM\..\Run: [PopUpSlasher] "C:\Program Files\Omniquad PopUpSlasher\PSlasher.exe"
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - Global Startup: BTTray.lnk = C:\Program Files\Sitecom\Bluetooth Software\BTTray.exe
O8 - Extra context menu item: Exporteren naar Microsoft Excel - res://D:\PROGRA~1\MICROS~1\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Easy-WebPrint Afdrukken - res://D:\Canon\Easy-WebPrint\Toolband.dll/RC_Print.html
O8 - Extra context menu item: Easy-WebPrint Afdrukvoorbeeld - res://D:\Canon\Easy-WebPrint\Toolband.dll/RC_Preview.html
O8 - Extra context menu item: Easy-WebPrint Toevoegen aan afdruklijst - res://D:\Canon\Easy-WebPrint\Toolband.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint Versneld afdrukken - res://D:\Canon\Easy-WebPrint\Toolband.dll/RC_HSPrint.html
O8 - Extra context menu item: Verzenden naar &Bluetooth - C:\Program Files\Sitecom\Bluetooth Software\btsendto_ie_ctx.htm
O10 - Unknown file in Winsock LSP: c:\winnt\system32\avgfwafu.dll
O10 - Unknown file in Winsock LSP: c:\winnt\system32\avgfwafu.dll
O10 - Unknown file in Winsock LSP: c:\winnt\system32\avgfwafu.dll
O10 - Unknown file in Winsock LSP: c:\winnt\system32\avgfwafu.dll
O10 - Unknown file in Winsock LSP: c:\winnt\system32\avgfwafu.dll
O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} (Creative Software AutoUpdate) - http://www.creative.com/su/ocx/15026/CTSUEng.cab
O16 - DPF: {11260943-421B-11D0-8EAC-0000C07D88CF} (iPIX ActiveX Control) - http://www.ipix.com/viewers/ipixx.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/Shar ... vSniff.cab
O16 - DPF: {426784E5-24B2-4708-820D-117342FAD009} (Cimporter Object) - http://www.hyves.nl/cab/Outlookaddressbook.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by108fd.bay108.hotmail.MSN.com/r ... nPUpld.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/Shar ... /cabsa.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftup ... 9367730062
O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} (Image Uploader Control) - http://cache.hyves.org/statics/Aurigma/ ... oader4.cab
O16 - DPF: {CA11EB7C-1C85-4577-8A49-9E28EFB30184} (UMediaPlayer Class) - http://www.umediaserver.net/bin/UMediaControl4.cab
O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - http://download.McAfee.com/molbin/iss-l ... cfscan.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{46B7ED7E-DEA8-4C68-A04E-7BC5511C8660}: NameServer = 85.255.115.35,85.255.112.122
O17 - HKLM\System\CCS\Services\Tcpip\..\{6C6635DA-0659-4611-B51B-F7C408CCF8BE}: NameServer = 85.255.115.35,85.255.112.122
O17 - HKLM\System\CCS\Services\Tcpip\..\{78FA5814-CF7F-4798-BDDF-53A64C45C9AB}: NameServer = 85.255.115.35,85.255.112.122
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: NameServer = 85.255.115.35 85.255.112.122
O17 - HKLM\System\CS3\Services\Tcpip\Parameters: NameServer = 85.255.115.35 85.255.112.122
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 85.255.115.35 85.255.112.122
O20 - Winlogon Notify: WRNotifier - C:\winnt\SYSTEM32\WRLogonNTF.dll
O21 - SSODL: CDRecorder026 - {A3BC5E20-0235-1ABF-9CE1-00AA00512026} - (no file)
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\winnt\System32\Ati2evxx.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
O23 - Service: AVG Firewall (AVGFwSrv) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgfwsrv.exe
O23 - Service: Bluetooth Service (btwdins) - WIDCOMM, Inc. - C:\Program Files\Sitecom\Bluetooth Software\bin\btwdins.exe
O23 - Service: Logical Disk Manager Administrative-service (dmadmin) - VERITAS Software Corp. - C:\winnt\System32\dmadmin.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\winnt\System32\nvsvc32.exe
Scan saved at 0:26:13, on 29-3-2007
Platform: Windows 2000 SP3 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\winnt\System32\smss.exe
C:\winnt\system32\winlogon.exe
C:\winnt\system32\services.exe
C:\winnt\system32\lsass.exe
C:\winnt\System32\Ati2evxx.exe
C:\winnt\system32\svchost.exe
C:\winnt\system32\spoolsv.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
C:\Program Files\Sitecom\Bluetooth Software\bin\btwdins.exe
C:\WINNT\System32\svchost.exe
C:\winnt\system32\hidserv.exe
C:\winnt\system32\regsvc.exe
C:\winnt\system32\MSTask.exe
C:\winnt\system32\stisvc.exe
C:\winnt\System32\WBEM\WinMgmt.exe
C:\PROGRA~1\Grisoft\AVG7\avgfwsrv.exe
C:\winnt\system32\Ati2evxx.exe
C:\winnt\Explorer.EXE
C:\Program Files\MessengerPlus! 3\MsgPlus.exe
C:\Program Files\Creative\Video Blaster WebCam Control\CAMTRAY.EXE
C:\winnt\System32\CTHELPER.EXE
C:\Program Files\KMaestro\KMaestro.exe
D:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe
C:\Program Files\Omniquad PopUpSlasher\PSlasher.exe
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\Program Files\Sitecom\Bluetooth Software\BTTray.exe
C:\PROGRA~1\Sitecom\BLUETO~1\BTSTAC~1.EXE
C:\Program Files\Internet Explorer\IExpLORE.EXE
C:\Program Files\Internet Explorer\IExpLORE.EXE
D:\Nodig\Hack\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Canon Easy Web Print Helper - {68F9551E-0411-48E4-9AAF-4BC42A6A46BE} - D:\Canon\Easy-WebPrint\EWPBrowseLoader.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - D:\Canon\Easy-WebPrint\Toolband.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\System32\msdxm.ocx
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [Creative WebCam Tray] C:\Program Files\Creative\Video Blaster WebCam Control\CAMTRAY.EXE
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [WINDVDPatch] CTHELPER.EXE
O4 - HKLM\..\Run: [UpdReg] C:\WINNT\UpdReg.EXE
O4 - HKLM\..\Run: [Jet Detection] "C:\Program Files\Creative\SBLive\PROGRAM\ADGJDet.exe"
O4 - HKLM\..\Run: [BtcMaestro] "C:\Program Files\KMaestro\KMaestro.exe"
O4 - HKLM\..\Run: [OpwareSE4] "D:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe"
O4 - HKLM\..\Run: [PopUpSlasher] "C:\Program Files\Omniquad PopUpSlasher\PSlasher.exe"
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - Global Startup: BTTray.lnk = C:\Program Files\Sitecom\Bluetooth Software\BTTray.exe
O8 - Extra context menu item: Exporteren naar Microsoft Excel - res://D:\PROGRA~1\MICROS~1\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Easy-WebPrint Afdrukken - res://D:\Canon\Easy-WebPrint\Toolband.dll/RC_Print.html
O8 - Extra context menu item: Easy-WebPrint Afdrukvoorbeeld - res://D:\Canon\Easy-WebPrint\Toolband.dll/RC_Preview.html
O8 - Extra context menu item: Easy-WebPrint Toevoegen aan afdruklijst - res://D:\Canon\Easy-WebPrint\Toolband.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint Versneld afdrukken - res://D:\Canon\Easy-WebPrint\Toolband.dll/RC_HSPrint.html
O8 - Extra context menu item: Verzenden naar &Bluetooth - C:\Program Files\Sitecom\Bluetooth Software\btsendto_ie_ctx.htm
O10 - Unknown file in Winsock LSP: c:\winnt\system32\avgfwafu.dll
O10 - Unknown file in Winsock LSP: c:\winnt\system32\avgfwafu.dll
O10 - Unknown file in Winsock LSP: c:\winnt\system32\avgfwafu.dll
O10 - Unknown file in Winsock LSP: c:\winnt\system32\avgfwafu.dll
O10 - Unknown file in Winsock LSP: c:\winnt\system32\avgfwafu.dll
O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} (Creative Software AutoUpdate) - http://www.creative.com/su/ocx/15026/CTSUEng.cab
O16 - DPF: {11260943-421B-11D0-8EAC-0000C07D88CF} (iPIX ActiveX Control) - http://www.ipix.com/viewers/ipixx.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/Shar ... vSniff.cab
O16 - DPF: {426784E5-24B2-4708-820D-117342FAD009} (Cimporter Object) - http://www.hyves.nl/cab/Outlookaddressbook.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by108fd.bay108.hotmail.MSN.com/r ... nPUpld.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/Shar ... /cabsa.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftup ... 9367730062
O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} (Image Uploader Control) - http://cache.hyves.org/statics/Aurigma/ ... oader4.cab
O16 - DPF: {CA11EB7C-1C85-4577-8A49-9E28EFB30184} (UMediaPlayer Class) - http://www.umediaserver.net/bin/UMediaControl4.cab
O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - http://download.McAfee.com/molbin/iss-l ... cfscan.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{46B7ED7E-DEA8-4C68-A04E-7BC5511C8660}: NameServer = 85.255.115.35,85.255.112.122
O17 - HKLM\System\CCS\Services\Tcpip\..\{6C6635DA-0659-4611-B51B-F7C408CCF8BE}: NameServer = 85.255.115.35,85.255.112.122
O17 - HKLM\System\CCS\Services\Tcpip\..\{78FA5814-CF7F-4798-BDDF-53A64C45C9AB}: NameServer = 85.255.115.35,85.255.112.122
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: NameServer = 85.255.115.35 85.255.112.122
O17 - HKLM\System\CS3\Services\Tcpip\Parameters: NameServer = 85.255.115.35 85.255.112.122
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 85.255.115.35 85.255.112.122
O20 - Winlogon Notify: WRNotifier - C:\winnt\SYSTEM32\WRLogonNTF.dll
O21 - SSODL: CDRecorder026 - {A3BC5E20-0235-1ABF-9CE1-00AA00512026} - (no file)
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\winnt\System32\Ati2evxx.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
O23 - Service: AVG Firewall (AVGFwSrv) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgfwsrv.exe
O23 - Service: Bluetooth Service (btwdins) - WIDCOMM, Inc. - C:\Program Files\Sitecom\Bluetooth Software\bin\btwdins.exe
O23 - Service: Logical Disk Manager Administrative-service (dmadmin) - VERITAS Software Corp. - C:\winnt\System32\dmadmin.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\winnt\System32\nvsvc32.exe
-
- Beginner
- Berichten: 17
- Lid geworden op: zo 17 dec 2006, 21:18
Hoi,
Dit kan wel eens wijzen op een serieuze infectie!
Probeer eerst eens het volgende:
* Verwijder alle tijdelijke bestanden:
Open Internet Explorer > Extra > Internet Opties > Bestanden Verwijderen.
Download en installeer AVG Anti-Spyware.
Start op in veilige modus
Start AVG Anti-Spyware.
Dit kan wel eens wijzen op een serieuze infectie!
Probeer eerst eens het volgende:
* Verwijder alle tijdelijke bestanden:
Open Internet Explorer > Extra > Internet Opties > Bestanden Verwijderen.
Download en installeer AVG Anti-Spyware.
- Na de installatie, open AVG Anti-Spyware:
* onder "Status", klik op Change state naast "Resident shield". (wijzig van active naar inactive!)
* onder "Update", klik op de Start update knop.
* onder "Scanner", tab "Settings":- - onder "How to act?", klik op "Recommended actions" en selecteer Quarantine. (ZEER BELANGRIJK!)
* onder "Reports", selecteer Automatically generate report after every scan en verwijder het vinkje bij Only if threats were found
Sluit AVG Anti-Spyware. Laat het nog niet scannen. - - onder "How to act?", klik op "Recommended actions" en selecteer Quarantine. (ZEER BELANGRIJK!)
Start op in veilige modus
Start AVG Anti-Spyware.
- * Klik op Scan en kies Complete System Scan.
Na de scan; volg onderstaande instructies :
BELANGRIJK : Klik niet op de "Save Scan Report" knop vooraleer je de "Apply all Actions" knop hebt aangeklikt !
* Draag er zorg voor dat Set all elements to: op Quarantine staat (1),
zo niet klik op de link en kies Quarantine in de popup menu. (2)
(Dit geldt niet voor cookies, deze worden onveranderlijk gedelete !)
* Onderaan het venster klik op de Apply all Actions knop. (3)
* Wanneer je de melding krijgt 'All actions have been applied', klik je onderaan op de knop Save Report.
* Klik in het menu bovenaan op Reports. Kopieer het rapport van de scan en plaats dat hier in je volgende bericht.
-
- Beginner
- Berichten: 17
- Lid geworden op: zo 17 dec 2006, 21:18
Hier de report:
VG Anti-Spyware - Scan Report
---------------------------------------------------------
+ Created at: 23:48:30 29-3-2007
+ Scan result:
HKU\S-1-5-21-515967899-1972579041-839522115-1000\Software\Internet Security -> Adware.IntCodec : Cleaned with backup (quarantined).
C:\WINNT\system32\mb2.exe -> Backdoor.Small.oa : Cleaned with backup (quarantined).
D:\Bewaren\Messenger Plus! - Setup.exe/sponsor.exe -> Downloader.Swizzor.ag : Cleaned with backup (quarantined).
D:\Bewaren\MsgPlus-254.exe/sponsor.exe -> Downloader.Swizzor.ag : Cleaned with backup (quarantined).
C:\Documents and Settings\Admin\Cookies\admin@247realmedia[2].txt -> TrackingCookie.247realmedia : Cleaned.
C:\Documents and Settings\Admin\Cookies\admin@2o7[2].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\Admin\Cookies\admin@metacafe.122.2o7[2].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\Admin\Cookies\admin@partygaming.122.2o7[1].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\Admin\Cookies\admin@tpgpost.122.2o7[1].txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.71:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rybzynyk.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
:mozilla.72:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rybzynyk.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
:mozilla.73:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rybzynyk.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
C:\Documents and Settings\Admin\Cookies\admin@adbrite[2].txt -> TrackingCookie.Adbrite : Cleaned.
:mozilla.290:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rybzynyk.default\cookies.txt -> TrackingCookie.Adtech : Cleaned.
:mozilla.291:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rybzynyk.default\cookies.txt -> TrackingCookie.Adtech : Cleaned.
C:\Documents and Settings\Admin\Cookies\admin@adtech[2].txt -> TrackingCookie.Adtech : Cleaned.
:mozilla.47:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rybzynyk.default\cookies.txt -> TrackingCookie.Atdmt : Cleaned.
:mozilla.133:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rybzynyk.default\cookies.txt -> TrackingCookie.Bluestreak : Cleaned.
C:\Documents and Settings\Admin\Cookies\admin@ads49.bpath[1].txt -> TrackingCookie.Bpath : Cleaned.
C:\Documents and Settings\Admin\Cookies\admin@ads50.bpath[1].txt -> TrackingCookie.Bpath : Cleaned.
:mozilla.190:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rybzynyk.default\cookies.txt -> TrackingCookie.Clickzs : Cleaned.
:mozilla.191:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rybzynyk.default\cookies.txt -> TrackingCookie.Clickzs : Cleaned.
:mozilla.299:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rybzynyk.default\cookies.txt -> TrackingCookie.Clickzs : Cleaned.
:mozilla.301:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rybzynyk.default\cookies.txt -> TrackingCookie.Clickzs : Cleaned.
C:\Documents and Settings\Admin\Cookies\admin@vip2.clickzs[2].txt -> TrackingCookie.Clickzs : Cleaned.
C:\Documents and Settings\Admin\Cookies\admin@com[2].txt -> TrackingCookie.Com : Cleaned.
:mozilla.15:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rybzynyk.default\cookies.txt -> TrackingCookie.Doubleclick : Cleaned.
C:\Documents and Settings\Admin\Cookies\admin@as-eu.falkag[1].txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.294:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rybzynyk.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned.
:mozilla.153:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rybzynyk.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.154:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rybzynyk.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.155:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rybzynyk.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.156:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rybzynyk.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.239:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rybzynyk.default\cookies.txt -> TrackingCookie.Imrworldwide : Cleaned.
:mozilla.240:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rybzynyk.default\cookies.txt -> TrackingCookie.Imrworldwide : Cleaned.
:mozilla.117:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rybzynyk.default\cookies.txt -> TrackingCookie.Masterstats : Cleaned.
C:\Documents and Settings\Admin\Cookies\admin@image.masterstats[1].txt -> TrackingCookie.Masterstats : Cleaned.
:mozilla.298:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rybzynyk.default\cookies.txt -> TrackingCookie.Mediaplex : Cleaned.
C:\Documents and Settings\Admin\Cookies\admin@ie.search.MSN[2].txt -> TrackingCookie.MSN : Cleaned.
:mozilla.100:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rybzynyk.default\cookies.txt -> TrackingCookie.Onestat : Cleaned.
:mozilla.101:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rybzynyk.default\cookies.txt -> TrackingCookie.Onestat : Cleaned.
:mozilla.102:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rybzynyk.default\cookies.txt -> TrackingCookie.Onestat : Cleaned.
:mozilla.103:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rybzynyk.default\cookies.txt -> TrackingCookie.Onestat : Cleaned.
:mozilla.98:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rybzynyk.default\cookies.txt -> TrackingCookie.Onestat : Cleaned.
:mozilla.99:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rybzynyk.default\cookies.txt -> TrackingCookie.Onestat : Cleaned.
C:\Documents and Settings\Admin\Cookies\admin@stat.onestat[1].txt -> TrackingCookie.Onestat : Cleaned.
C:\Documents and Settings\Admin\Cookies\admin@overture[1].txt -> TrackingCookie.Overture : Cleaned.
C:\Documents and Settings\Admin\Cookies\admin@ads.pointroll[2].txt -> TrackingCookie.Pointroll : Cleaned.
C:\Documents and Settings\Admin\Cookies\admin@project2.realtracker[1].txt -> TrackingCookie.Realtracker : Cleaned.
C:\Documents and Settings\Admin\Cookies\admin@ads.revsci[1].txt -> TrackingCookie.Revsci : Cleaned.
C:\Documents and Settings\Admin\Cookies\admin@revsci[1].txt -> TrackingCookie.Revsci : Cleaned.
C:\Documents and Settings\Admin\Cookies\admin@bs.serving-sys[2].txt -> TrackingCookie.Serving-sys : Cleaned.
C:\Documents and Settings\Admin\Cookies\admin@serving-sys[1].txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.126:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rybzynyk.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.127:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rybzynyk.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.128:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rybzynyk.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.129:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rybzynyk.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.226:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rybzynyk.default\cookies.txt -> TrackingCookie.Sitestat : Cleaned.
:mozilla.227:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rybzynyk.default\cookies.txt -> TrackingCookie.Sitestat : Cleaned.
:mozilla.28:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rybzynyk.default\cookies.txt -> TrackingCookie.Sitestat : Cleaned.
:mozilla.428:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rybzynyk.default\cookies.txt -> TrackingCookie.Sitestat : Cleaned.
:mozilla.157:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rybzynyk.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned.
:mozilla.158:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rybzynyk.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned.
:mozilla.159:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rybzynyk.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned.
:mozilla.160:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rybzynyk.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned.
:mozilla.161:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rybzynyk.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned.
:mozilla.162:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rybzynyk.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.164:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rybzynyk.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.165:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rybzynyk.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.166:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rybzynyk.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.149:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rybzynyk.default\cookies.txt -> TrackingCookie.Zedo : Cleaned.
:mozilla.150:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rybzynyk.default\cookies.txt -> TrackingCookie.Zedo : Cleaned.
:mozilla.151:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rybzynyk.default\cookies.txt -> TrackingCookie.Zedo : Cleaned.
D:\Bewaren\Radio\streaming.audio.manager.2.7.3.loader-tsrh.zip/Sam273Load.exe -> Trojan.Feutel.av : Cleaned with backup (quarantined).
D:\tmp\Chris.zip/ChrisTV.Pro.4.05.NhT/ChrisTV Pro v4.05/OR BetaMaster_Crack/PATCH.EXE -> Trojan.Feutel.av : Cleaned with backup (quarantined).
D:\unzipped\streaming.audio.manager.2.7.3.loader-tsrh\Sam273Load.exe -> Trojan.Feutel.av : Cleaned with backup (quarantined).
D:\Birttorent Downloads\avast! Antivirus 4.1.357\avast! Antivirus 4.1.357.rar/key.rar/loader.exe -> Trojan.Small : Cleaned with backup (quarantined).
::Report end
VG Anti-Spyware - Scan Report
---------------------------------------------------------
+ Created at: 23:48:30 29-3-2007
+ Scan result:
HKU\S-1-5-21-515967899-1972579041-839522115-1000\Software\Internet Security -> Adware.IntCodec : Cleaned with backup (quarantined).
C:\WINNT\system32\mb2.exe -> Backdoor.Small.oa : Cleaned with backup (quarantined).
D:\Bewaren\Messenger Plus! - Setup.exe/sponsor.exe -> Downloader.Swizzor.ag : Cleaned with backup (quarantined).
D:\Bewaren\MsgPlus-254.exe/sponsor.exe -> Downloader.Swizzor.ag : Cleaned with backup (quarantined).
C:\Documents and Settings\Admin\Cookies\admin@247realmedia[2].txt -> TrackingCookie.247realmedia : Cleaned.
C:\Documents and Settings\Admin\Cookies\admin@2o7[2].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\Admin\Cookies\admin@metacafe.122.2o7[2].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\Admin\Cookies\admin@partygaming.122.2o7[1].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\Admin\Cookies\admin@tpgpost.122.2o7[1].txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.71:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rybzynyk.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
:mozilla.72:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rybzynyk.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
:mozilla.73:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rybzynyk.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
C:\Documents and Settings\Admin\Cookies\admin@adbrite[2].txt -> TrackingCookie.Adbrite : Cleaned.
:mozilla.290:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rybzynyk.default\cookies.txt -> TrackingCookie.Adtech : Cleaned.
:mozilla.291:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rybzynyk.default\cookies.txt -> TrackingCookie.Adtech : Cleaned.
C:\Documents and Settings\Admin\Cookies\admin@adtech[2].txt -> TrackingCookie.Adtech : Cleaned.
:mozilla.47:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rybzynyk.default\cookies.txt -> TrackingCookie.Atdmt : Cleaned.
:mozilla.133:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rybzynyk.default\cookies.txt -> TrackingCookie.Bluestreak : Cleaned.
C:\Documents and Settings\Admin\Cookies\admin@ads49.bpath[1].txt -> TrackingCookie.Bpath : Cleaned.
C:\Documents and Settings\Admin\Cookies\admin@ads50.bpath[1].txt -> TrackingCookie.Bpath : Cleaned.
:mozilla.190:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rybzynyk.default\cookies.txt -> TrackingCookie.Clickzs : Cleaned.
:mozilla.191:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rybzynyk.default\cookies.txt -> TrackingCookie.Clickzs : Cleaned.
:mozilla.299:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rybzynyk.default\cookies.txt -> TrackingCookie.Clickzs : Cleaned.
:mozilla.301:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rybzynyk.default\cookies.txt -> TrackingCookie.Clickzs : Cleaned.
C:\Documents and Settings\Admin\Cookies\admin@vip2.clickzs[2].txt -> TrackingCookie.Clickzs : Cleaned.
C:\Documents and Settings\Admin\Cookies\admin@com[2].txt -> TrackingCookie.Com : Cleaned.
:mozilla.15:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rybzynyk.default\cookies.txt -> TrackingCookie.Doubleclick : Cleaned.
C:\Documents and Settings\Admin\Cookies\admin@as-eu.falkag[1].txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.294:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rybzynyk.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned.
:mozilla.153:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rybzynyk.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.154:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rybzynyk.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.155:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rybzynyk.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.156:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rybzynyk.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.239:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rybzynyk.default\cookies.txt -> TrackingCookie.Imrworldwide : Cleaned.
:mozilla.240:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rybzynyk.default\cookies.txt -> TrackingCookie.Imrworldwide : Cleaned.
:mozilla.117:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rybzynyk.default\cookies.txt -> TrackingCookie.Masterstats : Cleaned.
C:\Documents and Settings\Admin\Cookies\admin@image.masterstats[1].txt -> TrackingCookie.Masterstats : Cleaned.
:mozilla.298:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rybzynyk.default\cookies.txt -> TrackingCookie.Mediaplex : Cleaned.
C:\Documents and Settings\Admin\Cookies\admin@ie.search.MSN[2].txt -> TrackingCookie.MSN : Cleaned.
:mozilla.100:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rybzynyk.default\cookies.txt -> TrackingCookie.Onestat : Cleaned.
:mozilla.101:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rybzynyk.default\cookies.txt -> TrackingCookie.Onestat : Cleaned.
:mozilla.102:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rybzynyk.default\cookies.txt -> TrackingCookie.Onestat : Cleaned.
:mozilla.103:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rybzynyk.default\cookies.txt -> TrackingCookie.Onestat : Cleaned.
:mozilla.98:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rybzynyk.default\cookies.txt -> TrackingCookie.Onestat : Cleaned.
:mozilla.99:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rybzynyk.default\cookies.txt -> TrackingCookie.Onestat : Cleaned.
C:\Documents and Settings\Admin\Cookies\admin@stat.onestat[1].txt -> TrackingCookie.Onestat : Cleaned.
C:\Documents and Settings\Admin\Cookies\admin@overture[1].txt -> TrackingCookie.Overture : Cleaned.
C:\Documents and Settings\Admin\Cookies\admin@ads.pointroll[2].txt -> TrackingCookie.Pointroll : Cleaned.
C:\Documents and Settings\Admin\Cookies\admin@project2.realtracker[1].txt -> TrackingCookie.Realtracker : Cleaned.
C:\Documents and Settings\Admin\Cookies\admin@ads.revsci[1].txt -> TrackingCookie.Revsci : Cleaned.
C:\Documents and Settings\Admin\Cookies\admin@revsci[1].txt -> TrackingCookie.Revsci : Cleaned.
C:\Documents and Settings\Admin\Cookies\admin@bs.serving-sys[2].txt -> TrackingCookie.Serving-sys : Cleaned.
C:\Documents and Settings\Admin\Cookies\admin@serving-sys[1].txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.126:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rybzynyk.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.127:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rybzynyk.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.128:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rybzynyk.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.129:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rybzynyk.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.226:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rybzynyk.default\cookies.txt -> TrackingCookie.Sitestat : Cleaned.
:mozilla.227:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rybzynyk.default\cookies.txt -> TrackingCookie.Sitestat : Cleaned.
:mozilla.28:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rybzynyk.default\cookies.txt -> TrackingCookie.Sitestat : Cleaned.
:mozilla.428:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rybzynyk.default\cookies.txt -> TrackingCookie.Sitestat : Cleaned.
:mozilla.157:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rybzynyk.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned.
:mozilla.158:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rybzynyk.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned.
:mozilla.159:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rybzynyk.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned.
:mozilla.160:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rybzynyk.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned.
:mozilla.161:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rybzynyk.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned.
:mozilla.162:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rybzynyk.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.164:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rybzynyk.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.165:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rybzynyk.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.166:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rybzynyk.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.149:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rybzynyk.default\cookies.txt -> TrackingCookie.Zedo : Cleaned.
:mozilla.150:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rybzynyk.default\cookies.txt -> TrackingCookie.Zedo : Cleaned.
:mozilla.151:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rybzynyk.default\cookies.txt -> TrackingCookie.Zedo : Cleaned.
D:\Bewaren\Radio\streaming.audio.manager.2.7.3.loader-tsrh.zip/Sam273Load.exe -> Trojan.Feutel.av : Cleaned with backup (quarantined).
D:\tmp\Chris.zip/ChrisTV.Pro.4.05.NhT/ChrisTV Pro v4.05/OR BetaMaster_Crack/PATCH.EXE -> Trojan.Feutel.av : Cleaned with backup (quarantined).
D:\unzipped\streaming.audio.manager.2.7.3.loader-tsrh\Sam273Load.exe -> Trojan.Feutel.av : Cleaned with backup (quarantined).
D:\Birttorent Downloads\avast! Antivirus 4.1.357\avast! Antivirus 4.1.357.rar/key.rar/loader.exe -> Trojan.Small : Cleaned with backup (quarantined).
::Report end
-
- Beginner
- Berichten: 17
- Lid geworden op: zo 17 dec 2006, 21:18
HJT log:
Logfile of HijackThis v1.99.1
Scan saved at 23:54:26, on 29-3-2007
Platform: Windows 2000 SP3 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\winnt\System32\smss.exe
C:\winnt\system32\winlogon.exe
C:\winnt\system32\services.exe
C:\winnt\system32\lsass.exe
C:\winnt\System32\Ati2evxx.exe
C:\winnt\system32\svchost.exe
C:\winnt\system32\spoolsv.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
C:\Program Files\Sitecom\Bluetooth Software\bin\btwdins.exe
C:\WINNT\System32\svchost.exe
C:\winnt\system32\hidserv.exe
C:\winnt\system32\regsvc.exe
C:\winnt\system32\MSTask.exe
C:\winnt\system32\stisvc.exe
C:\winnt\System32\WBEM\WinMgmt.exe
C:\PROGRA~1\Grisoft\AVG7\avgfwsrv.exe
C:\winnt\system32\Ati2evxx.exe
C:\winnt\Explorer.EXE
C:\Program Files\MessengerPlus! 3\MsgPlus.exe
C:\Program Files\Creative\Video Blaster WebCam Control\CAMTRAY.EXE
C:\winnt\System32\CTHELPER.EXE
C:\Program Files\KMaestro\KMaestro.exe
D:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe
C:\Program Files\Omniquad PopUpSlasher\PSlasher.exe
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Sitecom\Bluetooth Software\BTTray.exe
C:\PROGRA~1\Sitecom\BLUETO~1\BTSTAC~1.EXE
D:\Nodig\Hack\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Canon Easy Web Print Helper - {68F9551E-0411-48E4-9AAF-4BC42A6A46BE} - D:\Canon\Easy-WebPrint\EWPBrowseLoader.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - D:\Canon\Easy-WebPrint\Toolband.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\System32\msdxm.ocx
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [Creative WebCam Tray] C:\Program Files\Creative\Video Blaster WebCam Control\CAMTRAY.EXE
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [WINDVDPatch] CTHELPER.EXE
O4 - HKLM\..\Run: [UpdReg] C:\WINNT\UpdReg.EXE
O4 - HKLM\..\Run: [Jet Detection] "C:\Program Files\Creative\SBLive\PROGRAM\ADGJDet.exe"
O4 - HKLM\..\Run: [BtcMaestro] "C:\Program Files\KMaestro\KMaestro.exe"
O4 - HKLM\..\Run: [OpwareSE4] "D:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe"
O4 - HKLM\..\Run: [PopUpSlasher] "C:\Program Files\Omniquad PopUpSlasher\PSlasher.exe"
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - Global Startup: BTTray.lnk = C:\Program Files\Sitecom\Bluetooth Software\BTTray.exe
O8 - Extra context menu item: Exporteren naar Microsoft Excel - res://D:\PROGRA~1\MICROS~1\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Easy-WebPrint Afdrukken - res://D:\Canon\Easy-WebPrint\Toolband.dll/RC_Print.html
O8 - Extra context menu item: Easy-WebPrint Afdrukvoorbeeld - res://D:\Canon\Easy-WebPrint\Toolband.dll/RC_Preview.html
O8 - Extra context menu item: Easy-WebPrint Toevoegen aan afdruklijst - res://D:\Canon\Easy-WebPrint\Toolband.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint Versneld afdrukken - res://D:\Canon\Easy-WebPrint\Toolband.dll/RC_HSPrint.html
O8 - Extra context menu item: Verzenden naar &Bluetooth - C:\Program Files\Sitecom\Bluetooth Software\btsendto_ie_ctx.htm
O10 - Unknown file in Winsock LSP: c:\winnt\system32\avgfwafu.dll
O10 - Unknown file in Winsock LSP: c:\winnt\system32\avgfwafu.dll
O10 - Unknown file in Winsock LSP: c:\winnt\system32\avgfwafu.dll
O10 - Unknown file in Winsock LSP: c:\winnt\system32\avgfwafu.dll
O10 - Unknown file in Winsock LSP: c:\winnt\system32\avgfwafu.dll
O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} (Creative Software AutoUpdate) - http://www.creative.com/su/ocx/15026/CTSUEng.cab
O16 - DPF: {11260943-421B-11D0-8EAC-0000C07D88CF} (iPIX ActiveX Control) - http://www.ipix.com/viewers/ipixx.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/Shar ... vSniff.cab
O16 - DPF: {426784E5-24B2-4708-820D-117342FAD009} (Cimporter Object) - http://www.hyves.nl/cab/Outlookaddressbook.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by108fd.bay108.hotmail.MSN.com/r ... nPUpld.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/Shar ... /cabsa.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftup ... 9367730062
O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} (Image Uploader Control) - http://cache.hyves.org/statics/Aurigma/ ... oader4.cab
O16 - DPF: {CA11EB7C-1C85-4577-8A49-9E28EFB30184} (UMediaPlayer Class) - http://www.umediaserver.net/bin/UMediaControl4.cab
O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - http://download.McAfee.com/molbin/iss-l ... cfscan.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{46B7ED7E-DEA8-4C68-A04E-7BC5511C8660}: NameServer = 85.255.115.35,85.255.112.122
O17 - HKLM\System\CCS\Services\Tcpip\..\{6C6635DA-0659-4611-B51B-F7C408CCF8BE}: NameServer = 85.255.115.35,85.255.112.122
O17 - HKLM\System\CCS\Services\Tcpip\..\{78FA5814-CF7F-4798-BDDF-53A64C45C9AB}: NameServer = 85.255.115.35,85.255.112.122
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: NameServer = 85.255.115.35 85.255.112.122
O17 - HKLM\System\CS3\Services\Tcpip\Parameters: NameServer = 85.255.115.35 85.255.112.122
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 85.255.115.35 85.255.112.122
O20 - Winlogon Notify: WRNotifier - C:\winnt\SYSTEM32\WRLogonNTF.dll
O21 - SSODL: CDRecorder026 - {A3BC5E20-0235-1ABF-9CE1-00AA00512026} - (no file)
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\winnt\System32\Ati2evxx.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
O23 - Service: AVG Firewall (AVGFwSrv) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgfwsrv.exe
O23 - Service: Bluetooth Service (btwdins) - WIDCOMM, Inc. - C:\Program Files\Sitecom\Bluetooth Software\bin\btwdins.exe
O23 - Service: Logical Disk Manager Administrative-service (dmadmin) - VERITAS Software Corp. - C:\winnt\System32\dmadmin.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\winnt\System32\nvsvc32.exe
Logfile of HijackThis v1.99.1
Scan saved at 23:54:26, on 29-3-2007
Platform: Windows 2000 SP3 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\winnt\System32\smss.exe
C:\winnt\system32\winlogon.exe
C:\winnt\system32\services.exe
C:\winnt\system32\lsass.exe
C:\winnt\System32\Ati2evxx.exe
C:\winnt\system32\svchost.exe
C:\winnt\system32\spoolsv.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
C:\Program Files\Sitecom\Bluetooth Software\bin\btwdins.exe
C:\WINNT\System32\svchost.exe
C:\winnt\system32\hidserv.exe
C:\winnt\system32\regsvc.exe
C:\winnt\system32\MSTask.exe
C:\winnt\system32\stisvc.exe
C:\winnt\System32\WBEM\WinMgmt.exe
C:\PROGRA~1\Grisoft\AVG7\avgfwsrv.exe
C:\winnt\system32\Ati2evxx.exe
C:\winnt\Explorer.EXE
C:\Program Files\MessengerPlus! 3\MsgPlus.exe
C:\Program Files\Creative\Video Blaster WebCam Control\CAMTRAY.EXE
C:\winnt\System32\CTHELPER.EXE
C:\Program Files\KMaestro\KMaestro.exe
D:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe
C:\Program Files\Omniquad PopUpSlasher\PSlasher.exe
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Sitecom\Bluetooth Software\BTTray.exe
C:\PROGRA~1\Sitecom\BLUETO~1\BTSTAC~1.EXE
D:\Nodig\Hack\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Canon Easy Web Print Helper - {68F9551E-0411-48E4-9AAF-4BC42A6A46BE} - D:\Canon\Easy-WebPrint\EWPBrowseLoader.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - D:\Canon\Easy-WebPrint\Toolband.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\System32\msdxm.ocx
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [Creative WebCam Tray] C:\Program Files\Creative\Video Blaster WebCam Control\CAMTRAY.EXE
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [WINDVDPatch] CTHELPER.EXE
O4 - HKLM\..\Run: [UpdReg] C:\WINNT\UpdReg.EXE
O4 - HKLM\..\Run: [Jet Detection] "C:\Program Files\Creative\SBLive\PROGRAM\ADGJDet.exe"
O4 - HKLM\..\Run: [BtcMaestro] "C:\Program Files\KMaestro\KMaestro.exe"
O4 - HKLM\..\Run: [OpwareSE4] "D:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe"
O4 - HKLM\..\Run: [PopUpSlasher] "C:\Program Files\Omniquad PopUpSlasher\PSlasher.exe"
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - Global Startup: BTTray.lnk = C:\Program Files\Sitecom\Bluetooth Software\BTTray.exe
O8 - Extra context menu item: Exporteren naar Microsoft Excel - res://D:\PROGRA~1\MICROS~1\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Easy-WebPrint Afdrukken - res://D:\Canon\Easy-WebPrint\Toolband.dll/RC_Print.html
O8 - Extra context menu item: Easy-WebPrint Afdrukvoorbeeld - res://D:\Canon\Easy-WebPrint\Toolband.dll/RC_Preview.html
O8 - Extra context menu item: Easy-WebPrint Toevoegen aan afdruklijst - res://D:\Canon\Easy-WebPrint\Toolband.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint Versneld afdrukken - res://D:\Canon\Easy-WebPrint\Toolband.dll/RC_HSPrint.html
O8 - Extra context menu item: Verzenden naar &Bluetooth - C:\Program Files\Sitecom\Bluetooth Software\btsendto_ie_ctx.htm
O10 - Unknown file in Winsock LSP: c:\winnt\system32\avgfwafu.dll
O10 - Unknown file in Winsock LSP: c:\winnt\system32\avgfwafu.dll
O10 - Unknown file in Winsock LSP: c:\winnt\system32\avgfwafu.dll
O10 - Unknown file in Winsock LSP: c:\winnt\system32\avgfwafu.dll
O10 - Unknown file in Winsock LSP: c:\winnt\system32\avgfwafu.dll
O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} (Creative Software AutoUpdate) - http://www.creative.com/su/ocx/15026/CTSUEng.cab
O16 - DPF: {11260943-421B-11D0-8EAC-0000C07D88CF} (iPIX ActiveX Control) - http://www.ipix.com/viewers/ipixx.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/Shar ... vSniff.cab
O16 - DPF: {426784E5-24B2-4708-820D-117342FAD009} (Cimporter Object) - http://www.hyves.nl/cab/Outlookaddressbook.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by108fd.bay108.hotmail.MSN.com/r ... nPUpld.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/Shar ... /cabsa.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftup ... 9367730062
O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} (Image Uploader Control) - http://cache.hyves.org/statics/Aurigma/ ... oader4.cab
O16 - DPF: {CA11EB7C-1C85-4577-8A49-9E28EFB30184} (UMediaPlayer Class) - http://www.umediaserver.net/bin/UMediaControl4.cab
O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - http://download.McAfee.com/molbin/iss-l ... cfscan.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{46B7ED7E-DEA8-4C68-A04E-7BC5511C8660}: NameServer = 85.255.115.35,85.255.112.122
O17 - HKLM\System\CCS\Services\Tcpip\..\{6C6635DA-0659-4611-B51B-F7C408CCF8BE}: NameServer = 85.255.115.35,85.255.112.122
O17 - HKLM\System\CCS\Services\Tcpip\..\{78FA5814-CF7F-4798-BDDF-53A64C45C9AB}: NameServer = 85.255.115.35,85.255.112.122
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: NameServer = 85.255.115.35 85.255.112.122
O17 - HKLM\System\CS3\Services\Tcpip\Parameters: NameServer = 85.255.115.35 85.255.112.122
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 85.255.115.35 85.255.112.122
O20 - Winlogon Notify: WRNotifier - C:\winnt\SYSTEM32\WRLogonNTF.dll
O21 - SSODL: CDRecorder026 - {A3BC5E20-0235-1ABF-9CE1-00AA00512026} - (no file)
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\winnt\System32\Ati2evxx.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
O23 - Service: AVG Firewall (AVGFwSrv) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgfwsrv.exe
O23 - Service: Bluetooth Service (btwdins) - WIDCOMM, Inc. - C:\Program Files\Sitecom\Bluetooth Software\bin\btwdins.exe
O23 - Service: Logical Disk Manager Administrative-service (dmadmin) - VERITAS Software Corp. - C:\winnt\System32\dmadmin.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\winnt\System32\nvsvc32.exe
-
- Beginner
- Berichten: 17
- Lid geworden op: zo 17 dec 2006, 21:18
Hoi,
Het report en het logje zijn hetzelfde Sorry voor de onduidelijkheid.
Probeer eens het volgende:
* Open Hijackthis, scan en vink de volgende items aan:
O17 - HKLM\System\CCS\Services\Tcpip\..\{46B7ED7E-DEA8-4C68-A04E-7BC5511C8660}: NameServer = 85.255.115.35,85.255.112.122
O17 - HKLM\System\CCS\Services\Tcpip\..\{6C6635DA-0659-4611-B51B-F7C408CCF8BE}: NameServer = 85.255.115.35,85.255.112.122
O17 - HKLM\System\CCS\Services\Tcpip\..\{78FA5814-CF7F-4798-BDDF-53A64C45C9AB}: NameServer = 85.255.115.35,85.255.112.122
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: NameServer = 85.255.115.35 85.255.112.122
O17 - HKLM\System\CS3\Services\Tcpip\Parameters: NameServer = 85.255.115.35 85.255.112.122
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 85.255.115.35 85.255.112.122
O21 - SSODL: CDRecorder026 - {A3BC5E20-0235-1ABF-9CE1-00AA00512026} - (no file)
* Sluit alle vensters en klik "Fix Checked"
Probeer nu nogmaals Fixwareout te runnen.
Post het logje van Fixwareout samen met een nieuw HJT logje aub.
Het report en het logje zijn hetzelfde Sorry voor de onduidelijkheid.
Probeer eens het volgende:
* Open Hijackthis, scan en vink de volgende items aan:
O17 - HKLM\System\CCS\Services\Tcpip\..\{46B7ED7E-DEA8-4C68-A04E-7BC5511C8660}: NameServer = 85.255.115.35,85.255.112.122
O17 - HKLM\System\CCS\Services\Tcpip\..\{6C6635DA-0659-4611-B51B-F7C408CCF8BE}: NameServer = 85.255.115.35,85.255.112.122
O17 - HKLM\System\CCS\Services\Tcpip\..\{78FA5814-CF7F-4798-BDDF-53A64C45C9AB}: NameServer = 85.255.115.35,85.255.112.122
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: NameServer = 85.255.115.35 85.255.112.122
O17 - HKLM\System\CS3\Services\Tcpip\Parameters: NameServer = 85.255.115.35 85.255.112.122
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 85.255.115.35 85.255.112.122
O21 - SSODL: CDRecorder026 - {A3BC5E20-0235-1ABF-9CE1-00AA00512026} - (no file)
* Sluit alle vensters en klik "Fix Checked"
Probeer nu nogmaals Fixwareout te runnen.
Post het logje van Fixwareout samen met een nieuw HJT logje aub.
-
- Beginner
- Berichten: 17
- Lid geworden op: zo 17 dec 2006, 21:18
Fixwareout wil nog steeds niet.
Heb wel een nieuwe logje van HJT:
Logfile of HijackThis v1.99.1
Scan saved at 18:54:13, on 30-3-2007
Platform: Windows 2000 SP3 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\winnt\System32\smss.exe
C:\winnt\system32\winlogon.exe
C:\winnt\system32\services.exe
C:\winnt\system32\lsass.exe
C:\winnt\System32\Ati2evxx.exe
C:\winnt\system32\svchost.exe
C:\winnt\system32\spoolsv.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
C:\Program Files\Sitecom\Bluetooth Software\bin\btwdins.exe
C:\WINNT\System32\svchost.exe
C:\winnt\system32\hidserv.exe
C:\winnt\system32\regsvc.exe
C:\winnt\system32\MSTask.exe
C:\winnt\system32\stisvc.exe
C:\winnt\System32\WBEM\WinMgmt.exe
C:\PROGRA~1\Grisoft\AVG7\avgfwsrv.exe
C:\winnt\system32\Ati2evxx.exe
C:\winnt\Explorer.EXE
C:\Program Files\MessengerPlus! 3\MsgPlus.exe
C:\Program Files\Creative\Video Blaster WebCam Control\CAMTRAY.EXE
C:\winnt\System32\CTHELPER.EXE
C:\Program Files\KMaestro\KMaestro.exe
D:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe
C:\Program Files\Omniquad PopUpSlasher\PSlasher.exe
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
D:\Nodig\Hack\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Canon Easy Web Print Helper - {68F9551E-0411-48E4-9AAF-4BC42A6A46BE} - D:\Canon\Easy-WebPrint\EWPBrowseLoader.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - D:\Canon\Easy-WebPrint\Toolband.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\System32\msdxm.ocx
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [Creative WebCam Tray] C:\Program Files\Creative\Video Blaster WebCam Control\CAMTRAY.EXE
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [WINDVDPatch] CTHELPER.EXE
O4 - HKLM\..\Run: [UpdReg] C:\WINNT\UpdReg.EXE
O4 - HKLM\..\Run: [Jet Detection] "C:\Program Files\Creative\SBLive\PROGRAM\ADGJDet.exe"
O4 - HKLM\..\Run: [BtcMaestro] "C:\Program Files\KMaestro\KMaestro.exe"
O4 - HKLM\..\Run: [OpwareSE4] "D:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe"
O4 - HKLM\..\Run: [PopUpSlasher] "C:\Program Files\Omniquad PopUpSlasher\PSlasher.exe"
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - Global Startup: BTTray.lnk = C:\Program Files\Sitecom\Bluetooth Software\BTTray.exe
O8 - Extra context menu item: Exporteren naar Microsoft Excel - res://D:\PROGRA~1\MICROS~1\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Easy-WebPrint Afdrukken - res://D:\Canon\Easy-WebPrint\Toolband.dll/RC_Print.html
O8 - Extra context menu item: Easy-WebPrint Afdrukvoorbeeld - res://D:\Canon\Easy-WebPrint\Toolband.dll/RC_Preview.html
O8 - Extra context menu item: Easy-WebPrint Toevoegen aan afdruklijst - res://D:\Canon\Easy-WebPrint\Toolband.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint Versneld afdrukken - res://D:\Canon\Easy-WebPrint\Toolband.dll/RC_HSPrint.html
O8 - Extra context menu item: Verzenden naar &Bluetooth - C:\Program Files\Sitecom\Bluetooth Software\btsendto_ie_ctx.htm
O10 - Unknown file in Winsock LSP: c:\winnt\system32\avgfwafu.dll
O10 - Unknown file in Winsock LSP: c:\winnt\system32\avgfwafu.dll
O10 - Unknown file in Winsock LSP: c:\winnt\system32\avgfwafu.dll
O10 - Unknown file in Winsock LSP: c:\winnt\system32\avgfwafu.dll
O10 - Unknown file in Winsock LSP: c:\winnt\system32\avgfwafu.dll
O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} (Creative Software AutoUpdate) - http://www.creative.com/su/ocx/15026/CTSUEng.cab
O16 - DPF: {11260943-421B-11D0-8EAC-0000C07D88CF} (iPIX ActiveX Control) - http://www.ipix.com/viewers/ipixx.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/Shar ... vSniff.cab
O16 - DPF: {426784E5-24B2-4708-820D-117342FAD009} (Cimporter Object) - http://www.hyves.nl/cab/Outlookaddressbook.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by108fd.bay108.hotmail.MSN.com/r ... nPUpld.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/Shar ... /cabsa.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftup ... 9367730062
O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} (Image Uploader Control) - http://cache.hyves.org/statics/Aurigma/ ... oader4.cab
O16 - DPF: {CA11EB7C-1C85-4577-8A49-9E28EFB30184} (UMediaPlayer Class) - http://www.umediaserver.net/bin/UMediaControl4.cab
O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - http://download.McAfee.com/molbin/iss-l ... cfscan.cab
O20 - Winlogon Notify: WRNotifier - C:\winnt\SYSTEM32\WRLogonNTF.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\winnt\System32\Ati2evxx.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
O23 - Service: AVG Firewall (AVGFwSrv) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgfwsrv.exe
O23 - Service: Bluetooth Service (btwdins) - WIDCOMM, Inc. - C:\Program Files\Sitecom\Bluetooth Software\bin\btwdins.exe
O23 - Service: Logical Disk Manager Administrative-service (dmadmin) - VERITAS Software Corp. - C:\winnt\System32\dmadmin.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\winnt\System32\nvsvc32.exe
Heb wel een nieuwe logje van HJT:
Logfile of HijackThis v1.99.1
Scan saved at 18:54:13, on 30-3-2007
Platform: Windows 2000 SP3 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\winnt\System32\smss.exe
C:\winnt\system32\winlogon.exe
C:\winnt\system32\services.exe
C:\winnt\system32\lsass.exe
C:\winnt\System32\Ati2evxx.exe
C:\winnt\system32\svchost.exe
C:\winnt\system32\spoolsv.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
C:\Program Files\Sitecom\Bluetooth Software\bin\btwdins.exe
C:\WINNT\System32\svchost.exe
C:\winnt\system32\hidserv.exe
C:\winnt\system32\regsvc.exe
C:\winnt\system32\MSTask.exe
C:\winnt\system32\stisvc.exe
C:\winnt\System32\WBEM\WinMgmt.exe
C:\PROGRA~1\Grisoft\AVG7\avgfwsrv.exe
C:\winnt\system32\Ati2evxx.exe
C:\winnt\Explorer.EXE
C:\Program Files\MessengerPlus! 3\MsgPlus.exe
C:\Program Files\Creative\Video Blaster WebCam Control\CAMTRAY.EXE
C:\winnt\System32\CTHELPER.EXE
C:\Program Files\KMaestro\KMaestro.exe
D:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe
C:\Program Files\Omniquad PopUpSlasher\PSlasher.exe
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
D:\Nodig\Hack\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Canon Easy Web Print Helper - {68F9551E-0411-48E4-9AAF-4BC42A6A46BE} - D:\Canon\Easy-WebPrint\EWPBrowseLoader.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - D:\Canon\Easy-WebPrint\Toolband.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\System32\msdxm.ocx
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [Creative WebCam Tray] C:\Program Files\Creative\Video Blaster WebCam Control\CAMTRAY.EXE
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [WINDVDPatch] CTHELPER.EXE
O4 - HKLM\..\Run: [UpdReg] C:\WINNT\UpdReg.EXE
O4 - HKLM\..\Run: [Jet Detection] "C:\Program Files\Creative\SBLive\PROGRAM\ADGJDet.exe"
O4 - HKLM\..\Run: [BtcMaestro] "C:\Program Files\KMaestro\KMaestro.exe"
O4 - HKLM\..\Run: [OpwareSE4] "D:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe"
O4 - HKLM\..\Run: [PopUpSlasher] "C:\Program Files\Omniquad PopUpSlasher\PSlasher.exe"
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - Global Startup: BTTray.lnk = C:\Program Files\Sitecom\Bluetooth Software\BTTray.exe
O8 - Extra context menu item: Exporteren naar Microsoft Excel - res://D:\PROGRA~1\MICROS~1\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Easy-WebPrint Afdrukken - res://D:\Canon\Easy-WebPrint\Toolband.dll/RC_Print.html
O8 - Extra context menu item: Easy-WebPrint Afdrukvoorbeeld - res://D:\Canon\Easy-WebPrint\Toolband.dll/RC_Preview.html
O8 - Extra context menu item: Easy-WebPrint Toevoegen aan afdruklijst - res://D:\Canon\Easy-WebPrint\Toolband.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint Versneld afdrukken - res://D:\Canon\Easy-WebPrint\Toolband.dll/RC_HSPrint.html
O8 - Extra context menu item: Verzenden naar &Bluetooth - C:\Program Files\Sitecom\Bluetooth Software\btsendto_ie_ctx.htm
O10 - Unknown file in Winsock LSP: c:\winnt\system32\avgfwafu.dll
O10 - Unknown file in Winsock LSP: c:\winnt\system32\avgfwafu.dll
O10 - Unknown file in Winsock LSP: c:\winnt\system32\avgfwafu.dll
O10 - Unknown file in Winsock LSP: c:\winnt\system32\avgfwafu.dll
O10 - Unknown file in Winsock LSP: c:\winnt\system32\avgfwafu.dll
O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} (Creative Software AutoUpdate) - http://www.creative.com/su/ocx/15026/CTSUEng.cab
O16 - DPF: {11260943-421B-11D0-8EAC-0000C07D88CF} (iPIX ActiveX Control) - http://www.ipix.com/viewers/ipixx.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/Shar ... vSniff.cab
O16 - DPF: {426784E5-24B2-4708-820D-117342FAD009} (Cimporter Object) - http://www.hyves.nl/cab/Outlookaddressbook.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by108fd.bay108.hotmail.MSN.com/r ... nPUpld.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/Shar ... /cabsa.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftup ... 9367730062
O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} (Image Uploader Control) - http://cache.hyves.org/statics/Aurigma/ ... oader4.cab
O16 - DPF: {CA11EB7C-1C85-4577-8A49-9E28EFB30184} (UMediaPlayer Class) - http://www.umediaserver.net/bin/UMediaControl4.cab
O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - http://download.McAfee.com/molbin/iss-l ... cfscan.cab
O20 - Winlogon Notify: WRNotifier - C:\winnt\SYSTEM32\WRLogonNTF.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\winnt\System32\Ati2evxx.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
O23 - Service: AVG Firewall (AVGFwSrv) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgfwsrv.exe
O23 - Service: Bluetooth Service (btwdins) - WIDCOMM, Inc. - C:\Program Files\Sitecom\Bluetooth Software\bin\btwdins.exe
O23 - Service: Logical Disk Manager Administrative-service (dmadmin) - VERITAS Software Corp. - C:\winnt\System32\dmadmin.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\winnt\System32\nvsvc32.exe