Vraag & Antwoord

Beveiliging & privacy

problemen

Anoniem
chimpie
10 antwoorden
 • hai, mijn pc vertoond vreemde kuren: mijn bureaubladachtergrond verschijnt direct na het opstarten maar zodra alle pictogrammen te zien zij is het bureaublad ineens grijs, mijn toetsenbord valt uit, evenals mijn muis. verdachte dingen nietwaar? iemand enig idee hoe dit kan komen? onlangs geinstalleerde programma's zijn live messenger en google earth.. verder geen gekke dingen gedaan, en alle scanners (mcafee, adaware, defender) vinden niets.. bvd dennis!
 • dat kan verschillende oorzaak hebben, met een HJT logje zie ik meer.

  wil je die hier downloaden en hier een hijackthislogje plaatsen aub.

  J :wink:
 • tuurlijk komt 'ie!


  Logfile of HijackThis v1.99.1
  Scan saved at 18:54:19, on 9-11-2006
  Platform: Windows XP SP2 (WinNT 5.01.2600)
  MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

  Running processes:
  C:\WINDOWS\System32\smss.exe
  C:\WINDOWS\system32\winlogon.exe
  C:\WINDOWS\system32\services.exe
  C:\WINDOWS\system32\lsass.exe
  C:\WINDOWS\system32\svchost.exe
  C:\Program Files\Windows Defender\MsMpEng.exe
  C:\WINDOWS\System32\svchost.exe
  C:\WINDOWS\system32\spoolsv.exe
  C:\WINDOWS\Explorer.EXE
  C:\Program Files\Dell Photo AIO Printer 922\dlbtbmgr.exe
  C:\WINDOWS\system32\rundll32.exe
  C:\WINDOWS\system32\LVCOMSX.EXE
  C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
  C:\WINDOWS\system32\hkcmd.exe
  C:\WINDOWS\system32\igfxpers.exe
  C:\Program Files\Analog Devices\Core\smax4pnp.exe
  C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe
  C:\Program Files\QuickTime\qttask.exe
  C:\PROGRA~1\mcafee.com\agent\mcagent.exe
  C:\Program Files\Dell Photo AIO Printer 922\dlbtbmon.exe
  C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe
  C:\Program Files\McAfee.com\VSO\mcvsshld.exe
  C:\Program Files\McAfee.com\VSO\oasclnt.exe
  C:\Program Files\Windows Defender\MSASCui.exe
  C:\PROGRA~1\MEDIAK~1\MagicKey.exe
  C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE
  C:\Program Files\MSN Messenger\msnmsgr.exe
  C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe
  C:\PROGRA~1\MEDIAK~1\OSD.exe
  C:\Program Files\bluetooth\BlueSoleil.exe
  c:\progra~1\mcafee.com\vso\mcvsescn.exe
  C:\Program Files\bluetooth\BTNtService.exe
  c:\program files\mcafee.com\agent\mcdetect.exe
  c:\PROGRA~1\mcafee.com\vso\mcshield.exe
  c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
  C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe
  C:\PROGRA~1\COMMON~1\Nokia\MPAPI\MPAPI3s.exe
  C:\PROGRA~1\McAfee.com\PERSON~1\MPFSERVICE.exe
  C:\PROGRA~1\McAfee.com\PERSON~1\MpfAgent.exe
  C:\WINDOWS\system32\svchost.exe
  C:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe
  c:\progra~1\mcafee.com\vso\mcvsftsn.exe
  C:\Program Files\Messenger\msmsgs.exe
  C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe
  C:\WINDOWS\system32\igfxsrvc.exe
  C:\WINDOWS\system32\svchost.exe
  C:\Program Files\Mozilla Firefox\firefox.exe
  C:\DOCUME~1\DENNIS~1\LOCALS~1\Temp\Tijdelijke map 3 voor hijackthis.zip\HijackThis.exe

  R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.euro.dell.com/
  R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.nl
  R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.nl/
  R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.euro.dell.com/
  R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.nl
  R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.nl
  R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
  O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
  O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
  O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
  O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:\progra~1\mcafee.com\vso\mcvsshl.dll
  O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Dell\Media Experience\PCMService.exe"
  O4 - HKLM\..\Run: [Dell Photo AIO Printer 922] "C:\Program Files\Dell Photo AIO Printer 922\dlbtbmgr.exe"
  O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
  O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
  O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
  O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
  O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
  O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
  O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
  O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe"
  O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
  O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe
  O4 - HKLM\..\Run: [MCUpdateExe] c:\PROGRA~1\mcafee.com\agent\mcupdate.exe
  O4 - HKLM\..\Run: [MPFExe] C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe
  O4 - HKLM\..\Run: [VSOCheckTask] "C:\PROGRA~1\McAfee.com\VSO\mcmnhdlr.exe" /checktask
  O4 - HKLM\..\Run: [VirusScan Online] C:\Program Files\McAfee.com\VSO\mcvsshld.exe
  O4 - HKLM\..\Run: [OASClnt] C:\Program Files\McAfee.com\VSO\oasclnt.exe
  O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
  O4 - HKLM\..\Run: [MagicKey] C:\PROGRA~1\MEDIAK~1\MagicKey.exe
  O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE -startup
  O4 - HKLM\..\Run: [DLBTCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\DLBTtime.dll,_RunDLLEntry@16
  O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
  O4 - HKCU\..\Run: [Spyware Doctor] "C:\Program Files\Spyware Doctor\swdoctor.exe" /Q
  O4 - HKCU\..\Run: [PcSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog
  O4 - Startup: Yahoo! Widget Engine.lnk = C:\Program Files\Yahoo!\Yahoo! Widget Engine\YahooWidgetEngine.exe
  O4 - Global Startup: BlueSoleil.lnk = ?
  O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
  O4 - Global Startup: Snelstart HP Image Zone.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
  O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
  O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\npjpi150_09.dll
  O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\npjpi150_09.dll
  O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\PROGRA~1\SPYWAR~2\tools\iesdpb.dll (file missing)
  O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
  O16 - DPF: {193C772A-87BE-4B19-A7BB-445B226FE9A1} (ewidoOnlineScan Control) - http://download.ewido.net/ewidoOnlineScan.cab
  O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
  O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by108w.bay108.mail.live.com/mail/resources/MsnPUpld.cab
  O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
  O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
  O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab32846.cab
  O16 - DPF: {C4925E65-7A1E-11D2-8BB4-00A0C9CC72C3} (Virtools WebPlayer Class) - http://a532.g.akamai.net/f/532/6712/4h/player.virtools.com/downloads/player/Install3.0/Installer.exe
  O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab31267.cab
  O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
  O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
  O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxdev.dll
  O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
  O20 - Winlogon Notify: WRNotifier - C:\WINDOWS\SYSTEM32\WRLogonNTF.dll
  O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\bluetooth\BTNtService.exe
  O23 - Service: dlbt_device - Dell - C:\WINDOWS\system32\dlbtcoms.exe
  O23 - Service: McAfee WSC Integration (McDetect.exe) - McAfee, Inc - c:\program files\mcafee.com\agent\mcdetect.exe
  O23 - Service: McAfee.com McShield (McShield) - McAfee Inc. - c:\PROGRA~1\mcafee.com\vso\mcshield.exe
  O23 - Service: McAfee Task Scheduler (McTskshd.exe) - McAfee, Inc - c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
  O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe
  O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee Corporation - C:\PROGRA~1\McAfee.com\PERSON~1\MPFSERVICE.exe
  O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe
  O23 - Service: ServiceLayer - Nokia. - C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe
  O23 - Service: Webroot Spy Sweeper Engine (svcWRSSSDK) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe
 • ondanks ik niks bijzonders zie wil ik je deze scanner aanbieden.

  Download en installeer [b:0f52557194]AVG Anti-Spyware[/b:0f52557194].[list:0f52557194]
  Na de installatie, open AVG Anti-Spyware:
  * onder "[b:0f52557194]Status[/b:0f52557194]", klik op [b:0f52557194]Change state[/b:0f52557194] naast "Resident shield". (wijzig van active naar [b:0f52557194]inactive[/b:0f52557194]!)
  * onder "[b:0f52557194]Update[/b:0f52557194]", klik op de [b:0f52557194]Start update[/b:0f52557194] knop.
  * onder "[b:0f52557194]Scanner[/b:0f52557194]", tab "Settings":[list:0f52557194]- onder "How to act?", klik op "[u:0f52557194]Recommended actions[/u:0f52557194]" en selecteer [b:0f52557194]Quarantine[/b:0f52557194]. ([b:0f52557194]ZEER BELANGRIJK![/b:0f52557194])
  * onder "Reports", selecteer [b:0f52557194]Automatically generate report after every scan[/b:0f52557194] en [u:0f52557194]verwijder[/u:0f52557194] het vinkje bij [b:0f52557194]Only if threats were found[/b:0f52557194][/list:u:0f52557194]
  Sluit AVG Anti-Spyware. Laat het [b:0f52557194]nog niet[/b:0f52557194] scannen.[/list:u:0f52557194]

  Start op in veilige modus

  Start [b:0f52557194]AVG Anti-Spyware[/b:0f52557194].[list:0f52557194]* Klik op [b:0f52557194]Scan[/b:0f52557194] en kies [b:0f52557194]Complete System Scan[/b:0f52557194].
  Na de scan; volg onderstaande instructies :
 • komt ie:

  ———————————————————
  AVG Anti-Spyware - Scan Report
  ———————————————————

  + Created at: 20:36:38 9-11-2006

  + Scan result:  :mozilla.98:C:\Documents and Settings\dennis en patrice\Application Data\Mozilla\Firefox\Profiles\6vz9svo8.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
  :mozilla.99:C:\Documents and Settings\dennis en patrice\Application Data\Mozilla\Firefox\Profiles\6vz9svo8.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
  :mozilla.204:C:\Documents and Settings\dennis en patrice\Application Data\Mozilla\Firefox\Profiles\6vz9svo8.default\cookies.txt -> TrackingCookie.Addcontrol : Cleaned.
  :mozilla.239:C:\Documents and Settings\dennis en patrice\Application Data\Mozilla\Firefox\Profiles\6vz9svo8.default\cookies.txt -> TrackingCookie.Adjuggler : Cleaned.
  :mozilla.240:C:\Documents and Settings\dennis en patrice\Application Data\Mozilla\Firefox\Profiles\6vz9svo8.default\cookies.txt -> TrackingCookie.Adjuggler : Cleaned.
  :mozilla.241:C:\Documents and Settings\dennis en patrice\Application Data\Mozilla\Firefox\Profiles\6vz9svo8.default\cookies.txt -> TrackingCookie.Adjuggler : Cleaned.
  :mozilla.23:C:\Documents and Settings\dennis en patrice\Application Data\Mozilla\Firefox\Profiles\6vz9svo8.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.
  :mozilla.24:C:\Documents and Settings\dennis en patrice\Application Data\Mozilla\Firefox\Profiles\6vz9svo8.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.
  :mozilla.25:C:\Documents and Settings\dennis en patrice\Application Data\Mozilla\Firefox\Profiles\6vz9svo8.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.
  :mozilla.26:C:\Documents and Settings\dennis en patrice\Application Data\Mozilla\Firefox\Profiles\6vz9svo8.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.
  :mozilla.27:C:\Documents and Settings\dennis en patrice\Application Data\Mozilla\Firefox\Profiles\6vz9svo8.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.
  :mozilla.28:C:\Documents and Settings\dennis en patrice\Application Data\Mozilla\Firefox\Profiles\6vz9svo8.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.
  :mozilla.29:C:\Documents and Settings\dennis en patrice\Application Data\Mozilla\Firefox\Profiles\6vz9svo8.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.
  :mozilla.10:C:\Documents and Settings\dennis en patrice\Application Data\Mozilla\Firefox\Profiles\6vz9svo8.default\cookies.txt -> TrackingCookie.Onestat : Cleaned.
  :mozilla.11:C:\Documents and Settings\dennis en patrice\Application Data\Mozilla\Firefox\Profiles\6vz9svo8.default\cookies.txt -> TrackingCookie.Onestat : Cleaned.
  :mozilla.12:C:\Documents and Settings\dennis en patrice\Application Data\Mozilla\Firefox\Profiles\6vz9svo8.default\cookies.txt -> TrackingCookie.Onestat : Cleaned.
  :mozilla.6:C:\Documents and Settings\dennis en patrice\Application Data\Mozilla\Firefox\Profiles\6vz9svo8.default\cookies.txt -> TrackingCookie.Onestat : Cleaned.
  :mozilla.7:C:\Documents and Settings\dennis en patrice\Application Data\Mozilla\Firefox\Profiles\6vz9svo8.default\cookies.txt -> TrackingCookie.Onestat : Cleaned.
  :mozilla.8:C:\Documents and Settings\dennis en patrice\Application Data\Mozilla\Firefox\Profiles\6vz9svo8.default\cookies.txt -> TrackingCookie.Onestat : Cleaned.
  C:\Program Files\Spy Cleaner Gold\Backup\09_11_200502_57_25.zip/4.scl -> TrackingCookie.Onestat : Cleaned.
  C:\Program Files\Spy Cleaner Gold\Backup\09_15_200523_52_43.zip/10.scl -> TrackingCookie.Onestat : Cleaned.
  C:\Documents and Settings\dennis en patrice\Cookies\dennis en patrice@ads.planetactive[1].txt -> TrackingCookie.Planetactive : Cleaned.
  :mozilla.194:C:\Documents and Settings\dennis en patrice\Application Data\Mozilla\Firefox\Profiles\6vz9svo8.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
  :mozilla.195:C:\Documents and Settings\dennis en patrice\Application Data\Mozilla\Firefox\Profiles\6vz9svo8.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
  :mozilla.196:C:\Documents and Settings\dennis en patrice\Application Data\Mozilla\Firefox\Profiles\6vz9svo8.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
  :mozilla.197:C:\Documents and Settings\dennis en patrice\Application Data\Mozilla\Firefox\Profiles\6vz9svo8.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
  :mozilla.198:C:\Documents and Settings\dennis en patrice\Application Data\Mozilla\Firefox\Profiles\6vz9svo8.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
  :mozilla.170:C:\Documents and Settings\dennis en patrice\Application Data\Mozilla\Firefox\Profiles\6vz9svo8.default\cookies.txt -> TrackingCookie.Sitestat : Cleaned.
  :mozilla.182:C:\Documents and Settings\dennis en patrice\Application Data\Mozilla\Firefox\Profiles\6vz9svo8.default\cookies.txt -> TrackingCookie.Sitestat : Cleaned.
  :mozilla.186:C:\Documents and Settings\dennis en patrice\Application Data\Mozilla\Firefox\Profiles\6vz9svo8.default\cookies.txt -> TrackingCookie.Sitestat : Cleaned.
  :mozilla.190:C:\Documents and Settings\dennis en patrice\Application Data\Mozilla\Firefox\Profiles\6vz9svo8.default\cookies.txt -> TrackingCookie.Sitestat : Cleaned.
  :mozilla.223:C:\Documents and Settings\dennis en patrice\Application Data\Mozilla\Firefox\Profiles\6vz9svo8.default\cookies.txt -> TrackingCookie.Sitestat : Cleaned.
  :mozilla.229:C:\Documents and Settings\dennis en patrice\Application Data\Mozilla\Firefox\Profiles\6vz9svo8.default\cookies.txt -> TrackingCookie.Sitestat : Cleaned.
  :mozilla.256:C:\Documents and Settings\dennis en patrice\Application Data\Mozilla\Firefox\Profiles\6vz9svo8.default\cookies.txt -> TrackingCookie.Sitestat : Cleaned.
  :mozilla.41:C:\Documents and Settings\dennis en patrice\Application Data\Mozilla\Firefox\Profiles\6vz9svo8.default\cookies.txt -> TrackingCookie.Sitestat : Cleaned.
  :mozilla.59:C:\Documents and Settings\dennis en patrice\Application Data\Mozilla\Firefox\Profiles\6vz9svo8.default\cookies.txt -> TrackingCookie.Sitestat : Cleaned.
  :mozilla.60:C:\Documents and Settings\dennis en patrice\Application Data\Mozilla\Firefox\Profiles\6vz9svo8.default\cookies.txt -> TrackingCookie.Sitestat : Cleaned.
  :mozilla.87:C:\Documents and Settings\dennis en patrice\Application Data\Mozilla\Firefox\Profiles\6vz9svo8.default\cookies.txt -> TrackingCookie.Sitestat : Cleaned.
  :mozilla.89:C:\Documents and Settings\dennis en patrice\Application Data\Mozilla\Firefox\Profiles\6vz9svo8.default\cookies.txt -> TrackingCookie.Sitestat : Cleaned.
  :mozilla.101:C:\Documents and Settings\dennis en patrice\Application Data\Mozilla\Firefox\Profiles\6vz9svo8.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
  :mozilla.102:C:\Documents and Settings\dennis en patrice\Application Data\Mozilla\Firefox\Profiles\6vz9svo8.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
  C:\Program Files\Spy Cleaner Gold\Backup\09_15_200523_52_43.zip/17.scl -> TrackingCookie.Statcounter : Cleaned.
  :mozilla.168:C:\Documents and Settings\dennis en patrice\Application Data\Mozilla\Firefox\Profiles\6vz9svo8.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
  :mozilla.169:C:\Documents and Settings\dennis en patrice\Application Data\Mozilla\Firefox\Profiles\6vz9svo8.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.


  ::Report end
 • nog steeds niks bijzonders :-?

  Nieuw HJT logje aub.
 • komt ie:

  Logfile of HijackThis v1.99.1
  Scan saved at 0:52:02, on 11-11-2006
  Platform: Windows XP SP2 (WinNT 5.01.2600)
  MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

  Running processes:
  C:\WINDOWS\System32\smss.exe
  C:\WINDOWS\system32\winlogon.exe
  C:\WINDOWS\system32\services.exe
  C:\WINDOWS\system32\lsass.exe
  C:\WINDOWS\system32\svchost.exe
  C:\Program Files\Windows Defender\MsMpEng.exe
  C:\WINDOWS\System32\svchost.exe
  C:\WINDOWS\system32\spoolsv.exe
  C:\WINDOWS\Explorer.EXE
  C:\Program Files\Dell Photo AIO Printer 922\dlbtbmgr.exe
  C:\WINDOWS\system32\rundll32.exe
  C:\WINDOWS\system32\LVCOMSX.EXE
  C:\Program Files\Dell Photo AIO Printer 922\dlbtbmon.exe
  C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
  C:\WINDOWS\system32\hkcmd.exe
  C:\WINDOWS\system32\igfxpers.exe
  C:\Program Files\Analog Devices\Core\smax4pnp.exe
  C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe
  C:\Program Files\QuickTime\qttask.exe
  C:\PROGRA~1\mcafee.com\agent\mcagent.exe
  C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe
  C:\Program Files\McAfee.com\VSO\mcvsshld.exe
  C:\Program Files\McAfee.com\VSO\oasclnt.exe
  C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
  C:\Program Files\Windows Defender\MSASCui.exe
  C:\Program Files\bluetooth\BTNtService.exe
  C:\PROGRA~1\MEDIAK~1\MagicKey.exe
  c:\progra~1\mcafee.com\vso\mcvsescn.exe
  C:\PROGRA~1\MEDIAK~1\OSD.exe
  C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE
  c:\program files\mcafee.com\agent\mcdetect.exe
  C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
  c:\PROGRA~1\mcafee.com\vso\mcshield.exe
  C:\PROGRA~1\McAfee.com\PERSON~1\MpfAgent.exe
  C:\Program Files\MSN Messenger\msnmsgr.exe
  C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe
  C:\Program Files\bluetooth\BlueSoleil.exe
  c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
  C:\PROGRA~1\COMMON~1\Nokia\MPAPI\MPAPI3s.exe
  C:\PROGRA~1\McAfee.com\PERSON~1\MPFSERVICE.exe
  C:\WINDOWS\system32\svchost.exe
  C:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe
  C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe
  c:\progra~1\mcafee.com\vso\mcvsftsn.exe
  C:\Program Files\Messenger\msmsgs.exe
  C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe
  C:\WINDOWS\system32\svchost.exe
  C:\Program Files\Mozilla Firefox\firefox.exe
  C:\DOCUME~1\DENNIS~1\LOCALS~1\Temp\Tijdelijke map 4 voor hijackthis.zip\HijackThis.exe

  R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.euro.dell.com/
  R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.nl
  R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.nl/
  R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.euro.dell.com/
  R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.nl
  R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.nl
  R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
  O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
  O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
  O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
  O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:\progra~1\mcafee.com\vso\mcvsshl.dll
  O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Dell\Media Experience\PCMService.exe"
  O4 - HKLM\..\Run: [Dell Photo AIO Printer 922] "C:\Program Files\Dell Photo AIO Printer 922\dlbtbmgr.exe"
  O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
  O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
  O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
  O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
  O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
  O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
  O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
  O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe"
  O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
  O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe
  O4 - HKLM\..\Run: [MCUpdateExe] c:\PROGRA~1\mcafee.com\agent\mcupdate.exe
  O4 - HKLM\..\Run: [MPFExe] C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe
  O4 - HKLM\..\Run: [VSOCheckTask] "C:\PROGRA~1\McAfee.com\VSO\mcmnhdlr.exe" /checktask
  O4 - HKLM\..\Run: [VirusScan Online] C:\Program Files\McAfee.com\VSO\mcvsshld.exe
  O4 - HKLM\..\Run: [OASClnt] C:\Program Files\McAfee.com\VSO\oasclnt.exe
  O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
  O4 - HKLM\..\Run: [MagicKey] C:\PROGRA~1\MEDIAK~1\MagicKey.exe
  O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE -startup
  O4 - HKLM\..\Run: [DLBTCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\DLBTtime.dll,_RunDLLEntry@16
  O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
  O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
  O4 - HKCU\..\Run: [Spyware Doctor] "C:\Program Files\Spyware Doctor\swdoctor.exe" /Q
  O4 - HKCU\..\Run: [PcSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog
  O4 - Startup: Yahoo! Widget Engine.lnk = C:\Program Files\Yahoo!\Yahoo! Widget Engine\YahooWidgetEngine.exe
  O4 - Global Startup: BlueSoleil.lnk = ?
  O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
  O4 - Global Startup: Snelstart HP Image Zone.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
  O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
  O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\npjpi150_09.dll
  O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\npjpi150_09.dll
  O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\PROGRA~1\SPYWAR~2\tools\iesdpb.dll (file missing)
  O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
  O16 - DPF: {193C772A-87BE-4B19-A7BB-445B226FE9A1} (ewidoOnlineScan Control) - http://download.ewido.net/ewidoOnlineScan.cab
  O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
  O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by108w.bay108.mail.live.com/mail/resources/MsnPUpld.cab
  O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
  O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
  O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab32846.cab
  O16 - DPF: {C4925E65-7A1E-11D2-8BB4-00A0C9CC72C3} (Virtools WebPlayer Class) - http://a532.g.akamai.net/f/532/6712/4h/player.virtools.com/downloads/player/Install3.0/Installer.exe
  O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab31267.cab
  O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
  O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
  O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxdev.dll
  O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
  O20 - Winlogon Notify: WRNotifier - C:\WINDOWS\SYSTEM32\WRLogonNTF.dll
  O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
  O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\bluetooth\BTNtService.exe
  O23 - Service: dlbt_device - Dell - C:\WINDOWS\system32\dlbtcoms.exe
  O23 - Service: McAfee WSC Integration (McDetect.exe) - McAfee, Inc - c:\program files\mcafee.com\agent\mcdetect.exe
  O23 - Service: McAfee.com McShield (McShield) - McAfee Inc. - c:\PROGRA~1\mcafee.com\vso\mcshield.exe
  O23 - Service: McAfee Task Scheduler (McTskshd.exe) - McAfee, Inc - c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
  O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe
  O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee Corporation - C:\PROGRA~1\McAfee.com\PERSON~1\MPFSERVICE.exe
  O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe
  O23 - Service: ServiceLayer - Nokia. - C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe
  O23 - Service: Webroot Spy Sweeper Engine (svcWRSSSDK) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe
 • moet ik dit eigenlijk niet ook in veilige modus doen trouwens?
 • wat in veilige modus een HJT logje maken, nee juist niet.  Wil je eerst eens een HijackThis- StartupList logje plaatsen.
  Hierin is veel duidelijker te zien wat er allemaal wordt opgestart:

  - Open [b:fe054e0549]HijackThis[/b:fe054e0549]

  - Klik op [b:fe054e0549]"Config"[/b:fe054e0549]

  - Klik op [b:fe054e0549]"Misc Tools"[/b:fe054e0549]

  - Zet een vinkje in [b:fe054e0549]"List also minor sections (full)"[/b:fe054e0549]

  - Klik op [b:fe054e0549]"Generate StartupList log"[/b:fe054e0549]

  - Klik op [b:fe054e0549]"Ja"[/b:fe054e0549] om de log te maken

  [i:fe054e0549]Het StartupList log wordt nu weergegeven in je kladblok.[/i:fe054e0549]

  - Druk (op je toetsenbord) achtereenvolgens op [b:fe054e0549]ctrl+a[/b:fe054e0549] en [b:fe054e0549]ctrl+c[/b:fe054e0549] om de gehele tekst te selecteren en te kopieren.

  - Plaats het log hier dmv de toetsen [b:fe054e0549]ctrl+v[/b:fe054e0549] (plakken)

  bvd J

  8)
 • StartupList report, 12-11-2006, 11:23:23
  StartupList version: 1.52.2
  Started from : C:\DOCUME~1\DENNIS~1\LOCALS~1\Temp\Tijdelijke map 5 voor hijackthis.zip\HijackThis.EXE
  Detected: Windows XP SP2 (WinNT 5.01.2600)
  Detected: Internet Explorer v6.00 SP2 (6.00.2900.2180)
  * Using default options
  * Showing rarely important sections
  ==================================================

  Running processes:

  C:\WINDOWS\System32\smss.exe
  C:\WINDOWS\system32\winlogon.exe
  C:\WINDOWS\system32\services.exe
  C:\WINDOWS\system32\lsass.exe
  C:\WINDOWS\system32\svchost.exe
  C:\Program Files\Windows Defender\MsMpEng.exe
  C:\WINDOWS\System32\svchost.exe
  C:\WINDOWS\system32\spoolsv.exe
  C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
  C:\Program Files\bluetooth\BTNtService.exe
  c:\program files\mcafee.com\agent\mcdetect.exe
  c:\PROGRA~1\mcafee.com\vso\mcshield.exe
  c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
  C:\PROGRA~1\McAfee.com\PERSON~1\MPFSERVICE.exe
  C:\WINDOWS\system32\svchost.exe
  C:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe
  C:\WINDOWS\Explorer.EXE
  C:\Program Files\Dell Photo AIO Printer 922\dlbtbmgr.exe
  C:\WINDOWS\system32\rundll32.exe
  C:\Program Files\Dell Photo AIO Printer 922\dlbtbmon.exe
  C:\WINDOWS\system32\LVCOMSX.EXE
  C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
  C:\WINDOWS\system32\hkcmd.exe
  C:\WINDOWS\system32\igfxpers.exe
  C:\Program Files\Analog Devices\Core\smax4pnp.exe
  C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe
  C:\Program Files\QuickTime\qttask.exe
  C:\PROGRA~1\mcafee.com\agent\mcagent.exe
  C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe
  C:\Program Files\McAfee.com\VSO\mcvsshld.exe
  C:\Program Files\McAfee.com\VSO\oasclnt.exe
  C:\Program Files\Windows Defender\MSASCui.exe
  C:\PROGRA~1\MEDIAK~1\MagicKey.exe
  c:\progra~1\mcafee.com\vso\mcvsescn.exe
  C:\PROGRA~1\MEDIAK~1\OSD.exe
  C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE
  C:\PROGRA~1\McAfee.com\PERSON~1\MpfAgent.exe
  C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
  C:\Program Files\MSN Messenger\msnmsgr.exe
  C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe
  C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe
  C:\Program Files\bluetooth\BlueSoleil.exe
  C:\PROGRA~1\COMMON~1\Nokia\MPAPI\MPAPI3s.exe
  C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe
  c:\progra~1\mcafee.com\vso\mcvsftsn.exe
  C:\Program Files\Messenger\msmsgs.exe
  C:\WINDOWS\system32\svchost.exe
  C:\Program Files\Internet Explorer\iexplore.exe
  C:\Program Files\Mozilla Firefox\firefox.exe
  C:\DOCUME~1\DENNIS~1\LOCALS~1\Temp\Tijdelijke map 5 voor hijackthis.zip\HijackThis.exe

  ————————————————–

  Listing of startup folders:

  Shell folders Startup:
  [C:\Documents and Settings\dennis en patrice\Menu Start\Programma's\Opstarten]
  Yahoo! Widget Engine.lnk = C:\Program Files\Yahoo!\Yahoo! Widget Engine\YahooWidgetEngine.exe

  Shell folders Common Startup:
  [C:\Documents and Settings\All Users\Menu Start\Programma's\Opstarten]
  BlueSoleil.lnk = ?
  Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
  Snelstart HP Image Zone.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe

  ————————————————–

  Checking Windows NT UserInit:

  [HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
  UserInit = C:\WINDOWS\system32\userinit.exe,

  ————————————————–

  Autorun entries from Registry:
  HKLM\Software\Microsoft\Windows\CurrentVersion\Run

  PCMService = "C:\Program Files\Dell\Media Experience\PCMService.exe"
  Dell Photo AIO Printer 922 = "C:\Program Files\Dell Photo AIO Printer 922\dlbtbmgr.exe"
  BluetoothAuthenticationAgent = rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
  LVCOMSX = C:\WINDOWS\system32\LVCOMSX.EXE
  HP Software Update = C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
  igfxtray = C:\WINDOWS\system32\igfxtray.exe
  igfxhkcmd = C:\WINDOWS\system32\hkcmd.exe
  igfxpers = C:\WINDOWS\system32\igfxpers.exe
  SoundMAXPnP = C:\Program Files\Analog Devices\Core\smax4pnp.exe
  SunJavaUpdateSched = "C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe"
  QuickTime Task = "C:\Program Files\QuickTime\qttask.exe" -atboottime
  MCAgentExe = c:\PROGRA~1\mcafee.com\agent\mcagent.exe
  MCUpdateExe = c:\PROGRA~1\mcafee.com\agent\mcupdate.exe
  MPFExe = C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe
  VSOCheckTask = "C:\PROGRA~1\McAfee.com\VSO\mcmnhdlr.exe" /checktask
  VirusScan Online = C:\Program Files\McAfee.com\VSO\mcvsshld.exe
  OASClnt = C:\Program Files\McAfee.com\VSO\oasclnt.exe
  Windows Defender = "C:\Program Files\Windows Defender\MSASCui.exe" -hide
  MagicKey = C:\PROGRA~1\MEDIAK~1\MagicKey.exe
  PCSuiteTrayApplication = C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE -startup

  ————————————————–

  Autorun entries from Registry:
  HKCU\Software\Microsoft\Windows\CurrentVersion\Run

  msnmsgr = "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
  Spyware Doctor = "C:\Program Files\Spyware Doctor\swdoctor.exe" /Q
  PcSync = C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog

  ————————————————–

  Enumerating Active Setup stub paths:
  HKLM\Software\Microsoft\Active Setup\Installed Components
  (* = disabled by HKCU twin)

  [>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}]
  StubPath = C:\WINDOWS\inf\unregmp2.exe /ShowWMP

  [>{26923b43-4d38-484f-9b9e-de460746276c}] *
  StubPath = %systemroot%\system32\shmgrate.exe OCInstallUserConfigIE

  [>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}] *
  StubPath = %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE

  [{2C7339CF-2B09-4501-B3F3-F3508C9228ED}] *
  StubPath = %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll

  [{44BBA840-CC51-11CF-AAFA-00AA00B6015C}] *
  StubPath = "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install

  [{7790769C-0471-11d2-AF11-00C04FA35D02}] *
  StubPath = "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install

  [{89820200-ECBD-11cf-8B85-00AA005B4340}] *
  StubPath = regsvr32.exe /s /n /i:U shell32.dll

  [{89820200-ECBD-11cf-8B85-00AA005B4383}] *
  StubPath = %SystemRoot%\system32\ie4uinit.exe

  [{89B4C1CD-B018-4511-B0A1-5476DBF70820}] *
  StubPath = C:\WINDOWS\system32\Rundll32.exe C:\WINDOWS\system32\mscories.dll,Install

  ————————————————–

  Shell & screensaver key from C:\WINDOWS\SYSTEM.INI:

  Shell=*INI section not found*
  SCRNSAVE.EXE=*INI section not found*
  drivers=*INI section not found*

  Shell & screensaver key from Registry:

  Shell=Explorer.exe
  SCRNSAVE.EXE=C:\WINDOWS\system32\SSTEXT3D.SCR
  drivers=*Registry value not found*

  Policies Shell key:

  HKCU\..\Policies: Shell=*Registry value not found*
  HKLM\..\Policies: Shell=*Registry value not found*

  ————————————————–

  Checking for EXPLORER.EXE instances:

  C:\WINDOWS\Explorer.exe: PRESENT!

  C:\Explorer.exe: not present
  C:\WINDOWS\Explorer\Explorer.exe: not present
  C:\WINDOWS\System\Explorer.exe: not present
  C:\WINDOWS\System32\Explorer.exe: not present
  C:\WINDOWS\Command\Explorer.exe: not present
  C:\WINDOWS\Fonts\Explorer.exe: not present

  ————————————————–

  Checking for superhidden extensions:

  .lnk: HIDDEN! (arrow overlay: yes)
  .pif: HIDDEN! (arrow overlay: yes)
  .exe: not hidden
  .com: not hidden
  .bat: not hidden
  .hta: not hidden
  .scr: not hidden
  .shs: HIDDEN!
  .shb: HIDDEN!
  .vbs: not hidden
  .vbe: not hidden
  .wsh: not hidden
  .scf: HIDDEN! (arrow overlay: NO!)
  .url: HIDDEN! (arrow overlay: yes)
  .js: not hidden
  .jse: not hidden

  ————————————————–

  Enumerating Browser Helper Objects:

  (no name) - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}
  (no name) - C:\PROGRA~1\SPYBOT~1\SDHelper.dll - {53707962-6F74-2D53-2644-206D7942484F}
  (no name) - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43}

  ————————————————–

  Enumerating Task Scheduler jobs:

  MP Scheduled Scan.job

  ————————————————–

  Enumerating Download Program Files:

  [MessengerStatsClient Class]
  InProcServer32 = C:\WINDOWS\Downloaded Program Files\MessengerStatsPAClient.dll
  CODEBASE = http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab

  [Shockwave ActiveX Control]
  InProcServer32 = C:\WINDOWS\system32\macromed\Director\SwDir.dll
  CODEBASE = http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab

  [ewidoOnlineScan Control]
  InProcServer32 = C:\WINDOWS\DOWNLO~1\EWIDOO~1.DLL
  CODEBASE = http://download.ewido.net/ewidoOnlineScan.cab

  [Minesweeper Flags Class]
  InProcServer32 = C:\WINDOWS\Downloaded Program Files\minesweeper.dll
  CODEBASE = http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab

  [Office Update Installation Engine]
  InProcServer32 = C:\WINDOWS\opuc.dll
  CODEBASE = http://office.microsoft.com/officeupdate/content/opuc2.cab

  [MSN Photo Upload Tool]
  InProcServer32 = C:\WINDOWS\Downloaded Program Files\MsnPUpld.dll
  CODEBASE = http://by108w.bay108.mail.live.com/mail/resources/MsnPUpld.cab

  [MessengerStatsClient Class]
  InProcServer32 = C:\WINDOWS\Downloaded Program Files\messengerstatsclient.dll
  CODEBASE = http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab

  [MsnMessengerSetupDownloadControl Class]
  InProcServer32 = C:\WINDOWS\Downloaded Program Files\MsnMessengerSetupDownloader.ocx
  CODEBASE = http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab

  [ZoneIntro Class]
  InProcServer32 = C:\WINDOWS\Downloaded Program Files\ZIntro.ocx
  CODEBASE = http://messenger.zone.msn.com/binary/ZIntro.cab32846.cab

  [Virtools WebPlayer Class]
  InProcServer32 = C:\Program Files\Virtools Web Player 3.0\WebPlayer.ocx
  CODEBASE = http://a532.g.akamai.net/f/532/6712/4h/player.virtools.com/downloads/player/Install3.0/Installer.exe

  [Shockwave Flash Object]
  InProcServer32 = C:\WINDOWS\system32\Macromed\Flash\Flash8a.ocx
  CODEBASE = http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab

  [Solitaire Showdown Class]
  InProcServer32 = C:\WINDOWS\Downloaded Program Files\solitaireshowdown.dll
  CODEBASE = http://messenger.zone.msn.com/binary/SolitaireShowdown.cab31267.cab

  ————————————————–

  Enumerating Winsock LSP files:

  NameSpace #4: C:\WINDOWS\system32\wshbth.dll

  ————————————————–

  Enumerating Windows NT/2000/XP services

  Windows Audio: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
  AVG Anti-Spyware Guard: C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe (autostart)
  BlueSoleil Hid Service: C:\Program Files\bluetooth\BTNtService.exe (autostart)
  Computer Browser: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart)
  Bluetooth Support Service: %SystemRoot%\system32\svchost.exe -k bthsvcs (autostart)
  Services voor cryptografie: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart)
  DCOM Server Process Launcher: %SystemRoot%\system32\svchost -k DcomLaunch (autostart)
  DHCP Client: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart)
  DNS Client: %SystemRoot%\system32\svchost.exe -k NetworkService (autostart)
  Service voor het rapporteren van fouten: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
  Event Log: %SystemRoot%\system32\services.exe (autostart)
  Fax: %systemroot%\system32\fxssvc.exe (autostart)
  Help en ondersteuning: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
  Server: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart)
  Workstation: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart)
  TCP/IP NetBIOS Helper: %SystemRoot%\system32\svchost.exe -k LocalService (autostart)
  McAfee WSC Integration: c:\program files\mcafee.com\agent\mcdetect.exe (autostart)
  McAfee.com McShield: c:\PROGRA~1\mcafee.com\vso\mcshield.exe (autostart)
  McAfee Task Scheduler: c:\PROGRA~1\mcafee.com\agent\mctskshd.exe (autostart)
  McAfee Personal Firewall Service: C:\PROGRA~1\McAfee.com\PERSON~1\MPFSERVICE.exe (autostart)
  Plug and Play: %SystemRoot%\system32\services.exe (autostart)
  IPSEC-services: %SystemRoot%\system32\lsass.exe (autostart)
  Protected Storage: %SystemRoot%\system32\lsass.exe (autostart)
  Remote Procedure Call (RPC): %SystemRoot%\system32\svchost -k rpcss (autostart)
  Security Accounts Manager: %SystemRoot%\system32\lsass.exe (autostart)
  Task Scheduler: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
  Secdrv: system32\DRIVERS\secdrv.sys (autostart)
  Secondary Logon: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
  System Event Notification: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart)
  Windows Firewall (WF) / Internet-verbinding delen (ICS): %SystemRoot%\system32\svchost.exe -k netsvcs (autostart)
  Shell Hardware Detection: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
  Print Spooler: %SystemRoot%\system32\spoolsv.exe (autostart)
  System Restore-service: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart)
  Windows Image Acquisition (WIA): %SystemRoot%\system32\svchost.exe -k imgsvc (autostart)
  Webroot Spy Sweeper Engine: C:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe (autostart)
  Thema's: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
  Distributed Link Tracking Client: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart)
  Windows User Mode Driver Framework: C:\WINDOWS\system32\wdfmgr.exe (autostart)
  Windows Time: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart)
  WebClient: %SystemRoot%\system32\svchost.exe -k LocalService (autostart)
  Windows Defender Service: "C:\Program Files\Windows Defender\MsMpEng.exe" (autostart)
  Windows Management Instrumentation: %systemroot%\system32\svchost.exe -k netsvcs (autostart)
  Security Center: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
  Automatische updates: %systemroot%\system32\svchost.exe -k netsvcs (autostart)
  Wireless Zero Configuration-service: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)


  ————————————————–

  Enumerating ShellServiceObjectDelayLoad items:

  PostBootReminder: C:\WINDOWS\system32\SHELL32.dll
  CDBurn: C:\WINDOWS\system32\SHELL32.dll
  WebCheck: C:\WINDOWS\system32\webcheck.dll
  SysTray: C:\WINDOWS\system32\stobject.dll

  ————————————————–
  End of report, 15.298 bytes
  Report generated in 0,141 seconds

  Command line options:
  /verbose - to add additional info on each section
  /complete - to include empty sections and unsuspicious data
  /full - to include several rarely-important sections
  /force9x - to include Win9x-only startups even if running on WinNT
  /forcent - to include WinNT-only startups even if running on Win9x
  /forceall - to include all Win9x and WinNT startups, regardless of platform
  /history - to list version history only

Beantwoord deze vraag

Dit is een gearchiveerde pagina. Antwoorden is niet meer mogelijk.