Vraag & Antwoord

Beveiliging & privacy

problemen

10 antwoorden
  • hai, mijn pc vertoond vreemde kuren: mijn bureaubladachtergrond verschijnt direct na het opstarten maar zodra alle pictogrammen te zien zij is het bureaublad ineens grijs, mijn toetsenbord valt uit, evenals mijn muis. verdachte dingen nietwaar? iemand enig idee hoe dit kan komen? onlangs geinstalleerde programma's zijn live messenger en google earth.. verder geen gekke dingen gedaan, en alle scanners (mcafee, adaware, defender) vinden niets.. bvd dennis!
  • dat kan verschillende oorzaak hebben, met een HJT logje zie ik meer. wil je die hier downloaden en hier een hijackthislogje plaatsen aub. J :wink:
  • tuurlijk komt 'ie! Logfile of HijackThis v1.99.1 Scan saved at 18:54:19, on 9-11-2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Windows Defender\MsMpEng.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Dell Photo AIO Printer 922\dlbtbmgr.exe C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\LVCOMSX.EXE C:\Program Files\HP\HP Software Update\HPWuSchd2.exe C:\WINDOWS\system32\hkcmd.exe C:\WINDOWS\system32\igfxpers.exe C:\Program Files\Analog Devices\Core\smax4pnp.exe C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe C:\Program Files\QuickTime\qttask.exe C:\PROGRA~1\mcafee.com\agent\mcagent.exe C:\Program Files\Dell Photo AIO Printer 922\dlbtbmon.exe C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe C:\Program Files\McAfee.com\VSO\mcvsshld.exe C:\Program Files\McAfee.com\VSO\oasclnt.exe C:\Program Files\Windows Defender\MSASCui.exe C:\PROGRA~1\MEDIAK~1\MagicKey.exe C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE C:\Program Files\MSN Messenger\msnmsgr.exe C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe C:\PROGRA~1\MEDIAK~1\OSD.exe C:\Program Files\bluetooth\BlueSoleil.exe c:\progra~1\mcafee.com\vso\mcvsescn.exe C:\Program Files\bluetooth\BTNtService.exe c:\program files\mcafee.com\agent\mcdetect.exe c:\PROGRA~1\mcafee.com\vso\mcshield.exe c:\PROGRA~1\mcafee.com\agent\mctskshd.exe C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe C:\PROGRA~1\COMMON~1\Nokia\MPAPI\MPAPI3s.exe C:\PROGRA~1\McAfee.com\PERSON~1\MPFSERVICE.exe C:\PROGRA~1\McAfee.com\PERSON~1\MpfAgent.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe c:\progra~1\mcafee.com\vso\mcvsftsn.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe C:\WINDOWS\system32\igfxsrvc.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\DOCUME~1\DENNIS~1\LOCALS~1\Temp\Tijdelijke map 3 voor hijackthis.zip\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.euro.dell.com/ R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.nl R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.nl/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.euro.dell.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.nl R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.nl R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:\progra~1\mcafee.com\vso\mcvsshl.dll O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Dell\Media Experience\PCMService.exe" O4 - HKLM\..\Run: [Dell Photo AIO Printer 922] "C:\Program Files\Dell Photo AIO Printer 922\dlbtbmgr.exe" O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe O4 - HKLM\..\Run: [MCUpdateExe] c:\PROGRA~1\mcafee.com\agent\mcupdate.exe O4 - HKLM\..\Run: [MPFExe] C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe O4 - HKLM\..\Run: [VSOCheckTask] "C:\PROGRA~1\McAfee.com\VSO\mcmnhdlr.exe" /checktask O4 - HKLM\..\Run: [VirusScan Online] C:\Program Files\McAfee.com\VSO\mcvsshld.exe O4 - HKLM\..\Run: [OASClnt] C:\Program Files\McAfee.com\VSO\oasclnt.exe O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide O4 - HKLM\..\Run: [MagicKey] C:\PROGRA~1\MEDIAK~1\MagicKey.exe O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE -startup O4 - HKLM\..\Run: [DLBTCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\DLBTtime.dll,_RunDLLEntry@16 O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [Spyware Doctor] "C:\Program Files\Spyware Doctor\swdoctor.exe" /Q O4 - HKCU\..\Run: [PcSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog O4 - Startup: Yahoo! Widget Engine.lnk = C:\Program Files\Yahoo!\Yahoo! Widget Engine\YahooWidgetEngine.exe O4 - Global Startup: BlueSoleil.lnk = ? O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O4 - Global Startup: Snelstart HP Image Zone.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\npjpi150_09.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\npjpi150_09.dll O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\PROGRA~1\SPYWAR~2\tools\iesdpb.dll (file missing) O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab O16 - DPF: {193C772A-87BE-4B19-A7BB-445B226FE9A1} (ewidoOnlineScan Control) - http://download.ewido.net/ewidoOnlineScan.cab O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by108w.bay108.mail.live.com/mail/resources/MsnPUpld.cab O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab32846.cab O16 - DPF: {C4925E65-7A1E-11D2-8BB4-00A0C9CC72C3} (Virtools WebPlayer Class) - http://a532.g.akamai.net/f/532/6712/4h/player.virtools.com/downloads/player/Install3.0/Installer.exe O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab31267.cab O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxdev.dll O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O20 - Winlogon Notify: WRNotifier - C:\WINDOWS\SYSTEM32\WRLogonNTF.dll O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\bluetooth\BTNtService.exe O23 - Service: dlbt_device - Dell - C:\WINDOWS\system32\dlbtcoms.exe O23 - Service: McAfee WSC Integration (McDetect.exe) - McAfee, Inc - c:\program files\mcafee.com\agent\mcdetect.exe O23 - Service: McAfee.com McShield (McShield) - McAfee Inc. - c:\PROGRA~1\mcafee.com\vso\mcshield.exe O23 - Service: McAfee Task Scheduler (McTskshd.exe) - McAfee, Inc - c:\PROGRA~1\mcafee.com\agent\mctskshd.exe O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee Corporation - C:\PROGRA~1\McAfee.com\PERSON~1\MPFSERVICE.exe O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe O23 - Service: ServiceLayer - Nokia. - C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe O23 - Service: Webroot Spy Sweeper Engine (svcWRSSSDK) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe
  • ondanks ik niks bijzonders zie wil ik je deze scanner aanbieden. Download en installeer [url=http://www.ewido.net/en/download/][b:0f52557194]AVG Anti-Spyware[/b:0f52557194][/url].[list:0f52557194] Na de installatie, open AVG Anti-Spyware: * onder "[b:0f52557194]Status[/b:0f52557194]", klik op [b:0f52557194]Change state[/b:0f52557194] naast "Resident shield". (wijzig van active naar [b:0f52557194]inactive[/b:0f52557194]!) * onder "[b:0f52557194]Update[/b:0f52557194]", klik op de [b:0f52557194]Start update[/b:0f52557194] knop. * onder "[b:0f52557194]Scanner[/b:0f52557194]", tab "Settings":[list:0f52557194]- onder "How to act?", klik op "[u:0f52557194]Recommended actions[/u:0f52557194]" en selecteer [b:0f52557194]Quarantine[/b:0f52557194]. ([b:0f52557194]ZEER BELANGRIJK![/b:0f52557194]) * onder "Reports", selecteer [b:0f52557194]Automatically generate report after every scan[/b:0f52557194] en [u:0f52557194]verwijder[/u:0f52557194] het vinkje bij [b:0f52557194]Only if threats were found[/b:0f52557194][/list:u:0f52557194] Sluit AVG Anti-Spyware. Laat het [b:0f52557194]nog niet[/b:0f52557194] scannen.[/list:u:0f52557194] Start op in [url=http://www.hijackthis.nl/veiligemodus.html]veilige modus[/url] Start [b:0f52557194]AVG Anti-Spyware[/b:0f52557194].[list:0f52557194]* Klik op [b:0f52557194]Scan[/b:0f52557194] en kies [b:0f52557194]Complete System Scan[/b:0f52557194]. Na de scan; volg onderstaande instructies : [color=blue:0f52557194]BELANGRIJK : Klik niet op de "Save Scan Report" knop vooraleer je de "Apply all Actions" knop hebt aangeklikt ![/color:0f52557194] * Draag er zorg voor dat [b:0f52557194]Set all elements to[/b:0f52557194]: op [b:0f52557194]Quarantine[/b:0f52557194] staat [color=blue:0f52557194](1)[/color:0f52557194], zoniet klik op de link en kies [b:0f52557194]Quarantine[/b:0f52557194] in de popup menu.[color=blue:0f52557194] (2)[/color:0f52557194] (Dit geldt niet voor cookies, deze worden onveranderlijk gedelete !) * Onderaan het venster klik op de [b:0f52557194]Apply all Actions[/b:0f52557194] knop. [color=blue:0f52557194](3)[/color:0f52557194] [img:0f52557194]http://home.scarlet.be/~topalex/ewidoscan.jpg[/img:0f52557194] * Wanneer je de melding krijgt 'All actions have been applied', klik je onderaan op de knop [b:0f52557194]Save Report[/b:0f52557194]. * Klik in het menu bovenaan op [b:0f52557194]Reports[/b:0f52557194]. Kopieer het rapport van de scan en plaats dat hier in je volgende bericht.[/list:u:0f52557194] succes J :wink:
  • komt ie: --------------------------------------------------------- AVG Anti-Spyware - Scan Report --------------------------------------------------------- + Created at: 20:36:38 9-11-2006 + Scan result: :mozilla.98:C:\Documents and Settings\dennis en patrice\Application Data\Mozilla\Firefox\Profiles\6vz9svo8.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned. :mozilla.99:C:\Documents and Settings\dennis en patrice\Application Data\Mozilla\Firefox\Profiles\6vz9svo8.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned. :mozilla.204:C:\Documents and Settings\dennis en patrice\Application Data\Mozilla\Firefox\Profiles\6vz9svo8.default\cookies.txt -> TrackingCookie.Addcontrol : Cleaned. :mozilla.239:C:\Documents and Settings\dennis en patrice\Application Data\Mozilla\Firefox\Profiles\6vz9svo8.default\cookies.txt -> TrackingCookie.Adjuggler : Cleaned. :mozilla.240:C:\Documents and Settings\dennis en patrice\Application Data\Mozilla\Firefox\Profiles\6vz9svo8.default\cookies.txt -> TrackingCookie.Adjuggler : Cleaned. :mozilla.241:C:\Documents and Settings\dennis en patrice\Application Data\Mozilla\Firefox\Profiles\6vz9svo8.default\cookies.txt -> TrackingCookie.Adjuggler : Cleaned. :mozilla.23:C:\Documents and Settings\dennis en patrice\Application Data\Mozilla\Firefox\Profiles\6vz9svo8.default\cookies.txt -> TrackingCookie.Falkag : Cleaned. :mozilla.24:C:\Documents and Settings\dennis en patrice\Application Data\Mozilla\Firefox\Profiles\6vz9svo8.default\cookies.txt -> TrackingCookie.Falkag : Cleaned. :mozilla.25:C:\Documents and Settings\dennis en patrice\Application Data\Mozilla\Firefox\Profiles\6vz9svo8.default\cookies.txt -> TrackingCookie.Falkag : Cleaned. :mozilla.26:C:\Documents and Settings\dennis en patrice\Application Data\Mozilla\Firefox\Profiles\6vz9svo8.default\cookies.txt -> TrackingCookie.Falkag : Cleaned. :mozilla.27:C:\Documents and Settings\dennis en patrice\Application Data\Mozilla\Firefox\Profiles\6vz9svo8.default\cookies.txt -> TrackingCookie.Falkag : Cleaned. :mozilla.28:C:\Documents and Settings\dennis en patrice\Application Data\Mozilla\Firefox\Profiles\6vz9svo8.default\cookies.txt -> TrackingCookie.Falkag : Cleaned. :mozilla.29:C:\Documents and Settings\dennis en patrice\Application Data\Mozilla\Firefox\Profiles\6vz9svo8.default\cookies.txt -> TrackingCookie.Falkag : Cleaned. :mozilla.10:C:\Documents and Settings\dennis en patrice\Application Data\Mozilla\Firefox\Profiles\6vz9svo8.default\cookies.txt -> TrackingCookie.Onestat : Cleaned. :mozilla.11:C:\Documents and Settings\dennis en patrice\Application Data\Mozilla\Firefox\Profiles\6vz9svo8.default\cookies.txt -> TrackingCookie.Onestat : Cleaned. :mozilla.12:C:\Documents and Settings\dennis en patrice\Application Data\Mozilla\Firefox\Profiles\6vz9svo8.default\cookies.txt -> TrackingCookie.Onestat : Cleaned. :mozilla.6:C:\Documents and Settings\dennis en patrice\Application Data\Mozilla\Firefox\Profiles\6vz9svo8.default\cookies.txt -> TrackingCookie.Onestat : Cleaned. :mozilla.7:C:\Documents and Settings\dennis en patrice\Application Data\Mozilla\Firefox\Profiles\6vz9svo8.default\cookies.txt -> TrackingCookie.Onestat : Cleaned. :mozilla.8:C:\Documents and Settings\dennis en patrice\Application Data\Mozilla\Firefox\Profiles\6vz9svo8.default\cookies.txt -> TrackingCookie.Onestat : Cleaned. C:\Program Files\Spy Cleaner Gold\Backup\09_11_200502_57_25.zip/4.scl -> TrackingCookie.Onestat : Cleaned. C:\Program Files\Spy Cleaner Gold\Backup\09_15_200523_52_43.zip/10.scl -> TrackingCookie.Onestat : Cleaned. C:\Documents and Settings\dennis en patrice\Cookies\dennis en patrice@ads.planetactive[1].txt -> TrackingCookie.Planetactive : Cleaned. :mozilla.194:C:\Documents and Settings\dennis en patrice\Application Data\Mozilla\Firefox\Profiles\6vz9svo8.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned. :mozilla.195:C:\Documents and Settings\dennis en patrice\Application Data\Mozilla\Firefox\Profiles\6vz9svo8.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned. :mozilla.196:C:\Documents and Settings\dennis en patrice\Application Data\Mozilla\Firefox\Profiles\6vz9svo8.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned. :mozilla.197:C:\Documents and Settings\dennis en patrice\Application Data\Mozilla\Firefox\Profiles\6vz9svo8.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned. :mozilla.198:C:\Documents and Settings\dennis en patrice\Application Data\Mozilla\Firefox\Profiles\6vz9svo8.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned. :mozilla.170:C:\Documents and Settings\dennis en patrice\Application Data\Mozilla\Firefox\Profiles\6vz9svo8.default\cookies.txt -> TrackingCookie.Sitestat : Cleaned. :mozilla.182:C:\Documents and Settings\dennis en patrice\Application Data\Mozilla\Firefox\Profiles\6vz9svo8.default\cookies.txt -> TrackingCookie.Sitestat : Cleaned. :mozilla.186:C:\Documents and Settings\dennis en patrice\Application Data\Mozilla\Firefox\Profiles\6vz9svo8.default\cookies.txt -> TrackingCookie.Sitestat : Cleaned. :mozilla.190:C:\Documents and Settings\dennis en patrice\Application Data\Mozilla\Firefox\Profiles\6vz9svo8.default\cookies.txt -> TrackingCookie.Sitestat : Cleaned. :mozilla.223:C:\Documents and Settings\dennis en patrice\Application Data\Mozilla\Firefox\Profiles\6vz9svo8.default\cookies.txt -> TrackingCookie.Sitestat : Cleaned. :mozilla.229:C:\Documents and Settings\dennis en patrice\Application Data\Mozilla\Firefox\Profiles\6vz9svo8.default\cookies.txt -> TrackingCookie.Sitestat : Cleaned. :mozilla.256:C:\Documents and Settings\dennis en patrice\Application Data\Mozilla\Firefox\Profiles\6vz9svo8.default\cookies.txt -> TrackingCookie.Sitestat : Cleaned. :mozilla.41:C:\Documents and Settings\dennis en patrice\Application Data\Mozilla\Firefox\Profiles\6vz9svo8.default\cookies.txt -> TrackingCookie.Sitestat : Cleaned. :mozilla.59:C:\Documents and Settings\dennis en patrice\Application Data\Mozilla\Firefox\Profiles\6vz9svo8.default\cookies.txt -> TrackingCookie.Sitestat : Cleaned. :mozilla.60:C:\Documents and Settings\dennis en patrice\Application Data\Mozilla\Firefox\Profiles\6vz9svo8.default\cookies.txt -> TrackingCookie.Sitestat : Cleaned. :mozilla.87:C:\Documents and Settings\dennis en patrice\Application Data\Mozilla\Firefox\Profiles\6vz9svo8.default\cookies.txt -> TrackingCookie.Sitestat : Cleaned. :mozilla.89:C:\Documents and Settings\dennis en patrice\Application Data\Mozilla\Firefox\Profiles\6vz9svo8.default\cookies.txt -> TrackingCookie.Sitestat : Cleaned. :mozilla.101:C:\Documents and Settings\dennis en patrice\Application Data\Mozilla\Firefox\Profiles\6vz9svo8.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned. :mozilla.102:C:\Documents and Settings\dennis en patrice\Application Data\Mozilla\Firefox\Profiles\6vz9svo8.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned. C:\Program Files\Spy Cleaner Gold\Backup\09_15_200523_52_43.zip/17.scl -> TrackingCookie.Statcounter : Cleaned. :mozilla.168:C:\Documents and Settings\dennis en patrice\Application Data\Mozilla\Firefox\Profiles\6vz9svo8.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned. :mozilla.169:C:\Documents and Settings\dennis en patrice\Application Data\Mozilla\Firefox\Profiles\6vz9svo8.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned. ::Report end
  • nog steeds niks bijzonders :-? Nieuw HJT logje aub.
  • komt ie: Logfile of HijackThis v1.99.1 Scan saved at 0:52:02, on 11-11-2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Windows Defender\MsMpEng.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Dell Photo AIO Printer 922\dlbtbmgr.exe C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\LVCOMSX.EXE C:\Program Files\Dell Photo AIO Printer 922\dlbtbmon.exe C:\Program Files\HP\HP Software Update\HPWuSchd2.exe C:\WINDOWS\system32\hkcmd.exe C:\WINDOWS\system32\igfxpers.exe C:\Program Files\Analog Devices\Core\smax4pnp.exe C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe C:\Program Files\QuickTime\qttask.exe C:\PROGRA~1\mcafee.com\agent\mcagent.exe C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe C:\Program Files\McAfee.com\VSO\mcvsshld.exe C:\Program Files\McAfee.com\VSO\oasclnt.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe C:\Program Files\Windows Defender\MSASCui.exe C:\Program Files\bluetooth\BTNtService.exe C:\PROGRA~1\MEDIAK~1\MagicKey.exe c:\progra~1\mcafee.com\vso\mcvsescn.exe C:\PROGRA~1\MEDIAK~1\OSD.exe C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE c:\program files\mcafee.com\agent\mcdetect.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe c:\PROGRA~1\mcafee.com\vso\mcshield.exe C:\PROGRA~1\McAfee.com\PERSON~1\MpfAgent.exe C:\Program Files\MSN Messenger\msnmsgr.exe C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe C:\Program Files\bluetooth\BlueSoleil.exe c:\PROGRA~1\mcafee.com\agent\mctskshd.exe C:\PROGRA~1\COMMON~1\Nokia\MPAPI\MPAPI3s.exe C:\PROGRA~1\McAfee.com\PERSON~1\MPFSERVICE.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe c:\progra~1\mcafee.com\vso\mcvsftsn.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\DOCUME~1\DENNIS~1\LOCALS~1\Temp\Tijdelijke map 4 voor hijackthis.zip\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.euro.dell.com/ R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.nl R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.nl/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.euro.dell.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.nl R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.nl R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:\progra~1\mcafee.com\vso\mcvsshl.dll O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Dell\Media Experience\PCMService.exe" O4 - HKLM\..\Run: [Dell Photo AIO Printer 922] "C:\Program Files\Dell Photo AIO Printer 922\dlbtbmgr.exe" O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe O4 - HKLM\..\Run: [MCUpdateExe] c:\PROGRA~1\mcafee.com\agent\mcupdate.exe O4 - HKLM\..\Run: [MPFExe] C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe O4 - HKLM\..\Run: [VSOCheckTask] "C:\PROGRA~1\McAfee.com\VSO\mcmnhdlr.exe" /checktask O4 - HKLM\..\Run: [VirusScan Online] C:\Program Files\McAfee.com\VSO\mcvsshld.exe O4 - HKLM\..\Run: [OASClnt] C:\Program Files\McAfee.com\VSO\oasclnt.exe O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide O4 - HKLM\..\Run: [MagicKey] C:\PROGRA~1\MEDIAK~1\MagicKey.exe O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE -startup O4 - HKLM\..\Run: [DLBTCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\DLBTtime.dll,_RunDLLEntry@16 O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [Spyware Doctor] "C:\Program Files\Spyware Doctor\swdoctor.exe" /Q O4 - HKCU\..\Run: [PcSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog O4 - Startup: Yahoo! Widget Engine.lnk = C:\Program Files\Yahoo!\Yahoo! Widget Engine\YahooWidgetEngine.exe O4 - Global Startup: BlueSoleil.lnk = ? O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O4 - Global Startup: Snelstart HP Image Zone.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\npjpi150_09.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\npjpi150_09.dll O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\PROGRA~1\SPYWAR~2\tools\iesdpb.dll (file missing) O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab O16 - DPF: {193C772A-87BE-4B19-A7BB-445B226FE9A1} (ewidoOnlineScan Control) - http://download.ewido.net/ewidoOnlineScan.cab O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by108w.bay108.mail.live.com/mail/resources/MsnPUpld.cab O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab32846.cab O16 - DPF: {C4925E65-7A1E-11D2-8BB4-00A0C9CC72C3} (Virtools WebPlayer Class) - http://a532.g.akamai.net/f/532/6712/4h/player.virtools.com/downloads/player/Install3.0/Installer.exe O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab31267.cab O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxdev.dll O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O20 - Winlogon Notify: WRNotifier - C:\WINDOWS\SYSTEM32\WRLogonNTF.dll O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\bluetooth\BTNtService.exe O23 - Service: dlbt_device - Dell - C:\WINDOWS\system32\dlbtcoms.exe O23 - Service: McAfee WSC Integration (McDetect.exe) - McAfee, Inc - c:\program files\mcafee.com\agent\mcdetect.exe O23 - Service: McAfee.com McShield (McShield) - McAfee Inc. - c:\PROGRA~1\mcafee.com\vso\mcshield.exe O23 - Service: McAfee Task Scheduler (McTskshd.exe) - McAfee, Inc - c:\PROGRA~1\mcafee.com\agent\mctskshd.exe O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee Corporation - C:\PROGRA~1\McAfee.com\PERSON~1\MPFSERVICE.exe O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe O23 - Service: ServiceLayer - Nokia. - C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe O23 - Service: Webroot Spy Sweeper Engine (svcWRSSSDK) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe
  • moet ik dit eigenlijk niet ook in veilige modus doen trouwens?
  • wat in veilige modus een HJT logje maken, nee juist niet. Wil je eerst eens een HijackThis- StartupList logje plaatsen. Hierin is veel duidelijker te zien wat er allemaal wordt opgestart: - Open [b:fe054e0549]HijackThis[/b:fe054e0549] - Klik op [b:fe054e0549]"Config"[/b:fe054e0549] - Klik op [b:fe054e0549]"Misc Tools"[/b:fe054e0549] - Zet een vinkje in [b:fe054e0549]"List also minor sections (full)"[/b:fe054e0549] - Klik op [b:fe054e0549]"Generate StartupList log"[/b:fe054e0549] - Klik op [b:fe054e0549]"Ja"[/b:fe054e0549] om de log te maken [i:fe054e0549]Het StartupList log wordt nu weergegeven in je kladblok.[/i:fe054e0549] - Druk (op je toetsenbord) achtereenvolgens op [b:fe054e0549]ctrl+a[/b:fe054e0549] en [b:fe054e0549]ctrl+c[/b:fe054e0549] om de gehele tekst te selecteren en te kopieren. - Plaats het log hier dmv de toetsen [b:fe054e0549]ctrl+v[/b:fe054e0549] (plakken) bvd J 8)
  • StartupList report, 12-11-2006, 11:23:23 StartupList version: 1.52.2 Started from : C:\DOCUME~1\DENNIS~1\LOCALS~1\Temp\Tijdelijke map 5 voor hijackthis.zip\HijackThis.EXE Detected: Windows XP SP2 (WinNT 5.01.2600) Detected: Internet Explorer v6.00 SP2 (6.00.2900.2180) * Using default options * Showing rarely important sections ================================================== Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Windows Defender\MsMpEng.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe C:\Program Files\bluetooth\BTNtService.exe c:\program files\mcafee.com\agent\mcdetect.exe c:\PROGRA~1\mcafee.com\vso\mcshield.exe c:\PROGRA~1\mcafee.com\agent\mctskshd.exe C:\PROGRA~1\McAfee.com\PERSON~1\MPFSERVICE.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Dell Photo AIO Printer 922\dlbtbmgr.exe C:\WINDOWS\system32\rundll32.exe C:\Program Files\Dell Photo AIO Printer 922\dlbtbmon.exe C:\WINDOWS\system32\LVCOMSX.EXE C:\Program Files\HP\HP Software Update\HPWuSchd2.exe C:\WINDOWS\system32\hkcmd.exe C:\WINDOWS\system32\igfxpers.exe C:\Program Files\Analog Devices\Core\smax4pnp.exe C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe C:\Program Files\QuickTime\qttask.exe C:\PROGRA~1\mcafee.com\agent\mcagent.exe C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe C:\Program Files\McAfee.com\VSO\mcvsshld.exe C:\Program Files\McAfee.com\VSO\oasclnt.exe C:\Program Files\Windows Defender\MSASCui.exe C:\PROGRA~1\MEDIAK~1\MagicKey.exe c:\progra~1\mcafee.com\vso\mcvsescn.exe C:\PROGRA~1\MEDIAK~1\OSD.exe C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE C:\PROGRA~1\McAfee.com\PERSON~1\MpfAgent.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe C:\Program Files\MSN Messenger\msnmsgr.exe C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe C:\Program Files\bluetooth\BlueSoleil.exe C:\PROGRA~1\COMMON~1\Nokia\MPAPI\MPAPI3s.exe C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe c:\progra~1\mcafee.com\vso\mcvsftsn.exe C:\Program Files\Messenger\msmsgs.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\DOCUME~1\DENNIS~1\LOCALS~1\Temp\Tijdelijke map 5 voor hijackthis.zip\HijackThis.exe -------------------------------------------------- Listing of startup folders: Shell folders Startup: [C:\Documents and Settings\dennis en patrice\Menu Start\Programma's\Opstarten] Yahoo! Widget Engine.lnk = C:\Program Files\Yahoo!\Yahoo! Widget Engine\YahooWidgetEngine.exe Shell folders Common Startup: [C:\Documents and Settings\All Users\Menu Start\Programma's\Opstarten] BlueSoleil.lnk = ? Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE Snelstart HP Image Zone.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe -------------------------------------------------- Checking Windows NT UserInit: [HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] UserInit = C:\WINDOWS\system32\userinit.exe, -------------------------------------------------- Autorun entries from Registry: HKLM\Software\Microsoft\Windows\CurrentVersion\Run PCMService = "C:\Program Files\Dell\Media Experience\PCMService.exe" Dell Photo AIO Printer 922 = "C:\Program Files\Dell Photo AIO Printer 922\dlbtbmgr.exe" BluetoothAuthenticationAgent = rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent LVCOMSX = C:\WINDOWS\system32\LVCOMSX.EXE HP Software Update = C:\Program Files\HP\HP Software Update\HPWuSchd2.exe igfxtray = C:\WINDOWS\system32\igfxtray.exe igfxhkcmd = C:\WINDOWS\system32\hkcmd.exe igfxpers = C:\WINDOWS\system32\igfxpers.exe SoundMAXPnP = C:\Program Files\Analog Devices\Core\smax4pnp.exe SunJavaUpdateSched = "C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe" QuickTime Task = "C:\Program Files\QuickTime\qttask.exe" -atboottime MCAgentExe = c:\PROGRA~1\mcafee.com\agent\mcagent.exe MCUpdateExe = c:\PROGRA~1\mcafee.com\agent\mcupdate.exe MPFExe = C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe VSOCheckTask = "C:\PROGRA~1\McAfee.com\VSO\mcmnhdlr.exe" /checktask VirusScan Online = C:\Program Files\McAfee.com\VSO\mcvsshld.exe OASClnt = C:\Program Files\McAfee.com\VSO\oasclnt.exe Windows Defender = "C:\Program Files\Windows Defender\MSASCui.exe" -hide MagicKey = C:\PROGRA~1\MEDIAK~1\MagicKey.exe PCSuiteTrayApplication = C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE -startup -------------------------------------------------- Autorun entries from Registry: HKCU\Software\Microsoft\Windows\CurrentVersion\Run msnmsgr = "C:\Program Files\MSN Messenger\msnmsgr.exe" /background Spyware Doctor = "C:\Program Files\Spyware Doctor\swdoctor.exe" /Q PcSync = C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog -------------------------------------------------- Enumerating Active Setup stub paths: HKLM\Software\Microsoft\Active Setup\Installed Components (* = disabled by HKCU twin) [>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}] StubPath = C:\WINDOWS\inf\unregmp2.exe /ShowWMP [>{26923b43-4d38-484f-9b9e-de460746276c}] * StubPath = %systemroot%\system32\shmgrate.exe OCInstallUserConfigIE [>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}] * StubPath = %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE [{2C7339CF-2B09-4501-B3F3-F3508C9228ED}] * StubPath = %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll [{44BBA840-CC51-11CF-AAFA-00AA00B6015C}] * StubPath = "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install [{7790769C-0471-11d2-AF11-00C04FA35D02}] * StubPath = "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install [{89820200-ECBD-11cf-8B85-00AA005B4340}] * StubPath = regsvr32.exe /s /n /i:U shell32.dll [{89820200-ECBD-11cf-8B85-00AA005B4383}] * StubPath = %SystemRoot%\system32\ie4uinit.exe [{89B4C1CD-B018-4511-B0A1-5476DBF70820}] * StubPath = C:\WINDOWS\system32\Rundll32.exe C:\WINDOWS\system32\mscories.dll,Install -------------------------------------------------- Shell & screensaver key from C:\WINDOWS\SYSTEM.INI: Shell=*INI section not found* SCRNSAVE.EXE=*INI section not found* drivers=*INI section not found* Shell & screensaver key from Registry: Shell=Explorer.exe SCRNSAVE.EXE=C:\WINDOWS\system32\SSTEXT3D.SCR drivers=*Registry value not found* Policies Shell key: HKCU\..\Policies: Shell=*Registry value not found* HKLM\..\Policies: Shell=*Registry value not found* -------------------------------------------------- Checking for EXPLORER.EXE instances: C:\WINDOWS\Explorer.exe: PRESENT! C:\Explorer.exe: not present C:\WINDOWS\Explorer\Explorer.exe: not present C:\WINDOWS\System\Explorer.exe: not present C:\WINDOWS\System32\Explorer.exe: not present C:\WINDOWS\Command\Explorer.exe: not present C:\WINDOWS\Fonts\Explorer.exe: not present -------------------------------------------------- Checking for superhidden extensions: .lnk: HIDDEN! (arrow overlay: yes) .pif: HIDDEN! (arrow overlay: yes) .exe: not hidden .com: not hidden .bat: not hidden .hta: not hidden .scr: not hidden .shs: HIDDEN! .shb: HIDDEN! .vbs: not hidden .vbe: not hidden .wsh: not hidden .scf: HIDDEN! (arrow overlay: NO!) .url: HIDDEN! (arrow overlay: yes) .js: not hidden .jse: not hidden -------------------------------------------------- Enumerating Browser Helper Objects: (no name) - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} (no name) - C:\PROGRA~1\SPYBOT~1\SDHelper.dll - {53707962-6F74-2D53-2644-206D7942484F} (no name) - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -------------------------------------------------- Enumerating Task Scheduler jobs: MP Scheduled Scan.job -------------------------------------------------- Enumerating Download Program Files: [MessengerStatsClient Class] InProcServer32 = C:\WINDOWS\Downloaded Program Files\MessengerStatsPAClient.dll CODEBASE = http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab [Shockwave ActiveX Control] InProcServer32 = C:\WINDOWS\system32\macromed\Director\SwDir.dll CODEBASE = http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab [ewidoOnlineScan Control] InProcServer32 = C:\WINDOWS\DOWNLO~1\EWIDOO~1.DLL CODEBASE = http://download.ewido.net/ewidoOnlineScan.cab [Minesweeper Flags Class] InProcServer32 = C:\WINDOWS\Downloaded Program Files\minesweeper.dll CODEBASE = http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab [Office Update Installation Engine] InProcServer32 = C:\WINDOWS\opuc.dll CODEBASE = http://office.microsoft.com/officeupdate/content/opuc2.cab [MSN Photo Upload Tool] InProcServer32 = C:\WINDOWS\Downloaded Program Files\MsnPUpld.dll CODEBASE = http://by108w.bay108.mail.live.com/mail/resources/MsnPUpld.cab [MessengerStatsClient Class] InProcServer32 = C:\WINDOWS\Downloaded Program Files\messengerstatsclient.dll CODEBASE = http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab [MsnMessengerSetupDownloadControl Class] InProcServer32 = C:\WINDOWS\Downloaded Program Files\MsnMessengerSetupDownloader.ocx CODEBASE = http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab [ZoneIntro Class] InProcServer32 = C:\WINDOWS\Downloaded Program Files\ZIntro.ocx CODEBASE = http://messenger.zone.msn.com/binary/ZIntro.cab32846.cab [Virtools WebPlayer Class] InProcServer32 = C:\Program Files\Virtools Web Player 3.0\WebPlayer.ocx CODEBASE = http://a532.g.akamai.net/f/532/6712/4h/player.virtools.com/downloads/player/Install3.0/Installer.exe [Shockwave Flash Object] InProcServer32 = C:\WINDOWS\system32\Macromed\Flash\Flash8a.ocx CODEBASE = http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab [Solitaire Showdown Class] InProcServer32 = C:\WINDOWS\Downloaded Program Files\solitaireshowdown.dll CODEBASE = http://messenger.zone.msn.com/binary/SolitaireShowdown.cab31267.cab -------------------------------------------------- Enumerating Winsock LSP files: NameSpace #4: C:\WINDOWS\system32\wshbth.dll -------------------------------------------------- Enumerating Windows NT/2000/XP services Windows Audio: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart) AVG Anti-Spyware Guard: C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe (autostart) BlueSoleil Hid Service: C:\Program Files\bluetooth\BTNtService.exe (autostart) Computer Browser: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart) Bluetooth Support Service: %SystemRoot%\system32\svchost.exe -k bthsvcs (autostart) Services voor cryptografie: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart) DCOM Server Process Launcher: %SystemRoot%\system32\svchost -k DcomLaunch (autostart) DHCP Client: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart) DNS Client: %SystemRoot%\system32\svchost.exe -k NetworkService (autostart) Service voor het rapporteren van fouten: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart) Event Log: %SystemRoot%\system32\services.exe (autostart) Fax: %systemroot%\system32\fxssvc.exe (autostart) Help en ondersteuning: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart) Server: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart) Workstation: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart) TCP/IP NetBIOS Helper: %SystemRoot%\system32\svchost.exe -k LocalService (autostart) McAfee WSC Integration: c:\program files\mcafee.com\agent\mcdetect.exe (autostart) McAfee.com McShield: c:\PROGRA~1\mcafee.com\vso\mcshield.exe (autostart) McAfee Task Scheduler: c:\PROGRA~1\mcafee.com\agent\mctskshd.exe (autostart) McAfee Personal Firewall Service: C:\PROGRA~1\McAfee.com\PERSON~1\MPFSERVICE.exe (autostart) Plug and Play: %SystemRoot%\system32\services.exe (autostart) IPSEC-services: %SystemRoot%\system32\lsass.exe (autostart) Protected Storage: %SystemRoot%\system32\lsass.exe (autostart) Remote Procedure Call (RPC): %SystemRoot%\system32\svchost -k rpcss (autostart) Security Accounts Manager: %SystemRoot%\system32\lsass.exe (autostart) Task Scheduler: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart) Secdrv: system32\DRIVERS\secdrv.sys (autostart) Secondary Logon: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart) System Event Notification: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart) Windows Firewall (WF) / Internet-verbinding delen (ICS): %SystemRoot%\system32\svchost.exe -k netsvcs (autostart) Shell Hardware Detection: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart) Print Spooler: %SystemRoot%\system32\spoolsv.exe (autostart) System Restore-service: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart) Windows Image Acquisition (WIA): %SystemRoot%\system32\svchost.exe -k imgsvc (autostart) Webroot Spy Sweeper Engine: C:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe (autostart) Thema's: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart) Distributed Link Tracking Client: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart) Windows User Mode Driver Framework: C:\WINDOWS\system32\wdfmgr.exe (autostart) Windows Time: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart) WebClient: %SystemRoot%\system32\svchost.exe -k LocalService (autostart) Windows Defender Service: "C:\Program Files\Windows Defender\MsMpEng.exe" (autostart) Windows Management Instrumentation: %systemroot%\system32\svchost.exe -k netsvcs (autostart) Security Center: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart) Automatische updates: %systemroot%\system32\svchost.exe -k netsvcs (autostart) Wireless Zero Configuration-service: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart) -------------------------------------------------- Enumerating ShellServiceObjectDelayLoad items: PostBootReminder: C:\WINDOWS\system32\SHELL32.dll CDBurn: C:\WINDOWS\system32\SHELL32.dll WebCheck: C:\WINDOWS\system32\webcheck.dll SysTray: C:\WINDOWS\system32\stobject.dll -------------------------------------------------- End of report, 15.298 bytes Report generated in 0,141 seconds Command line options: /verbose - to add additional info on each section /complete - to include empty sections and unsuspicious data /full - to include several rarely-important sections /force9x - to include Win9x-only startups even if running on WinNT /forcent - to include WinNT-only startups even if running on Win9x /forceall - to include all Win9x and WinNT startups, regardless of platform /history - to list version history only

Beantwoord deze vraag

Weet jij het antwoord op deze vraag? Registreer of meld je aan met je account

Dit is een gearchiveerde pagina. Antwoorden is niet meer mogelijk.