Vraag & Antwoord
msn hijackthis
8 antwoorden
- Maat van me zich ook door msn-virus laten vangen. Klikte ergens op en verstuurt nu zelf te pas en te onpas spam. Heb hem beloofd dat ik hulp kon vinden.
Logfile of HijackThis v1.99.1
Scan saved at 21:32:44, on 27/11/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Norton Internet Security\ISSVC.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\CTsvcCDA.exe
C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\MsPMSPSv.exe
C:\WINDOWS\system32\CTHELPER.EXE
C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Logitech\Video\LogiTray.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\program files\seekmo\seekmo.exe
C:\Documents and Settings\Melis\Bureaublad\winstall.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\YMBOLS~1\javaw.exe
C:\WINDOWS\system32\LVComS.exe
C:\Program Files\Wireless LAN Utility\SiWake.exe
C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
C:\Program Files\Xfire\Xfire.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\MSN Messenger\msrr.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\{08EB1559-07CB-1043-0110-030218040020}\Update.exe
C:\Documents and Settings\Melis\Mijn documenten\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.be/0SENLBE/SAOS01?FORM=TOOLBR
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
R3 - URLSearchHook: (no name) - {DFB873EC-CD0A-A8D3-7E06-BD896B5562BA} - C:\WINDOWS\system32\lnq.dll
R3 - URLSearchHook: (no name) - _{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: Seekmo Search Assistant Helper /fleok=1D8A83A5C7E5177E9EA4612A1FBB39BFE4976E26CAEDDA7E587C4F213BC3CA - {5929CD6E-2062-44a4-B2C5-2C7E78FBAB38} - c:\program files\seekmo\seekmohook.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Norton Internet Security - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O2 - BHO: 888Bar - {C004DEC2-2623-438e-9CA2-C9043AB28508} - C:\PROGRA~1\COMMON~1\{38EB1~2\888Bar.dll
O2 - BHO: (no name) - {DFB873EC-CD0A-A8D3-7E06-BD896B5562BA} - C:\WINDOWS\system32\lnq.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Norton Internet Security - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Seekmo Toolbar - {53E0B6E8-A51D-448B-B692-40B67B285543} - C:\Program Files\Seekmo Programs\Seekmo Toolbar\SeekmoTB.dll
O3 - Toolbar: 888Bar - {C004DEC2-2623-438e-9CA2-C9043AB28508} - C:\PROGRA~1\COMMON~1\{38EB1~2\888Bar.dll
O4 - HKLM\..\Run: [EnvyHFCPL] C:\Program Files\Audio Deck\EnMixCPL.exe
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [Jet Detection] "C:\Program Files\Creative\SBLive\PROGRAM\ADGJDet.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [seekmo] "c:\program files\seekmo\seekmo.exe"
O4 - HKLM\..\Run: [explorer] C:\Documents and Settings\Melis\Bureaublad\winstall.exe
O4 - HKLM\..\Run: [IpWins] C:\Program Files\ipwins\ipwins.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Oese] "C:\WINDOWS\system32\YMBOLS~1\javaw.exe" -vt yazb
O4 - HKCU\..\Run: [Lmfv] C:\Documents and Settings\Melis\Application Data\F?nts\?hkntfs.exe
O4 - Startup: ubisoft register.lnk = C:\Program Files\Ubi Soft\Register\schedule.exe
O4 - Startup: Xfire.lnk = C:\Program Files\Xfire\Xfire.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: SiWake.lnk = C:\Program Files\Wireless LAN Utility\SiWake.exe
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Openen in een nieuwe achtergrondtab - res://C:\Program Files\Windows Live Toolbar\Components\nl-be\msntabres.dll.mui/229?f97eab37279847f4afa33f3140009ce8
O8 - Extra context menu item: Openen in een nieuwe voorgrondtab - res://C:\Program Files\Windows Live Toolbar\Components\nl-be\msntabres.dll.mui/230?f97eab37279847f4afa33f3140009ce8
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://frette10.spaces.live.com//PhotoUpload/MsnPUpld.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1156780652433
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {E055C02E-6258-40FF-80A7-3BDA52FACAD7} (Installer Class) - http://activex.matcash.com/speedtest2.dll
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab31267.cab
O18 - Protocol: bw+0 - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: offline-8876480 - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: ISSvc (ISSVC) - Symantec Corporation - C:\Program Files\Norton Internet Security\ISSVC.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~2.EXE
O23 - Service: Norton AntiVirus Auto-Protect-service (navapsvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Planner voor Automatische LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
Alvast bedankt,
Guft.
- Deïnstalleer eerst MSN eens, deze bevat een worm en die kan voor herinfectie zorgen.
Download Killbox.(alternatieve download)
Klik op killbox.exe.
Kies de optie: "[b:8dcfb6bd23]Delete on reboot[/b:8dcfb6bd23]".
[b:8dcfb6bd23]Kopieer[/b:8dcfb6bd23] het volgende vetgedrukt deel:
[b:8dcfb6bd23]C:\Program Files\Common Files\{08EB1559-07CB-1043-0110-030218040020}\Update.exe
c:\program files\seekmo\seekmohook.dll
C:\WINDOWS\system32\lnq.dll
C:\Program Files\Seekmo Programs\Seekmo Toolbar\SeekmoTB.dll
C:\PROGRA~1\COMMON~1\{38EB1~2\888Bar.dll
c:\program files\seekmo\seekmo.exe"
C:\Documents and Settings\Melis\Bureaublad\winstall.exe
C:\Program Files\ipwins\ipwins.exe[/b:8dcfb6bd23]
Open [b:8dcfb6bd23]'file'[/b:8dcfb6bd23] in het killboxmenu bovenaan en kies: [b:8dcfb6bd23]Paste from clipboard[/b:8dcfb6bd23]
Je zal zien, het bovenstaande vetgedrukte zal staan in het "Full Path of File to Delete"-veld.
Er is een klein pijltje naast dat veld. Als je daarop klikt zal je al die bovenstaande lijntjes (indien bestanden aanwezig) die je gekopieerd hebt zien staan (dit is alvast de bedoeling)
Klik op de knop: [b:8dcfb6bd23]All files[/b:8dcfb6bd23] (!Belangrijk!)
Daarna, Klik op de rode cirkel met het wit kruisje erin.
Killbox zal zeggen dat deze file zal verwijderd worden on reboot.. vraagt om nu te rebooten. Klik YES.
Je pc moet nu rebooten.
Download [b:8dcfb6bd23]Combofix[/b:8dcfb6bd23] naar je Bureaublad.
Dubbelklik [b:8dcfb6bd23]Combofix.exe[/b:8dcfb6bd23]
Volg de instructies, aanvaard de disclaimer door "y" of "Y" te typen.
Tijdens het runnen van de fix, [b:8dcfb6bd23]NIET[/b:8dcfb6bd23] in het venster klikken, want dit zal je pc doen vasthangen.
Wanneer de fix voltooid is en na herstart, zal de log [b:8dcfb6bd23]combofix.txt[/b:8dcfb6bd23] openen.
Plaats deze log in je volgende post tesamen met een nieuw logje van Hijackthis.
NOTA: Indien je virusscanner reageert met een melding van een scriptuitvoering, mag je dit negeren. - Melis - 06-11-28 21:05:47,03 Service Pack 2
ComboFix 06.11.27W - Running from: "C:\Documents and Settings\Melis\Bureaublad"
(((((((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
C:\Program Files\Common Files\Yazzle1122OinAdmin.exe
C:\Program Files\Common Files\Yazzle1122OinUninstaller.exe
C:\Program Files\Inetget2
C:\Program Files\Ipwins
C:\Program Files\Common Files\{08EB1559-07CB-1043-0110-030218040020}
C:\Program Files\Common Files\{38EB1559-07CA-1043-0110-030218040020}
C:\Program Files\Common Files\{38EB1559-07CB-1043-0110-030218040020}
C:\Program Files\Common Files\{08EB1559-07CA-1043-0110-030218040020}
~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ Purity ~ ~ ~ ~ ~ ~ ~ ~~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~
Folders Quarantined:
C:\QooBox\Purity\Documents and Settings\Melis\Application Data\FNTS~1
C:\QooBox\Purity\WINDOWS\system32\YMBOLS~1
C:\QooBox\Purity\WINDOWS\system32\YMBOLS~1\javaw.exe
C:\QooBox\Purity\WINDOWS\system32\YMBOLS~1\?ymbols
((((((((((((((((((((((((((((((( Files Created from 2006-10-28 to 2006-11-28 ))))))))))))))))))))))))))))))))))
2006-11-28 20:14 <DIR> d——– C:\!KillBox
2006-11-27 16:31 2 –a—— C:\WINDOWS\system32\wcpsvit.exe
2006-11-27 12:22 <DIR> d–h—– C:\WINDOWS\PIF
2006-11-25 00:43 <DIR> d——– C:\Program Files\Seekmo Programs
2006-11-25 00:42 <DIR> d——– C:\Program Files\Seekmo
2006-11-21 17:51 69,632 –a—— C:\WINDOWS\system32\lfgif13n.dll
2006-11-21 17:51 57,344 –a—— C:\WINDOWS\system32\lfbmp13n.dll
2006-11-21 17:51 462,848 –a—— C:\WINDOWS\system32\ltkrn13n.dll
2006-11-21 17:51 450,560 –a—— C:\WINDOWS\system32\ltimg13n.dll
2006-11-21 17:51 401,408 –a—— C:\WINDOWS\system32\lfcmp13n.dll
2006-11-21 17:51 299,008 –a—— C:\WINDOWS\system32\ltdis13n.dll
2006-11-21 17:51 206,336 –a—— C:\WINDOWS\system32\ltefx13n.dll
2006-11-21 17:51 163,840 –a—— C:\WINDOWS\system32\ltfil13n.dll
2006-11-16 15:51 <DIR> d——– C:\Program Files\LucasArts
2006-11-15 12:10 467,163,904 –a—— C:\WoW-1.11.0-enGB-patch.exe
2006-11-15 10:02 <DIR> d——– C:\Program Files\MSXML 4.0
2006-11-15 10:00 <DIR> d——– C:\World of Warcraft private (3)
2006-11-14 19:40 <DIR> d——– C:\Documents and Settings\All Users\Application Data\nView_Profiles
2006-11-13 21:20 <DIR> d——– C:\Program Files\WinRAR
2006-11-13 20:34 <DIR> d——– C:\World of Warcraft private(2)
2006-11-12 23:04 <DIR> d——– C:\Program Files\SymNetDrv
2006-11-12 13:20 <DIR> d——– C:\Program Files\Norton Internet Security
2006-11-12 13:19 91,904 –a—— C:\WINDOWS\system32\S32EVNT1.DLL
2006-11-12 13:19 124,016 –a—— C:\WINDOWS\system32\drivers\SYMEVENT.SYS
2006-11-12 13:19 <DIR> d——– C:\Program Files\Symantec
2006-11-12 13:19 <DIR> d——– C:\Documents and Settings\Melis\Application Data\Symantec
2006-11-12 13:18 <DIR> d——– C:\Program Files\Common Files\Symantec Shared
2006-11-12 13:18 <DIR> d——– C:\Documents and Settings\All Users\Application Data\Symantec
2006-11-12 13:03 <DIR> d——– C:\Program Files\Guild Wars
2006-11-11 23:56 255,146,254 –a—— C:\WoW-1.8.0-enGB-patch.exe
2006-11-11 23:47 <DIR> d——– C:\World of Warcraft private
2006-11-11 21:22 <DIR> d——– C:\World of Warcraft
2006-11-11 17:23 <DIR> d——– C:\Program Files\Core Design
2006-11-11 12:18 74,112 ——— C:\WINDOWS\system32\drivers\sisnpf.sys
2006-11-11 12:18 49,152 –a—— C:\WINDOWS\system32\SiSWBase.dll
2006-11-11 12:18 237,568 –a—— C:\WINDOWS\system32\SiSWPars.dll
2006-11-11 12:18 155,648 –a—— C:\WINDOWS\system32\SiSWInst.dll
2006-11-11 12:18 <DIR> d——– C:\Program Files\SiS162u
2006-11-08 18:04 36,864 –a—— C:\WINDOWS\system32\unwlsdrv.exe
2006-11-08 18:04 155,648 –a—— C:\WINDOWS\system32\drivers\sis162u.sys
2006-11-08 18:04 <DIR> d——– C:\Program Files\Wireless LAN Utility
2006-11-04 14:14 1,245,696 –a—— C:\WINDOWS\system32\msxml4.dll
(((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))))
2006-11-28 21:07 ——– d——– C:\Program Files\Common Files
2006-11-28 21:04 ——– d——– C:\Program Files\Mozilla Firefox
2006-11-28 21:04 ——– d——– C:\Documents and Settings\Melis\Application Data\Skype
2006-11-28 21:02 ——– d——– C:\Documents and Settings\Melis\Application Data\Xfire
2006-11-27 17:40 ——– d—s—- C:\Program Files\Xfire
2006-11-26 21:51 ——– d—s—- C:\Documents and Settings\Melis\Application Data\Microsoft
2006-11-26 18:17 ——– d——– C:\Program Files\MSN Messenger
2006-11-25 01:20 ——– d——– C:\Program Files\Java
2006-11-16 15:51 ——– d–h—– C:\Program Files\InstallShield Installation Information
2006-11-15 10:00 ——– d——– C:\Program Files\Internet Explorer
2006-11-12 11:14 ——– d——– C:\Program Files\Common Files\Blizzard Entertainment
2006-11-11 18:30 ——– d——– C:\Program Files\Common Files\Adobe
2006-11-09 21:00 ——– d——– C:\Program Files\NovaLogic
2006-11-08 18:28 ——– d——– C:\Program Files\Windows Live Toolbar
2006-10-30 09:01 ——– d——– C:\Program Files\Diablo II
2006-10-30 09:00 43520 –a—— C:\WINDOWS\system32\CmdLineExt03.dll
2006-10-19 16:41 ——– d——– C:\Program Files\Return to Castle Wolfenstein - Game of The Year Edition
2006-10-16 14:47 21840 –a—— C:\WINDOWS\system32\SIntfNT.dll
2006-10-16 14:47 17212 –a—— C:\WINDOWS\system32\SIntf32.dll
2006-10-16 14:47 12067 –a—— C:\WINDOWS\system32\SIntf16.dll
2006-10-16 11:25 94208 –a—— C:\WINDOWS\DIIUnin.exe
2006-10-16 11:25 2829 –a—— C:\WINDOWS\DIIUnin.pif
2006-10-15 14:36 ——– d——– C:\Program Files\Ubi Soft
2006-10-15 14:31 ——– d——– C:\Program Files\MSIDVD
2006-10-15 14:31 ——– d——– C:\Program Files\CyberLink
2006-10-15 14:26 ——– d——– C:\Documents and Settings\Melis\Application Data\dvdcss
2006-10-15 14:20 ——– d——– C:\Program Files\Common Files\InstallShield
2006-10-14 22:21 ——– d——– C:\Program Files\Call of Duty
2006-10-13 13:41 144384 –a—— C:\WINDOWS\system32\nwprovau.dll
2006-09-13 06:07 1084416 –a—— C:\WINDOWS\system32\msxml3.dll
2006-09-08 16:03 118784 -r——- C:\WINDOWS\bwUnin-7.2.0.157-8876480SL.exe
2006-09-01 11:23 81920 -r——- C:\WINDOWS\bwUnin-6.1.4.36-8876480L.exe
2006-08-28 16:57 62 –ahs—- C:\Documents and Settings\Melis\Application Data\desktop.ini
2006-08-28 16:55 24064 –a—— C:\WINDOWS\system32\IntelNic.dll
2006-08-28 16:55 12288 –a—— C:\WINDOWS\system32\e100bmsg.dll
2006-08-28 16:55 118784 –a—— C:\WINDOWS\system32\Prounstl.exe
2006-08-28 15:13 0 -rahs—- C:\MSDOS.SYS
2006-08-28 15:13 0 -rahs—- C:\IO.SYS
2006-08-28 15:13 0 –a—— C:\CONFIG.SYS
2006-08-28 15:13 0 –a—— C:\AUTOEXEC.BAT
(((((((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))
*Note* empty entries are not shown
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run]
"MsnMsgr"="\"C:\\Program Files\\MSN Messenger\\MsnMsgr.Exe\" /background"
"Skype"="\"C:\\Program Files\\Skype\\Phone\\Skype.exe\" /nosplash /minimized"
"LDM"="C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"
"MSMSGS"="\"C:\\Program Files\\Messenger\\msmsgs.exe\" /background"
"Oese"="\"C:\\WINDOWS\\system32\\YMBOLS~1\\javaw.exe\" -vt yazb"
"Lmfv"="C:\\Documents and Settings\\Melis\\Application Data\\F?nts\\?hkntfs.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run]
"EnvyHFCPL"="C:\\Program Files\\Audio Deck\\EnMixCPL.exe"
"CTHelper"="CTHELPER.EXE"
"UpdReg"="C:\\WINDOWS\\UpdReg.EXE"
"Jet Detection"="\"C:\\Program Files\\Creative\\SBLive\\PROGRAM\\ADGJDet.exe\""
"SunJavaUpdateSched"="\"C:\\Program Files\\Java\\jre1.5.0_09\\bin\\jusched.exe\""
"iTunesHelper"="\"C:\\Program Files\\iTunes\\iTunesHelper.exe\""
"QuickTime Task"="\"C:\\Program Files\\QuickTime\\qttask.exe\" -atboottime"
"LogitechVideoRepair"="C:\\Program Files\\Logitech\\Video\\ISStart.exe"
"LogitechVideoTray"="C:\\Program Files\\Logitech\\Video\\LogiTray.exe"
"NvCplDaemon"="RUNDLL32.EXE C:\\WINDOWS\\system32\\NvCpl.dll,NvStartup"
"nwiz"="nwiz.exe /install"
"NvMediaCenter"="RUNDLL32.EXE C:\\WINDOWS\\system32\\NvMcTray.dll,NvTaskbarInit"
"ccApp"="\"C:\\Program Files\\Common Files\\Symantec Shared\\ccApp.exe\""
"Symantec NetDriver Monitor"="C:\\PROGRA~1\\SYMNET~1\\SNDMon.exe /Consumer"
"seekmo"="\"c:\\program files\\seekmo\\seekmo.exe\""
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\IMAIL]
"Installed"="1"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MAPI]
"NoChange"="1"
"Installed"="1"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MSFS]
"Installed"="1"
[HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components]
"DeskHtmlVersion"=dword:00000110
"DeskHtmlMinorVersion"=dword:00000005
"Settings"=dword:00000001
"GeneralFlags"=dword:00000001
[HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components\0]
"Source"="About:Home"
"SubscribedURL"="About:Home"
"FriendlyName"="Mijn huidige introductiepagina"
"Flags"=dword:00000002
"Position"=hex:2c,00,00,00,cc,00,00,00,00,00,00,00,34,03,00,00,de,02,00,00,00,\
00,00,00,01,00,00,00,01,00,00,00,01,00,00,00,00,00,00,00,00,00,00,00
"CurrentState"=hex:04,00,00,40
"OriginalStateInfo"=hex:18,00,00,00,ff,ff,00,00,ff,ff,00,00,ff,ff,ff,ff,ff,ff,\
ff,ff,04,00,00,00
"RestoredStateInfo"=hex:18,00,00,00,6a,02,00,00,23,00,00,00,a4,00,00,00,9a,00,\
00,00,01,00,00,00
[HKEY_USERS\.default\software\microsoft\windows\currentversion\run]
"CTFMON.EXE"="C:\\WINDOWS\\System32\\CTFMON.EXE"
[HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\run]
"CTFMON.EXE"="C:\\WINDOWS\\System32\\CTFMON.EXE"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\sharedtaskscheduler]
"{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Preloader van browseui"
"{8C7461EF-2B13-11d2-BE35-3078302C2030}"="Cache-daemon voor onderdeelcategorieën"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"=""
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer\Run]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"dontdisplaylastusername"=dword:00000000
"legalnoticecaption"=""
"legalnoticetext"=""
"shutdownwithoutlogon"=dword:00000001
"undockwithoutlogon"=dword:00000001
[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091
[HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shellserviceobjectdelayload]
"PostBootReminder"="{7849596a-48ea-486e-8937-a2a3009f31a9}"
"CDBurn"="{fbeb8a05-beee-4442-804e-409d6c4515e9}"
"WebCheck"="{E6FB5E20-DE35-11CF-9C87-00AA005127ED}"
"SysTray"="{35CEC8A3-2BE6-11D2-8773-92E220524153}"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"="msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll"
Contents of the 'Scheduled Tasks' folder
C:\WINDOWS\tasks\Controleren op updates voor Windows Live Toolbar.job
C:\WINDOWS\tasks\Norton AntiVirus - Mijn computer scannen - Melis.job
Completion time: 06-11-28 21:08:19.73
C:\ComboFix.txt … 06-11-28 21:08
Logfile of HijackThis v1.99.1
Scan saved at 21:41:10, on 28/11/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Norton Internet Security\ISSVC.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\CTsvcCDA.exe
C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\MsPMSPSv.exe
C:\WINDOWS\system32\CTHELPER.EXE
C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\program files\seekmo\seekmo.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\WINDOWS\system32\LVComS.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Wireless LAN Utility\SiWake.exe
C:\WINDOWS\notepad.exe
C:\Documents and Settings\Melis\Mijn documenten\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.be/0SENLBE/SAOS01?FORM=TOOLBR
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
R3 - URLSearchHook: (no name) - {DFB873EC-CD0A-A8D3-7E06-BD896B5562BA} - C:\WINDOWS\system32\lnq.dll (file missing)
R3 - URLSearchHook: (no name) - _{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Norton Internet Security - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O2 - BHO: (no name) - {C004DEC2-2623-438e-9CA2-C9043AB28508} - (no file)
O2 - BHO: (no name) - {DFB873EC-CD0A-A8D3-7E06-BD896B5562BA} - C:\WINDOWS\system32\lnq.dll (file missing)
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Norton Internet Security - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Seekmo Toolbar - {53E0B6E8-A51D-448B-B692-40B67B285543} - C:\Program Files\Seekmo Programs\Seekmo Toolbar\SeekmoTB.dll (file missing)
O4 - HKLM\..\Run: [EnvyHFCPL] C:\Program Files\Audio Deck\EnMixCPL.exe
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [Jet Detection] "C:\Program Files\Creative\SBLive\PROGRAM\ADGJDet.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [seekmo] "c:\program files\seekmo\seekmo.exe"
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Oese] "C:\WINDOWS\system32\YMBOLS~1\javaw.exe" -vt yazb
O4 - HKCU\..\Run: [Lmfv] C:\Documents and Settings\Melis\Application Data\F?nts\?hkntfs.exe
O4 - Startup: ubisoft register.lnk = C:\Program Files\Ubi Soft\Register\schedule.exe
O4 - Startup: Xfire.lnk = C:\Program Files\Xfire\Xfire.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: SiWake.lnk = C:\Program Files\Wireless LAN Utility\SiWake.exe
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Openen in een nieuwe achtergrondtab - res://C:\Program Files\Windows Live Toolbar\Components\nl-be\msntabres.dll.mui/229?f97eab37279847f4afa33f3140009ce8
O8 - Extra context menu item: Openen in een nieuwe voorgrondtab - res://C:\Program Files\Windows Live Toolbar\Components\nl-be\msntabres.dll.mui/230?f97eab37279847f4afa33f3140009ce8
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://frette10.spaces.live.com//PhotoUpload/MsnPUpld.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1156780652433
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {E055C02E-6258-40FF-80A7-3BDA52FACAD7} (Installer Class) - http://activex.matcash.com/speedtest2.dll
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab31267.cab
O18 - Protocol: bw+0 - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: offline-8876480 - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: ISSvc (ISSVC) - Symantec Corporation - C:\Program Files\Norton Internet Security\ISSVC.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~2.EXE
O23 - Service: Norton AntiVirus Auto-Protect-service (navapsvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Planner voor Automatische LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe - Start HijackThis nog een keer, kies voor "Do a system scan only" en plaats alleen een vinkje voor de volgende regels:
[b:54f95d438a]R3 - URLSearchHook: (no name) - {DFB873EC-CD0A-A8D3-7E06-BD896B5562BA} - C:\WINDOWS\system32\lnq.dll (file missing)
R3 - URLSearchHook: (no name) - _{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
O2 - BHO: (no name) - {C004DEC2-2623-438e-9CA2-C9043AB28508} - (no file)
O2 - BHO: (no name) - {DFB873EC-CD0A-A8D3-7E06-BD896B5562BA} - C:\WINDOWS\system32\lnq.dll (file missing)
O3 - Toolbar: Seekmo Toolbar - {53E0B6E8-A51D-448B-B692-40B67B285543} - C:\Program Files\Seekmo Programs\Seekmo Toolbar\SeekmoTB.dll (file missing)
O4 - HKLM\..\Run: [seekmo] "c:\program files\seekmo\seekmo.exe"
O4 - HKCU\..\Run: [Oese] "C:\WINDOWS\system32\YMBOLS~1\javaw.exe" -vt yazb
O4 - HKCU\..\Run: [Lmfv] C:\Documents and Settings\Melis\Application Data\F?nts\?hkntfs.exe
O16 - DPF: {E055C02E-6258-40FF-80A7-3BDA52FACAD7} (Installer Class) - http://activex.matcash.com/speedtest2.dll [/b:54f95d438a]
Sluit alle open vensters(behalve HijackThis), klik daarna op "Fix checked" en sluit HijackThis af.
Download ATF cleaner (gemaakt door Atribune)
Dubbelklik op ATF cleaner om het programma te starten.
Op het tabblad "Main", plaats je een vinkje bij [b:54f95d438a]Select All[/b:54f95d438a].
Klik op de knop [b:54f95d438a]Empty Selected[/b:54f95d438a].
Gebruik je ook Firefox als browser:
Klik op tabblad "Firefox", plaats een vinkje bij [b:54f95d438a]Select All[/b:54f95d438a].
Wil je de door Firefox opgeslagen wachtwoorden behouden, dan klik je in het venster dat verschijnt op "No".
(dit haalt het vinkje weer weg bij "Firefox saved passwords"
Klik op de knop [b:54f95d438a]Empty Selected[/b:54f95d438a].
Gebruik je ook Opera als browser:
Klik op tabblad "Opera", plaats een vinkje bij [b:54f95d438a]Select All[/b:54f95d438a].
Wil je de door Opera opgeslagen wachtwoorden behouden, dan klik je in het venster dat verschijnt op "No".
Klik op de knop [b:54f95d438a]Empty Selected[/b:54f95d438a].
Ga naar het tabblad "Main" en klik op de knop [b:54f95d438a]Exit[/b:54f95d438a] om het programma af te sluiten
Download en installeer .
Na de installatie, open je AVG Anti-Spyware:
Bij "[b:54f95d438a]Status[/b:54f95d438a]", klik op [b:54f95d438a]Change state[/b:54f95d438a] naast "Resident shield". (wijzig van active naar [b:54f95d438a]inactive[/b:54f95d438a]!)
Bij "[b:54f95d438a]Update[/b:54f95d438a]", klik op de [b:54f95d438a]Start update[/b:54f95d438a] knop.
Onder "[b:54f95d438a]Scanner[/b:54f95d438a]", tab "Settings":
Onder "How to act?", klik op "[u:54f95d438a]Recommended actions[/u:54f95d438a]" en selecteer [b:54f95d438a]Quarantine[/b:54f95d438a]. ([b:54f95d438a]ZEER BELANGRIJK![/b:54f95d438a])
Bij "Reports", selecteer [b:54f95d438a]Automatically generate report after every scan[/b:54f95d438a] en [u:54f95d438a]verwijder[/u:54f95d438a] het vinkje bij [b:54f95d438a]Only if threats were found[/b:54f95d438a].
Klik op [b:54f95d438a]Scan[/b:54f95d438a] en kies [b:54f95d438a]Complete System Scan[/b:54f95d438a].
Na afloop van de scan, klik je op [b:54f95d438a]Apply All Actions[/b:54f95d438a].
Wanneer je de melding krijgt "All actions have been applied", klik je onderaan op de knop [b:54f95d438a]Save Report[/b:54f95d438a].
Klik in het menu bovenaan op [b:54f95d438a]Reports[/b:54f95d438a]. Kopieer het rapport van de scan en plaats dat hier in je volgende bericht.
Post ook een nieuw logje van HijackThis - ———————————————————
AVG Anti-Spyware - Scan Report
———————————————————
+ Created at: 22:41:26 30/11/2006
+ Scan result:
C:\System Volume Information\_restore{80E27343-A525-405F-A2C6-EB20FD702F6F}\RP69\A0012566.exe -> Adware.180Solutions : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\ClientAX.ClientInstaller -> Adware.180Solutions : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\ClientAX.ClientInstaller.1 -> Adware.180Solutions : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\ClientAX.ClientInstaller\CLSID -> Adware.180Solutions : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\ClientAX.ClientInstaller\CurVer -> Adware.180Solutions : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{80E27343-A525-405F-A2C6-EB20FD702F6F}\RP72\A0014026.exe -> Adware.ClickSpring : Cleaned with backup (quarantined).
HKU\S-1-5-21-789336058-343818398-725345543-1004\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{5929CD6E-2062-44A4-B2C5-2C7E78FBAB38} -> Adware.Generic : Cleaned with backup (quarantined).
C:\!KillBox\ipwins.exe -> Adware.Maxifiles : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{80E27343-A525-405F-A2C6-EB20FD702F6F}\RP72\A0014010.exe -> Adware.Maxifiles : Cleaned with backup (quarantined).
C:\!KillBox\lnq.dll -> Adware.PurityScan : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{80E27343-A525-405F-A2C6-EB20FD702F6F}\RP70\A0012769.exe -> Adware.PurityScan : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{80E27343-A525-405F-A2C6-EB20FD702F6F}\RP70\A0012775.exe -> Adware.PurityScan : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{80E27343-A525-405F-A2C6-EB20FD702F6F}\RP71\A0012801.exe -> Adware.PurityScan : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{80E27343-A525-405F-A2C6-EB20FD702F6F}\RP72\A0014006.dll -> Adware.PurityScan : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{80E27343-A525-405F-A2C6-EB20FD702F6F}\RP72\A0014009.exe -> Adware.PurityScan : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{80E27343-A525-405F-A2C6-EB20FD702F6F}\RP73\A0014208.exe -> Adware.PurityScan : Cleaned with backup (quarantined).
C:\!KillBox\Update.exe -> Adware.Softomate : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{80E27343-A525-405F-A2C6-EB20FD702F6F}\RP70\A0012762.dll -> Adware.Softomate : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{80E27343-A525-405F-A2C6-EB20FD702F6F}\RP70\A0012763.exe -> Adware.Softomate : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{80E27343-A525-405F-A2C6-EB20FD702F6F}\RP70\A0012764.dll -> Adware.Softomate : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{80E27343-A525-405F-A2C6-EB20FD702F6F}\RP70\A0012765.exe -> Adware.Softomate : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{80E27343-A525-405F-A2C6-EB20FD702F6F}\RP70\A0012766.dll -> Adware.Softomate : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{80E27343-A525-405F-A2C6-EB20FD702F6F}\RP70\A0012767.exe -> Adware.Softomate : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{80E27343-A525-405F-A2C6-EB20FD702F6F}\RP70\A0012771.dll -> Adware.Softomate : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{80E27343-A525-405F-A2C6-EB20FD702F6F}\RP70\A0012772.exe -> Adware.Softomate : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{80E27343-A525-405F-A2C6-EB20FD702F6F}\RP70\A0012773.dll -> Adware.Softomate : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{80E27343-A525-405F-A2C6-EB20FD702F6F}\RP70\A0012774.exe -> Adware.Softomate : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{80E27343-A525-405F-A2C6-EB20FD702F6F}\RP71\A0012798.dll -> Adware.Softomate : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{80E27343-A525-405F-A2C6-EB20FD702F6F}\RP71\A0012799.exe -> Adware.Softomate : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{80E27343-A525-405F-A2C6-EB20FD702F6F}\RP71\A0013788.dll -> Adware.Softomate : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{80E27343-A525-405F-A2C6-EB20FD702F6F}\RP71\A0013789.exe -> Adware.Softomate : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{80E27343-A525-405F-A2C6-EB20FD702F6F}\RP71\A0013790.dll -> Adware.Softomate : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{80E27343-A525-405F-A2C6-EB20FD702F6F}\RP71\A0013791.exe -> Adware.Softomate : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{80E27343-A525-405F-A2C6-EB20FD702F6F}\RP71\A0013792.dll -> Adware.Softomate : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{80E27343-A525-405F-A2C6-EB20FD702F6F}\RP71\A0013793.exe -> Adware.Softomate : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{80E27343-A525-405F-A2C6-EB20FD702F6F}\RP71\A0013794.dll -> Adware.Softomate : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{80E27343-A525-405F-A2C6-EB20FD702F6F}\RP71\A0013795.exe -> Adware.Softomate : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{80E27343-A525-405F-A2C6-EB20FD702F6F}\RP71\A0013878.dll -> Adware.Softomate : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{80E27343-A525-405F-A2C6-EB20FD702F6F}\RP71\A0013879.exe -> Adware.Softomate : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{80E27343-A525-405F-A2C6-EB20FD702F6F}\RP71\A0013880.dll -> Adware.Softomate : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{80E27343-A525-405F-A2C6-EB20FD702F6F}\RP71\A0013881.exe -> Adware.Softomate : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{80E27343-A525-405F-A2C6-EB20FD702F6F}\RP71\A0013898.dll -> Adware.Softomate : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{80E27343-A525-405F-A2C6-EB20FD702F6F}\RP71\A0013899.exe -> Adware.Softomate : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{80E27343-A525-405F-A2C6-EB20FD702F6F}\RP71\A0013900.dll -> Adware.Softomate : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{80E27343-A525-405F-A2C6-EB20FD702F6F}\RP71\A0013901.exe -> Adware.Softomate : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{80E27343-A525-405F-A2C6-EB20FD702F6F}\RP71\A0013911.dll -> Adware.Softomate : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{80E27343-A525-405F-A2C6-EB20FD702F6F}\RP71\A0013912.exe -> Adware.Softomate : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{80E27343-A525-405F-A2C6-EB20FD702F6F}\RP71\A0013913.dll -> Adware.Softomate : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{80E27343-A525-405F-A2C6-EB20FD702F6F}\RP71\A0013914.exe -> Adware.Softomate : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{80E27343-A525-405F-A2C6-EB20FD702F6F}\RP72\A0014004.exe -> Adware.Softomate : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{80E27343-A525-405F-A2C6-EB20FD702F6F}\RP72\A0014029.dll -> Adware.Softomate : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{80E27343-A525-405F-A2C6-EB20FD702F6F}\RP72\A0014034.dll -> Adware.Softomate : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{80E27343-A525-405F-A2C6-EB20FD702F6F}\RP72\A0014035.exe -> Adware.Softomate : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\ClientAX.RequiredComponent -> Adware.Zango : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\ClientAX.RequiredComponent.1 -> Adware.Zango : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\ClientAX.RequiredComponent\CLSID -> Adware.Zango : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\ClientAX.RequiredComponent\CurVer -> Adware.Zango : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{80E27343-A525-405F-A2C6-EB20FD702F6F}\RP70\A0012761.pif -> Backdoor.Agent.aim : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{80E27343-A525-405F-A2C6-EB20FD702F6F}\RP72\A0014099.exe -> Backdoor.Agent.aim : Cleaned with backup (quarantined).
C:\Documents and Settings\Melis\Bureaublad\mcnew.exe -> Downloader.Agent.bca : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{80E27343-A525-405F-A2C6-EB20FD702F6F}\RP70\A0012770.exe -> Downloader.Agent.bca : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{80E27343-A525-405F-A2C6-EB20FD702F6F}\RP71\A0012800.exe -> Downloader.Agent.bca : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{80E27343-A525-405F-A2C6-EB20FD702F6F}\RP71\A0013796.exe -> Downloader.Agent.bca : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{80E27343-A525-405F-A2C6-EB20FD702F6F}\RP71\A0013860.exe -> Downloader.Agent.bca : Cleaned with backup (quarantined).
C:\QooBox\Purity\WINDOWS\system32\YMBOLS~1\javaw.exe -> Downloader.PurityScan.dr : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{80E27343-A525-405F-A2C6-EB20FD702F6F}\RP72\A0014025.exe -> Dropper.Small : Cleaned with backup (quarantined).
C:\Documents and Settings\Melis\Mijn documenten\backups\backup-20061130-214614-330.dll -> Not-A-Virus.Downloader.Win32.InsTool.a : Cleaned with backup (quarantined).
:mozilla.629:C:\Documents and Settings\Melis\Application Data\Mozilla\Firefox\Profiles\a4teztpb.default\cookies.txt -> TrackingCookie.247realmedia : Cleaned.
:mozilla.33:C:\Documents and Settings\Melis\Application Data\Mozilla\Firefox\Profiles\a4teztpb.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.34:C:\Documents and Settings\Melis\Application Data\Mozilla\Firefox\Profiles\a4teztpb.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.35:C:\Documents and Settings\Melis\Application Data\Mozilla\Firefox\Profiles\a4teztpb.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.558:C:\Documents and Settings\Melis\Application Data\Mozilla\Firefox\Profiles\a4teztpb.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.592:C:\Documents and Settings\Melis\Application Data\Mozilla\Firefox\Profiles\a4teztpb.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.108:C:\Documents and Settings\Melis\Application Data\Mozilla\Firefox\Profiles\a4teztpb.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
:mozilla.109:C:\Documents and Settings\Melis\Application Data\Mozilla\Firefox\Profiles\a4teztpb.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
:mozilla.639:C:\Documents and Settings\Melis\Application Data\Mozilla\Firefox\Profiles\a4teztpb.default\cookies.txt -> TrackingCookie.Adjuggler : Cleaned.
:mozilla.640:C:\Documents and Settings\Melis\Application Data\Mozilla\Firefox\Profiles\a4teztpb.default\cookies.txt -> TrackingCookie.Adjuggler : Cleaned.
:mozilla.643:C:\Documents and Settings\Melis\Application Data\Mozilla\Firefox\Profiles\a4teztpb.default\cookies.txt -> TrackingCookie.Adjuggler : Cleaned.
:mozilla.644:C:\Documents and Settings\Melis\Application Data\Mozilla\Firefox\Profiles\a4teztpb.default\cookies.txt -> TrackingCookie.Adjuggler : Cleaned.
:mozilla.218:C:\Documents and Settings\Melis\Application Data\Mozilla\Firefox\Profiles\a4teztpb.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.224:C:\Documents and Settings\Melis\Application Data\Mozilla\Firefox\Profiles\a4teztpb.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.225:C:\Documents and Settings\Melis\Application Data\Mozilla\Firefox\Profiles\a4teztpb.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.227:C:\Documents and Settings\Melis\Application Data\Mozilla\Firefox\Profiles\a4teztpb.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.229:C:\Documents and Settings\Melis\Application Data\Mozilla\Firefox\Profiles\a4teztpb.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.230:C:\Documents and Settings\Melis\Application Data\Mozilla\Firefox\Profiles\a4teztpb.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.438:C:\Documents and Settings\Melis\Application Data\Mozilla\Firefox\Profiles\a4teztpb.default\cookies.txt -> TrackingCookie.Adtech : Cleaned.
:mozilla.439:C:\Documents and Settings\Melis\Application Data\Mozilla\Firefox\Profiles\a4teztpb.default\cookies.txt -> TrackingCookie.Adtech : Cleaned.
:mozilla.142:C:\Documents and Settings\Melis\Application Data\Mozilla\Firefox\Profiles\a4teztpb.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.143:C:\Documents and Settings\Melis\Application Data\Mozilla\Firefox\Profiles\a4teztpb.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.144:C:\Documents and Settings\Melis\Application Data\Mozilla\Firefox\Profiles\a4teztpb.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.145:C:\Documents and Settings\Melis\Application Data\Mozilla\Firefox\Profiles\a4teztpb.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.146:C:\Documents and Settings\Melis\Application Data\Mozilla\Firefox\Profiles\a4teztpb.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.138:C:\Documents and Settings\Melis\Application Data\Mozilla\Firefox\Profiles\a4teztpb.default\cookies.txt -> TrackingCookie.Atdmt : Cleaned.
:mozilla.299:C:\Documents and Settings\Melis\Application Data\Mozilla\Firefox\Profiles\a4teztpb.default\cookies.txt -> TrackingCookie.Bluestreak : Cleaned.
:mozilla.226:C:\Documents and Settings\Melis\Application Data\Mozilla\Firefox\Profiles\a4teztpb.default\cookies.txt -> TrackingCookie.Burstnet : Cleaned.
:mozilla.228:C:\Documents and Settings\Melis\Application Data\Mozilla\Firefox\Profiles\a4teztpb.default\cookies.txt -> TrackingCookie.Burstnet : Cleaned.
:mozilla.73:C:\Documents and Settings\Melis\Application Data\Mozilla\Firefox\Profiles\a4teztpb.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.614:C:\Documents and Settings\Melis\Application Data\Mozilla\Firefox\Profiles\a4teztpb.default\cookies.txt -> TrackingCookie.Clickzs : Cleaned.
:mozilla.615:C:\Documents and Settings\Melis\Application Data\Mozilla\Firefox\Profiles\a4teztpb.default\cookies.txt -> TrackingCookie.Clickzs : Cleaned.
:mozilla.384:C:\Documents and Settings\Melis\Application Data\Mozilla\Firefox\Profiles\a4teztpb.default\cookies.txt -> TrackingCookie.Com : Cleaned.
:mozilla.683:C:\Documents and Settings\Melis\Application Data\Mozilla\Firefox\Profiles\a4teztpb.default\cookies.txt -> TrackingCookie.Coremetrics : Cleaned.
:mozilla.90:C:\Documents and Settings\Melis\Application Data\Mozilla\Firefox\Profiles\a4teztpb.default\cookies.txt -> TrackingCookie.Doubleclick : Cleaned.
:mozilla.516:C:\Documents and Settings\Melis\Application Data\Mozilla\Firefox\Profiles\a4teztpb.default\cookies.txt -> TrackingCookie.Euroclick : Cleaned.
:mozilla.221:C:\Documents and Settings\Melis\Application Data\Mozilla\Firefox\Profiles\a4teztpb.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned.
:mozilla.222:C:\Documents and Settings\Melis\Application Data\Mozilla\Firefox\Profiles\a4teztpb.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned.
:mozilla.357:C:\Documents and Settings\Melis\Application Data\Mozilla\Firefox\Profiles\a4teztpb.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned.
:mozilla.485:C:\Documents and Settings\Melis\Application Data\Mozilla\Firefox\Profiles\a4teztpb.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned.
:mozilla.95:C:\Documents and Settings\Melis\Application Data\Mozilla\Firefox\Profiles\a4teztpb.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned.
:mozilla.130:C:\Documents and Settings\Melis\Application Data\Mozilla\Firefox\Profiles\a4teztpb.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.131:C:\Documents and Settings\Melis\Application Data\Mozilla\Firefox\Profiles\a4teztpb.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.132:C:\Documents and Settings\Melis\Application Data\Mozilla\Firefox\Profiles\a4teztpb.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.463:C:\Documents and Settings\Melis\Application Data\Mozilla\Firefox\Profiles\a4teztpb.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.464:C:\Documents and Settings\Melis\Application Data\Mozilla\Firefox\Profiles\a4teztpb.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.509:C:\Documents and Settings\Melis\Application Data\Mozilla\Firefox\Profiles\a4teztpb.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.605:C:\Documents and Settings\Melis\Application Data\Mozilla\Firefox\Profiles\a4teztpb.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.451:C:\Documents and Settings\Melis\Application Data\Mozilla\Firefox\Profiles\a4teztpb.default\cookies.txt -> TrackingCookie.Hotlog : Cleaned.
:mozilla.368:C:\Documents and Settings\Melis\Application Data\Mozilla\Firefox\Profiles\a4teztpb.default\cookies.txt -> TrackingCookie.Mediaplex : Cleaned.
:mozilla.597:C:\Documents and Settings\Melis\Application Data\Mozilla\Firefox\Profiles\a4teztpb.default\cookies.txt -> TrackingCookie.Onestat : Cleaned.
:mozilla.598:C:\Documents and Settings\Melis\Application Data\Mozilla\Firefox\Profiles\a4teztpb.default\cookies.txt -> TrackingCookie.Onestat : Cleaned.
:mozilla.217:C:\Documents and Settings\Melis\Application Data\Mozilla\Firefox\Profiles\a4teztpb.default\cookies.txt -> TrackingCookie.Overture : Cleaned.
:mozilla.660:C:\Documents and Settings\Melis\Application Data\Mozilla\Firefox\Profiles\a4teztpb.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.661:C:\Documents and Settings\Melis\Application Data\Mozilla\Firefox\Profiles\a4teztpb.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.662:C:\Documents and Settings\Melis\Application Data\Mozilla\Firefox\Profiles\a4teztpb.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.663:C:\Documents and Settings\Melis\Application Data\Mozilla\Firefox\Profiles\a4teztpb.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.472:C:\Documents and Settings\Melis\Application Data\Mozilla\Firefox\Profiles\a4teztpb.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned.
:mozilla.473:C:\Documents and Settings\Melis\Application Data\Mozilla\Firefox\Profiles\a4teztpb.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned.
:mozilla.72:C:\Documents and Settings\Melis\Application Data\Mozilla\Firefox\Profiles\a4teztpb.default\cookies.txt -> TrackingCookie.Revenue : Cleaned.
:mozilla.474:C:\Documents and Settings\Melis\Application Data\Mozilla\Firefox\Profiles\a4teztpb.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.475:C:\Documents and Settings\Melis\Application Data\Mozilla\Firefox\Profiles\a4teztpb.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.476:C:\Documents and Settings\Melis\Application Data\Mozilla\Firefox\Profiles\a4teztpb.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.477:C:\Documents and Settings\Melis\Application Data\Mozilla\Firefox\Profiles\a4teztpb.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.478:C:\Documents and Settings\Melis\Application Data\Mozilla\Firefox\Profiles\a4teztpb.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.479:C:\Documents and Settings\Melis\Application Data\Mozilla\Firefox\Profiles\a4teztpb.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.480:C:\Documents and Settings\Melis\Application Data\Mozilla\Firefox\Profiles\a4teztpb.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.648:C:\Documents and Settings\Melis\Application Data\Mozilla\Firefox\Profiles\a4teztpb.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.649:C:\Documents and Settings\Melis\Application Data\Mozilla\Firefox\Profiles\a4teztpb.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.159:C:\Documents and Settings\Melis\Application Data\Mozilla\Firefox\Profiles\a4teztpb.default\cookies.txt -> TrackingCookie.Sitestat : Cleaned.
:mozilla.160:C:\Documents and Settings\Melis\Application Data\Mozilla\Firefox\Profiles\a4teztpb.default\cookies.txt -> TrackingCookie.Sitestat : Cleaned.
:mozilla.654:C:\Documents and Settings\Melis\Application Data\Mozilla\Firefox\Profiles\a4teztpb.default\cookies.txt -> TrackingCookie.Sitestat : Cleaned.
:mozilla.655:C:\Documents and Settings\Melis\Application Data\Mozilla\Firefox\Profiles\a4teztpb.default\cookies.txt -> TrackingCookie.Sitestat : Cleaned.
:mozilla.168:C:\Documents and Settings\Melis\Application Data\Mozilla\Firefox\Profiles\a4teztpb.default\cookies.txt -> TrackingCookie.Smartadserver : Cleaned.
:mozilla.169:C:\Documents and Settings\Melis\Application Data\Mozilla\Firefox\Profiles\a4teztpb.default\cookies.txt -> TrackingCookie.Smartadserver : Cleaned.
:mozilla.170:C:\Documents and Settings\Melis\Application Data\Mozilla\Firefox\Profiles\a4teztpb.default\cookies.txt -> TrackingCookie.Smartadserver : Cleaned.
:mozilla.172:C:\Documents and Settings\Melis\Application Data\Mozilla\Firefox\Profiles\a4teztpb.default\cookies.txt -> TrackingCookie.Smartadserver : Cleaned.
:mozilla.453:C:\Documents and Settings\Melis\Application Data\Mozilla\Firefox\Profiles\a4teztpb.default\cookies.txt -> TrackingCookie.Spylog : Cleaned.
:mozilla.566:C:\Documents and Settings\Melis\Application Data\Mozilla\Firefox\Profiles\a4teztpb.default\cookies.txt -> TrackingCookie.Starware : Cleaned.
:mozilla.567:C:\Documents and Settings\Melis\Application Data\Mozilla\Firefox\Profiles\a4teztpb.default\cookies.txt -> TrackingCookie.Starware : Cleaned.
:mozilla.568:C:\Documents and Settings\Melis\Application Data\Mozilla\Firefox\Profiles\a4teztpb.default\cookies.txt -> TrackingCookie.Starware : Cleaned.
:mozilla.199:C:\Documents and Settings\Melis\Application Data\Mozilla\Firefox\Profiles\a4teztpb.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.200:C:\Documents and Settings\Melis\Application Data\Mozilla\Firefox\Profiles\a4teztpb.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.201:C:\Documents and Settings\Melis\Application Data\Mozilla\Firefox\Profiles\a4teztpb.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.202:C:\Documents and Settings\Melis\Application Data\Mozilla\Firefox\Profiles\a4teztpb.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.203:C:\Documents and Settings\Melis\Application Data\Mozilla\Firefox\Profiles\a4teztpb.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.204:C:\Documents and Settings\Melis\Application Data\Mozilla\Firefox\Profiles\a4teztpb.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.205:C:\Documents and Settings\Melis\Application Data\Mozilla\Firefox\Profiles\a4teztpb.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.206:C:\Documents and Settings\Melis\Application Data\Mozilla\Firefox\Profiles\a4teztpb.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.342:C:\Documents and Settings\Melis\Application Data\Mozilla\Firefox\Profiles\a4teztpb.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned.
:mozilla.343:C:\Documents and Settings\Melis\Application Data\Mozilla\Firefox\Profiles\a4teztpb.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned.
:mozilla.180:C:\Documents and Settings\Melis\Application Data\Mozilla\Firefox\Profiles\a4teztpb.default\cookies.txt -> TrackingCookie.Targetnet : Cleaned.
:mozilla.181:C:\Documents and Settings\Melis\Application Data\Mozilla\Firefox\Profiles\a4teztpb.default\cookies.txt -> TrackingCookie.Targetnet : Cleaned.
:mozilla.106:C:\Documents and Settings\Melis\Application Data\Mozilla\Firefox\Profiles\a4teztpb.default\cookies.txt -> TrackingCookie.Texttbnru : Cleaned.
:mozilla.122:C:\Documents and Settings\Melis\Application Data\Mozilla\Firefox\Profiles\a4teztpb.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned.
:mozilla.123:C:\Documents and Settings\Melis\Application Data\Mozilla\Firefox\Profiles\a4teztpb.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned.
:mozilla.404:C:\Documents and Settings\Melis\Application Data\Mozilla\Firefox\Profiles\a4teztpb.default\cookies.txt -> TrackingCookie.Trafic : Cleaned.
:mozilla.124:C:\Documents and Settings\Melis\Application Data\Mozilla\Firefox\Profiles\a4teztpb.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned.
:mozilla.559:C:\Documents and Settings\Melis\Application Data\Mozilla\Firefox\Profiles\a4teztpb.default\cookies.txt -> TrackingCookie.Valueclick : Cleaned.
:mozilla.560:C:\Documents and Settings\Melis\Application Data\Mozilla\Firefox\Profiles\a4teztpb.default\cookies.txt -> TrackingCookie.Valueclick : Cleaned.
:mozilla.616:C:\Documents and Settings\Melis\Application Data\Mozilla\Firefox\Profiles\a4teztpb.default\cookies.txt -> TrackingCookie.Web-stat : Cleaned.
:mozilla.617:C:\Documents and Settings\Melis\Application Data\Mozilla\Firefox\Profiles\a4teztpb.default\cookies.txt -> TrackingCookie.Web-stat : Cleaned.
:mozilla.248:C:\Documents and Settings\Melis\Application Data\Mozilla\Firefox\Profiles\a4teztpb.default\cookies.txt -> TrackingCookie.Webtrendslive : Cleaned.
:mozilla.250:C:\Documents and Settings\Melis\Application Data\Mozilla\Firefox\Profiles\a4teztpb.default\cookies.txt -> TrackingCookie.Webtrendslive : Cleaned.
:mozilla.104:C:\Documents and Settings\Melis\Application Data\Mozilla\Firefox\Profiles\a4teztpb.default\cookies.txt -> TrackingCookie.Yadro : Cleaned.
:mozilla.187:C:\Documents and Settings\Melis\Application Data\Mozilla\Firefox\Profiles\a4teztpb.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.188:C:\Documents and Settings\Melis\Application Data\Mozilla\Firefox\Profiles\a4teztpb.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.189:C:\Documents and Settings\Melis\Application Data\Mozilla\Firefox\Profiles\a4teztpb.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.190:C:\Documents and Settings\Melis\Application Data\Mozilla\Firefox\Profiles\a4teztpb.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.191:C:\Documents and Settings\Melis\Application Data\Mozilla\Firefox\Profiles\a4teztpb.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.192:C:\Documents and Settings\Melis\Application Data\Mozilla\Firefox\Profiles\a4teztpb.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.467:C:\Documents and Settings\Melis\Application Data\Mozilla\Firefox\Profiles\a4teztpb.default\cookies.txt -> TrackingCookie.Zedo : Cleaned.
:mozilla.468:C:\Documents and Settings\Melis\Application Data\Mozilla\Firefox\Profiles\a4teztpb.default\cookies.txt -> TrackingCookie.Zedo : Cleaned.
:mozilla.469:C:\Documents and Settings\Melis\Application Data\Mozilla\Firefox\Profiles\a4teztpb.default\cookies.txt -> TrackingCookie.Zedo : Cleaned.
:mozilla.470:C:\Documents and Settings\Melis\Application Data\Mozilla\Firefox\Profiles\a4teztpb.default\cookies.txt -> TrackingCookie.Zedo : Cleaned.
C:\System Volume Information\_restore{80E27343-A525-405F-A2C6-EB20FD702F6F}\RP71\A0013927.exe -> Trojan.Small : Cleaned with backup (quarantined).
C:\WINDOWS\system32\wcpsvit.exe -> Trojan.Small : Cleaned with backup (quarantined).
::Report end
Logfile of HijackThis v1.99.1
Scan saved at 18:24:20, on 2/12/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Norton Internet Security\ISSVC.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\system32\CTsvcCDA.exe
C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\MsPMSPSv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\CTHELPER.EXE
C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Logitech\Video\LogiTray.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Wireless LAN Utility\SiWake.exe
C:\WINDOWS\system32\LVComS.exe
C:\Program Files\Microsoft Office\Office\WINWORD.EXE
C:\WINDOWS\msagent\AgentSvr.exe
C:\Documents and Settings\Melis\Mijn documenten\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.be/0SENLBE/SAOS01?FORM=TOOLBR
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Norton Internet Security - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Norton Internet Security - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [EnvyHFCPL] C:\Program Files\Audio Deck\EnMixCPL.exe
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [Jet Detection] "C:\Program Files\Creative\SBLive\PROGRAM\ADGJDet.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - Startup: ubisoft register.lnk = C:\Program Files\Ubi Soft\Register\schedule.exe
O4 - Startup: Xfire.lnk = C:\Program Files\Xfire\Xfire.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: SiWake.lnk = C:\Program Files\Wireless LAN Utility\SiWake.exe
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Openen in een nieuwe achtergrondtab - res://C:\Program Files\Windows Live Toolbar\Components\nl-be\msntabres.dll.mui/229?f97eab37279847f4afa33f3140009ce8
O8 - Extra context menu item: Openen in een nieuwe voorgrondtab - res://C:\Program Files\Windows Live Toolbar\Components\nl-be\msntabres.dll.mui/230?f97eab37279847f4afa33f3140009ce8
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://frette10.spaces.live.com//PhotoUpload/MsnPUpld.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1156780652433
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab31267.cab
O18 - Protocol: bw+0 - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: offline-8876480 - {7F572A7D-77E6-489F-BD16-6859062D7EBB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: ISSvc (ISSVC) - Symantec Corporation - C:\Program Files\Norton Internet Security\ISSVC.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~2.EXE
O23 - Service: Norton AntiVirus Auto-Protect-service (navapsvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Planner voor Automatische LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe - De volgende mappen mag je nog wel even verwijderen:
C:\[b:48c548db2e]!Killbox[/b:48c548db2e]\
C:\[b:48c548db2e]QooBox[/b:48c548db2e]\
Maak dan je prullenbak leeg.
Doe ook dit nog even:
Schakel Systeemherstel uit. Herstart de computer. Schakel Systeemherstel weer in.
Kijk hier hoe je je systeemherstel moet uitschakelen.
Hiermee verwijder je eventuele restanten van de infecties uit je systeemherstel.
Dan zou alles weet ok moeten zijn
Groeten smeenk - Bedankt voor de hulp weeral.
- Graag gedaan hoor guft
Beantwoord deze vraag
Dit is een gearchiveerde pagina. Antwoorden is niet meer mogelijk.
