Darunia
wzl-lid
Sinds 18/12/2004
T: 6
R: 336
|
5/1/2006 -
1:43u
| Quote
|
Excuses aan allen aan wie ik mijn belofte niet heb kunnen nakomen. Wegens grote drukte in het privéleven en bijscholing op het internet is het er niet van gekomen om julie hijackthislog te controleren. Mijn fout.
Tot nu dus, ik ben weer geheel klaar om spyware-infecties en dergelijke te bestrijden. Gooi ze desnoods maar in deze topic.
D.
|
Jozef
wzl-lid
Sinds 26/9/2004
T:6 -
R:58
|
12/1/2006 -
13:03u
| Quote
|
Zoude dit eens willen nazien aub?
tnx
Logfile of HijackThis v1.99.1
Scan saved at 13:02:10, on 12/01/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\INF\MSI\SlowDownCPU\SlowDownCPU.exe
C:\WINDOWS\system32\VTTimer.exe
C:\Program Files\Microsoft Hardware\Keyboard\type32.exe
C:\Program Files\MessengerPlus! 3\MsgPlus.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\CA\eTrust\InoculateIT\realmon.exe
C:\Program Files\CA\eTrust\InoculateIT\InoRpc.exe
C:\Program Files\CA\eTrust\InoculateIT\InoRT.exe
C:\Program Files\CA\eTrust\InoculateIT\InoTask.exe
C:\WINDOWS\LogWatNT.exe
C:\Program Files\Eset\nod32krn.exe
C:\Program Files\Spyware Doctor\sdhelp.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Stefnie\Bureaublad\Hijack\hijackthis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.tbgfeqcnqivrtwommznyo.com/tQN07D23ZR0MS9ElsNGaOob2NKSVdB37Z2zMvL1qUNima9ZTRqTcdyrufvCc/wsG.html
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.be/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O4 - HKLM\..\Run: [SlowDownCPU] C:\WINDOWS\INF\MSI\SlowDownCPU\SlowDownCPU.exe
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [IntelliType] "C:\Program Files\Microsoft Hardware\Keyboard\type32.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [Realtime Monitor] "C:\Program Files\CA\eTrust\InoculateIT\realmon.exe"
O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart
O8 - Extra context menu item: E&xport to Microsoft Excel - res /C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\PROGRA~1\SPYWAR~2\tools\iesdpb.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Common Files\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://spaces.msn.com//PhotoUpload/MsnPUpld.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F- 305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - Winlogon Notify: WRNotifier - C:\WINDOWS\SYSTEM32\WRLogonNTF.dll
O23 - Service: eTrust InoculateIT RPC Server (InoRPC) - Computer Associates International, Inc. - C:\Program Files\CA\eTrust\InoculateIT\InoRpc.exe
O23 - Service: eTrust InoculateIT Realtime Server (InoRT) - Computer Associates International, Inc. - C:\Program Files\CA\eTrust\InoculateIT\InoRT.exe
O23 - Service: eTrust InoculateIT Job Server (InoTask) - Computer Associates International, Inc. - C:\Program Files\CA\eTrust\InoculateIT\InoTask.exe
O23 - Service: Event Log Watch (LogWatch) - Unknown owner - C:\WINDOWS\LogWatNT.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
O23 - Service: PC Tools Spyware Doctor (SDhelper) - PC Tools - C:\Program Files\Spyware Doctor\sdhelp.exe
O23 - Service: Webroot Spy Sweeper Engine (svcWRSSSDK) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe
|
Element
wzl-lid
Sinds 25/9/2004
T:37 -
R:677
|
13/1/2006 -
20:33u
| Quote
|
je mag is kijken van mij als je teveel tijd hebt..
kwil niet profiteren van je goedheid!
je bent een mens met een goed hart.
Logfile of HijackThis v1.99.1
Scan saved at 20:31:37, on 13/01/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\AVPersonal\AVWUPSRV.EXE
C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\WINDOWS\system32\cisvc.exe
C:\Program Files\CA\SharedComponents\CA_LIC\LogWatNT.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Eset\nod32krn.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\snmp.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\RunDll32.exe
C:\WINDOWS\Dit.exe
C:\WINDOWS\CNYHKey.exe
C:\Program Files\Home Cinema\PowerCinema\PCMService.exe
C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
C:\Program Files\AVPersonal\AVGNT.EXE
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe
C:\Program Files\Java\jre1.5.0_02\bin\jusched.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Eset\nod32kui.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\CursorXP\CursorXP.exe
C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe
C:\Program Files\Samurize\Client.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\Program Files\Stardock\ObjectDock\ObjectDock.exe
C:\Program Files\HP\hpcoretech\comp\hptskmgr.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Xfire\Xfire.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\hijackthis\HijackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.aldi.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.be
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.aldi.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O3 - Toolbar: &Radio - {718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\system32\msdxm.ocx
O3 - Toolbar: (no name) - {BA52B914-B692-46c4-B683-905236F6F655} - (no file)
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [Snelkoppeling naar eigenschappenvenster voor High Definition Audio] HDAudPropShortcut.exe
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [Dit] Dit.exe
O4 - HKLM\..\Run: [CHotkey] mHotkey.exe
O4 - HKLM\..\Run: [ledpointer] CNYHKey.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Home Cinema\PowerCinema\PCMService.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe
O4 - HKLM\..\Run: [DeviceDiscovery] C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
O4 - HKLM\..\Run: [AVGCtrl] "C:\Program Files\AVPersonal\AVGNT.EXE" /min
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [Zone Labs Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
O4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe" /icon
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_02\bin\jusched.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [STYLEXP] C:\Program Files\TGTSoft\StyleXP\StyleXP.exe -Hide
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKCU\..\Run: [LDM] \Program\
O4 - HKCU\..\Run: [CursorXP] C:\Program Files\CursorXP\CursorXP.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Startup: Client Default.lnk = C:\Program Files\Samurize\Client.exe
O4 - Startup: Stardock ObjectDock.lnk = C:\Program Files\Stardock\ObjectDock\ObjectDock.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: BlueSoleil.lnk = C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: SpeedTouch Dial-up (2).lnk = C:\Program Files\Alcatel\SpeedTouch USB\stdialup.exe
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res/C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Common Files\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.aldi.com
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://groups.msn.com/controls/PhotoUC/MsnPUpld.cab
O16 - DPF: {0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab32846.cab
O16 - DPF: {DA758BB1-5F89-4465-975F-8D7179A4BCF3} (WheelofFortune Object) - http://messenger.zone.msn.com/binary/WoF.cab31267.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab31267.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{426D9787-8C04-4BE2-92F8-B84D2E433E7C}: NameServer = 195.238.2.22 195.238.2.21
O18 - Protocol: bw+0 - {6D45881D-DEDD-40B9-9C3B-A77ED32A0C81} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {6D45881D-DEDD-40B9-9C3B-A77ED32A0C81} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {6D45881D-DEDD-40B9-9C3B-A77ED32A0C81} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {6D45881D-DEDD-40B9-9C3B-A77ED32A0C81} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {6D45881D-DEDD-40B9-9C3B-A77ED32A0C81} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {6D45881D-DEDD-40B9-9C3B-A77ED32A0C81} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {6D45881D-DEDD-40B9-9C3B-A77ED32A0C81} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {6D45881D-DEDD-40B9-9C3B-A77ED32A0C81} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {6D45881D-DEDD-40B9-9C3B-A77ED32A0C81} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {6D45881D-DEDD-40B9-9C3B-A77ED32A0C81} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {6D45881D-DEDD-40B9-9C3B-A77ED32A0C81} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {6D45881D-DEDD-40B9-9C3B-A77ED32A0C81} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {6D45881D-DEDD-40B9-9C3B-A77ED32A0C81} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {6D45881D-DEDD-40B9-9C3B-A77ED32A0C81} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {6D45881D-DEDD-40B9-9C3B-A77ED32A0C81} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {6D45881D-DEDD-40B9-9C3B-A77ED32A0C81} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {6D45881D-DEDD-40B9-9C3B-A77ED32A0C81} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {6D45881D-DEDD-40B9-9C3B-A77ED32A0C81} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {6D45881D-DEDD-40B9-9C3B-A77ED32A0C81} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {6D45881D-DEDD-40B9-9C3B-A77ED32A0C81} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {6D45881D-DEDD-40B9-9C3B-A77ED32A0C81} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {6D45881D-DEDD-40B9-9C3B-A77ED32A0C81} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {6D45881D-DEDD-40B9-9C3B-A77ED32A0C81} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {6D45881D-DEDD-40B9-9C3B-A77ED32A0C81} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {6D45881D-DEDD-40B9-9C3B-A77ED32A0C81} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {6D45881D-DEDD-40B9-9C3B-A77ED32A0C81} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {6D45881D-DEDD-40B9-9C3B-A77ED32A0C81} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {6D45881D-DEDD-40B9-9C3B-A77ED32A0C81} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {6D45881D-DEDD-40B9-9C3B-A77ED32A0C81} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {6D45881D-DEDD-40B9-9C3B-A77ED32A0C81} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {6D45881D-DEDD-40B9-9C3B-A77ED32A0C81} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {6D45881D-DEDD-40B9-9C3B-A77ED32A0C81} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {6D45881D-DEDD-40B9-9C3B-A77ED32A0C81} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {6D45881D-DEDD-40B9-9C3B-A77ED32A0C81} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {6D45881D-DEDD-40B9-9C3B-A77ED32A0C81} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {6D45881D-DEDD-40B9-9C3B-A77ED32A0C81} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {6D45881D-DEDD-40B9-9C3B-A77ED32A0C81} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {6D45881D-DEDD-40B9-9C3B-A77ED32A0C81} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {6D45881D-DEDD-40B9-9C3B-A77ED32A0C81} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {6D45881D-DEDD-40B9-9C3B-A77ED32A0C81} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {6D45881D-DEDD-40B9-9C3B-A77ED32A0C81} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {6D45881D-DEDD-40B9-9C3B-A77ED32A0C81} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {6D45881D-DEDD-40B9-9C3B-A77ED32A0C81} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {6D45881D-DEDD-40B9-9C3B-A77ED32A0C81} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {6D45881D-DEDD-40B9-9C3B-A77ED32A0C81} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {6D45881D-DEDD-40B9-9C3B-A77ED32A0C81} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {6D45881D-DEDD-40B9-9C3B-A77ED32A0C81} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {6D45881D-DEDD-40B9-9C3B-A77ED32A0C81} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {6D45881D-DEDD-40B9-9C3B-A77ED32A0C81} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {6D45881D-DEDD-40B9-9C3B-A77ED32A0C81} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {6D45881D-DEDD-40B9-9C3B-A77ED32A0C81} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {6D45881D-DEDD-40B9-9C3B-A77ED32A0C81} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {6D45881D-DEDD-40B9-9C3B-A77ED32A0C81} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {6D45881D-DEDD-40B9-9C3B-A77ED32A0C81} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {6D45881D-DEDD-40B9-9C3B-A77ED32A0C81} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {6D45881D-DEDD-40B9-9C3B-A77ED32A0C81} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {6D45881D-DEDD-40B9-9C3B-A77ED32A0C81} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {6D45881D-DEDD-40B9-9C3B-A77ED32A0C81} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {6D45881D-DEDD-40B9-9C3B-A77ED32A0C81} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {6D45881D-DEDD-40B9-9C3B-A77ED32A0C81} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {6D45881D-DEDD-40B9-9C3B-A77ED32A0C81} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {6D45881D-DEDD-40B9-9C3B-A77ED32A0C81} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {6D45881D-DEDD-40B9-9C3B-A77ED32A0C81} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {6D45881D-DEDD-40B9-9C3B-A77ED32A0C81} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {6D45881D-DEDD-40B9-9C3B-A77ED32A0C81} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {6D45881D-DEDD-40B9-9C3B-A77ED32A0C81} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {6D45881D-DEDD-40B9-9C3B-A77ED32A0C81} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {6D45881D-DEDD-40B9-9C3B-A77ED32A0C81} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {6D45881D-DEDD-40B9-9C3B-A77ED32A0C81} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {6D45881D-DEDD-40B9-9C3B-A77ED32A0C81} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {6D45881D-DEDD-40B9-9C3B-A77ED32A0C81} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {6D45881D-DEDD-40B9-9C3B-A77ED32A0C81} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {6D45881D-DEDD-40B9-9C3B-A77ED32A0C81} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {6D45881D-DEDD-40B9-9C3B-A77ED32A0C81} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {6D45881D-DEDD-40B9-9C3B-A77ED32A0C81} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {6D45881D-DEDD-40B9-9C3B-A77ED32A0C81} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O18 - Protocol: offline-8876480 - {6D45881D-DEDD-40B9-9C3B-A77ED32A0C81} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AntiVir Update (AVWUpSrv) - H+BEDV Datentechnik GmbH, Germany - C:\Program Files\AVPersonal\AVWUPSRV.EXE
O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
O23 - Service: CA License Client (CA_LIC_CLNT) - Computer Associates - C:\Program Files\CA\SharedComponents\CA_LIC\lic98rmt.exe
O23 - Service: CA License Server (CA_LIC_SRVR) - Computer Associates - C:\Program Files\CA\SharedComponents\CA_LIC\lic98rmtd.exe
O23 - Service: hpdj - Unknown owner - C:\DOCUME~1\MORTIE~1\LOCALS~1\Temp\hpdj.exe (file missing)
O23 - Service: Event Log Watch (LogWatch) - Computer Associates - C:\Program Files\CA\SharedComponents\CA_LIC\LogWatNT.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: StyleXPService - Unknown owner - C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
|
Darunia
wzl-lid
Sinds 18/12/2004
T:6 -
R:336
|
15/1/2006 -
12:43u
| Quote
|
Jozef hijackthislog:
Verwijder via Configuratiescherm > Software volgende zaken indien aanwezig:
messengerplus Je hebt last van de lopcom-infectie.
Open opdrachtenpromt (via Bureauaccesoires) en kopieer onderstaande code erin:
@echo off
Dir "%WinDir%\Tasks\*.job" /a /o > jobs.txt
echo.>>jobs.txt
Start jobs.txt
Exit
Nu dient er een logbestand te komen. Plaats de inhoud van dit logje hier, alsmede een nieuw hijackthislog.
|
stefnie
wzl-lid
Sinds 25/3/2005
T:0 -
R:4
|
17/1/2006 -
16:27u
| Quote
|
Heey bedankt !
hier is wat er in de log stond
(wat er onder jozef gepost stond is van mijn pc  )
De volumenaam van station C is harde schijf Stephanie
Het volumenummer is 800E-593E
Map van C:\WINDOWS\Tasks
17/01/2006 16:00 274 AE4E55EF9185C66B.job
1 bestand(en) 274 bytes
0 map(pen) 57.407.606.784 bytes beschikbaar
grtz
|
Darunia
wzl-lid
Sinds 18/12/2004
T:6 -
R:336
|
17/1/2006 -
21:21u
| Quote
|
Element hijackthislog:
Deze fixen:
O3 - Toolbar: (no name) - {BA52B914-B692-46c4-B683-905236F6F655} - (no file)
O23 - Service: hpdj - unknown owner - c:\docume~1\mortie~1\locals~1\temp\hpdj.exe (file missing)
Nieuwe log plaatsen (belangrijk!).
|
stefnie
wzl-lid
Sinds 25/3/2005
T:0 -
R:4
|
19/1/2006 -
9:06u
| Quote
|
|
moet ik die gewoon verwijderen of..?
|
Darunia
wzl-lid
Sinds 18/12/2004
T:6 -
R:336
|
19/1/2006 -
17:21u
| Quote
|
stefnie schreef:
moet ik die gewoon verwijderen of..?
Nee, dit zijn instructies voor Element. De jouwe volgen nog.
|
Darunia
wzl-lid
Sinds 18/12/2004
T:6 -
R:336
|
19/1/2006 -
17:25u
| Quote
|
Instructies Stefni:
Open een kladblokbestand en kopieer onderstaande code erin:
%systemdrive%
cd C:\WINDOWS\Tasks
attrib -r -s -h AE4E55EF9185C66B.job
del AE4E55EF9185C66B.job
Sla dit bestand op als remjobs.bat op je bureaublad. Zorg er dus voor dat bij opslaan als type 'alle bestanden' aangeduid staat.
Draai nu remjobs.bat.
Plaats terug twee nieuwe logjes (hijackthis en eentje van opdrachtpromt).
|
stefnie
wzl-lid
Sinds 25/3/2005
T:0 -
R:4
|
19/1/2006 -
19:17u
| Quote
|
ow sorry
heb kladblokbestand op bureaublad gezet, maar als ik da open
opent opdrachtprompt wel maar blijft ni staan(sluit maw) zodak kan lezen wat er staat of kopiëren .. 
|
Darunia
wzl-lid
Sinds 18/12/2004
T:6 -
R:336
|
19/1/2006 -
20:37u
| Quote
|
Dat is normaal. Voer terug deze instructies uit:
Open opdrachtenpromt (via Bureauaccesoires) en kopieer onderstaande code erin:
@echo off
Dir "%WinDir%\Tasks\*.job" /a /o > jobs.txt
echo.>>jobs.txt
Start jobs.txt
Exit
Nu dient er een logbestand te komen. Plaats de inhoud van dit logje hier, alsmede een nieuw hijackthislog.
|
stefnie
wzl-lid
Sinds 25/3/2005
T:0 -
R:4
|
22/1/2006 -
21:56u
| Quote
|
ok, merci
dees is van de opdrachtenprompt
De volumenaam van station C is harde schijf Stephanie
Het volumenummer is 800E-593E
Map van C:\WINDOWS\Tasks
en dees van hijack
Logfile of HijackThis v1.99.1
Scan saved at 21:55:15, on 22/01/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\INF\MSI\SlowDownCPU\SlowDownCPU.exe
C:\WINDOWS\system32\VTTimer.exe
C:\Program Files\Microsoft Hardware\Keyboard\type32.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\CA\eTrust\InoculateIT\realmon.exe
C:\Program Files\CA\eTrust\InoculateIT\InoRpc.exe
C:\Program Files\CA\eTrust\InoculateIT\InoRT.exe
C:\Program Files\CA\eTrust\InoculateIT\InoTask.exe
C:\WINDOWS\LogWatNT.exe
C:\Program Files\Eset\nod32krn.exe
C:\Program Files\Spyware Doctor\sdhelp.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Stefnie\Bureaublad\Hijack\hijackthis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.tbgfeqcnqivrtwommznyo.com/tQN07D23ZR0MS9ElsNGaOob2NKSVdB37Z2zMvL1qUNima9ZTRqTcdyrufvCc/wsG.html
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.be/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O4 - HKLM\..\Run: [SlowDownCPU] C:\WINDOWS\INF\MSI\SlowDownCPU\SlowDownCPU.exe
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [IntelliType] "C:\Program Files\Microsoft Hardware\Keyboard\type32.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [Realtime Monitor] "C:\Program Files\CA\eTrust\InoculateIT\realmon.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O8 - Extra context menu item: E&xport to Microsoft Excel - res/C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\PROGRA~1\SPYWAR~2\tools\iesdpb.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Common Files\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://spaces.msn.com//PhotoUpload/MsnPUpld.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - Winlogon Notify: WRNotifier - C:\WINDOWS\SYSTEM32\WRLogonNTF.dll
O23 - Service: eTrust InoculateIT RPC Server (InoRPC) - Computer Associates International, Inc. - C:\Program Files\CA\eTrust\InoculateIT\InoRpc.exe
O23 - Service: eTrust InoculateIT Realtime Server (InoRT) - Computer Associates International, Inc. - C:\Program Files\CA\eTrust\InoculateIT\InoRT.exe
O23 - Service: eTrust InoculateIT Job Server (InoTask) - Computer Associates International, Inc. - C:\Program Files\CA\eTrust\InoculateIT\InoTask.exe
O23 - Service: Event Log Watch (LogWatch) - Unknown owner - C:\WINDOWS\LogWatNT.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
O23 - Service: PC Tools Spyware Doctor (SDhelper) - PC Tools - C:\Program Files\Spyware Doctor\sdhelp.exe
O23 - Service: Webroot Spy Sweeper Engine (svcWRSSSDK) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe
|
Darunia
wzl-lid
Sinds 18/12/2004
T:6 -
R:336
|
28/1/2006 -
17:06u
| Quote
|
|
Nog problemen Stefni?
|
Element
wzl-lid
Sinds 25/9/2004
T:37 -
R:677
|
30/1/2006 -
8:59u
| Quote
|
Logfile of HijackThis v1.99.1
Scan saved at 8:58:33, on 30/01/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\AVPersonal\AVWUPSRV.EXE
C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\WINDOWS\system32\cisvc.exe
C:\Program Files\CA\SharedComponents\CA_LIC\LogWatNT.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\snmp.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\RunDll32.exe
C:\WINDOWS\Dit.exe
C:\WINDOWS\mHotkey.exe
C:\WINDOWS\CNYHKey.exe
C:\Program Files\Home Cinema\PowerCinema\PCMService.exe
C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
C:\Program Files\AVPersonal\AVGNT.EXE
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe
C:\Program Files\Java\jre1.5.0_02\bin\jusched.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Messenger\msmsgs.exe
C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
C:\Program Files\CursorXP\CursorXP.exe
C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe
C:\Program Files\Stardock\ObjectDock\ObjectDock.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\Program Files\HP\hpcoretech\comp\hptskmgr.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\hijackthis\HijackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.aldi.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.be
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.aldi.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [Snelkoppeling naar eigenschappenvenster voor High Definition Audio] HDAudPropShortcut.exe
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [Dit] Dit.exe
O4 - HKLM\..\Run: [CHotkey] mHotkey.exe
O4 - HKLM\..\Run: [ledpointer] CNYHKey.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Home Cinema\PowerCinema\PCMService.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe
O4 - HKLM\..\Run: [DeviceDiscovery] C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
O4 - HKLM\..\Run: [AVGCtrl] "C:\Program Files\AVPersonal\AVGNT.EXE" /min
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe" /icon
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_02\bin\jusched.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Zone Labs Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [STYLEXP] C:\Program Files\TGTSoft\StyleXP\StyleXP.exe -Hide
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKCU\..\Run: [LDM] \Program\
O4 - HKCU\..\Run: [CursorXP] C:\Program Files\CursorXP\CursorXP.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Startup: Stardock ObjectDock.lnk = C:\Program Files\Stardock\ObjectDock\ObjectDock.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: BlueSoleil.lnk = C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: SpeedTouch Dial-up (2).lnk = C:\Program Files\Alcatel\SpeedTouch USB\stdialup.exe
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res/C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Common Files\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.aldi.com
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://groups.msn.com/controls/PhotoUC/MsnPUpld.cab
O16 - DPF: {0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab32846.cab
O16 - DPF: {DA758BB1-5F89-4465-975F-8D7179A4BCF3} (WheelofFortune Object) - http://messenger.zone.msn.com/binary/WoF.cab31267.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab31267.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{426D9787-8C04-4BE2-92F8-B84D2E433E7C}: NameServer = 195.238.2.22 195.238.2.21
O18 - Protocol: bw+0 - {6D45881D-DEDD-40B9-9C3B-A77ED32A0C81} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {6D45881D-DEDD-40B9-9C3B-A77ED32A0C81} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {6D45881D-DEDD-40B9-9C3B-A77ED32A0C81} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {6D45881D-DEDD-40B9-9C3B-A77ED32A0C81} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {6D45881D-DEDD-40B9-9C3B-A77ED32A0C81} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {6D45881D-DEDD-40B9-9C3B-A77ED32A0C81} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {6D45881D-DEDD-40B9-9C3B-A77ED32A0C81} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {6D45881D-DEDD-40B9-9C3B-A77ED32A0C81} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {6D45881D-DEDD-40B9-9C3B-A77ED32A0C81} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {6D45881D-DEDD-40B9-9C3B-A77ED32A0C81} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {6D45881D-DEDD-40B9-9C3B-A77ED32A0C81} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {6D45881D-DEDD-40B9-9C3B-A77ED32A0C81} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {6D45881D-DEDD-40B9-9C3B-A77ED32A0C81} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {6D45881D-DEDD-40B9-9C3B-A77ED32A0C81} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {6D45881D-DEDD-40B9-9C3B-A77ED32A0C81} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {6D45881D-DEDD-40B9-9C3B-A77ED32A0C81} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {6D45881D-DEDD-40B9-9C3B-A77ED32A0C81} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {6D45881D-DEDD-40B9-9C3B-A77ED32A0C81} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {6D45881D-DEDD-40B9-9C3B-A77ED32A0C81} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {6D45881D-DEDD-40B9-9C3B-A77ED32A0C81} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {6D45881D-DEDD-40B9-9C3B-A77ED32A0C81} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {6D45881D-DEDD-40B9-9C3B-A77ED32A0C81} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {6D45881D-DEDD-40B9-9C3B-A77ED32A0C81} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {6D45881D-DEDD-40B9-9C3B-A77ED32A0C81} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {6D45881D-DEDD-40B9-9C3B-A77ED32A0C81} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {6D45881D-DEDD-40B9-9C3B-A77ED32A0C81} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {6D45881D-DEDD-40B9-9C3B-A77ED32A0C81} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {6D45881D-DEDD-40B9-9C3B-A77ED32A0C81} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {6D45881D-DEDD-40B9-9C3B-A77ED32A0C81} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {6D45881D-DEDD-40B9-9C3B-A77ED32A0C81} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {6D45881D-DEDD-40B9-9C3B-A77ED32A0C81} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {6D45881D-DEDD-40B9-9C3B-A77ED32A0C81} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {6D45881D-DEDD-40B9-9C3B-A77ED32A0C81} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {6D45881D-DEDD-40B9-9C3B-A77ED32A0C81} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {6D45881D-DEDD-40B9-9C3B-A77ED32A0C81} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {6D45881D-DEDD-40B9-9C3B-A77ED32A0C81} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {6D45881D-DEDD-40B9-9C3B-A77ED32A0C81} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {6D45881D-DEDD-40B9-9C3B-A77ED32A0C81} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {6D45881D-DEDD-40B9-9C3B-A77ED32A0C81} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {6D45881D-DEDD-40B9-9C3B-A77ED32A0C81} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {6D45881D-DEDD-40B9-9C3B-A77ED32A0C81} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {6D45881D-DEDD-40B9-9C3B-A77ED32A0C81} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {6D45881D-DEDD-40B9-9C3B-A77ED32A0C81} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {6D45881D-DEDD-40B9-9C3B-A77ED32A0C81} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {6D45881D-DEDD-40B9-9C3B-A77ED32A0C81} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {6D45881D-DEDD-40B9-9C3B-A77ED32A0C81} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {6D45881D-DEDD-40B9-9C3B-A77ED32A0C81} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {6D45881D-DEDD-40B9-9C3B-A77ED32A0C81} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {6D45881D-DEDD-40B9-9C3B-A77ED32A0C81} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {6D45881D-DEDD-40B9-9C3B-A77ED32A0C81} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {6D45881D-DEDD-40B9-9C3B-A77ED32A0C81} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {6D45881D-DEDD-40B9-9C3B-A77ED32A0C81} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {6D45881D-DEDD-40B9-9C3B-A77ED32A0C81} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {6D45881D-DEDD-40B9-9C3B-A77ED32A0C81} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {6D45881D-DEDD-40B9-9C3B-A77ED32A0C81} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {6D45881D-DEDD-40B9-9C3B-A77ED32A0C81} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {6D45881D-DEDD-40B9-9C3B-A77ED32A0C81} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {6D45881D-DEDD-40B9-9C3B-A77ED32A0C81} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {6D45881D-DEDD-40B9-9C3B-A77ED32A0C81} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {6D45881D-DEDD-40B9-9C3B-A77ED32A0C81} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {6D45881D-DEDD-40B9-9C3B-A77ED32A0C81} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {6D45881D-DEDD-40B9-9C3B-A77ED32A0C81} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {6D45881D-DEDD-40B9-9C3B-A77ED32A0C81} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {6D45881D-DEDD-40B9-9C3B-A77ED32A0C81} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {6D45881D-DEDD-40B9-9C3B-A77ED32A0C81} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {6D45881D-DEDD-40B9-9C3B-A77ED32A0C81} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {6D45881D-DEDD-40B9-9C3B-A77ED32A0C81} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {6D45881D-DEDD-40B9-9C3B-A77ED32A0C81} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {6D45881D-DEDD-40B9-9C3B-A77ED32A0C81} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {6D45881D-DEDD-40B9-9C3B-A77ED32A0C81} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {6D45881D-DEDD-40B9-9C3B-A77ED32A0C81} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {6D45881D-DEDD-40B9-9C3B-A77ED32A0C81} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {6D45881D-DEDD-40B9-9C3B-A77ED32A0C81} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {6D45881D-DEDD-40B9-9C3B-A77ED32A0C81} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {6D45881D-DEDD-40B9-9C3B-A77ED32A0C81} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {6D45881D-DEDD-40B9-9C3B-A77ED32A0C81} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O18 - Protocol: offline-8876480 - {6D45881D-DEDD-40B9-9C3B-A77ED32A0C81} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AntiVir Update (AVWUpSrv) - H+BEDV Datentechnik GmbH, Germany - C:\Program Files\AVPersonal\AVWUPSRV.EXE
O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
O23 - Service: CA License Client (CA_LIC_CLNT) - Computer Associates - C:\Program Files\CA\SharedComponents\CA_LIC\lic98rmt.exe
O23 - Service: CA License Server (CA_LIC_SRVR) - Computer Associates - C:\Program Files\CA\SharedComponents\CA_LIC\lic98rmtd.exe
O23 - Service: Event Log Watch (LogWatch) - Computer Associates - C:\Program Files\CA\SharedComponents\CA_LIC\LogWatNT.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: StyleXPService - Unknown owner - C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
voila  en kan ik de 018'en van logitech wegdoen?
Laatst aangepast door
Element
op 30/01/2006 9:00:05u
(1x aangepast)
|
D3ton8oR
Stella-man
Sinds 15/10/2003
T:32 -
R:1581
|
30/1/2006 -
10:56u
| Quote
|
Kunde es checken plz (as ge tijd hebt)
Logfile of HijackThis v1.99.0
Scan saved at 10:52:18, on 30/01/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\TELENE~1\backweb\3638286\Program\SERVIC~1.EXE
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\WINDOWS\Dit.exe
C:\Program Files\telenet internet security pack\Anti-Virus\fsgk32st.exe
C:\Program Files\telenet internet security pack\backweb\3638286\Program\fspex.exe
C:\Program Files\telenet internet security pack\Anti-Virus\FSGK32.EXE
C:\WINDOWS\mHotkey.exe
C:\Program Files\telenet internet security pack\backweb\3638286\program\fsbwsys.exe
C:\Program Files\telenet internet security pack\Common\FSMA32.EXE
C:\WINDOWS\CNYHKey.exe
C:\Program Files\telenet internet security pack\Anti-Virus\fssm32.exe
C:\Program Files\Home Cinema\PowerCinema\PCMService.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\telenet internet security pack\Common\FSMB32.EXE
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\telenet internet security pack\Common\FSM32.EXE
C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\ATI Multimedia\main\ATIDtct.EXE
C:\Program Files\telenet internet security pack\Common\FCH32.EXE
C:\WINDOWS\System32\svchost.exe
C:\Program Files\telenet internet security pack\Common\FAMEH32.EXE
C:\Program Files\telenet internet security pack\FSPC\fspc.exe
C:\Program Files\telenet internet security pack\Anti-Virus\fsrw.exe
C:\Program Files\telenet internet security pack\Anti-Virus\fsav32.exe
c:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exe
C:\Program Files\qliner\HotKeys\HotKeys.exe
C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
C:\Program Files\telenet internet security pack\FWES\Program\fsdfwd.exe
C:\PROGRA~1\TELENE~1\ANTI-S~1\fsaw.exe
C:\Program Files\telenet internet security pack\FSGUI\fsguidll.exe
C:\Program Files\Gamers.IRC\mirc.exe
C:\Program Files\telenet internet security pack\FSGUI\fsavgui.exe
C:\Program Files\PowerArchiver\POWERARC.EXE
C:\DOCUME~1\Nicola\LOCALS~1\Temp\_PA560\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.hln.be/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.aldi.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.wzl.be/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {4E7BD74F-2B8D-469E-DCF7-F96DA086B434} - (no file)
O2 - BHO: LinkTracker Class - {6A6E50DC-BFA8-4B40-AB1B-159E03E829FD} - C:\WINDOWS\system32\lmf32v.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.4000.1001\nl-be\msntb.dll
O2 - BHO: CoTGT_BHO Class - {C333CF63-767F-4831-94AC-E683D962C63C} - C:\Program Files\TGTSoft\StyleXP\TGT_BHO.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.4000.1001\nl-be\msntb.dll
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [Dit] Dit.exe
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [CHotkey] mHotkey.exe
O4 - HKLM\..\Run: [ledpointer] CNYHKey.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Home Cinema\PowerCinema\PCMService.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [winshost.exe] C:\WINDOWS\system32\winshost.exe
O4 - HKLM\..\Run: [Babylon Client] C:\Program Files\Babylon\Babylon.exe -AutoStart
O4 - HKLM\..\Run: [firewall_anti] C:\WINDOWS\firewall_anti.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [xhrmy] C:\WINDOWS\Xhrmy.exe
O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\telenet internet security pack\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\telenet internet security pack\TNB\TNBUtil.exe" /CHECKALL /WAITFORSW
O4 - HKLM\..\Run: [F-Secure Startup Wizard] "C:\Program Files\telenet internet security pack\FSGUI\FSSW.EXE" /reboot
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
O4 - HKLM\..\Run: [Share-to-Web Namespace Daemon] c:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [STYLEXP] C:\Program Files\TGTSoft\StyleXP\StyleXP.exe -Hide
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [winshost.exe] C:\WINDOWS\system32\winshost.exe
O4 - HKCU\..\Run: [ATI Launchpad] "C:\Program Files\ATI Multimedia\main\launchpd.exe"
O4 - HKCU\..\Run: [ATI DeviceDetect] C:\Program Files\ATI Multimedia\main\ATIDtct.EXE
O4 - Startup: HotKeys.lnk = ?
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: GStartup.lnk = C:\Program Files\Common Files\GMT\GMT.exe
O8 - Extra context menu item: &Add animation to IncrediMail Style Box - C:\PROGRA~1\INCRED~1\bin\resources\WebMenuImg.htm
O8 - Extra context menu item: &Deze pop-up blokkeren - C:\Program Files\telenet internet security pack\Anti-Spyware\blockpopups.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res/C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res/C:\PROGRA~1\MICROS~4\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra button: Webfilter - {200DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\telenet internet security pack\FSPC\fspcmsie.dll
O9 - Extra button: (no name) - {200DB664-75B5-47c0-8B45-A44ACCF73F01} - C:\Program Files\telenet internet security pack\FSPC\fspcmsie.dll
O9 - Extra 'Tools' menuitem: Webfilter - {200DB664-75B5-47c0-8B45-A44ACCF73F01} - C:\Program Files\telenet internet security pack\FSPC\fspcmsie.dll
O9 - Extra button: (no name) - {200DB664-75B5-47c0-8B45-A44ACCF73F02} - C:\Program Files\telenet internet security pack\FSPC\fspcmsie.dll
O9 - Extra 'Tools' menuitem: Webpaginafilter tijdelijk uit - {200DB664-75B5-47c0-8B45-A44ACCF73F02} - C:\Program Files\telenet internet security pack\FSPC\fspcmsie.dll
O9 - Extra button: (no name) - {200DB664-75B5-47c0-8B45-A44ACCF73F03} - C:\Program Files\telenet internet security pack\FSPC\fspcmsie.dll
O9 - Extra 'Tools' menuitem: Deze website &weigeren - {200DB664-75B5-47c0-8B45-A44ACCF73F03} - C:\Program Files\telenet internet security pack\FSPC\fspcmsie.dll
O9 - Extra button: (no name) - {200DB664-75B5-47c0-8B45-A44ACCF73F04} - C:\Program Files\telenet internet security pack\FSPC\fspcmsie.dll
O9 - Extra 'Tools' menuitem: Deze website &toestaan - {200DB664-75B5-47c0-8B45-A44ACCF73F04} - C:\Program Files\telenet internet security pack\FSPC\fspcmsie.dll
O9 - Extra button: IE-shield - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\telenet internet security pack\Anti-Spyware\ieshield.dll
O9 - Extra 'Tools' menuitem: IE-shield... - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\telenet internet security pack\Anti-Spyware\ieshield.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {CD67F990-D9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O9 - Extra button: Flash Decompiler SWF Capture tool - {86B4FC19-8FA4-4FD3-B243-9AEDB42FA2D5} - C:\PROGRA~1\ELTIMA~1\FLASHD~1\iebt.dll (HKCU)
O9 - Extra 'Tools' menuitem: Flash Decompiler SWF Capture tool menu - {86B4FC19-8FA4-4FD3-B243-9AEDB42FA2D5} - C:\PROGRA~1\ELTIMA~1\FLASHD~1\iebt.dll (HKCU)
O10 - Broken Internet access because of LSP provider 'winsflt.dll' missing
O14 - IERESET.INF: START_PAGE_URL=http://www.aldi.com
O16 - DPF: Dexia netbanking - http://netbanking.dexia.be/PC//Dynamic/Shared/Applet//DexiaIIA.cab
O16 - DPF: RaptisoftGameLoader - http://www.raptisoft.com/webgames/raptisoftgameloader.cab
O16 - DPF: {288C5F13-7E52-4ADA-A32E-F5BF9D125F98} (CR64Loader Object) - http://www.miniclip.com/inflaterball/miniclipGameLoader.dll
O16 - DPF: {288C5F13-7E52-4ADA-A32E-F5BF9D125F99} (CR64Loader Object) - http://www.miniclip.com/inflaterball/miniclipGameLoader.dll
O16 - DPF: {35B7E48B-9D81-4C6C-9578-5FD4F620D886} - https/www.marketscore.com/Config/setup.exe
O16 - DPF: {3A7FE611-1994-4EF1-A09F-99456752289D} (WildTangent Active Launcher) - http://install.wildtangent.com/ActiveLauncher/ActiveLauncher.cab
O16 - DPF: {3E90FFF5-1347-45B9-91F6-DA47926E9697} (PlaNet SysInfo Agent) - http://www.telenet.be/sys/tisp/ocx/PlaNetSysInfo.cab
O16 - DPF: {4D7F48C0-CB49-4EA6-97D4-04F4EACC2F3B} - http://sib1.od2.com/common/Member/ClientInstall/10.20.0002/OCI/setup.exe
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://software-dl.real.com/23b2b94751f7cd2f3306/netzip/RdxIE601.cab
O16 - DPF: {0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {AB86CE53-AC9F-449F-9399-D8ABCA09EC09} (Get_ActiveX Control) - https/h17000.www1.hp.com/ewfrf-JAVA/Secure/HPGetDownloadManager.ocx
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game15.zylomgames.com/activex/zylomgamesplayer.cab
O16 - DPF: {C4925E65-7A1E-11D2-8BB4-00A0C9CC72C3} (Virtools WebPlayer Class) - http://a532.g.akamai.net/f/532/6712/4h/player.virtools.com/downloads/player/Install3.5/Installer.exe
O16 - DPF: {D54160C3-DB7B-4534-9B65-190EE4A9C7F7} (SproutLauncherCtrl Class) - http://real.gamehouse.com/real/games/SproutLauncher.cab
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://www.popcap.com/games/popcaploader_v6.cab
O16 - DPF: {E87F6C-16C0-11D3-BEF7-009027438003} (Persits Software XUpload) - http://asp07.photoprintit.de/microsite/1287/defaults/activex/XUpload.ocx
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab31267.cab
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04FC294} - c:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O18 - Filter: text/html - {DFAA31C8-A356-4313-9D95-5EDAB46C5070} - C:\WINDOWS\system32\lmf32v.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Telenet Internet Security Pack - Unknown - C:\PROGRA~1\TELENE~1\backweb\3638286\Program\SERVIC~1.EXE
O23 - Service: F-Secure Gatekeeper Handler Starter - Unknown - C:\Program Files\telenet internet security pack\Anti-Virus\fsgk32st.exe
O23 - Service: fsbwsys - Unknown - C:\Program Files\telenet internet security pack\backweb\3638286\program\fsbwsys.exe
O23 - Service: F-Secure Anti-Virus Firewall Daemon - F-Secure Corporation - C:\Program Files\telenet internet security pack\FWES\Program\fsdfwd.exe
O23 - Service: F-Secure HTTP Server - F-Secure Corporation - C:\Program Files\telenet internet security pack\FSPC\fshttps\fshttps.exe
O23 - Service: FSMA - F-Secure Corporation - C:\Program Files\telenet internet security pack\Common\FSMA32.EXE
O23 - Service: StyleXPService - Unknown - C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
O23 - Service: X10 Device Network Service - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
|
Darunia
wzl-lid
Sinds 18/12/2004
T:6 -
R:336
|
30/1/2006 -
19:34u
| Quote
|
@ Stefnie:
Deze nog fixen, pc heropstarten en nieuwe log plaatsen.
R1 - hkcu\software\microsoft\internet explorer\main,search bar = http://www.tbgfeqcnqivrtwommznyo.com/tqn07d23zr0ms9elsngaoob2nksvdb37z2zmvl1qunima9ztrqtcdyrufvcc/wsg.html
|
Darunia
wzl-lid
Sinds 18/12/2004
T:6 -
R:336
|
30/1/2006 -
19:37u
| Quote
|
@ D3ton8oR
Download even de nieuwste versie van hijackthis (1.99.1) en plaats een nieuwe log.
|
D3ton8oR
Stella-man
Sinds 15/10/2003
T:32 -
R:1581
|
31/1/2006 -
16:18u
| Quote
|
Woops, sorry Hier is em
Logfile of HijackThis v1.99.1
Scan saved at 16:17:17, on 31/01/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\telenet internet security pack\Anti-Virus\fsgk32st.exe
C:\Program Files\telenet internet security pack\Anti-Virus\FSGK32.EXE
C:\Program Files\telenet internet security pack\Anti-Virus\fssm32.exe
C:\Program Files\telenet internet security pack\Common\FSMA32.EXE
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\WINDOWS\Dit.exe
C:\WINDOWS\mHotkey.exe
C:\WINDOWS\CNYHKey.exe
C:\Program Files\Home Cinema\PowerCinema\PCMService.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
C:\Program Files\TGTSoft\StyleXP\StyleXP.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\ATI Multimedia\main\ATIDtct.EXE
c:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exe
C:\Program Files\qliner\HotKeys\HotKeys.exe
C:\Program Files\telenet internet security pack\Common\FSLAUNCHER0.EXE
C:\Program Files\Gamers.IRC\mirc.exe
C:\Program Files\Steam\Steam.exe
C:\Program Files\Teamspeak2_RC2\TeamSpeak.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
c:\wamp\wampserver.exe
c:\wamp\apache2\bin\Apache.exe
C:\wamp\apache2\bin\Apache.exe
c:\wamp\mysql\bin\mysqld-nt.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\DOCUME~1\Nicola\LOCALS~1\Temp\_PA129\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.hln.be/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.aldi.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.wzl.be/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {4E7BD74F-2B8D-469E-DCF7-F96DA086B434} - (no file)
O2 - BHO: LinkTracker Class - {6A6E50DC-BFA8-4B40-AB1B-159E03E829FD} - C:\WINDOWS\system32\lmf32v.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.4000.1001\nl-be\msntb.dll
O2 - BHO: CoTGT_BHO Class - {C333CF63-767F-4831-94AC-E683D962C63C} - C:\Program Files\TGTSoft\StyleXP\TGT_BHO.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.4000.1001\nl-be\msntb.dll
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [Dit] Dit.exe
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [CHotkey] mHotkey.exe
O4 - HKLM\..\Run: [ledpointer] CNYHKey.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Home Cinema\PowerCinema\PCMService.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [winshost.exe] C:\WINDOWS\system32\winshost.exe
O4 - HKLM\..\Run: [Babylon Client] C:\Program Files\Babylon\Babylon.exe -AutoStart
O4 - HKLM\..\Run: [firewall_anti] C:\WINDOWS\firewall_anti.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [xhrmy] C:\WINDOWS\Xhrmy.exe
O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\telenet internet security pack\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\telenet internet security pack\TNB\TNBUtil.exe" /CHECKALL /WAITFORSW
O4 - HKLM\..\Run: [F-Secure Startup Wizard] "C:\Program Files\telenet internet security pack\FSGUI\FSSW.EXE" /reboot
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
O4 - HKLM\..\Run: [Share-to-Web Namespace Daemon] c:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [STYLEXP] C:\Program Files\TGTSoft\StyleXP\StyleXP.exe -Hide
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [winshost.exe] C:\WINDOWS\system32\winshost.exe
O4 - HKCU\..\Run: [ATI Launchpad] "C:\Program Files\ATI Multimedia\main\launchpd.exe"
O4 - HKCU\..\Run: [ATI DeviceDetect] C:\Program Files\ATI Multimedia\main\ATIDtct.EXE
O4 - Startup: HotKeys.lnk = ?
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: GStartup.lnk = C:\Program Files\Common Files\GMT\GMT.exe
O8 - Extra context menu item: &Add animation to IncrediMail Style Box - C:\PROGRA~1\INCRED~1\bin\resources\WebMenuImg.htm
O8 - Extra context menu item: &Deze pop-up blokkeren - C:\Program Files\telenet internet security pack\Anti-Spyware\blockpopups.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res/C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res/C:\PROGRA~1\MICROS~4\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra button: Webfilter - {200DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\telenet internet security pack\FSPC\fspcmsie.dll
O9 - Extra button: (no name) - {200DB664-75B5-47c0-8B45-A44ACCF73F01} - C:\Program Files\telenet internet security pack\FSPC\fspcmsie.dll
O9 - Extra 'Tools' menuitem: Webfilter - {200DB664-75B5-47c0-8B45-A44ACCF73F01} - C:\Program Files\telenet internet security pack\FSPC\fspcmsie.dll
O9 - Extra button: (no name) - {200DB664-75B5-47c0-8B45-A44ACCF73F02} - C:\Program Files\telenet internet security pack\FSPC\fspcmsie.dll
O9 - Extra 'Tools' menuitem: Webpaginafilter tijdelijk uit - {200DB664-75B5-47c0-8B45-A44ACCF73F02} - C:\Program Files\telenet internet security pack\FSPC\fspcmsie.dll
O9 - Extra button: (no name) - {200DB664-75B5-47c0-8B45-A44ACCF73F03} - C:\Program Files\telenet internet security pack\FSPC\fspcmsie.dll
O9 - Extra 'Tools' menuitem: Deze website &weigeren - {200DB664-75B5-47c0-8B45-A44ACCF73F03} - C:\Program Files\telenet internet security pack\FSPC\fspcmsie.dll
O9 - Extra button: (no name) - {200DB664-75B5-47c0-8B45-A44ACCF73F04} - C:\Program Files\telenet internet security pack\FSPC\fspcmsie.dll
O9 - Extra 'Tools' menuitem: Deze website &toestaan - {200DB664-75B5-47c0-8B45-A44ACCF73F04} - C:\Program Files\telenet internet security pack\FSPC\fspcmsie.dll
O9 - Extra button: IE-shield - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\telenet internet security pack\Anti-Spyware\ieshield.dll
O9 - Extra 'Tools' menuitem: IE-shield... - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\telenet internet security pack\Anti-Spyware\ieshield.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {CD67F990-D9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O9 - Extra button: Flash Decompiler SWF Capture tool - {86B4FC19-8FA4-4FD3-B243-9AEDB42FA2D5} - C:\PROGRA~1\ELTIMA~1\FLASHD~1\iebt.dll (HKCU)
O9 - Extra 'Tools' menuitem: Flash Decompiler SWF Capture tool menu - {86B4FC19-8FA4-4FD3-B243-9AEDB42FA2D5} - C:\PROGRA~1\ELTIMA~1\FLASHD~1\iebt.dll (HKCU)
O10 - Broken Internet access because of LSP provider 'winsflt.dll' missing
O14 - IERESET.INF: START_PAGE_URL=http://www.aldi.com
O16 - DPF: Dexia netbanking - http://netbanking.dexia.be/PC//Dynamic/Shared/Applet//DexiaIIA.cab
O16 - DPF: RaptisoftGameLoader - http://www.raptisoft.com/webgames/raptisoftgameloader.cab
O16 - DPF: {288C5F13-7E52-4ADA-A32E-F5BF9D125F98} (CR64Loader Object) - http://www.miniclip.com/inflaterball/miniclipGameLoader.dll
O16 - DPF: {288C5F13-7E52-4ADA-A32E-F5BF9D125F99} (CR64Loader Object) - http://www.miniclip.com/inflaterball/miniclipGameLoader.dll
O16 - DPF: {35B7E48B-9D81-4C6C-9578-5FD4F620D886} - https/www.marketscore.com/Config/setup.exe
O16 - DPF: {3A7FE611-1994-4EF1-A09F-99456752289D} (WildTangent Active Launcher) - http://install.wildtangent.com/ActiveLauncher/ActiveLauncher.cab
O16 - DPF: {3E90FFF5-1347-45B9-91F6-DA47926E9697} (PlaNet SysInfo Agent) - http://www.telenet.be/sys/tisp/ocx/PlaNetSysInfo.cab
O16 - DPF: {4D7F48C0-CB49-4EA6-97D4-04F4EACC2F3B} - http://sib1.od2.com/common/Member/ClientInstall/10.20.0002/OCI/setup.exe
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://software-dl.real.com/23b2b94751f7cd2f3306/netzip/RdxIE601.cab
O16 - DPF: {0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {AB86CE53-AC9F-449F-9399-D8ABCA09EC09} (Get_ActiveX Control) - https/h17000.www1.hp.com/ewfrf-JAVA/Secure/HPGetDownloadManager.ocx
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game15.zylomgames.com/activex/zylomgamesplayer.cab
O16 - DPF: {C4925E65-7A1E-11D2-8BB4-00A0C9CC72C3} (Virtools WebPlayer Class) - http://a532.g.akamai.net/f/532/6712/4h/player.virtools.com/downloads/player/Install3.5/Installer.exe
O16 - DPF: {D54160C3-DB7B-4534-9B65-190EE4A9C7F7} (SproutLauncherCtrl Class) - http://real.gamehouse.com/real/games/SproutLauncher.cab
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://www.popcap.com/games/popcaploader_v6.cab
O16 - DPF: {E87F6C-16C0-11D3-BEF7-009027438003} (Persits Software XUpload) - http://asp07.photoprintit.de/microsite/1287/defaults/activex/XUpload.ocx
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab31267.cab
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04FC294} - c:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O18 - Filter: text/html - {DFAA31C8-A356-4313-9D95-5EDAB46C5070} - C:\WINDOWS\system32\lmf32v.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Telenet Internet Security Pack (BackWeb Plug-in - 3638286) - Unknown owner - C:\PROGRA~1\TELENE~1\backweb\3638286\Program\SERVIC~1.EXE
O23 - Service: F-Secure Gatekeeper Handler Starter - F-Secure Corp. - C:\Program Files\telenet internet security pack\Anti-Virus\fsgk32st.exe
O23 - Service: fsbwsys - F-Secure Corp. - C:\Program Files\telenet internet security pack\backweb\3638286\program\fsbwsys.exe
O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\telenet internet security pack\FWES\Program\fsdfwd.exe
O23 - Service: F-Secure HTTP Server (fshttps) - F-Secure Corporation - C:\Program Files\telenet internet security pack\FSPC\fshttps\fshttps.exe
O23 - Service: FSMA - F-Secure Corporation - C:\Program Files\telenet internet security pack\Common\FSMA32.EXE
O23 - Service: StyleXPService - Unknown owner - C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
O23 - Service: wampapache - Unknown owner - c:\wamp\apache2\bin\Apache.exe" -k runservice (file missing)
O23 - Service: wampmysqld - Unknown owner - c:\wamp\mysql\bin\mysqld-nt.exe
O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
|
Darunia
wzl-lid
Sinds 18/12/2004
T:6 -
R:336
|
2/2/2006 -
15:55u
| Quote
|
Element schreef:
kan ik de 018'en van logitech wegdoen?
Zijn niet schadelijk. Als je de desktop logitech messenger niet gebruikt, mag je ze wegdoen. Nog beter is het hele goedje te deïnstalleren vanuit configuratiescherm > software. Als je het progje wel gebruikt, laat je alles staan.
Pc is clean alleszins. Houden zo! 
|
Darunia
wzl-lid
Sinds 18/12/2004
T:6 -
R:336
|
9/2/2006 -
17:46u
| Quote
|
@ D3ton8oR -> je instructies in nieuw topic geplaatst, anders kan ik er niet meer aan uit.
|
DenBertrand
wzl-lid
Sinds 11/1/2006
T:2 -
R:50
|
10/2/2006 -
14:58u
| Quote
|
messengerplus Je hebt last van de lopcom-infectie. Waar haal je dat eigenlijk vandaan?
|
