Weergegeven resultaten: 1 t/m 2 van 2
  1. 19 November 2006, 21:30 #1
    El Torro
    El Torro is offline
    Up-to-date  
    Geregistreerd
    30 July 2005
    Berichten
    11
    Bedankjes
    0
    Bedankt
    4 keer in 3 posts

    na de dokter met agv

    + Created at: 20:09:24 19/11/2006
    + Scan result:

    C:\Program Files\INSTAFINK -> Adware.404Search : Cleaned with backup (quarantined).
    C:\Program Files\INSTAFINK\instafink.dll -> Adware.404Search : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{D786E0BB-1C34-4673-BCA6-1BB91F86BD21}\RP104\A0014795.exe -> Adware.404Search : Cleaned with backup (quarantined).
    C:\Documents and Settings\Lateur Marijke\Local Settings\Temp\asmfiles.cab/asm.exe -> Adware.Altnet : Cleaned with backup (quarantined).
    C:\Documents and Settings\Lateur Marijke\Local Settings\Temp\asmfiles.cab/asmps.dll -> Adware.Altnet : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{D786E0BB-1C34-4673-BCA6-1BB91F86BD21}\RP105\A0014806.dll -> Adware.Altnet : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{D786E0BB-1C34-4673-BCA6-1BB91F86BD21}\RP105\A0014815.exe -> Adware.Altnet : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{D786E0BB-1C34-4673-BCA6-1BB91F86BD21}\RP105\A0014824.exe -> Adware.Altnet : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{D786E0BB-1C34-4673-BCA6-1BB91F86BD21}\RP105\A0014830.dll -> Adware.Altnet : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{D786E0BB-1C34-4673-BCA6-1BB91F86BD21}\RP105\A0014831.dll -> Adware.Altnet : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{D786E0BB-1C34-4673-BCA6-1BB91F86BD21}\RP105\A0014832.exe -> Adware.Altnet : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{D786E0BB-1C34-4673-BCA6-1BB91F86BD21}\RP105\A0014834.dll -> Adware.Altnet : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{D786E0BB-1C34-4673-BCA6-1BB91F86BD21}\RP105\A0014835.dll -> Adware.Altnet : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{D786E0BB-1C34-4673-BCA6-1BB91F86BD21}\RP105\A0014836.dll -> Adware.Altnet : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{D786E0BB-1C34-4673-BCA6-1BB91F86BD21}\RP105\A0014837.exe -> Adware.Altnet : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{D786E0BB-1C34-4673-BCA6-1BB91F86BD21}\RP105\A0014839.dll -> Adware.Altnet : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{D786E0BB-1C34-4673-BCA6-1BB91F86BD21}\RP100\A0012679.exe -> Adware.Bestofer : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{D786E0BB-1C34-4673-BCA6-1BB91F86BD21}\RP100\A0012693.exe -> Adware.Bestofer : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{D786E0BB-1C34-4673-BCA6-1BB91F86BD21}\RP100\A0012724.exe -> Adware.Bestofer : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{D786E0BB-1C34-4673-BCA6-1BB91F86BD21}\RP101\A0012748.exe -> Adware.Bestofer : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{D786E0BB-1C34-4673-BCA6-1BB91F86BD21}\RP101\A0012759.exe -> Adware.Bestofer : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{D786E0BB-1C34-4673-BCA6-1BB91F86BD21}\RP101\A0012773.exe -> Adware.Bestofer : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{D786E0BB-1C34-4673-BCA6-1BB91F86BD21}\RP101\A0012789.exe -> Adware.Bestofer : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{D786E0BB-1C34-4673-BCA6-1BB91F86BD21}\RP102\A0012807.exe -> Adware.Bestofer : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{D786E0BB-1C34-4673-BCA6-1BB91F86BD21}\RP102\A0012821.exe -> Adware.Bestofer : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{D786E0BB-1C34-4673-BCA6-1BB91F86BD21}\RP102\A0012834.exe -> Adware.Bestofer : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{D786E0BB-1C34-4673-BCA6-1BB91F86BD21}\RP103\A0012846.exe -> Adware.Bestofer : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{D786E0BB-1C34-4673-BCA6-1BB91F86BD21}\RP104\A0014793.exe -> Adware.Bestofer : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{D786E0BB-1C34-4673-BCA6-1BB91F86BD21}\RP105\A0014799.exe -> Adware.Bestofer : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{D786E0BB-1C34-4673-BCA6-1BB91F86BD21}\RP95\A0010411.exe -> Adware.Bestofer : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{D786E0BB-1C34-4673-BCA6-1BB91F86BD21}\RP96\A0010433.exe -> Adware.Bestofer : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{D786E0BB-1C34-4673-BCA6-1BB91F86BD21}\RP96\A0010451.exe -> Adware.Bestofer : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{D786E0BB-1C34-4673-BCA6-1BB91F86BD21}\RP96\A0011452.exe -> Adware.Bestofer : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{D786E0BB-1C34-4673-BCA6-1BB91F86BD21}\RP96\A0011465.exe -> Adware.Bestofer : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{D786E0BB-1C34-4673-BCA6-1BB91F86BD21}\RP96\A0012465.exe -> Adware.Bestofer : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{D786E0BB-1C34-4673-BCA6-1BB91F86BD21}\RP97\A0012500.exe -> Adware.Bestofer : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{D786E0BB-1C34-4673-BCA6-1BB91F86BD21}\RP97\A0012512.exe -> Adware.Bestofer : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{D786E0BB-1C34-4673-BCA6-1BB91F86BD21}\RP97\A0012524.exe -> Adware.Bestofer : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{D786E0BB-1C34-4673-BCA6-1BB91F86BD21}\RP97\A0012536.exe -> Adware.Bestofer : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{D786E0BB-1C34-4673-BCA6-1BB91F86BD21}\RP97\A0012553.exe -> Adware.Bestofer : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{D786E0BB-1C34-4673-BCA6-1BB91F86BD21}\RP98\A0012572.exe -> Adware.Bestofer : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{D786E0BB-1C34-4673-BCA6-1BB91F86BD21}\RP98\A0012586.exe -> Adware.Bestofer : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{D786E0BB-1C34-4673-BCA6-1BB91F86BD21}\RP98\A0012599.exe -> Adware.Bestofer : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{D786E0BB-1C34-4673-BCA6-1BB91F86BD21}\RP99\A0012614.exe -> Adware.Bestofer : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{D786E0BB-1C34-4673-BCA6-1BB91F86BD21}\RP99\A0012626.exe -> Adware.Bestofer : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{D786E0BB-1C34-4673-BCA6-1BB91F86BD21}\RP99\A0012640.exe -> Adware.Bestofer : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{D786E0BB-1C34-4673-BCA6-1BB91F86BD21}\RP99\A0012655.exe -> Adware.Bestofer : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{D786E0BB-1C34-4673-BCA6-1BB91F86BD21}\RP105\A0014817.dll -> Adware.BrilliantDigital : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{D786E0BB-1C34-4673-BCA6-1BB91F86BD21}\RP103\A0014365.dll -> Adware.FunWeb : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{D786E0BB-1C34-4673-BCA6-1BB91F86BD21}\RP103\A0014369.DLL -> Adware.FunWeb : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{D786E0BB-1C34-4673-BCA6-1BB91F86BD21}\RP103\A0014375.DLL -> Adware.FunWeb : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{D786E0BB-1C34-4673-BCA6-1BB91F86BD21}\RP103\A0014376.EXE -> Adware.FunWeb : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{D786E0BB-1C34-4673-BCA6-1BB91F86BD21}\RP103\A0014378.DLL -> Adware.FunWeb : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{D786E0BB-1C34-4673-BCA6-1BB91F86BD21}\RP105\A0014847.DLL -> Adware.IESearch : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{D786E0BB-1C34-4673-BCA6-1BB91F86BD21}\RP106\A0014937.dll -> Adware.IESearch : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{D786E0BB-1C34-4673-BCA6-1BB91F86BD21}\RP103\A0014380.DLL -> Adware.IWon : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{D786E0BB-1C34-4673-BCA6-1BB91F86BD21}\RP105\A0014840.exe -> Adware.NewDotNet : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{D786E0BB-1C34-4673-BCA6-1BB91F86BD21}\RP105\A0014841.exe -> Adware.NewDotNet : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{D786E0BB-1C34-4673-BCA6-1BB91F86BD21}\RP105\A0014855.dll -> Adware.NewDotNet : Cleaned with backup (quarantined).
    C:\WINDOWS\NDNuninstall6_38.exe -> Adware.NewDotNet : Cleaned with backup (quarantined).
    C:\WINDOWS\NDNuninstall7_22.exe -> Adware.NewDotNet : Cleaned with backup (quarantined).
    HKU\.DEFAULT\Software\New.net -> Adware.NewDotNet : Cleaned with backup (quarantined).
    HKU\S-1-5-18\Software\New.net -> Adware.NewDotNet : Cleaned with backup (quarantined).
    HKU\S-1-5-19\Software\New.net -> Adware.NewDotNet : Cleaned with backup (quarantined).
    HKU\S-1-5-21-909079937-3406648928-2623173166-1007\Software\Microsoft\Windows\CurrentVersion\Ext \Stats\{4A2AACF3-ADF6-11D5-98A9-00E018981B9E} -> Adware.NewDotNet : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{D786E0BB-1C34-4673-BCA6-1BB91F86BD21}\RP105\A0014808.cpl -> Adware.P2PNet : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{D786E0BB-1C34-4673-BCA6-1BB91F86BD21}\RP105\A0014809.exe -> Adware.P2PNet : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{D786E0BB-1C34-4673-BCA6-1BB91F86BD21}\RP105\A0014854.DLL -> Adware.P2PNet : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{D786E0BB-1C34-4673-BCA6-1BB91F86BD21}\RP131\A0017952.dll -> Adware.PowerSearch : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{D786E0BB-1C34-4673-BCA6-1BB91F86BD21}\RP125\A0017727.exe -> Adware.Rebates : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{D786E0BB-1C34-4673-BCA6-1BB91F86BD21}\RP104\A0014786.exe -> Adware.RXBar : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{D786E0BB-1C34-4673-BCA6-1BB91F86BD21}\RP105\A0014852.dll -> Adware.RXBar : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{D786E0BB-1C34-4673-BCA6-1BB91F86BD21}\RP105\A0014853.dll -> Adware.RXToolbar : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{D786E0BB-1C34-4673-BCA6-1BB91F86BD21}\RP104\A0014772.exe -> Adware.SaveNow : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{D786E0BB-1C34-4673-BCA6-1BB91F86BD21}\RP104\A0014773.dll -> Adware.SaveNow : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{D786E0BB-1C34-4673-BCA6-1BB91F86BD21}\RP104\A0014774.exe -> Adware.SaveNow : Cleaned with backup (quarantined).
    HKLM\SOFTWARE\Classes\WUSN.1 -> Adware.SaveNow : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{D786E0BB-1C34-4673-BCA6-1BB91F86BD21}\RP125\A0017729.exe -> Adware.WebRebates : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{D786E0BB-1C34-4673-BCA6-1BB91F86BD21}\RP125\A0017730.dll -> Adware.WebRebates : Cleaned with backup (quarantined).
    HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\ins -> Adware.WebRebates : Cleaned with backup (quarantined).
    HKU\S-1-5-21-909079937-3406648928-2623173166-1007\Software\Microsoft\Internet Explorer\MenuExt\Web Rebates -> Adware.WebRebates : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{D786E0BB-1C34-4673-BCA6-1BB91F86BD21}\RP103\A0014371.DLL -> Downloader.IstBar : Cleaned with backup (quarantined).
    C:\Documents and Settings\Lateur Marijke\Cookies\lateur marijke@msnportal.112.2o7[1].txt -> TrackingCookie.2o7 : Cleaned.
    C:\Documents and Settings\Lateur Marijke\Local Settings\Temp\Cookies\lateur marijke@detelegraaf.112.2o7[1].txt -> TrackingCookie.2o7 : Cleaned.
    C:\Documents and Settings\Lateur Marijke\Local Settings\Temp\Cookies\lateur marijke@msnportal.112.2o7[1].txt -> TrackingCookie.2o7 : Cleaned.
    C:\RECYCLER\S-1-5-21-909079937-3406648928-2623173166-1007\Dc266.txt -> TrackingCookie.2o7 : Cleaned.
    C:\RECYCLER\S-1-5-21-909079937-3406648928-2623173166-1007\Dc325.txt -> TrackingCookie.2o7 : Cleaned.
    C:\RECYCLER\S-1-5-21-909079937-3406648928-2623173166-1007\Dc377.txt -> TrackingCookie.2o7 : Cleaned.
    C:\RECYCLER\S-1-5-21-909079937-3406648928-2623173166-1007\Dc360.txt -> TrackingCookie.Adbrite : Cleaned.
    C:\Documents and Settings\Lateur Marijke\Cookies\lateur marijke@atdmt[2].txt -> TrackingCookie.Atdmt : Cleaned.
    C:\Documents and Settings\Lateur Marijke\Local Settings\Temp\Cookies\lateur marijke@bestoffersnetworks[2].txt -> TrackingCookie.Bestoffersnetworks : Cleaned.
    C:\RECYCLER\S-1-5-21-909079937-3406648928-2623173166-1007\Dc242.txt -> TrackingCookie.Bestoffersnetworks : Cleaned.
    C:\Documents and Settings\Lateur Marijke\Cookies\lateur marijke@bluestreak[2].txt -> TrackingCookie.Bluestreak : Cleaned.
    C:\RECYCLER\S-1-5-21-909079937-3406648928-2623173166-1007\Dc262.txt -> TrackingCookie.Clickzs : Cleaned.
    C:\Documents and Settings\Lateur Marijke\Local Settings\Temp\Cookies\lateur marijke@cliks[2].txt -> TrackingCookie.Cliks : Cleaned.
    C:\RECYCLER\S-1-5-21-909079937-3406648928-2623173166-1007\Dc255.txt -> TrackingCookie.Cliks : Cleaned.
    C:\Documents and Settings\Lateur Marijke\Cookies\lateur marijke@com[1].txt -> TrackingCookie.Com : Cleaned.
    C:\RECYCLER\S-1-5-21-909079937-3406648928-2623173166-1007\Dc259.txt -> TrackingCookie.Com : Cleaned.
    C:\Documents and Settings\Lateur Marijke\Cookies\lateur marijke@doubleclick[2].txt -> TrackingCookie.Doubleclick : Cleaned.
    C:\Documents and Settings\Lateur Marijke\Cookies\lateur marijke@fastclick[2].txt -> TrackingCookie.Fastclick : Cleaned.
    C:\RECYCLER\S-1-5-21-909079937-3406648928-2623173166-1007\Dc306.txt -> TrackingCookie.Ivwbox : Cleaned.
    C:\Documents and Settings\Lateur Marijke\Cookies\lateur marijke@mediaplex[1].txt -> TrackingCookie.Mediaplex : Cleaned.
    C:\Documents and Settings\Lateur Marijke\Local Settings\Temp\Cookies\lateur marijke@need2find[2].txt -> TrackingCookie.Need2find : Cleaned.
    C:\Documents and Settings\Lateur Marijke\Cookies\lateur marijke@ads.pointroll[2].txt -> TrackingCookie.Pointroll : Cleaned.
    C:\Documents and Settings\Lateur Marijke\Cookies\lateur marijke@questionmarket[2].txt -> TrackingCookie.Questionmarket : Cleaned.
    C:\Documents and Settings\Lateur Marijke\Cookies\lateur marijke@edge.ru4[2].txt -> TrackingCookie.Ru4 : Cleaned.
    C:\Documents and Settings\Lateur Marijke\Cookies\lateur marijke@statcounter[2].txt -> TrackingCookie.Statcounter : Cleaned.
    C:\Documents and Settings\Lateur Marijke\Cookies\lateur marijke@tradedoubler[2].txt -> TrackingCookie.Tradedoubler : Cleaned.
    C:\Documents and Settings\Lateur Marijke\Local Settings\Temp\Cookies\lateur marijke@ad.yieldmanager[1].txt -> TrackingCookie.Yieldmanager : Cleaned.
    C:\RECYCLER\S-1-5-21-909079937-3406648928-2623173166-1007\Dc227.txt -> TrackingCookie.Yieldmanager : Cleaned.

    ::Report end
    Logfile of HijackThis v1.99.1
    Scan saved at 20:29:07, on 19/11/2006
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
    C:\Program Files\Norton Internet Security\ISSVC.exe
    C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
    C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
    C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe
    C:\WINDOWS\system32\CTsvcCDA.EXE
    C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
    c:\APPS\HIDSERVICE\HIDSERVICE.exe
    C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLService.exe
    C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
    C:\WINDOWS\RTHDCPL.EXE
    C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
    C:\Program Files\Java\j2re1.4.2_05\bin\jusched.exe
    C:\WINDOWS\system32\nvsvc32.exe
    C:\Program Files\Java\j2re1.4.2_05\bin\jucheck.exe
    C:\Program Files\Common Files\Symantec Shared\ccApp.exe
    C:\WINDOWS\system32\slserv.exe
    C:\Apps\Powercinema\PCMService.exe
    C:\Program Files\QuickTime\qttask.exe
    C:\Program Files\MSN Messenger\msnmsgr.exe
    c:\APPS\Powercinema\Kernel\TV\CLSched.exe
    C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe
    C:\Program Files\Common Files\Real\Update_OB\realsched.exe
    C:\Program Files\Web__Rebates\webrebatesv.exe
    C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe
    C:\Program Files\Web__Rebates\to.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Avant Browser\avant.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\Program Files\Messenger\msmsgs.exe
    C:\DOCUME~1\LATEUR~1\LOCALS~1\Temp\Tijdelijke map 1 voor hijackthis[1].zip\HijackThis.exe
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.telenet.be
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.be/0SENLBE/SAOS01?FORM=TOOLBR
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://g.msn.be/0SENLBE/SAOS01?FORM=TOOLBR
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.telenet.be
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.telenet.be
    R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.be/0SENLBE/SAOS01?FORM=TOOLBR
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Telenet Internet
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,AutoConfigURL = http://pac.telenet.be:8080
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
    O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Norton Internet Security - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
    O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
    O3 - Toolbar: Norton Internet Security - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
    O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
    O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
    O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
    O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
    O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
    O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    O4 - HKLM\..\Run: [Snelkoppeling naar eigenschappenvenster voor High Definition Audio] HDAShCut.exe
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet
    O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
    O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
    O4 - HKLM\..\Run: [AzMixerSel] C:\Program Files\Realtek\InstallShield\AzMixerSel.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_05\bin\jusched.exe
    O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
    O4 - HKLM\..\Run: [PCMService] "c:\Apps\Powercinema\PCMService.exe"
    O4 - HKLM\..\Run: [ClickMe] C:\apps\ClickMe\ClickMe.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"
    O4 - HKLM\..\Run: [SemanticInsight] C:\Program Files\RXToolBar\Semantic Insight\SemanticInsight.exe
    O4 - HKLM\..\Run: [NI.UERSM_0001_N68M1602] "C:\Documents and Settings\Lateur Marijke\Local Settings\Temporary Internet Files\Content.IE5\LYG94OW8\ErrorSafeScannerInstall _nl[1].exe" -nag
    O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [toprm] "C:\Program Files\Web__Rebates\webrebatesv.exe"
    O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe"
    O4 - HKCU\..\Run: [Creative Detector] C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe /R
    O8 - Extra context menu item: Alle links in deze pagina openen... - C:\Program Files\Avant Browser\OpenAllLinks.htm
    O8 - Extra context menu item: Blokkeer alle plaatjes afkomstig van dezelfde server - C:\Program Files\Avant Browser\AddAllToADBlackList.htm
    O8 - Extra context menu item: Markeren - C:\Program Files\Avant Browser\Highlight.htm
    O8 - Extra context menu item: Open In Nieuwe Avant Browser - C:\Program Files\Avant Browser\OpenInNewBrowser.htm
    O8 - Extra context menu item: Toevoegen aan Reclame Black List - C:\Program Files\Avant Browser\AddToADBlackList.htm
    O8 - Extra context menu item: Zoeken - C:\Program Files\Avant Browser\Search.htm
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_05\bin\npjpi142_05.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_05\bin\npjpi142_05.dll
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O14 - IERESET.INF: START_PAGE_URL=file://C:\APPS\IE\offline\benl.htm
    O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.imgfarm.com/images/nocache...up1.0.0.15.cab
    O16 - DPF: {B64F4A7C-97C9-11DA-8BDE-F66BAD1E3F3A} - http://locator1.cdn.imagesrvr.com/si...rInstallNL.cab
    O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game07.zylom.com/activex/zylomgamesplayer.cab
    O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O18 - Filter: text/html - (no CLSID) - (no file)
    O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
    O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
    O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
    O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
    O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
    O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe
    O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - c:\APPS\Powercinema\Kernel\TV\CLSched.exe
    O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.EXE
    O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
    O23 - Service: Generic Service for HID Keyboard Input Collections (GenericHidService) - Unknown owner - c:\APPS\HIDSERVICE\HIDSERVICE.exe
    O23 - Service: ISSvc (ISSVC) - Symantec Corporation - C:\Program Files\Norton Internet Security\ISSVC.exe
    O23 - Service: Norton AntiVirus Auto-Protect-service (navapsvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
    O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
    O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe
    O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
    O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
  2. 19 November 2006, 21:52 #2
    jurgenv
    jurgenv is offline
    Erelid   jurgenv's schermafbeelding
    Geregistreerd
    10 May 2005
    Locatie
    West-Vlaanderen
    Berichten
    5.887
    Bedankjes
    100
    Bedankt
    901 keer in 829 posts
    Download combofix.exe: http://download.bleepingcomputer.com/sUBs/combofix.exe
    Plaats het op je bureaublad.
    Dubbelklik er op om het programma te starten.
    In het scherm dat verschijnt tik je een Y in om het cleaningsprocess te starten.
    Volg de instructies op het scherm.
    Als het tooltje klaar is, opent er een logfile (combofix.txt) Post de inhoud van dit bestandje samen met een nieuwe hijackthislog.

    Member of ASAP
« Vorige discussie | Volgende discussie »

Discussie informatie

Users Browsing this Thread

Momenteel bekijken 1 gebruikers deze discussie. (0 leden en 1 gasten)

Soortgelijke discussies

  1. moet ik naar de dokter?
    Door El Torro in forum HijackThis
    Reacties: 1
    Laatste bericht: 10 November 2006, 00:21

Favorieten/bladwijzers

Favorieten/bladwijzers

Regels voor berichten

  • Je mag geen nieuwe discussies starten
  • Je mag niet reageren op berichten
  • Je mag geen bijlagen versturen
  • Je mag niet je berichten bewerken
  •  

Forumregels