Op deze website gebruiken we cookies om content en advertenties te personaliseren, om functies voor social media te bieden en om ons websiteverkeer te analyseren. Ook delen we informatie over uw gebruik van onze site met onze partners voor social media, adverteren en analyse. Deze partners kunnen deze gegevens combineren met andere informatie die u aan ze heeft verstrekt of die ze hebben verzameld op basis van uw gebruik van hun services. Meer informatie.

Akkoord

Vraag & Antwoord

Beveiliging & privacy

problemen

chimpie
10 antwoorden
  • hai, mijn pc vertoond vreemde kuren: mijn bureaubladachtergrond verschijnt direct na het opstarten maar zodra alle pictogrammen te zien zij is het bureaublad ineens grijs, mijn toetsenbord valt uit, evenals mijn muis. verdachte dingen nietwaar? iemand enig idee hoe dit kan komen? onlangs geinstalleerde programma's zijn live messenger en google earth.. verder geen gekke dingen gedaan, en alle scanners (mcafee, adaware, defender) vinden niets.. bvd dennis!
  • dat kan verschillende oorzaak hebben, met een HJT logje zie ik meer.

    wil je die hier downloaden en hier een hijackthislogje plaatsen aub.

    J :wink:
  • tuurlijk komt 'ie!


    Logfile of HijackThis v1.99.1
    Scan saved at 18:54:19, on 9-11-2006
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Windows Defender\MsMpEng.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Dell Photo AIO Printer 922\dlbtbmgr.exe
    C:\WINDOWS\system32\rundll32.exe
    C:\WINDOWS\system32\LVCOMSX.EXE
    C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
    C:\WINDOWS\system32\hkcmd.exe
    C:\WINDOWS\system32\igfxpers.exe
    C:\Program Files\Analog Devices\Core\smax4pnp.exe
    C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe
    C:\Program Files\QuickTime\qttask.exe
    C:\PROGRA~1\mcafee.com\agent\mcagent.exe
    C:\Program Files\Dell Photo AIO Printer 922\dlbtbmon.exe
    C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe
    C:\Program Files\McAfee.com\VSO\mcvsshld.exe
    C:\Program Files\McAfee.com\VSO\oasclnt.exe
    C:\Program Files\Windows Defender\MSASCui.exe
    C:\PROGRA~1\MEDIAK~1\MagicKey.exe
    C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE
    C:\Program Files\MSN Messenger\msnmsgr.exe
    C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe
    C:\PROGRA~1\MEDIAK~1\OSD.exe
    C:\Program Files\bluetooth\BlueSoleil.exe
    c:\progra~1\mcafee.com\vso\mcvsescn.exe
    C:\Program Files\bluetooth\BTNtService.exe
    c:\program files\mcafee.com\agent\mcdetect.exe
    c:\PROGRA~1\mcafee.com\vso\mcshield.exe
    c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe
    C:\PROGRA~1\COMMON~1\Nokia\MPAPI\MPAPI3s.exe
    C:\PROGRA~1\McAfee.com\PERSON~1\MPFSERVICE.exe
    C:\PROGRA~1\McAfee.com\PERSON~1\MpfAgent.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe
    c:\progra~1\mcafee.com\vso\mcvsftsn.exe
    C:\Program Files\Messenger\msmsgs.exe
    C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe
    C:\WINDOWS\system32\igfxsrvc.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\DOCUME~1\DENNIS~1\LOCALS~1\Temp\Tijdelijke map 3 voor hijackthis.zip\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.euro.dell.com/
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.nl
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.nl/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.euro.dell.com/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.nl
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.nl
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
    O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:\progra~1\mcafee.com\vso\mcvsshl.dll
    O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Dell\Media Experience\PCMService.exe"
    O4 - HKLM\..\Run: [Dell Photo AIO Printer 922] "C:\Program Files\Dell Photo AIO Printer 922\dlbtbmgr.exe"
    O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
    O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
    O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
    O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
    O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
    O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
    O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe"
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe
    O4 - HKLM\..\Run: [MCUpdateExe] c:\PROGRA~1\mcafee.com\agent\mcupdate.exe
    O4 - HKLM\..\Run: [MPFExe] C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe
    O4 - HKLM\..\Run: [VSOCheckTask] "C:\PROGRA~1\McAfee.com\VSO\mcmnhdlr.exe" /checktask
    O4 - HKLM\..\Run: [VirusScan Online] C:\Program Files\McAfee.com\VSO\mcvsshld.exe
    O4 - HKLM\..\Run: [OASClnt] C:\Program Files\McAfee.com\VSO\oasclnt.exe
    O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
    O4 - HKLM\..\Run: [MagicKey] C:\PROGRA~1\MEDIAK~1\MagicKey.exe
    O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE -startup
    O4 - HKLM\..\Run: [DLBTCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\DLBTtime.dll,_RunDLLEntry@16
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
    O4 - HKCU\..\Run: [Spyware Doctor] "C:\Program Files\Spyware Doctor\swdoctor.exe" /Q
    O4 - HKCU\..\Run: [PcSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog
    O4 - Startup: Yahoo! Widget Engine.lnk = C:\Program Files\Yahoo!\Yahoo! Widget Engine\YahooWidgetEngine.exe
    O4 - Global Startup: BlueSoleil.lnk = ?
    O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
    O4 - Global Startup: Snelstart HP Image Zone.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin
    pjpi150_09.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin
    pjpi150_09.dll
    O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\PROGRA~1\SPYWAR~2\tools\iesdpb.dll (file missing)
    O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
    O16 - DPF: {193C772A-87BE-4B19-A7BB-445B226FE9A1} (ewidoOnlineScan Control) - http://download.ewido.net/ewidoOnlineScan.cab
    O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
    O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by108w.bay108.mail.live.com/mail
    esources/MsnPUpld.cab
    O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
    O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
    O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab32846.cab
    O16 - DPF: {C4925E65-7A1E-11D2-8BB4-00A0C9CC72C3} (Virtools WebPlayer Class) - http://a532.g.akamai.net/f/532/6712/4h/player.virtools.com/downloads/player/Install3.0/Installer.exe
    O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab31267.cab
    O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxdev.dll
    O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
    O20 - Winlogon Notify: WRNotifier - C:\WINDOWS\SYSTEM32\WRLogonNTF.dll
    O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\bluetooth\BTNtService.exe
    O23 - Service: dlbt_device - Dell - C:\WINDOWS\system32\dlbtcoms.exe
    O23 - Service: McAfee WSC Integration (McDetect.exe) - McAfee, Inc - c:\program files\mcafee.com\agent\mcdetect.exe
    O23 - Service: McAfee.com McShield (McShield) - McAfee Inc. - c:\PROGRA~1\mcafee.com\vso\mcshield.exe
    O23 - Service: McAfee Task Scheduler (McTskshd.exe) - McAfee, Inc - c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
    O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe
    O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee Corporation - C:\PROGRA~1\McAfee.com\PERSON~1\MPFSERVICE.exe
    O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe
    O23 - Service: ServiceLayer - Nokia. - C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe
    O23 - Service: Webroot Spy Sweeper Engine (svcWRSSSDK) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe
  • ondanks ik niks bijzonders zie wil ik je deze scanner aanbieden.

    Download en installeer [b:0f52557194]AVG Anti-Spyware[/b:0f52557194].[list:0f52557194]
    Na de installatie, open AVG Anti-Spyware:
    * onder "[b:0f52557194]Status[/b:0f52557194]", klik op [b:0f52557194]Change state[/b:0f52557194] naast "Resident shield". (wijzig van active naar [b:0f52557194]inactive[/b:0f52557194]!)
    * onder "[b:0f52557194]Update[/b:0f52557194]", klik op de [b:0f52557194]Start update[/b:0f52557194] knop.
    * onder "[b:0f52557194]Scanner[/b:0f52557194]", tab "Settings":[list:0f52557194]- onder "How to act?", klik op "[u:0f52557194]Recommended actions[/u:0f52557194]" en selecteer [b:0f52557194]Quarantine[/b:0f52557194]. ([b:0f52557194]ZEER BELANGRIJK![/b:0f52557194])
    * onder "Reports", selecteer [b:0f52557194]Automatically generate report after every scan[/b:0f52557194] en [u:0f52557194]verwijder[/u:0f52557194] het vinkje bij [b:0f52557194]Only if threats were found[/b:0f52557194][/list:u:0f52557194]
    Sluit AVG Anti-Spyware. Laat het [b:0f52557194]nog niet[/b:0f52557194] scannen.[/list:u:0f52557194]

    Start op in veilige modus

    Start [b:0f52557194]AVG Anti-Spyware[/b:0f52557194].[list:0f52557194]* Klik op [b:0f52557194]Scan[/b:0f52557194] en kies [b:0f52557194]Complete System Scan[/b:0f52557194].
    Na de scan; volg onderstaande instructies :
    BELANGRIJK : Klik niet op de "Save Scan Report" knop vooraleer je de "Apply all Actions" knop hebt aangeklikt ![/color:0f52557194]
    * Draag er zorg voor dat [b:0f52557194]Set all elements to[/b:0f52557194]: op [b:0f52557194]Quarantine[/b:0f52557194] staat (1)[/color:0f52557194],
    zoniet klik op de link en kies [b:0f52557194]Quarantine[/b:0f52557194] in de popup menu. (2)[/color:0f52557194]
    (Dit geldt niet voor cookies, deze worden onveranderlijk gedelete !)
    * Onderaan het venster klik op de [b:0f52557194]Apply all Actions[/b:0f52557194] knop. (3)[/color:0f52557194]
    [img:0f52557194]http://home.scarlet.be/~topalex/ewidoscan.jpg[/img:0f52557194]
    * Wanneer je de melding krijgt 'All actions have been applied', klik je onderaan op de knop [b:0f52557194]Save Report[/b:0f52557194].
    * Klik in het menu bovenaan op [b:0f52557194]Reports[/b:0f52557194]. Kopieer het rapport van de scan en plaats dat hier in je volgende bericht.[/list:u:0f52557194]


    succes
    J :wink:
  • komt ie:

    ———————————————————
    AVG Anti-Spyware - Scan Report
    ———————————————————

    + Created at: 20:36:38 9-11-2006

    + Scan result:



    :mozilla.98:C:\Documents and Settings\dennis en patrice\Application Data\Mozilla\Firefox\Profiles\6vz9svo8.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
    :mozilla.99:C:\Documents and Settings\dennis en patrice\Application Data\Mozilla\Firefox\Profiles\6vz9svo8.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
    :mozilla.204:C:\Documents and Settings\dennis en patrice\Application Data\Mozilla\Firefox\Profiles\6vz9svo8.default\cookies.txt -> TrackingCookie.Addcontrol : Cleaned.
    :mozilla.239:C:\Documents and Settings\dennis en patrice\Application Data\Mozilla\Firefox\Profiles\6vz9svo8.default\cookies.txt -> TrackingCookie.Adjuggler : Cleaned.
    :mozilla.240:C:\Documents and Settings\dennis en patrice\Application Data\Mozilla\Firefox\Profiles\6vz9svo8.default\cookies.txt -> TrackingCookie.Adjuggler : Cleaned.
    :mozilla.241:C:\Documents and Settings\dennis en patrice\Application Data\Mozilla\Firefox\Profiles\6vz9svo8.default\cookies.txt -> TrackingCookie.Adjuggler : Cleaned.
    :mozilla.23:C:\Documents and Settings\dennis en patrice\Application Data\Mozilla\Firefox\Profiles\6vz9svo8.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.
    :mozilla.24:C:\Documents and Settings\dennis en patrice\Application Data\Mozilla\Firefox\Profiles\6vz9svo8.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.
    :mozilla.25:C:\Documents and Settings\dennis en patrice\Application Data\Mozilla\Firefox\Profiles\6vz9svo8.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.
    :mozilla.26:C:\Documents and Settings\dennis en patrice\Application Data\Mozilla\Firefox\Profiles\6vz9svo8.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.
    :mozilla.27:C:\Documents and Settings\dennis en patrice\Application Data\Mozilla\Firefox\Profiles\6vz9svo8.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.
    :mozilla.28:C:\Documents and Settings\dennis en patrice\Application Data\Mozilla\Firefox\Profiles\6vz9svo8.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.
    :mozilla.29:C:\Documents and Settings\dennis en patrice\Application Data\Mozilla\Firefox\Profiles\6vz9svo8.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.
    :mozilla.10:C:\Documents and Settings\dennis en patrice\Application Data\Mozilla\Firefox\Profiles\6vz9svo8.default\cookies.txt -> TrackingCookie.Onestat : Cleaned.
    :mozilla.11:C:\Documents and Settings\dennis en patrice\Application Data\Mozilla\Firefox\Profiles\6vz9svo8.default\cookies.txt -> TrackingCookie.Onestat : Cleaned.
    :mozilla.12:C:\Documents and Settings\dennis en patrice\Application Data\Mozilla\Firefox\Profiles\6vz9svo8.default\cookies.txt -> TrackingCookie.Onestat : Cleaned.
    :mozilla.6:C:\Documents and Settings\dennis en patrice\Application Data\Mozilla\Firefox\Profiles\6vz9svo8.default\cookies.txt -> TrackingCookie.Onestat : Cleaned.
    :mozilla.7:C:\Documents and Settings\dennis en patrice\Application Data\Mozilla\Firefox\Profiles\6vz9svo8.default\cookies.txt -> TrackingCookie.Onestat : Cleaned.
    :mozilla.8:C:\Documents and Settings\dennis en patrice\Application Data\Mozilla\Firefox\Profiles\6vz9svo8.default\cookies.txt -> TrackingCookie.Onestat : Cleaned.
    C:\Program Files\Spy Cleaner Gold\Backup\09_11_200502_57_25.zip/4.scl -> TrackingCookie.Onestat : Cleaned.
    C:\Program Files\Spy Cleaner Gold\Backup\09_15_200523_52_43.zip/10.scl -> TrackingCookie.Onestat : Cleaned.
    C:\Documents and Settings\dennis en patrice\Cookies\dennis en patrice@ads.planetactive[1].txt -> TrackingCookie.Planetactive : Cleaned.
    :mozilla.194:C:\Documents and Settings\dennis en patrice\Application Data\Mozilla\Firefox\Profiles\6vz9svo8.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
    :mozilla.195:C:\Documents and Settings\dennis en patrice\Application Data\Mozilla\Firefox\Profiles\6vz9svo8.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
    :mozilla.196:C:\Documents and Settings\dennis en patrice\Application Data\Mozilla\Firefox\Profiles\6vz9svo8.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
    :mozilla.197:C:\Documents and Settings\dennis en patrice\Application Data\Mozilla\Firefox\Profiles\6vz9svo8.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
    :mozilla.198:C:\Documents and Settings\dennis en patrice\Application Data\Mozilla\Firefox\Profiles\6vz9svo8.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
    :mozilla.170:C:\Documents and Settings\dennis en patrice\Application Data\Mozilla\Firefox\Profiles\6vz9svo8.default\cookies.txt -> TrackingCookie.Sitestat : Cleaned.
    :mozilla.182:C:\Documents and Settings\dennis en patrice\Application Data\Mozilla\Firefox\Profiles\6vz9svo8.default\cookies.txt -> TrackingCookie.Sitestat : Cleaned.
    :mozilla.186:C:\Documents and Settings\dennis en patrice\Application Data\Mozilla\Firefox\Profiles\6vz9svo8.default\cookies.txt -> TrackingCookie.Sitestat : Cleaned.
    :mozilla.190:C:\Documents and Settings\dennis en patrice\Application Data\Mozilla\Firefox\Profiles\6vz9svo8.default\cookies.txt -> TrackingCookie.Sitestat : Cleaned.
    :mozilla.223:C:\Documents and Settings\dennis en patrice\Application Data\Mozilla\Firefox\Profiles\6vz9svo8.default\cookies.txt -> TrackingCookie.Sitestat : Cleaned.
    :mozilla.229:C:\Documents and Settings\dennis en patrice\Application Data\Mozilla\Firefox\Profiles\6vz9svo8.default\cookies.txt -> TrackingCookie.Sitestat : Cleaned.
    :mozilla.256:C:\Documents and Settings\dennis en patrice\Application Data\Mozilla\Firefox\Profiles\6vz9svo8.default\cookies.txt -> TrackingCookie.Sitestat : Cleaned.
    :mozilla.41:C:\Documents and Settings\dennis en patrice\Application Data\Mozilla\Firefox\Profiles\6vz9svo8.default\cookies.txt -> TrackingCookie.Sitestat : Cleaned.
    :mozilla.59:C:\Documents and Settings\dennis en patrice\Application Data\Mozilla\Firefox\Profiles\6vz9svo8.default\cookies.txt -> TrackingCookie.Sitestat : Cleaned.
    :mozilla.60:C:\Documents and Settings\dennis en patrice\Application Data\Mozilla\Firefox\Profiles\6vz9svo8.default\cookies.txt -> TrackingCookie.Sitestat : Cleaned.
    :mozilla.87:C:\Documents and Settings\dennis en patrice\Application Data\Mozilla\Firefox\Profiles\6vz9svo8.default\cookies.txt -> TrackingCookie.Sitestat : Cleaned.
    :mozilla.89:C:\Documents and Settings\dennis en patrice\Application Data\Mozilla\Firefox\Profiles\6vz9svo8.default\cookies.txt -> TrackingCookie.Sitestat : Cleaned.
    :mozilla.101:C:\Documents and Settings\dennis en patrice\Application Data\Mozilla\Firefox\Profiles\6vz9svo8.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
    :mozilla.102:C:\Documents and Settings\dennis en patrice\Application Data\Mozilla\Firefox\Profiles\6vz9svo8.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
    C:\Program Files\Spy Cleaner Gold\Backup\09_15_200523_52_43.zip/17.scl -> TrackingCookie.Statcounter : Cleaned.
    :mozilla.168:C:\Documents and Settings\dennis en patrice\Application Data\Mozilla\Firefox\Profiles\6vz9svo8.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
    :mozilla.169:C:\Documents and Settings\dennis en patrice\Application Data\Mozilla\Firefox\Profiles\6vz9svo8.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.


    ::Report end
  • nog steeds niks bijzonders :-?

    Nieuw HJT logje aub.
  • komt ie:

    Logfile of HijackThis v1.99.1
    Scan saved at 0:52:02, on 11-11-2006
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Windows Defender\MsMpEng.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Dell Photo AIO Printer 922\dlbtbmgr.exe
    C:\WINDOWS\system32\rundll32.exe
    C:\WINDOWS\system32\LVCOMSX.EXE
    C:\Program Files\Dell Photo AIO Printer 922\dlbtbmon.exe
    C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
    C:\WINDOWS\system32\hkcmd.exe
    C:\WINDOWS\system32\igfxpers.exe
    C:\Program Files\Analog Devices\Core\smax4pnp.exe
    C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe
    C:\Program Files\QuickTime\qttask.exe
    C:\PROGRA~1\mcafee.com\agent\mcagent.exe
    C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe
    C:\Program Files\McAfee.com\VSO\mcvsshld.exe
    C:\Program Files\McAfee.com\VSO\oasclnt.exe
    C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    C:\Program Files\Windows Defender\MSASCui.exe
    C:\Program Files\bluetooth\BTNtService.exe
    C:\PROGRA~1\MEDIAK~1\MagicKey.exe
    c:\progra~1\mcafee.com\vso\mcvsescn.exe
    C:\PROGRA~1\MEDIAK~1\OSD.exe
    C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE
    c:\program files\mcafee.com\agent\mcdetect.exe
    C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
    c:\PROGRA~1\mcafee.com\vso\mcshield.exe
    C:\PROGRA~1\McAfee.com\PERSON~1\MpfAgent.exe
    C:\Program Files\MSN Messenger\msnmsgr.exe
    C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe
    C:\Program Files\bluetooth\BlueSoleil.exe
    c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
    C:\PROGRA~1\COMMON~1\Nokia\MPAPI\MPAPI3s.exe
    C:\PROGRA~1\McAfee.com\PERSON~1\MPFSERVICE.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe
    c:\progra~1\mcafee.com\vso\mcvsftsn.exe
    C:\Program Files\Messenger\msmsgs.exe
    C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\DOCUME~1\DENNIS~1\LOCALS~1\Temp\Tijdelijke map 4 voor hijackthis.zip\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.euro.dell.com/
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.nl
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.nl/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.euro.dell.com/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.nl
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.nl
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
    O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:\progra~1\mcafee.com\vso\mcvsshl.dll
    O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Dell\Media Experience\PCMService.exe"
    O4 - HKLM\..\Run: [Dell Photo AIO Printer 922] "C:\Program Files\Dell Photo AIO Printer 922\dlbtbmgr.exe"
    O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
    O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
    O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
    O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
    O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
    O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
    O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe"
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe
    O4 - HKLM\..\Run: [MCUpdateExe] c:\PROGRA~1\mcafee.com\agent\mcupdate.exe
    O4 - HKLM\..\Run: [MPFExe] C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe
    O4 - HKLM\..\Run: [VSOCheckTask] "C:\PROGRA~1\McAfee.com\VSO\mcmnhdlr.exe" /checktask
    O4 - HKLM\..\Run: [VirusScan Online] C:\Program Files\McAfee.com\VSO\mcvsshld.exe
    O4 - HKLM\..\Run: [OASClnt] C:\Program Files\McAfee.com\VSO\oasclnt.exe
    O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
    O4 - HKLM\..\Run: [MagicKey] C:\PROGRA~1\MEDIAK~1\MagicKey.exe
    O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE -startup
    O4 - HKLM\..\Run: [DLBTCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\DLBTtime.dll,_RunDLLEntry@16
    O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
    O4 - HKCU\..\Run: [Spyware Doctor] "C:\Program Files\Spyware Doctor\swdoctor.exe" /Q
    O4 - HKCU\..\Run: [PcSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog
    O4 - Startup: Yahoo! Widget Engine.lnk = C:\Program Files\Yahoo!\Yahoo! Widget Engine\YahooWidgetEngine.exe
    O4 - Global Startup: BlueSoleil.lnk = ?
    O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
    O4 - Global Startup: Snelstart HP Image Zone.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin
    pjpi150_09.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin
    pjpi150_09.dll
    O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\PROGRA~1\SPYWAR~2\tools\iesdpb.dll (file missing)
    O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
    O16 - DPF: {193C772A-87BE-4B19-A7BB-445B226FE9A1} (ewidoOnlineScan Control) - http://download.ewido.net/ewidoOnlineScan.cab
    O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
    O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by108w.bay108.mail.live.com/mail
    esources/MsnPUpld.cab
    O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
    O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
    O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab32846.cab
    O16 - DPF: {C4925E65-7A1E-11D2-8BB4-00A0C9CC72C3} (Virtools WebPlayer Class) - http://a532.g.akamai.net/f/532/6712/4h/player.virtools.com/downloads/player/Install3.0/Installer.exe
    O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab31267.cab
    O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxdev.dll
    O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
    O20 - Winlogon Notify: WRNotifier - C:\WINDOWS\SYSTEM32\WRLogonNTF.dll
    O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\bluetooth\BTNtService.exe
    O23 - Service: dlbt_device - Dell - C:\WINDOWS\system32\dlbtcoms.exe
    O23 - Service: McAfee WSC Integration (McDetect.exe) - McAfee, Inc - c:\program files\mcafee.com\agent\mcdetect.exe
    O23 - Service: McAfee.com McShield (McShield) - McAfee Inc. - c:\PROGRA~1\mcafee.com\vso\mcshield.exe
    O23 - Service: McAfee Task Scheduler (McTskshd.exe) - McAfee, Inc - c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
    O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe
    O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee Corporation - C:\PROGRA~1\McAfee.com\PERSON~1\MPFSERVICE.exe
    O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe
    O23 - Service: ServiceLayer - Nokia. - C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe
    O23 - Service: Webroot Spy Sweeper Engine (svcWRSSSDK) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe
  • moet ik dit eigenlijk niet ook in veilige modus doen trouwens?
  • wat in veilige modus een HJT logje maken, nee juist niet.



    Wil je eerst eens een HijackThis- StartupList logje plaatsen.
    Hierin is veel duidelijker te zien wat er allemaal wordt opgestart:

    - Open [b:fe054e0549]HijackThis[/b:fe054e0549]

    - Klik op [b:fe054e0549]"Config"[/b:fe054e0549]

    - Klik op [b:fe054e0549]"Misc Tools"[/b:fe054e0549]

    - Zet een vinkje in [b:fe054e0549]"List also minor sections (full)"[/b:fe054e0549]

    - Klik op [b:fe054e0549]"Generate StartupList log"[/b:fe054e0549]

    - Klik op [b:fe054e0549]"Ja"[/b:fe054e0549] om de log te maken

    [i:fe054e0549]Het StartupList log wordt nu weergegeven in je kladblok.[/i:fe054e0549]

    - Druk (op je toetsenbord) achtereenvolgens op [b:fe054e0549]ctrl+a[/b:fe054e0549] en [b:fe054e0549]ctrl+c[/b:fe054e0549] om de gehele tekst te selecteren en te kopieren.

    - Plaats het log hier dmv de toetsen [b:fe054e0549]ctrl+v[/b:fe054e0549] (plakken)

    bvd J

    8)
  • StartupList report, 12-11-2006, 11:23:23
    StartupList version: 1.52.2
    Started from : C:\DOCUME~1\DENNIS~1\LOCALS~1\Temp\Tijdelijke map 5 voor hijackthis.zip\HijackThis.EXE
    Detected: Windows XP SP2 (WinNT 5.01.2600)
    Detected: Internet Explorer v6.00 SP2 (6.00.2900.2180)
    * Using default options
    * Showing rarely important sections
    ==================================================

    Running processes:

    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Windows Defender\MsMpEng.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    C:\Program Files\bluetooth\BTNtService.exe
    c:\program files\mcafee.com\agent\mcdetect.exe
    c:\PROGRA~1\mcafee.com\vso\mcshield.exe
    c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
    C:\PROGRA~1\McAfee.com\PERSON~1\MPFSERVICE.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Dell Photo AIO Printer 922\dlbtbmgr.exe
    C:\WINDOWS\system32\rundll32.exe
    C:\Program Files\Dell Photo AIO Printer 922\dlbtbmon.exe
    C:\WINDOWS\system32\LVCOMSX.EXE
    C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
    C:\WINDOWS\system32\hkcmd.exe
    C:\WINDOWS\system32\igfxpers.exe
    C:\Program Files\Analog Devices\Core\smax4pnp.exe
    C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe
    C:\Program Files\QuickTime\qttask.exe
    C:\PROGRA~1\mcafee.com\agent\mcagent.exe
    C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe
    C:\Program Files\McAfee.com\VSO\mcvsshld.exe
    C:\Program Files\McAfee.com\VSO\oasclnt.exe
    C:\Program Files\Windows Defender\MSASCui.exe
    C:\PROGRA~1\MEDIAK~1\MagicKey.exe
    c:\progra~1\mcafee.com\vso\mcvsescn.exe
    C:\PROGRA~1\MEDIAK~1\OSD.exe
    C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE
    C:\PROGRA~1\McAfee.com\PERSON~1\MpfAgent.exe
    C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
    C:\Program Files\MSN Messenger\msnmsgr.exe
    C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe
    C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe
    C:\Program Files\bluetooth\BlueSoleil.exe
    C:\PROGRA~1\COMMON~1\Nokia\MPAPI\MPAPI3s.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe
    c:\progra~1\mcafee.com\vso\mcvsftsn.exe
    C:\Program Files\Messenger\msmsgs.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\DOCUME~1\DENNIS~1\LOCALS~1\Temp\Tijdelijke map 5 voor hijackthis.zip\HijackThis.exe

    ————————————————–

    Listing of startup folders:

    Shell folders Startup:
    [C:\Documents and Settings\dennis en patrice\Menu Start\Programma's\Opstarten]
    Yahoo! Widget Engine.lnk = C:\Program Files\Yahoo!\Yahoo! Widget Engine\YahooWidgetEngine.exe

    Shell folders Common Startup:
    [C:\Documents and Settings\All Users\Menu Start\Programma's\Opstarten]
    BlueSoleil.lnk = ?
    Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
    Snelstart HP Image Zone.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe

    ————————————————–

    Checking Windows NT UserInit:

    [HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    UserInit = C:\WINDOWS\system32\userinit.exe,

    ————————————————–

    Autorun entries from Registry:
    HKLM\Software\Microsoft\Windows\CurrentVersion\Run

    PCMService = "C:\Program Files\Dell\Media Experience\PCMService.exe"
    Dell Photo AIO Printer 922 = "C:\Program Files\Dell Photo AIO Printer 922\dlbtbmgr.exe"
    BluetoothAuthenticationAgent = rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
    LVCOMSX = C:\WINDOWS\system32\LVCOMSX.EXE
    HP Software Update = C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
    igfxtray = C:\WINDOWS\system32\igfxtray.exe
    igfxhkcmd = C:\WINDOWS\system32\hkcmd.exe
    igfxpers = C:\WINDOWS\system32\igfxpers.exe
    SoundMAXPnP = C:\Program Files\Analog Devices\Core\smax4pnp.exe
    SunJavaUpdateSched = "C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe"
    QuickTime Task = "C:\Program Files\QuickTime\qttask.exe" -atboottime
    MCAgentExe = c:\PROGRA~1\mcafee.com\agent\mcagent.exe
    MCUpdateExe = c:\PROGRA~1\mcafee.com\agent\mcupdate.exe
    MPFExe = C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe
    VSOCheckTask = "C:\PROGRA~1\McAfee.com\VSO\mcmnhdlr.exe" /checktask
    VirusScan Online = C:\Program Files\McAfee.com\VSO\mcvsshld.exe
    OASClnt = C:\Program Files\McAfee.com\VSO\oasclnt.exe
    Windows Defender = "C:\Program Files\Windows Defender\MSASCui.exe" -hide
    MagicKey = C:\PROGRA~1\MEDIAK~1\MagicKey.exe
    PCSuiteTrayApplication = C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE -startup

    ————————————————–

    Autorun entries from Registry:
    HKCU\Software\Microsoft\Windows\CurrentVersion\Run

    msnmsgr = "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
    Spyware Doctor = "C:\Program Files\Spyware Doctor\swdoctor.exe" /Q
    PcSync = C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog

    ————————————————–

    Enumerating Active Setup stub paths:
    HKLM\Software\Microsoft\Active Setup\Installed Components
    (* = disabled by HKCU twin)

    [>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}]
    StubPath = C:\WINDOWS\inf\unregmp2.exe /ShowWMP

    [>{26923b43-4d38-484f-9b9e-de460746276c}] *
    StubPath = %systemroot%\system32\shmgrate.exe OCInstallUserConfigIE

    [>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}] *
    StubPath = %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE

    [{2C7339CF-2B09-4501-B3F3-F3508C9228ED}] *
    StubPath = %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll

    [{44BBA840-CC51-11CF-AAFA-00AA00B6015C}] *
    StubPath = "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install

    [{7790769C-0471-11d2-AF11-00C04FA35D02}] *
    StubPath = "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install

    [{89820200-ECBD-11cf-8B85-00AA005B4340}] *
    StubPath = regsvr32.exe /s /n /i:U shell32.dll

    [{89820200-ECBD-11cf-8B85-00AA005B4383}] *
    StubPath = %SystemRoot%\system32\ie4uinit.exe

    [{89B4C1CD-B018-4511-B0A1-5476DBF70820}] *
    StubPath = C:\WINDOWS\system32\Rundll32.exe C:\WINDOWS\system32\mscories.dll,Install

    ————————————————–

    Shell & screensaver key from C:\WINDOWS\SYSTEM.INI:

    Shell=*INI section not found*
    SCRNSAVE.EXE=*INI section not found*
    drivers=*INI section not found*

    Shell & screensaver key from Registry:

    Shell=Explorer.exe
    SCRNSAVE.EXE=C:\WINDOWS\system32\SSTEXT3D.SCR
    drivers=*Registry value not found*

    Policies Shell key:

    HKCU\..\Policies: Shell=*Registry value not found*
    HKLM\..\Policies: Shell=*Registry value not found*

    ————————————————–

    Checking for EXPLORER.EXE instances:

    C:\WINDOWS\Explorer.exe: PRESENT!

    C:\Explorer.exe: not present
    C:\WINDOWS\Explorer\Explorer.exe: not present
    C:\WINDOWS\System\Explorer.exe: not present
    C:\WINDOWS\System32\Explorer.exe: not present
    C:\WINDOWS\Command\Explorer.exe: not present
    C:\WINDOWS\Fonts\Explorer.exe: not present

    ————————————————–

    Checking for superhidden extensions:

    .lnk: HIDDEN! (arrow overlay: yes)
    .pif: HIDDEN! (arrow overlay: yes)
    .exe: not hidden
    .com: not hidden
    .bat: not hidden
    .hta: not hidden
    .scr: not hidden
    .shs: HIDDEN!
    .shb: HIDDEN!
    .vbs: not hidden
    .vbe: not hidden
    .wsh: not hidden
    .scf: HIDDEN! (arrow overlay: NO!)
    .url: HIDDEN! (arrow overlay: yes)
    .js: not hidden
    .jse: not hidden

    ————————————————–

    Enumerating Browser Helper Objects:

    (no name) - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}
    (no name) - C:\PROGRA~1\SPYBOT~1\SDHelper.dll - {53707962-6F74-2D53-2644-206D7942484F}
    (no name) - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43}

    ————————————————–

    Enumerating Task Scheduler jobs:

    MP Scheduled Scan.job

    ————————————————–

    Enumerating Download Program Files:

    [MessengerStatsClient Class]
    InProcServer32 = C:\WINDOWS\Downloaded Program Files\MessengerStatsPAClient.dll
    CODEBASE = http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab

    [Shockwave ActiveX Control]
    InProcServer32 = C:\WINDOWS\system32\macromed\Director\SwDir.dll
    CODEBASE = http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab

    [ewidoOnlineScan Control]
    InProcServer32 = C:\WINDOWS\DOWNLO~1\EWIDOO~1.DLL
    CODEBASE = http://download.ewido.net/ewidoOnlineScan.cab

    [Minesweeper Flags Class]
    InProcServer32 = C:\WINDOWS\Downloaded Program Files\minesweeper.dll
    CODEBASE = http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab

    [Office Update Installation Engine]
    InProcServer32 = C:\WINDOWS\opuc.dll
    CODEBASE = http://office.microsoft.com/officeupdate/content/opuc2.cab

    [MSN Photo Upload Tool]
    InProcServer32 = C:\WINDOWS\Downloaded Program Files\MsnPUpld.dll
    CODEBASE = http://by108w.bay108.mail.live.com/mail
    esources/MsnPUpld.cab

    [MessengerStatsClient Class]
    InProcServer32 = C:\WINDOWS\Downloaded Program Files\messengerstatsclient.dll
    CODEBASE = http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab

    [MsnMessengerSetupDownloadControl Class]
    InProcServer32 = C:\WINDOWS\Downloaded Program Files\MsnMessengerSetupDownloader.ocx
    CODEBASE = http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab

    [ZoneIntro Class]
    InProcServer32 = C:\WINDOWS\Downloaded Program Files\ZIntro.ocx
    CODEBASE = http://messenger.zone.msn.com/binary/ZIntro.cab32846.cab

    [Virtools WebPlayer Class]
    InProcServer32 = C:\Program Files\Virtools Web Player 3.0\WebPlayer.ocx
    CODEBASE = http://a532.g.akamai.net/f/532/6712/4h/player.virtools.com/downloads/player/Install3.0/Installer.exe

    [Shockwave Flash Object]
    InProcServer32 = C:\WINDOWS\system32\Macromed\Flash\Flash8a.ocx
    CODEBASE = http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab

    [Solitaire Showdown Class]
    InProcServer32 = C:\WINDOWS\Downloaded Program Files\solitaireshowdown.dll
    CODEBASE = http://messenger.zone.msn.com/binary/SolitaireShowdown.cab31267.cab

    ————————————————–

    Enumerating Winsock LSP files:

    NameSpace #4: C:\WINDOWS\system32\wshbth.dll

    ————————————————–

    Enumerating Windows NT/2000/XP services

    Windows Audio: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
    AVG Anti-Spyware Guard: C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe (autostart)
    BlueSoleil Hid Service: C:\Program Files\bluetooth\BTNtService.exe (autostart)
    Computer Browser: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart)
    Bluetooth Support Service: %SystemRoot%\system32\svchost.exe -k bthsvcs (autostart)
    Services voor cryptografie: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart)
    DCOM Server Process Launcher: %SystemRoot%\system32\svchost -k DcomLaunch (autostart)
    DHCP Client: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart)
    DNS Client: %SystemRoot%\system32\svchost.exe -k NetworkService (autostart)
    Service voor het rapporteren van fouten: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
    Event Log: %SystemRoot%\system32\services.exe (autostart)
    Fax: %systemroot%\system32\fxssvc.exe (autostart)
    Help en ondersteuning: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
    Server: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart)
    Workstation: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart)
    TCP/IP NetBIOS Helper: %SystemRoot%\system32\svchost.exe -k LocalService (autostart)
    McAfee WSC Integration: c:\program files\mcafee.com\agent\mcdetect.exe (autostart)
    McAfee.com McShield: c:\PROGRA~1\mcafee.com\vso\mcshield.exe (autostart)
    McAfee Task Scheduler: c:\PROGRA~1\mcafee.com\agent\mctskshd.exe (autostart)
    McAfee Personal Firewall Service: C:\PROGRA~1\McAfee.com\PERSON~1\MPFSERVICE.exe (autostart)
    Plug and Play: %SystemRoot%\system32\services.exe (autostart)
    IPSEC-services: %SystemRoot%\system32\lsass.exe (autostart)
    Protected Storage: %SystemRoot%\system32\lsass.exe (autostart)
    Remote Procedure Call (RPC): %SystemRoot%\system32\svchost -k rpcss (autostart)
    Security Accounts Manager: %SystemRoot%\system32\lsass.exe (autostart)
    Task Scheduler: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
    Secdrv: system32\DRIVERS\secdrv.sys (autostart)
    Secondary Logon: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
    System Event Notification: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart)
    Windows Firewall (WF) / Internet-verbinding delen (ICS): %SystemRoot%\system32\svchost.exe -k netsvcs (autostart)
    Shell Hardware Detection: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
    Print Spooler: %SystemRoot%\system32\spoolsv.exe (autostart)
    System Restore-service: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart)
    Windows Image Acquisition (WIA): %SystemRoot%\system32\svchost.exe -k imgsvc (autostart)
    Webroot Spy Sweeper Engine: C:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe (autostart)
    Thema's: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
    Distributed Link Tracking Client: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart)
    Windows User Mode Driver Framework: C:\WINDOWS\system32\wdfmgr.exe (autostart)
    Windows Time: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart)
    WebClient: %SystemRoot%\system32\svchost.exe -k LocalService (autostart)
    Windows Defender Service: "C:\Program Files\Windows Defender\MsMpEng.exe" (autostart)
    Windows Management Instrumentation: %systemroot%\system32\svchost.exe -k netsvcs (autostart)
    Security Center: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
    Automatische updates: %systemroot%\system32\svchost.exe -k netsvcs (autostart)
    Wireless Zero Configuration-service: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)


    ————————————————–

    Enumerating ShellServiceObjectDelayLoad items:

    PostBootReminder: C:\WINDOWS\system32\SHELL32.dll
    CDBurn: C:\WINDOWS\system32\SHELL32.dll
    WebCheck: C:\WINDOWS\system32\webcheck.dll
    SysTray: C:\WINDOWS\system32\stobject.dll

    ————————————————–
    End of report, 15.298 bytes
    Report generated in 0,141 seconds

    Command line options:
    /verbose - to add additional info on each section
    /complete - to include empty sections and unsuspicious data
    /full - to include several rarely-important sections
    /force9x - to include Win9x-only startups even if running on WinNT
    /forcent - to include WinNT-only startups even if running on Win9x
    /forceall - to include all Win9x and WinNT startups, regardless of platform
    /history - to list version history only

Beantwoord deze vraag

Dit is een gearchiveerde pagina. Antwoorden is niet meer mogelijk.