Vraag & Antwoord

Beveiliging & privacy

msn hijackthis

8 antwoorden
  • Maat van me zich ook door msn-virus laten vangen. Klikte ergens op en verstuurt nu zelf te pas en te onpas spam. Heb hem beloofd dat ik hulp kon vinden. Logfile of HijackThis v1.99.1 Scan saved at 21:32:44, on 27/11/2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Common Files\Symantec Shared\ccProxy.exe C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe C:\Program Files\Norton Internet Security\ISSVC.exe C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\CTsvcCDA.exe C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe C:\WINDOWS\system32\nvsvc32.exe C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\MsPMSPSv.exe C:\WINDOWS\system32\CTHELPER.EXE C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\QuickTime\qttask.exe C:\Program Files\Logitech\Video\LogiTray.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\Program Files\Common Files\Symantec Shared\ccApp.exe C:\program files\seekmo\seekmo.exe C:\Documents and Settings\Melis\Bureaublad\winstall.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe C:\Program Files\Messenger\msmsgs.exe C:\WINDOWS\system32\YMBOLS~1\javaw.exe C:\WINDOWS\system32\LVComS.exe C:\Program Files\Wireless LAN Utility\SiWake.exe C:\PROGRA~1\MOZILL~1\FIREFOX.EXE C:\Program Files\Xfire\Xfire.exe C:\Program Files\MSN Messenger\msnmsgr.exe C:\Program Files\MSN Messenger\msrr.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Common Files\{08EB1559-07CB-1043-0110-030218040020}\Update.exe C:\Documents and Settings\Melis\Mijn documenten\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.be/0SENLBE/SAOS01?FORM=TOOLBR R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen R3 - URLSearchHook: (no name) - {DFB873EC-CD0A-A8D3-7E06-BD896B5562BA} - C:\WINDOWS\system32\lnq.dll R3 - URLSearchHook: (no name) - _{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file) O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx O2 - BHO: Seekmo Search Assistant Helper /fleok=1D8A83A5C7E5177E9EA4612A1FBB39BFE4976E26CAEDDA7E587C4F213BC3CA - {5929CD6E-2062-44a4-B2C5-2C7E78FBAB38} - c:\program files\seekmo\seekmohook.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Norton Internet Security - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll O2 - BHO: 888Bar - {C004DEC2-2623-438e-9CA2-C9043AB28508} - C:\PROGRA~1\COMMON~1\{38EB1~2\888Bar.dll O2 - BHO: (no name) - {DFB873EC-CD0A-A8D3-7E06-BD896B5562BA} - C:\WINDOWS\system32\lnq.dll O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O3 - Toolbar: Norton Internet Security - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll O3 - Toolbar: Seekmo Toolbar - {53E0B6E8-A51D-448B-B692-40B67B285543} - C:\Program Files\Seekmo Programs\Seekmo Toolbar\SeekmoTB.dll O3 - Toolbar: 888Bar - {C004DEC2-2623-438e-9CA2-C9043AB28508} - C:\PROGRA~1\COMMON~1\{38EB1~2\888Bar.dll O4 - HKLM\..\Run: [EnvyHFCPL] C:\Program Files\Audio Deck\EnMixCPL.exe O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE O4 - HKLM\..\Run: [Jet Detection] "C:\Program Files\Creative\SBLive\PROGRAM\ADGJDet.exe" O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe" O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer O4 - HKLM\..\Run: [seekmo] "c:\program files\seekmo\seekmo.exe" O4 - HKLM\..\Run: [explorer] C:\Documents and Settings\Melis\Bureaublad\winstall.exe O4 - HKLM\..\Run: [IpWins] C:\Program Files\ipwins\ipwins.exe O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [Oese] "C:\WINDOWS\system32\YMBOLS~1\javaw.exe" -vt yazb O4 - HKCU\..\Run: [Lmfv] C:\Documents and Settings\Melis\Application Data\F?nts\?hkntfs.exe O4 - Startup: ubisoft register.lnk = C:\Program Files\Ubi Soft\Register\schedule.exe O4 - Startup: Xfire.lnk = C:\Program Files\Xfire\Xfire.exe O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE O4 - Global Startup: SiWake.lnk = C:\Program Files\Wireless LAN Utility\SiWake.exe O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm O8 - Extra context menu item: Openen in een nieuwe achtergrondtab - res://C:\Program Files\Windows Live Toolbar\Components\nl-be\msntabres.dll.mui/229?f97eab37279847f4afa33f3140009ce8 O8 - Extra context menu item: Openen in een nieuwe voorgrondtab - res://C:\Program Files\Windows Live Toolbar\Components\nl-be\msntabres.dll.mui/230?f97eab37279847f4afa33f3140009ce8 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://frette10.spaces.live.com//PhotoUpload/MsnPUpld.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1156780652433 O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab O16 - DPF: {E055C02E-6258-40FF-80A7-3BDA52FACAD7} (Installer Class) - http://activex.matcash.com/speedtest2.dll O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab31267.cab O18 - Protocol: bw+0 - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw+0s - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw-0 - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw-0s - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw00 - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw00s - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw10 - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw10s - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw20 - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw20s - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw30 - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw30s - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw40 - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw40s - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw50 - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw50s - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw60 - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw60s - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw70 - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw70s - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw80 - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw80s - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw90 - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw90s - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwa0 - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwa0s - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwb0 - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwb0s - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwc0 - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwc0s - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwd0 - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwd0s - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwe0 - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwe0s - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwf0 - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwf0s - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll O18 - Protocol: bwg0 - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwg0s - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwh0 - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwh0s - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwi0 - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwi0s - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwj0 - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwj0s - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwk0 - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwk0s - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwl0 - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwl0s - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwm0 - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwm0s - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwn0 - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwn0s - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwo0 - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwo0s - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwp0 - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwp0s - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwq0 - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwq0s - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwr0 - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwr0s - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bws0 - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bws0s - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwt0 - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwt0s - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwu0 - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwu0s - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwv0 - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwv0s - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bww0 - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bww0s - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwx0 - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwx0s - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwy0 - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwy0s - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwz0 - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwz0s - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: offline-8876480 - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccProxy.exe O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: ISSvc (ISSVC) - Symantec Corporation - C:\Program Files\Norton Internet Security\ISSVC.exe O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~2.EXE O23 - Service: Norton AntiVirus Auto-Protect-service (navapsvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Planner voor Automatische LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe Alvast bedankt, Guft. ;)
  • Deïnstalleer eerst MSN eens, deze bevat een worm en die kan voor herinfectie zorgen. Download [url=http://www.downloads.subratam.org/KillBox.exe]Killbox[/url].([url=http://www.atribune.org/downloads/KillBox.exe]alternatieve download[/url]) Klik op killbox.exe. Kies de optie: "[b:8dcfb6bd23]Delete on reboot[/b:8dcfb6bd23]". [b:8dcfb6bd23]Kopieer[/b:8dcfb6bd23] het volgende vetgedrukt deel: [b:8dcfb6bd23]C:\Program Files\Common Files\{08EB1559-07CB-1043-0110-030218040020}\Update.exe c:\program files\seekmo\seekmohook.dll C:\WINDOWS\system32\lnq.dll C:\Program Files\Seekmo Programs\Seekmo Toolbar\SeekmoTB.dll C:\PROGRA~1\COMMON~1\{38EB1~2\888Bar.dll c:\program files\seekmo\seekmo.exe" C:\Documents and Settings\Melis\Bureaublad\winstall.exe C:\Program Files\ipwins\ipwins.exe[/b:8dcfb6bd23] Open [b:8dcfb6bd23]'file'[/b:8dcfb6bd23] in het killboxmenu bovenaan en kies: [b:8dcfb6bd23]Paste from clipboard[/b:8dcfb6bd23] Je zal zien, het bovenstaande vetgedrukte zal staan in het "Full Path of File to Delete"-veld. Er is een klein pijltje naast dat veld. Als je daarop klikt zal je al die bovenstaande lijntjes (indien bestanden aanwezig) die je gekopieerd hebt zien staan (dit is alvast de bedoeling) Klik op de knop: [b:8dcfb6bd23]All files[/b:8dcfb6bd23] (!Belangrijk!) Daarna, Klik op de rode cirkel met het wit kruisje erin. Killbox zal zeggen dat deze file zal verwijderd worden on reboot.. vraagt om nu te rebooten. Klik YES. Je pc moet nu rebooten. Download [url=http://download.bleepingcomputer.com/sUBs/combofix.exe][b:8dcfb6bd23]Combofix[/b:8dcfb6bd23][/url] naar je Bureaublad. Dubbelklik [b:8dcfb6bd23]Combofix.exe[/b:8dcfb6bd23] Volg de instructies, aanvaard de disclaimer door "y" of "Y" te typen. Tijdens het runnen van de fix, [b:8dcfb6bd23]NIET[/b:8dcfb6bd23] in het venster klikken, want dit zal je pc doen vasthangen. Wanneer de fix voltooid is en na herstart, zal de log [b:8dcfb6bd23]combofix.txt[/b:8dcfb6bd23] openen. Plaats deze log in je volgende post tesamen met een nieuw logje van Hijackthis. NOTA: Indien je virusscanner reageert met een melding van een scriptuitvoering, mag je dit negeren.
  • Melis - 06-11-28 21:05:47,03 Service Pack 2 ComboFix 06.11.27W - Running from: "C:\Documents and Settings\Melis\Bureaublad" (((((((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) C:\Program Files\Common Files\Yazzle1122OinAdmin.exe C:\Program Files\Common Files\Yazzle1122OinUninstaller.exe C:\Program Files\Inetget2 C:\Program Files\Ipwins C:\Program Files\Common Files\{08EB1559-07CB-1043-0110-030218040020} C:\Program Files\Common Files\{38EB1559-07CA-1043-0110-030218040020} C:\Program Files\Common Files\{38EB1559-07CB-1043-0110-030218040020} C:\Program Files\Common Files\{08EB1559-07CA-1043-0110-030218040020} ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ Purity ~ ~ ~ ~ ~ ~ ~ ~~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ Folders Quarantined: C:\QooBox\Purity\Documents and Settings\Melis\Application Data\FNTS~1 C:\QooBox\Purity\WINDOWS\system32\YMBOLS~1 C:\QooBox\Purity\WINDOWS\system32\YMBOLS~1\javaw.exe C:\QooBox\Purity\WINDOWS\system32\YMBOLS~1\?ymbols ((((((((((((((((((((((((((((((( Files Created from 2006-10-28 to 2006-11-28 )))))))))))))))))))))))))))))))))) 2006-11-28 20:14 <DIR> d-------- C:\!KillBox 2006-11-27 16:31 2 --a------ C:\WINDOWS\system32\wcpsvit.exe 2006-11-27 12:22 <DIR> d--h----- C:\WINDOWS\PIF 2006-11-25 00:43 <DIR> d-------- C:\Program Files\Seekmo Programs 2006-11-25 00:42 <DIR> d-------- C:\Program Files\Seekmo 2006-11-21 17:51 69,632 --a------ C:\WINDOWS\system32\lfgif13n.dll 2006-11-21 17:51 57,344 --a------ C:\WINDOWS\system32\lfbmp13n.dll 2006-11-21 17:51 462,848 --a------ C:\WINDOWS\system32\ltkrn13n.dll 2006-11-21 17:51 450,560 --a------ C:\WINDOWS\system32\ltimg13n.dll 2006-11-21 17:51 401,408 --a------ C:\WINDOWS\system32\lfcmp13n.dll 2006-11-21 17:51 299,008 --a------ C:\WINDOWS\system32\ltdis13n.dll 2006-11-21 17:51 206,336 --a------ C:\WINDOWS\system32\ltefx13n.dll 2006-11-21 17:51 163,840 --a------ C:\WINDOWS\system32\ltfil13n.dll 2006-11-16 15:51 <DIR> d-------- C:\Program Files\LucasArts 2006-11-15 12:10 467,163,904 --a------ C:\WoW-1.11.0-enGB-patch.exe 2006-11-15 10:02 <DIR> d-------- C:\Program Files\MSXML 4.0 2006-11-15 10:00 <DIR> d-------- C:\World of Warcraft private (3) 2006-11-14 19:40 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\nView_Profiles 2006-11-13 21:20 <DIR> d-------- C:\Program Files\WinRAR 2006-11-13 20:34 <DIR> d-------- C:\World of Warcraft private(2) 2006-11-12 23:04 <DIR> d-------- C:\Program Files\SymNetDrv 2006-11-12 13:20 <DIR> d-------- C:\Program Files\Norton Internet Security 2006-11-12 13:19 91,904 --a------ C:\WINDOWS\system32\S32EVNT1.DLL 2006-11-12 13:19 124,016 --a------ C:\WINDOWS\system32\drivers\SYMEVENT.SYS 2006-11-12 13:19 <DIR> d-------- C:\Program Files\Symantec 2006-11-12 13:19 <DIR> d-------- C:\Documents and Settings\Melis\Application Data\Symantec 2006-11-12 13:18 <DIR> d-------- C:\Program Files\Common Files\Symantec Shared 2006-11-12 13:18 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Symantec 2006-11-12 13:03 <DIR> d-------- C:\Program Files\Guild Wars 2006-11-11 23:56 255,146,254 --a------ C:\WoW-1.8.0-enGB-patch.exe 2006-11-11 23:47 <DIR> d-------- C:\World of Warcraft private 2006-11-11 21:22 <DIR> d-------- C:\World of Warcraft 2006-11-11 17:23 <DIR> d-------- C:\Program Files\Core Design 2006-11-11 12:18 74,112 --------- C:\WINDOWS\system32\drivers\sisnpf.sys 2006-11-11 12:18 49,152 --a------ C:\WINDOWS\system32\SiSWBase.dll 2006-11-11 12:18 237,568 --a------ C:\WINDOWS\system32\SiSWPars.dll 2006-11-11 12:18 155,648 --a------ C:\WINDOWS\system32\SiSWInst.dll 2006-11-11 12:18 <DIR> d-------- C:\Program Files\SiS162u 2006-11-08 18:04 36,864 --a------ C:\WINDOWS\system32\unwlsdrv.exe 2006-11-08 18:04 155,648 --a------ C:\WINDOWS\system32\drivers\sis162u.sys 2006-11-08 18:04 <DIR> d-------- C:\Program Files\Wireless LAN Utility 2006-11-04 14:14 1,245,696 --a------ C:\WINDOWS\system32\msxml4.dll (((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))) 2006-11-28 21:07 -------- d-------- C:\Program Files\Common Files 2006-11-28 21:04 -------- d-------- C:\Program Files\Mozilla Firefox 2006-11-28 21:04 -------- d-------- C:\Documents and Settings\Melis\Application Data\Skype 2006-11-28 21:02 -------- d-------- C:\Documents and Settings\Melis\Application Data\Xfire 2006-11-27 17:40 -------- d---s---- C:\Program Files\Xfire 2006-11-26 21:51 -------- d---s---- C:\Documents and Settings\Melis\Application Data\Microsoft 2006-11-26 18:17 -------- d-------- C:\Program Files\MSN Messenger 2006-11-25 01:20 -------- d-------- C:\Program Files\Java 2006-11-16 15:51 -------- d--h----- C:\Program Files\InstallShield Installation Information 2006-11-15 10:00 -------- d-------- C:\Program Files\Internet Explorer 2006-11-12 11:14 -------- d-------- C:\Program Files\Common Files\Blizzard Entertainment 2006-11-11 18:30 -------- d-------- C:\Program Files\Common Files\Adobe 2006-11-09 21:00 -------- d-------- C:\Program Files\NovaLogic 2006-11-08 18:28 -------- d-------- C:\Program Files\Windows Live Toolbar 2006-10-30 09:01 -------- d-------- C:\Program Files\Diablo II 2006-10-30 09:00 43520 --a------ C:\WINDOWS\system32\CmdLineExt03.dll 2006-10-19 16:41 -------- d-------- C:\Program Files\Return to Castle Wolfenstein - Game of The Year Edition 2006-10-16 14:47 21840 --a------ C:\WINDOWS\system32\SIntfNT.dll 2006-10-16 14:47 17212 --a------ C:\WINDOWS\system32\SIntf32.dll 2006-10-16 14:47 12067 --a------ C:\WINDOWS\system32\SIntf16.dll 2006-10-16 11:25 94208 --a------ C:\WINDOWS\DIIUnin.exe 2006-10-16 11:25 2829 --a------ C:\WINDOWS\DIIUnin.pif 2006-10-15 14:36 -------- d-------- C:\Program Files\Ubi Soft 2006-10-15 14:31 -------- d-------- C:\Program Files\MSIDVD 2006-10-15 14:31 -------- d-------- C:\Program Files\CyberLink 2006-10-15 14:26 -------- d-------- C:\Documents and Settings\Melis\Application Data\dvdcss 2006-10-15 14:20 -------- d-------- C:\Program Files\Common Files\InstallShield 2006-10-14 22:21 -------- d-------- C:\Program Files\Call of Duty 2006-10-13 13:41 144384 --a------ C:\WINDOWS\system32\nwprovau.dll 2006-09-13 06:07 1084416 --a------ C:\WINDOWS\system32\msxml3.dll 2006-09-08 16:03 118784 -r------- C:\WINDOWS\bwUnin-7.2.0.157-8876480SL.exe 2006-09-01 11:23 81920 -r------- C:\WINDOWS\bwUnin-6.1.4.36-8876480L.exe 2006-08-28 16:57 62 --ahs---- C:\Documents and Settings\Melis\Application Data\desktop.ini 2006-08-28 16:55 24064 --a------ C:\WINDOWS\system32\IntelNic.dll 2006-08-28 16:55 12288 --a------ C:\WINDOWS\system32\e100bmsg.dll 2006-08-28 16:55 118784 --a------ C:\WINDOWS\system32\Prounstl.exe 2006-08-28 15:13 0 -rahs---- C:\MSDOS.SYS 2006-08-28 15:13 0 -rahs---- C:\IO.SYS 2006-08-28 15:13 0 --a------ C:\CONFIG.SYS 2006-08-28 15:13 0 --a------ C:\AUTOEXEC.BAT (((((((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))) *Note* empty entries are not shown [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run] "MsnMsgr"="\"C:\\Program Files\\MSN Messenger\\MsnMsgr.Exe\" /background" "Skype"="\"C:\\Program Files\\Skype\\Phone\\Skype.exe\" /nosplash /minimized" "LDM"="C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe" "MSMSGS"="\"C:\\Program Files\\Messenger\\msmsgs.exe\" /background" "Oese"="\"C:\\WINDOWS\\system32\\YMBOLS~1\\javaw.exe\" -vt yazb" "Lmfv"="C:\\Documents and Settings\\Melis\\Application Data\\F?nts\\?hkntfs.exe" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run] "EnvyHFCPL"="C:\\Program Files\\Audio Deck\\EnMixCPL.exe" "CTHelper"="CTHELPER.EXE" "UpdReg"="C:\\WINDOWS\\UpdReg.EXE" "Jet Detection"="\"C:\\Program Files\\Creative\\SBLive\\PROGRAM\\ADGJDet.exe\"" "SunJavaUpdateSched"="\"C:\\Program Files\\Java\\jre1.5.0_09\\bin\\jusched.exe\"" "iTunesHelper"="\"C:\\Program Files\\iTunes\\iTunesHelper.exe\"" "QuickTime Task"="\"C:\\Program Files\\QuickTime\\qttask.exe\" -atboottime" "LogitechVideoRepair"="C:\\Program Files\\Logitech\\Video\\ISStart.exe" "LogitechVideoTray"="C:\\Program Files\\Logitech\\Video\\LogiTray.exe" "NvCplDaemon"="RUNDLL32.EXE C:\\WINDOWS\\system32\\NvCpl.dll,NvStartup" "nwiz"="nwiz.exe /install" "NvMediaCenter"="RUNDLL32.EXE C:\\WINDOWS\\system32\\NvMcTray.dll,NvTaskbarInit" "ccApp"="\"C:\\Program Files\\Common Files\\Symantec Shared\\ccApp.exe\"" "Symantec NetDriver Monitor"="C:\\PROGRA~1\\SYMNET~1\\SNDMon.exe /Consumer" "seekmo"="\"c:\\program files\\seekmo\\seekmo.exe\"" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\IMAIL] "Installed"="1" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MAPI] "NoChange"="1" "Installed"="1" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MSFS] "Installed"="1" [HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components] "DeskHtmlVersion"=dword:00000110 "DeskHtmlMinorVersion"=dword:00000005 "Settings"=dword:00000001 "GeneralFlags"=dword:00000001 [HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components\0] "Source"="About:Home" "SubscribedURL"="About:Home" "FriendlyName"="Mijn huidige introductiepagina" "Flags"=dword:00000002 "Position"=hex:2c,00,00,00,cc,00,00,00,00,00,00,00,34,03,00,00,de,02,00,00,00,\ 00,00,00,01,00,00,00,01,00,00,00,01,00,00,00,00,00,00,00,00,00,00,00 "CurrentState"=hex:04,00,00,40 "OriginalStateInfo"=hex:18,00,00,00,ff,ff,00,00,ff,ff,00,00,ff,ff,ff,ff,ff,ff,\ ff,ff,04,00,00,00 "RestoredStateInfo"=hex:18,00,00,00,6a,02,00,00,23,00,00,00,a4,00,00,00,9a,00,\ 00,00,01,00,00,00 [HKEY_USERS\.default\software\microsoft\windows\currentversion\run] "CTFMON.EXE"="C:\\WINDOWS\\System32\\CTFMON.EXE" [HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\run] "CTFMON.EXE"="C:\\WINDOWS\\System32\\CTFMON.EXE" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\sharedtaskscheduler] "{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Preloader van browseui" "{8C7461EF-2B13-11d2-BE35-3078302C2030}"="Cache-daemon voor onderdeelcategorieën" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shellexecutehooks] "{AEB6717E-7E19-11d0-97EE-00C04FD91972}"="" [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer] "NoDriveTypeAutoRun"=dword:00000091 [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer\Run] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "dontdisplaylastusername"=dword:00000000 "legalnoticecaption"="" "legalnoticetext"="" "shutdownwithoutlogon"=dword:00000001 "undockwithoutlogon"=dword:00000001 [HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer] "NoDriveTypeAutoRun"=dword:00000091 [HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\policies\explorer] "NoDriveTypeAutoRun"=dword:00000091 [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shellserviceobjectdelayload] "PostBootReminder"="{7849596a-48ea-486e-8937-a2a3009f31a9}" "CDBurn"="{fbeb8a05-beee-4442-804e-409d6c4515e9}" "WebCheck"="{E6FB5E20-DE35-11CF-9C87-00AA005127ED}" "SysTray"="{35CEC8A3-2BE6-11D2-8773-92E220524153}" [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders] "SecurityProviders"="msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll" Contents of the 'Scheduled Tasks' folder C:\WINDOWS\tasks\Controleren op updates voor Windows Live Toolbar.job C:\WINDOWS\tasks\Norton AntiVirus - Mijn computer scannen - Melis.job Completion time: 06-11-28 21:08:19.73 C:\ComboFix.txt ... 06-11-28 21:08 Logfile of HijackThis v1.99.1 Scan saved at 21:41:10, on 28/11/2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Common Files\Symantec Shared\ccProxy.exe C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe C:\Program Files\Norton Internet Security\ISSVC.exe C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\CTsvcCDA.exe C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe C:\WINDOWS\system32\nvsvc32.exe C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\MsPMSPSv.exe C:\WINDOWS\system32\CTHELPER.EXE C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\QuickTime\qttask.exe C:\Program Files\Logitech\Video\LogiTray.exe C:\Program Files\iPod\bin\iPodService.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\Program Files\Common Files\Symantec Shared\ccApp.exe C:\program files\seekmo\seekmo.exe C:\Program Files\Skype\Phone\Skype.exe C:\WINDOWS\system32\LVComS.exe C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\Wireless LAN Utility\SiWake.exe C:\WINDOWS\notepad.exe C:\Documents and Settings\Melis\Mijn documenten\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.be/0SENLBE/SAOS01?FORM=TOOLBR R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen R3 - URLSearchHook: (no name) - {DFB873EC-CD0A-A8D3-7E06-BD896B5562BA} - C:\WINDOWS\system32\lnq.dll (file missing) R3 - URLSearchHook: (no name) - _{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file) O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Norton Internet Security - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll O2 - BHO: (no name) - {C004DEC2-2623-438e-9CA2-C9043AB28508} - (no file) O2 - BHO: (no name) - {DFB873EC-CD0A-A8D3-7E06-BD896B5562BA} - C:\WINDOWS\system32\lnq.dll (file missing) O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O3 - Toolbar: Norton Internet Security - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll O3 - Toolbar: Seekmo Toolbar - {53E0B6E8-A51D-448B-B692-40B67B285543} - C:\Program Files\Seekmo Programs\Seekmo Toolbar\SeekmoTB.dll (file missing) O4 - HKLM\..\Run: [EnvyHFCPL] C:\Program Files\Audio Deck\EnMixCPL.exe O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE O4 - HKLM\..\Run: [Jet Detection] "C:\Program Files\Creative\SBLive\PROGRAM\ADGJDet.exe" O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe" O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer O4 - HKLM\..\Run: [seekmo] "c:\program files\seekmo\seekmo.exe" O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [Oese] "C:\WINDOWS\system32\YMBOLS~1\javaw.exe" -vt yazb O4 - HKCU\..\Run: [Lmfv] C:\Documents and Settings\Melis\Application Data\F?nts\?hkntfs.exe O4 - Startup: ubisoft register.lnk = C:\Program Files\Ubi Soft\Register\schedule.exe O4 - Startup: Xfire.lnk = C:\Program Files\Xfire\Xfire.exe O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE O4 - Global Startup: SiWake.lnk = C:\Program Files\Wireless LAN Utility\SiWake.exe O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm O8 - Extra context menu item: Openen in een nieuwe achtergrondtab - res://C:\Program Files\Windows Live Toolbar\Components\nl-be\msntabres.dll.mui/229?f97eab37279847f4afa33f3140009ce8 O8 - Extra context menu item: Openen in een nieuwe voorgrondtab - res://C:\Program Files\Windows Live Toolbar\Components\nl-be\msntabres.dll.mui/230?f97eab37279847f4afa33f3140009ce8 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://frette10.spaces.live.com//PhotoUpload/MsnPUpld.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1156780652433 O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab O16 - DPF: {E055C02E-6258-40FF-80A7-3BDA52FACAD7} (Installer Class) - http://activex.matcash.com/speedtest2.dll O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab31267.cab O18 - Protocol: bw+0 - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw+0s - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw-0 - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw-0s - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw00 - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw00s - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw10 - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw10s - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw20 - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw20s - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw30 - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw30s - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw40 - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw40s - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw50 - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw50s - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw60 - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw60s - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw70 - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw70s - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw80 - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw80s - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw90 - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw90s - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwa0 - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwa0s - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwb0 - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwb0s - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwc0 - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwc0s - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwd0 - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwd0s - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwe0 - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwe0s - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwf0 - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwf0s - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll O18 - Protocol: bwg0 - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwg0s - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwh0 - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwh0s - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwi0 - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwi0s - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwj0 - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwj0s - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwk0 - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwk0s - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwl0 - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwl0s - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwm0 - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwm0s - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwn0 - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwn0s - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwo0 - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwo0s - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwp0 - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwp0s - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwq0 - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwq0s - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwr0 - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwr0s - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bws0 - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bws0s - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwt0 - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwt0s - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwu0 - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwu0s - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwv0 - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwv0s - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bww0 - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bww0s - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwx0 - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwx0s - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwy0 - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwy0s - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwz0 - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwz0s - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: offline-8876480 - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccProxy.exe O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: ISSvc (ISSVC) - Symantec Corporation - C:\Program Files\Norton Internet Security\ISSVC.exe O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~2.EXE O23 - Service: Norton AntiVirus Auto-Protect-service (navapsvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Planner voor Automatische LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
  • Start HijackThis nog een keer, kies voor "Do a system scan only" en plaats alleen een vinkje voor de volgende regels: [b:54f95d438a]R3 - URLSearchHook: (no name) - {DFB873EC-CD0A-A8D3-7E06-BD896B5562BA} - C:\WINDOWS\system32\lnq.dll (file missing) R3 - URLSearchHook: (no name) - _{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file) O2 - BHO: (no name) - {C004DEC2-2623-438e-9CA2-C9043AB28508} - (no file) O2 - BHO: (no name) - {DFB873EC-CD0A-A8D3-7E06-BD896B5562BA} - C:\WINDOWS\system32\lnq.dll (file missing) O3 - Toolbar: Seekmo Toolbar - {53E0B6E8-A51D-448B-B692-40B67B285543} - C:\Program Files\Seekmo Programs\Seekmo Toolbar\SeekmoTB.dll (file missing) O4 - HKLM\..\Run: [seekmo] "c:\program files\seekmo\seekmo.exe" O4 - HKCU\..\Run: [Oese] "C:\WINDOWS\system32\YMBOLS~1\javaw.exe" -vt yazb O4 - HKCU\..\Run: [Lmfv] C:\Documents and Settings\Melis\Application Data\F?nts\?hkntfs.exe O16 - DPF: {E055C02E-6258-40FF-80A7-3BDA52FACAD7} (Installer Class) - http://activex.matcash.com/speedtest2.dll [/b:54f95d438a] Sluit alle open vensters(behalve HijackThis), klik daarna op "Fix checked" en sluit HijackThis af. Download [url=http://www.atribune.org/ccount/click.php?id=1]ATF cleaner[/url] (gemaakt door Atribune) Dubbelklik op ATF cleaner om het programma te starten. Op het tabblad "Main", plaats je een vinkje bij [b:54f95d438a]Select All[/b:54f95d438a]. Klik op de knop [b:54f95d438a]Empty Selected[/b:54f95d438a]. Gebruik je ook Firefox als browser: Klik op tabblad "Firefox", plaats een vinkje bij [b:54f95d438a]Select All[/b:54f95d438a]. Wil je de door Firefox opgeslagen wachtwoorden behouden, dan klik je in het venster dat verschijnt op "No". (dit haalt het vinkje weer weg bij "Firefox saved passwords") Klik op de knop [b:54f95d438a]Empty Selected[/b:54f95d438a]. Gebruik je ook Opera als browser: Klik op tabblad "Opera", plaats een vinkje bij [b:54f95d438a]Select All[/b:54f95d438a]. Wil je de door Opera opgeslagen wachtwoorden behouden, dan klik je in het venster dat verschijnt op "No". Klik op de knop [b:54f95d438a]Empty Selected[/b:54f95d438a]. Ga naar het tabblad "Main" en klik op de knop [b:54f95d438a]Exit[/b:54f95d438a] om het programma af te sluiten Download en installeer [url=http://www.ewido.net/en/download/][color=blue:54f95d438a][b:54f95d438a]AVG Anti-Spyware[/b:54f95d438a][/color:54f95d438a][/url]. Na de installatie, open je AVG Anti-Spyware: Bij "[b:54f95d438a]Status[/b:54f95d438a]", klik op [b:54f95d438a]Change state[/b:54f95d438a] naast "Resident shield". (wijzig van active naar [b:54f95d438a]inactive[/b:54f95d438a]!) Bij "[b:54f95d438a]Update[/b:54f95d438a]", klik op de [b:54f95d438a]Start update[/b:54f95d438a] knop. Onder "[b:54f95d438a]Scanner[/b:54f95d438a]", tab "Settings": Onder "How to act?", klik op "[u:54f95d438a]Recommended actions[/u:54f95d438a]" en selecteer [b:54f95d438a]Quarantine[/b:54f95d438a]. ([b:54f95d438a]ZEER BELANGRIJK![/b:54f95d438a]) Bij "Reports", selecteer [b:54f95d438a]Automatically generate report after every scan[/b:54f95d438a] en [u:54f95d438a]verwijder[/u:54f95d438a] het vinkje bij [b:54f95d438a]Only if threats were found[/b:54f95d438a]. Klik op [b:54f95d438a]Scan[/b:54f95d438a] en kies [b:54f95d438a]Complete System Scan[/b:54f95d438a]. Na afloop van de scan, klik je op [b:54f95d438a]Apply All Actions[/b:54f95d438a]. Wanneer je de melding krijgt "All actions have been applied", klik je onderaan op de knop [b:54f95d438a]Save Report[/b:54f95d438a]. Klik in het menu bovenaan op [b:54f95d438a]Reports[/b:54f95d438a]. Kopieer het rapport van de scan en plaats dat hier in je volgende bericht. Post ook een nieuw logje van HijackThis ;)
  • --------------------------------------------------------- AVG Anti-Spyware - Scan Report --------------------------------------------------------- + Created at: 22:41:26 30/11/2006 + Scan result: C:\System Volume Information\_restore{80E27343-A525-405F-A2C6-EB20FD702F6F}\RP69\A0012566.exe -> Adware.180Solutions : Cleaned with backup (quarantined). HKLM\SOFTWARE\Classes\ClientAX.ClientInstaller -> Adware.180Solutions : Cleaned with backup (quarantined). HKLM\SOFTWARE\Classes\ClientAX.ClientInstaller.1 -> Adware.180Solutions : Cleaned with backup (quarantined). HKLM\SOFTWARE\Classes\ClientAX.ClientInstaller\CLSID -> Adware.180Solutions : Cleaned with backup (quarantined). HKLM\SOFTWARE\Classes\ClientAX.ClientInstaller\CurVer -> Adware.180Solutions : Cleaned with backup (quarantined). C:\System Volume Information\_restore{80E27343-A525-405F-A2C6-EB20FD702F6F}\RP72\A0014026.exe -> Adware.ClickSpring : Cleaned with backup (quarantined). HKU\S-1-5-21-789336058-343818398-725345543-1004\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{5929CD6E-2062-44A4-B2C5-2C7E78FBAB38} -> Adware.Generic : Cleaned with backup (quarantined). C:\!KillBox\ipwins.exe -> Adware.Maxifiles : Cleaned with backup (quarantined). C:\System Volume Information\_restore{80E27343-A525-405F-A2C6-EB20FD702F6F}\RP72\A0014010.exe -> Adware.Maxifiles : Cleaned with backup (quarantined). C:\!KillBox\lnq.dll -> Adware.PurityScan : Cleaned with backup (quarantined). C:\System Volume Information\_restore{80E27343-A525-405F-A2C6-EB20FD702F6F}\RP70\A0012769.exe -> Adware.PurityScan : Cleaned with backup (quarantined). C:\System Volume Information\_restore{80E27343-A525-405F-A2C6-EB20FD702F6F}\RP70\A0012775.exe -> Adware.PurityScan : Cleaned with backup (quarantined). C:\System Volume Information\_restore{80E27343-A525-405F-A2C6-EB20FD702F6F}\RP71\A0012801.exe -> Adware.PurityScan : Cleaned with backup (quarantined). C:\System Volume Information\_restore{80E27343-A525-405F-A2C6-EB20FD702F6F}\RP72\A0014006.dll -> Adware.PurityScan : Cleaned with backup (quarantined). C:\System Volume Information\_restore{80E27343-A525-405F-A2C6-EB20FD702F6F}\RP72\A0014009.exe -> Adware.PurityScan : Cleaned with backup (quarantined). C:\System Volume Information\_restore{80E27343-A525-405F-A2C6-EB20FD702F6F}\RP73\A0014208.exe -> Adware.PurityScan : Cleaned with backup (quarantined). C:\!KillBox\Update.exe -> Adware.Softomate : Cleaned with backup (quarantined). C:\System Volume Information\_restore{80E27343-A525-405F-A2C6-EB20FD702F6F}\RP70\A0012762.dll -> Adware.Softomate : Cleaned with backup (quarantined). C:\System Volume Information\_restore{80E27343-A525-405F-A2C6-EB20FD702F6F}\RP70\A0012763.exe -> Adware.Softomate : Cleaned with backup (quarantined). C:\System Volume Information\_restore{80E27343-A525-405F-A2C6-EB20FD702F6F}\RP70\A0012764.dll -> Adware.Softomate : Cleaned with backup (quarantined). C:\System Volume Information\_restore{80E27343-A525-405F-A2C6-EB20FD702F6F}\RP70\A0012765.exe -> Adware.Softomate : Cleaned with backup (quarantined). C:\System Volume Information\_restore{80E27343-A525-405F-A2C6-EB20FD702F6F}\RP70\A0012766.dll -> Adware.Softomate : Cleaned with backup (quarantined). C:\System Volume Information\_restore{80E27343-A525-405F-A2C6-EB20FD702F6F}\RP70\A0012767.exe -> Adware.Softomate : Cleaned with backup (quarantined). C:\System Volume Information\_restore{80E27343-A525-405F-A2C6-EB20FD702F6F}\RP70\A0012771.dll -> Adware.Softomate : Cleaned with backup (quarantined). C:\System Volume Information\_restore{80E27343-A525-405F-A2C6-EB20FD702F6F}\RP70\A0012772.exe -> Adware.Softomate : Cleaned with backup (quarantined). C:\System Volume Information\_restore{80E27343-A525-405F-A2C6-EB20FD702F6F}\RP70\A0012773.dll -> Adware.Softomate : Cleaned with backup (quarantined). C:\System Volume Information\_restore{80E27343-A525-405F-A2C6-EB20FD702F6F}\RP70\A0012774.exe -> Adware.Softomate : Cleaned with backup (quarantined). C:\System Volume Information\_restore{80E27343-A525-405F-A2C6-EB20FD702F6F}\RP71\A0012798.dll -> Adware.Softomate : Cleaned with backup (quarantined). C:\System Volume Information\_restore{80E27343-A525-405F-A2C6-EB20FD702F6F}\RP71\A0012799.exe -> Adware.Softomate : Cleaned with backup (quarantined). C:\System Volume Information\_restore{80E27343-A525-405F-A2C6-EB20FD702F6F}\RP71\A0013788.dll -> Adware.Softomate : Cleaned with backup (quarantined). C:\System Volume Information\_restore{80E27343-A525-405F-A2C6-EB20FD702F6F}\RP71\A0013789.exe -> Adware.Softomate : Cleaned with backup (quarantined). C:\System Volume Information\_restore{80E27343-A525-405F-A2C6-EB20FD702F6F}\RP71\A0013790.dll -> Adware.Softomate : Cleaned with backup (quarantined). C:\System Volume Information\_restore{80E27343-A525-405F-A2C6-EB20FD702F6F}\RP71\A0013791.exe -> Adware.Softomate : Cleaned with backup (quarantined). C:\System Volume Information\_restore{80E27343-A525-405F-A2C6-EB20FD702F6F}\RP71\A0013792.dll -> Adware.Softomate : Cleaned with backup (quarantined). C:\System Volume Information\_restore{80E27343-A525-405F-A2C6-EB20FD702F6F}\RP71\A0013793.exe -> Adware.Softomate : Cleaned with backup (quarantined). C:\System Volume Information\_restore{80E27343-A525-405F-A2C6-EB20FD702F6F}\RP71\A0013794.dll -> Adware.Softomate : Cleaned with backup (quarantined). C:\System Volume Information\_restore{80E27343-A525-405F-A2C6-EB20FD702F6F}\RP71\A0013795.exe -> Adware.Softomate : Cleaned with backup (quarantined). C:\System Volume Information\_restore{80E27343-A525-405F-A2C6-EB20FD702F6F}\RP71\A0013878.dll -> Adware.Softomate : Cleaned with backup (quarantined). C:\System Volume Information\_restore{80E27343-A525-405F-A2C6-EB20FD702F6F}\RP71\A0013879.exe -> Adware.Softomate : Cleaned with backup (quarantined). C:\System Volume Information\_restore{80E27343-A525-405F-A2C6-EB20FD702F6F}\RP71\A0013880.dll -> Adware.Softomate : Cleaned with backup (quarantined). C:\System Volume Information\_restore{80E27343-A525-405F-A2C6-EB20FD702F6F}\RP71\A0013881.exe -> Adware.Softomate : Cleaned with backup (quarantined). C:\System Volume Information\_restore{80E27343-A525-405F-A2C6-EB20FD702F6F}\RP71\A0013898.dll -> Adware.Softomate : Cleaned with backup (quarantined). C:\System Volume Information\_restore{80E27343-A525-405F-A2C6-EB20FD702F6F}\RP71\A0013899.exe -> Adware.Softomate : Cleaned with backup (quarantined). C:\System Volume Information\_restore{80E27343-A525-405F-A2C6-EB20FD702F6F}\RP71\A0013900.dll -> Adware.Softomate : Cleaned with backup (quarantined). C:\System Volume Information\_restore{80E27343-A525-405F-A2C6-EB20FD702F6F}\RP71\A0013901.exe -> Adware.Softomate : Cleaned with backup (quarantined). C:\System Volume Information\_restore{80E27343-A525-405F-A2C6-EB20FD702F6F}\RP71\A0013911.dll -> Adware.Softomate : Cleaned with backup (quarantined). C:\System Volume Information\_restore{80E27343-A525-405F-A2C6-EB20FD702F6F}\RP71\A0013912.exe -> Adware.Softomate : Cleaned with backup (quarantined). C:\System Volume Information\_restore{80E27343-A525-405F-A2C6-EB20FD702F6F}\RP71\A0013913.dll -> Adware.Softomate : Cleaned with backup (quarantined). C:\System Volume Information\_restore{80E27343-A525-405F-A2C6-EB20FD702F6F}\RP71\A0013914.exe -> Adware.Softomate : Cleaned with backup (quarantined). C:\System Volume Information\_restore{80E27343-A525-405F-A2C6-EB20FD702F6F}\RP72\A0014004.exe -> Adware.Softomate : Cleaned with backup (quarantined). C:\System Volume Information\_restore{80E27343-A525-405F-A2C6-EB20FD702F6F}\RP72\A0014029.dll -> Adware.Softomate : Cleaned with backup (quarantined). C:\System Volume Information\_restore{80E27343-A525-405F-A2C6-EB20FD702F6F}\RP72\A0014034.dll -> Adware.Softomate : Cleaned with backup (quarantined). C:\System Volume Information\_restore{80E27343-A525-405F-A2C6-EB20FD702F6F}\RP72\A0014035.exe -> Adware.Softomate : Cleaned with backup (quarantined). HKLM\SOFTWARE\Classes\ClientAX.RequiredComponent -> Adware.Zango : Cleaned with backup (quarantined). HKLM\SOFTWARE\Classes\ClientAX.RequiredComponent.1 -> Adware.Zango : Cleaned with backup (quarantined). HKLM\SOFTWARE\Classes\ClientAX.RequiredComponent\CLSID -> Adware.Zango : Cleaned with backup (quarantined). HKLM\SOFTWARE\Classes\ClientAX.RequiredComponent\CurVer -> Adware.Zango : Cleaned with backup (quarantined). C:\System Volume Information\_restore{80E27343-A525-405F-A2C6-EB20FD702F6F}\RP70\A0012761.pif -> Backdoor.Agent.aim : Cleaned with backup (quarantined). C:\System Volume Information\_restore{80E27343-A525-405F-A2C6-EB20FD702F6F}\RP72\A0014099.exe -> Backdoor.Agent.aim : Cleaned with backup (quarantined). C:\Documents and Settings\Melis\Bureaublad\mcnew.exe -> Downloader.Agent.bca : Cleaned with backup (quarantined). C:\System Volume Information\_restore{80E27343-A525-405F-A2C6-EB20FD702F6F}\RP70\A0012770.exe -> Downloader.Agent.bca : Cleaned with backup (quarantined). C:\System Volume Information\_restore{80E27343-A525-405F-A2C6-EB20FD702F6F}\RP71\A0012800.exe -> Downloader.Agent.bca : Cleaned with backup (quarantined). C:\System Volume Information\_restore{80E27343-A525-405F-A2C6-EB20FD702F6F}\RP71\A0013796.exe -> Downloader.Agent.bca : Cleaned with backup (quarantined). C:\System Volume Information\_restore{80E27343-A525-405F-A2C6-EB20FD702F6F}\RP71\A0013860.exe -> Downloader.Agent.bca : Cleaned with backup (quarantined). C:\QooBox\Purity\WINDOWS\system32\YMBOLS~1\javaw.exe -> Downloader.PurityScan.dr : Cleaned with backup (quarantined). C:\System Volume Information\_restore{80E27343-A525-405F-A2C6-EB20FD702F6F}\RP72\A0014025.exe -> Dropper.Small : Cleaned with backup (quarantined). C:\Documents and Settings\Melis\Mijn documenten\backups\backup-20061130-214614-330.dll -> Not-A-Virus.Downloader.Win32.InsTool.a : Cleaned with backup (quarantined). :mozilla.629:C:\Documents and Settings\Melis\Application Data\Mozilla\Firefox\Profiles\a4teztpb.default\cookies.txt -> TrackingCookie.247realmedia : Cleaned. :mozilla.33:C:\Documents and Settings\Melis\Application Data\Mozilla\Firefox\Profiles\a4teztpb.default\cookies.txt -> TrackingCookie.2o7 : Cleaned. :mozilla.34:C:\Documents and Settings\Melis\Application Data\Mozilla\Firefox\Profiles\a4teztpb.default\cookies.txt -> TrackingCookie.2o7 : Cleaned. :mozilla.35:C:\Documents and Settings\Melis\Application Data\Mozilla\Firefox\Profiles\a4teztpb.default\cookies.txt -> TrackingCookie.2o7 : Cleaned. :mozilla.558:C:\Documents and Settings\Melis\Application Data\Mozilla\Firefox\Profiles\a4teztpb.default\cookies.txt -> TrackingCookie.2o7 : Cleaned. :mozilla.592:C:\Documents and Settings\Melis\Application Data\Mozilla\Firefox\Profiles\a4teztpb.default\cookies.txt -> TrackingCookie.2o7 : Cleaned. :mozilla.108:C:\Documents and Settings\Melis\Application Data\Mozilla\Firefox\Profiles\a4teztpb.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned. :mozilla.109:C:\Documents and Settings\Melis\Application Data\Mozilla\Firefox\Profiles\a4teztpb.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned. :mozilla.639:C:\Documents and Settings\Melis\Application Data\Mozilla\Firefox\Profiles\a4teztpb.default\cookies.txt -> TrackingCookie.Adjuggler : Cleaned. :mozilla.640:C:\Documents and Settings\Melis\Application Data\Mozilla\Firefox\Profiles\a4teztpb.default\cookies.txt -> TrackingCookie.Adjuggler : Cleaned. :mozilla.643:C:\Documents and Settings\Melis\Application Data\Mozilla\Firefox\Profiles\a4teztpb.default\cookies.txt -> TrackingCookie.Adjuggler : Cleaned. :mozilla.644:C:\Documents and Settings\Melis\Application Data\Mozilla\Firefox\Profiles\a4teztpb.default\cookies.txt -> TrackingCookie.Adjuggler : Cleaned. :mozilla.218:C:\Documents and Settings\Melis\Application Data\Mozilla\Firefox\Profiles\a4teztpb.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned. :mozilla.224:C:\Documents and Settings\Melis\Application Data\Mozilla\Firefox\Profiles\a4teztpb.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned. :mozilla.225:C:\Documents and Settings\Melis\Application Data\Mozilla\Firefox\Profiles\a4teztpb.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned. :mozilla.227:C:\Documents and Settings\Melis\Application Data\Mozilla\Firefox\Profiles\a4teztpb.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned. :mozilla.229:C:\Documents and Settings\Melis\Application Data\Mozilla\Firefox\Profiles\a4teztpb.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned. :mozilla.230:C:\Documents and Settings\Melis\Application Data\Mozilla\Firefox\Profiles\a4teztpb.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned. :mozilla.438:C:\Documents and Settings\Melis\Application Data\Mozilla\Firefox\Profiles\a4teztpb.default\cookies.txt -> TrackingCookie.Adtech : Cleaned. :mozilla.439:C:\Documents and Settings\Melis\Application Data\Mozilla\Firefox\Profiles\a4teztpb.default\cookies.txt -> TrackingCookie.Adtech : Cleaned. :mozilla.142:C:\Documents and Settings\Melis\Application Data\Mozilla\Firefox\Profiles\a4teztpb.default\cookies.txt -> TrackingCookie.Advertising : Cleaned. :mozilla.143:C:\Documents and Settings\Melis\Application Data\Mozilla\Firefox\Profiles\a4teztpb.default\cookies.txt -> TrackingCookie.Advertising : Cleaned. :mozilla.144:C:\Documents and Settings\Melis\Application Data\Mozilla\Firefox\Profiles\a4teztpb.default\cookies.txt -> TrackingCookie.Advertising : Cleaned. :mozilla.145:C:\Documents and Settings\Melis\Application Data\Mozilla\Firefox\Profiles\a4teztpb.default\cookies.txt -> TrackingCookie.Advertising : Cleaned. :mozilla.146:C:\Documents and Settings\Melis\Application Data\Mozilla\Firefox\Profiles\a4teztpb.default\cookies.txt -> TrackingCookie.Advertising : Cleaned. :mozilla.138:C:\Documents and Settings\Melis\Application Data\Mozilla\Firefox\Profiles\a4teztpb.default\cookies.txt -> TrackingCookie.Atdmt : Cleaned. :mozilla.299:C:\Documents and Settings\Melis\Application Data\Mozilla\Firefox\Profiles\a4teztpb.default\cookies.txt -> TrackingCookie.Bluestreak : Cleaned. :mozilla.226:C:\Documents and Settings\Melis\Application Data\Mozilla\Firefox\Profiles\a4teztpb.default\cookies.txt -> TrackingCookie.Burstnet : Cleaned. :mozilla.228:C:\Documents and Settings\Melis\Application Data\Mozilla\Firefox\Profiles\a4teztpb.default\cookies.txt -> TrackingCookie.Burstnet : Cleaned. :mozilla.73:C:\Documents and Settings\Melis\Application Data\Mozilla\Firefox\Profiles\a4teztpb.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned. :mozilla.614:C:\Documents and Settings\Melis\Application Data\Mozilla\Firefox\Profiles\a4teztpb.default\cookies.txt -> TrackingCookie.Clickzs : Cleaned. :mozilla.615:C:\Documents and Settings\Melis\Application Data\Mozilla\Firefox\Profiles\a4teztpb.default\cookies.txt -> TrackingCookie.Clickzs : Cleaned. :mozilla.384:C:\Documents and Settings\Melis\Application Data\Mozilla\Firefox\Profiles\a4teztpb.default\cookies.txt -> TrackingCookie.Com : Cleaned. :mozilla.683:C:\Documents and Settings\Melis\Application Data\Mozilla\Firefox\Profiles\a4teztpb.default\cookies.txt -> TrackingCookie.Coremetrics : Cleaned. :mozilla.90:C:\Documents and Settings\Melis\Application Data\Mozilla\Firefox\Profiles\a4teztpb.default\cookies.txt -> TrackingCookie.Doubleclick : Cleaned. :mozilla.516:C:\Documents and Settings\Melis\Application Data\Mozilla\Firefox\Profiles\a4teztpb.default\cookies.txt -> TrackingCookie.Euroclick : Cleaned. :mozilla.221:C:\Documents and Settings\Melis\Application Data\Mozilla\Firefox\Profiles\a4teztpb.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned. :mozilla.222:C:\Documents and Settings\Melis\Application Data\Mozilla\Firefox\Profiles\a4teztpb.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned. :mozilla.357:C:\Documents and Settings\Melis\Application Data\Mozilla\Firefox\Profiles\a4teztpb.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned. :mozilla.485:C:\Documents and Settings\Melis\Application Data\Mozilla\Firefox\Profiles\a4teztpb.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned. :mozilla.95:C:\Documents and Settings\Melis\Application Data\Mozilla\Firefox\Profiles\a4teztpb.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned. :mozilla.130:C:\Documents and Settings\Melis\Application Data\Mozilla\Firefox\Profiles\a4teztpb.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned. :mozilla.131:C:\Documents and Settings\Melis\Application Data\Mozilla\Firefox\Profiles\a4teztpb.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned. :mozilla.132:C:\Documents and Settings\Melis\Application Data\Mozilla\Firefox\Profiles\a4teztpb.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned. :mozilla.463:C:\Documents and Settings\Melis\Application Data\Mozilla\Firefox\Profiles\a4teztpb.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned. :mozilla.464:C:\Documents and Settings\Melis\Application Data\Mozilla\Firefox\Profiles\a4teztpb.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned. :mozilla.509:C:\Documents and Settings\Melis\Application Data\Mozilla\Firefox\Profiles\a4teztpb.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned. :mozilla.605:C:\Documents and Settings\Melis\Application Data\Mozilla\Firefox\Profiles\a4teztpb.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned. :mozilla.451:C:\Documents and Settings\Melis\Application Data\Mozilla\Firefox\Profiles\a4teztpb.default\cookies.txt -> TrackingCookie.Hotlog : Cleaned. :mozilla.368:C:\Documents and Settings\Melis\Application Data\Mozilla\Firefox\Profiles\a4teztpb.default\cookies.txt -> TrackingCookie.Mediaplex : Cleaned. :mozilla.597:C:\Documents and Settings\Melis\Application Data\Mozilla\Firefox\Profiles\a4teztpb.default\cookies.txt -> TrackingCookie.Onestat : Cleaned. :mozilla.598:C:\Documents and Settings\Melis\Application Data\Mozilla\Firefox\Profiles\a4teztpb.default\cookies.txt -> TrackingCookie.Onestat : Cleaned. :mozilla.217:C:\Documents and Settings\Melis\Application Data\Mozilla\Firefox\Profiles\a4teztpb.default\cookies.txt -> TrackingCookie.Overture : Cleaned. :mozilla.660:C:\Documents and Settings\Melis\Application Data\Mozilla\Firefox\Profiles\a4teztpb.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned. :mozilla.661:C:\Documents and Settings\Melis\Application Data\Mozilla\Firefox\Profiles\a4teztpb.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned. :mozilla.662:C:\Documents and Settings\Melis\Application Data\Mozilla\Firefox\Profiles\a4teztpb.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned. :mozilla.663:C:\Documents and Settings\Melis\Application Data\Mozilla\Firefox\Profiles\a4teztpb.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned. :mozilla.472:C:\Documents and Settings\Melis\Application Data\Mozilla\Firefox\Profiles\a4teztpb.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned. :mozilla.473:C:\Documents and Settings\Melis\Application Data\Mozilla\Firefox\Profiles\a4teztpb.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned. :mozilla.72:C:\Documents and Settings\Melis\Application Data\Mozilla\Firefox\Profiles\a4teztpb.default\cookies.txt -> TrackingCookie.Revenue : Cleaned. :mozilla.474:C:\Documents and Settings\Melis\Application Data\Mozilla\Firefox\Profiles\a4teztpb.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned. :mozilla.475:C:\Documents and Settings\Melis\Application Data\Mozilla\Firefox\Profiles\a4teztpb.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned. :mozilla.476:C:\Documents and Settings\Melis\Application Data\Mozilla\Firefox\Profiles\a4teztpb.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned. :mozilla.477:C:\Documents and Settings\Melis\Application Data\Mozilla\Firefox\Profiles\a4teztpb.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned. :mozilla.478:C:\Documents and Settings\Melis\Application Data\Mozilla\Firefox\Profiles\a4teztpb.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned. :mozilla.479:C:\Documents and Settings\Melis\Application Data\Mozilla\Firefox\Profiles\a4teztpb.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned. :mozilla.480:C:\Documents and Settings\Melis\Application Data\Mozilla\Firefox\Profiles\a4teztpb.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned. :mozilla.648:C:\Documents and Settings\Melis\Application Data\Mozilla\Firefox\Profiles\a4teztpb.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned. :mozilla.649:C:\Documents and Settings\Melis\Application Data\Mozilla\Firefox\Profiles\a4teztpb.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned. :mozilla.159:C:\Documents and Settings\Melis\Application Data\Mozilla\Firefox\Profiles\a4teztpb.default\cookies.txt -> TrackingCookie.Sitestat : Cleaned. :mozilla.160:C:\Documents and Settings\Melis\Application Data\Mozilla\Firefox\Profiles\a4teztpb.default\cookies.txt -> TrackingCookie.Sitestat : Cleaned. :mozilla.654:C:\Documents and Settings\Melis\Application Data\Mozilla\Firefox\Profiles\a4teztpb.default\cookies.txt -> TrackingCookie.Sitestat : Cleaned. :mozilla.655:C:\Documents and Settings\Melis\Application Data\Mozilla\Firefox\Profiles\a4teztpb.default\cookies.txt -> TrackingCookie.Sitestat : Cleaned. :mozilla.168:C:\Documents and Settings\Melis\Application Data\Mozilla\Firefox\Profiles\a4teztpb.default\cookies.txt -> TrackingCookie.Smartadserver : Cleaned. :mozilla.169:C:\Documents and Settings\Melis\Application Data\Mozilla\Firefox\Profiles\a4teztpb.default\cookies.txt -> TrackingCookie.Smartadserver : Cleaned. :mozilla.170:C:\Documents and Settings\Melis\Application Data\Mozilla\Firefox\Profiles\a4teztpb.default\cookies.txt -> TrackingCookie.Smartadserver : Cleaned. :mozilla.172:C:\Documents and Settings\Melis\Application Data\Mozilla\Firefox\Profiles\a4teztpb.default\cookies.txt -> TrackingCookie.Smartadserver : Cleaned. :mozilla.453:C:\Documents and Settings\Melis\Application Data\Mozilla\Firefox\Profiles\a4teztpb.default\cookies.txt -> TrackingCookie.Spylog : Cleaned. :mozilla.566:C:\Documents and Settings\Melis\Application Data\Mozilla\Firefox\Profiles\a4teztpb.default\cookies.txt -> TrackingCookie.Starware : Cleaned. :mozilla.567:C:\Documents and Settings\Melis\Application Data\Mozilla\Firefox\Profiles\a4teztpb.default\cookies.txt -> TrackingCookie.Starware : Cleaned. :mozilla.568:C:\Documents and Settings\Melis\Application Data\Mozilla\Firefox\Profiles\a4teztpb.default\cookies.txt -> TrackingCookie.Starware : Cleaned. :mozilla.199:C:\Documents and Settings\Melis\Application Data\Mozilla\Firefox\Profiles\a4teztpb.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned. :mozilla.200:C:\Documents and Settings\Melis\Application Data\Mozilla\Firefox\Profiles\a4teztpb.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned. :mozilla.201:C:\Documents and Settings\Melis\Application Data\Mozilla\Firefox\Profiles\a4teztpb.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned. :mozilla.202:C:\Documents and Settings\Melis\Application Data\Mozilla\Firefox\Profiles\a4teztpb.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned. :mozilla.203:C:\Documents and Settings\Melis\Application Data\Mozilla\Firefox\Profiles\a4teztpb.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned. :mozilla.204:C:\Documents and Settings\Melis\Application Data\Mozilla\Firefox\Profiles\a4teztpb.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned. :mozilla.205:C:\Documents and Settings\Melis\Application Data\Mozilla\Firefox\Profiles\a4teztpb.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned. :mozilla.206:C:\Documents and Settings\Melis\Application Data\Mozilla\Firefox\Profiles\a4teztpb.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned. :mozilla.342:C:\Documents and Settings\Melis\Application Data\Mozilla\Firefox\Profiles\a4teztpb.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned. :mozilla.343:C:\Documents and Settings\Melis\Application Data\Mozilla\Firefox\Profiles\a4teztpb.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned. :mozilla.180:C:\Documents and Settings\Melis\Application Data\Mozilla\Firefox\Profiles\a4teztpb.default\cookies.txt -> TrackingCookie.Targetnet : Cleaned. :mozilla.181:C:\Documents and Settings\Melis\Application Data\Mozilla\Firefox\Profiles\a4teztpb.default\cookies.txt -> TrackingCookie.Targetnet : Cleaned. :mozilla.106:C:\Documents and Settings\Melis\Application Data\Mozilla\Firefox\Profiles\a4teztpb.default\cookies.txt -> TrackingCookie.Texttbnru : Cleaned. :mozilla.122:C:\Documents and Settings\Melis\Application Data\Mozilla\Firefox\Profiles\a4teztpb.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned. :mozilla.123:C:\Documents and Settings\Melis\Application Data\Mozilla\Firefox\Profiles\a4teztpb.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned. :mozilla.404:C:\Documents and Settings\Melis\Application Data\Mozilla\Firefox\Profiles\a4teztpb.default\cookies.txt -> TrackingCookie.Trafic : Cleaned. :mozilla.124:C:\Documents and Settings\Melis\Application Data\Mozilla\Firefox\Profiles\a4teztpb.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned. :mozilla.559:C:\Documents and Settings\Melis\Application Data\Mozilla\Firefox\Profiles\a4teztpb.default\cookies.txt -> TrackingCookie.Valueclick : Cleaned. :mozilla.560:C:\Documents and Settings\Melis\Application Data\Mozilla\Firefox\Profiles\a4teztpb.default\cookies.txt -> TrackingCookie.Valueclick : Cleaned. :mozilla.616:C:\Documents and Settings\Melis\Application Data\Mozilla\Firefox\Profiles\a4teztpb.default\cookies.txt -> TrackingCookie.Web-stat : Cleaned. :mozilla.617:C:\Documents and Settings\Melis\Application Data\Mozilla\Firefox\Profiles\a4teztpb.default\cookies.txt -> TrackingCookie.Web-stat : Cleaned. :mozilla.248:C:\Documents and Settings\Melis\Application Data\Mozilla\Firefox\Profiles\a4teztpb.default\cookies.txt -> TrackingCookie.Webtrendslive : Cleaned. :mozilla.250:C:\Documents and Settings\Melis\Application Data\Mozilla\Firefox\Profiles\a4teztpb.default\cookies.txt -> TrackingCookie.Webtrendslive : Cleaned. :mozilla.104:C:\Documents and Settings\Melis\Application Data\Mozilla\Firefox\Profiles\a4teztpb.default\cookies.txt -> TrackingCookie.Yadro : Cleaned. :mozilla.187:C:\Documents and Settings\Melis\Application Data\Mozilla\Firefox\Profiles\a4teztpb.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned. :mozilla.188:C:\Documents and Settings\Melis\Application Data\Mozilla\Firefox\Profiles\a4teztpb.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned. :mozilla.189:C:\Documents and Settings\Melis\Application Data\Mozilla\Firefox\Profiles\a4teztpb.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned. :mozilla.190:C:\Documents and Settings\Melis\Application Data\Mozilla\Firefox\Profiles\a4teztpb.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned. :mozilla.191:C:\Documents and Settings\Melis\Application Data\Mozilla\Firefox\Profiles\a4teztpb.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned. :mozilla.192:C:\Documents and Settings\Melis\Application Data\Mozilla\Firefox\Profiles\a4teztpb.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned. :mozilla.467:C:\Documents and Settings\Melis\Application Data\Mozilla\Firefox\Profiles\a4teztpb.default\cookies.txt -> TrackingCookie.Zedo : Cleaned. :mozilla.468:C:\Documents and Settings\Melis\Application Data\Mozilla\Firefox\Profiles\a4teztpb.default\cookies.txt -> TrackingCookie.Zedo : Cleaned. :mozilla.469:C:\Documents and Settings\Melis\Application Data\Mozilla\Firefox\Profiles\a4teztpb.default\cookies.txt -> TrackingCookie.Zedo : Cleaned. :mozilla.470:C:\Documents and Settings\Melis\Application Data\Mozilla\Firefox\Profiles\a4teztpb.default\cookies.txt -> TrackingCookie.Zedo : Cleaned. C:\System Volume Information\_restore{80E27343-A525-405F-A2C6-EB20FD702F6F}\RP71\A0013927.exe -> Trojan.Small : Cleaned with backup (quarantined). C:\WINDOWS\system32\wcpsvit.exe -> Trojan.Small : Cleaned with backup (quarantined). ::Report end Logfile of HijackThis v1.99.1 Scan saved at 18:24:20, on 2/12/2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Common Files\Symantec Shared\ccProxy.exe C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe C:\Program Files\Norton Internet Security\ISSVC.exe C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe C:\WINDOWS\system32\CTsvcCDA.exe C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe C:\WINDOWS\system32\nvsvc32.exe C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\MsPMSPSv.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\CTHELPER.EXE C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Logitech\Video\LogiTray.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\Program Files\Common Files\Symantec Shared\ccApp.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe C:\Program Files\Skype\Phone\Skype.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\Wireless LAN Utility\SiWake.exe C:\WINDOWS\system32\LVComS.exe C:\Program Files\Microsoft Office\Office\WINWORD.EXE C:\WINDOWS\msagent\AgentSvr.exe C:\Documents and Settings\Melis\Mijn documenten\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.be/0SENLBE/SAOS01?FORM=TOOLBR R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Norton Internet Security - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O3 - Toolbar: Norton Internet Security - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll O4 - HKLM\..\Run: [EnvyHFCPL] C:\Program Files\Audio Deck\EnMixCPL.exe O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE O4 - HKLM\..\Run: [Jet Detection] "C:\Program Files\Creative\SBLive\PROGRAM\ADGJDet.exe" O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe" O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - Startup: ubisoft register.lnk = C:\Program Files\Ubi Soft\Register\schedule.exe O4 - Startup: Xfire.lnk = C:\Program Files\Xfire\Xfire.exe O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE O4 - Global Startup: SiWake.lnk = C:\Program Files\Wireless LAN Utility\SiWake.exe O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm O8 - Extra context menu item: Openen in een nieuwe achtergrondtab - res://C:\Program Files\Windows Live Toolbar\Components\nl-be\msntabres.dll.mui/229?f97eab37279847f4afa33f3140009ce8 O8 - Extra context menu item: Openen in een nieuwe voorgrondtab - res://C:\Program Files\Windows Live Toolbar\Components\nl-be\msntabres.dll.mui/230?f97eab37279847f4afa33f3140009ce8 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://frette10.spaces.live.com//PhotoUpload/MsnPUpld.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1156780652433 O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab31267.cab O18 - Protocol: bw+0 - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw+0s - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw-0 - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw-0s - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw00 - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw00s - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw10 - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw10s - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw20 - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw20s - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw30 - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw30s - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw40 - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw40s - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw50 - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw50s - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw60 - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw60s - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw70 - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw70s - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw80 - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw80s - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw90 - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw90s - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwa0 - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwa0s - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwb0 - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwb0s - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwc0 - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwc0s - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwd0 - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwd0s - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwe0 - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwe0s - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwf0 - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwf0s - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll O18 - Protocol: bwg0 - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwg0s - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwh0 - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwh0s - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwi0 - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwi0s - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwj0 - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwj0s - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwk0 - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwk0s - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwl0 - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwl0s - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwm0 - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwm0s - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwn0 - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwn0s - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwo0 - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwo0s - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwp0 - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwp0s - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwq0 - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwq0s - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwr0 - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwr0s - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bws0 - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bws0s - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwt0 - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwt0s - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwu0 - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwu0s - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwv0 - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwv0s - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bww0 - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bww0s - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwx0 - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwx0s - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwy0 - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwy0s - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwz0 - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwz0s - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: offline-8876480 - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccProxy.exe O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: ISSvc (ISSVC) - Symantec Corporation - C:\Program Files\Norton Internet Security\ISSVC.exe O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~2.EXE O23 - Service: Norton AntiVirus Auto-Protect-service (navapsvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Planner voor Automatische LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
  • De volgende mappen mag je nog wel even verwijderen: C:\[b:48c548db2e]!Killbox[/b:48c548db2e]\ C:\[b:48c548db2e]QooBox[/b:48c548db2e]\ Maak dan je prullenbak leeg. Doe ook dit nog even: Schakel Systeemherstel uit. Herstart de computer. Schakel Systeemherstel weer in. [url=http://users.pandora.be/marcvn/spyware/1852808.htm]Kijk hier hoe je je systeemherstel moet uitschakelen[/url]. Hiermee verwijder je eventuele restanten van de infecties uit je systeemherstel. Dan zou alles weet ok moeten zijn ;) Groeten smeenk
  • Bedankt voor de hulp weeral. ;)
  • Graag gedaan hoor guft :)

Beantwoord deze vraag

Weet jij het antwoord op deze vraag? Registreer of meld je aan met je account

Dit is een gearchiveerde pagina. Antwoorden is niet meer mogelijk.