Logfile of HijackThis v1.99.1
Scan saved at 19:38:19, on 2/03/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16414)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Belkin\F5D7051\WLService.exe
C:\Program Files\Belkin\F5D7051\WLanCfgG.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\WINDOWS\system32\crypserv.exe
E:\Program Files\Executive Software\Diskeeper\DkService.exe
E:\Beveiligings Software\security suite\ewidoguard.exe
C:\Program Files\Eset\nod32kui.exe
C:\WINDOWS\S4TSR.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\Program Files\Eset\nod32krn.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Common Files\Logitech\KhalShared\KHALMNPR.EXE
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Common Files\Logitech\WebColct\webcolct.exe
C:\Documents and Settings\Kristof\Mijn documenten\FireFox Downloads\hijackthis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.be/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - E:\BEVEIL~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [DisableEHCI] C:\WINDOWS\S4TSR.EXE
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE"
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Verzenden naar &Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O9 - Extra button: Toevoegen aan Mobiele favorieten - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra 'Tools' menuitem: Toevoegen aan Mobiele favorieten... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary...r.cab31267.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary...t.cab31267.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/Ms...Downloader.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary...n.cab31267.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O20 - Winlogon Notify: WRNotifier - WRLogonNTF.dll (file missing)
O23 - Service: Belkin High-Speed Mode Wireless G USB Driver (Belkin High-Speed Mode Wireless G USB Network Adapter Service) - Unknown owner - C:\Program Files\Belkin\F5D7051\WLService.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: Crypkey License - Kenonic Controls Ltd. - C:\WINDOWS\SYSTEM32\crypserv.exe
O23 - Service: Diskeeper - Executive Software International, Inc. - E:\Program Files\Executive Software\Diskeeper\DkService.exe
O23 - Service: ewido security suite control - Unknown owner - E:\Beveiligings Software\ewido anti-malware\ewidoctrl.exe (file missing)
O23 - Service: ewido security suite guard - ewido networks - E:\Beveiligings Software\security suite\ewidoguard.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
Weergegeven resultaten: 1 t/m 9 van 9
Discussie: virus denk
-
2 March 2007, 20:39 #1Geek
- Geregistreerd
- 10 May 2005
- Locatie
- Laakdal
- Berichten
- 1.991
- Bedankjes
- 347
- Bedankt
- 401 keer in 232 posts
virus denk
-
2 March 2007, 20:54 #2Geek
- Geregistreerd
- 10 May 2005
- Locatie
- Laakdal
- Berichten
- 1.991
- Bedankjes
- 347
- Bedankt
- 401 keer in 232 posts
heb het bestand al in prullenbak liggen
kga het nu even op externe zetten voor toch nog abckupje te hebben in geval van
-
2 March 2007, 21:14 #3Erelid
- Geregistreerd
- 10 May 2005
- Locatie
- West-Vlaanderen
- Berichten
- 5.852
- Bedankjes
- 90
- Bedankt
- 800 keer in 736 posts
Upload het bestandje eens hier:
http://www.virustotal.com/en/indexf.html
Meld het resultaat hier.
Member of ASAP
-
De volgende gebruiker bedankt jurgenv voor deze nuttige post:
Clioke16V ( 2 March 2007)
-
2 March 2007, 22:00 #4Geek
- Geregistreerd
- 10 May 2005
- Locatie
- Laakdal
- Berichten
- 1.991
- Bedankjes
- 347
- Bedankt
- 401 keer in 232 posts
Complete scanning result of "S4TSR.EXE", received in VirusTotal at 03.02.2007, 20:49:04 (CET).
AntivirusVersionUpdateResult AntiVir7.3.1.3803.02.2007no virus foundAuthentium4.93.803.01.2007no virus foundAvast4.7.936.003.02.2007 no virus foundAVG7.5.0.44703.02.2007no virus foundBitDefender7.203.02.2007 no virus foundCAT-QuickHeal9.0003.02.2007no virus foundClamAVdevel-2006042603.02.2007 no virus foundDrWeb4.3303.02.2007no virus foundeSafe7.0.14.002.28.2007 no virus foundeTrust-Vet30.6.344703.02.2007no virus foundEwido4.003.02.2007 no virus foundFileAdvisor103.02.2007No threat detectedFortinet2.85.0.003.02.2007 no virus foundF-Prot4.3.1.4503.01.2007no virus foundF-Secure6.70.13030.003.02.2007 no virus foundIkarusT3.1.1.303.02.2007no virus foundKaspersky4.0.2.2403.02.2007 no virus foundMcAfee497503.02.2007no virus foundMicrosoft1.220403.02.2007 no virus foundNOD32v2209003.02.2007no virus foundNorman5.80.0203.02.2007 no virus foundPanda9.0.0.403.01.2007no virus foundPrevx1V203.02.2007 no virus foundSophos4.14.003.01.2007no virus foundSunbelt2.2.907.003.01.2007 no virus foundSymantec1003.02.2007no virus foundTheHacker6.1.6.06703.01.2007 no virus foundUNA1.8303.02.2007no virus foundVBA323.11.203.01.2007 no virus foundVirusBuster4.3.19:903.02.2007no virus found
Aditional Information File size: 28672 bytesMD5: 4ddb7295bc80eee094e4ea1a61e7ccc8SHA1: cd3511fd33243f9033062d00c55fafcdcbf503d8Bit9 info: http://fileadvisor.bit9.com/services...e4ea1a61e7ccc8
VirusTotal is a free service offered by Hispasec Sistemas. There are no guarantees about the availability and continuity of this service. Although the detection rate afforded by the use of multiple antivirus engines is far superior to that offered by just one product, these results DO NOT guarantee the harmlessness of a file. Currently, there is not any solution that offers a 100% effectiveness rate for detecting viruses and malware.
hoop dat dit goed is.
Wat me ook opvalde, was dat bij opstarten pc er een dos venster openging met als benaming > NOUSB2.0.exe ( nu niet meer na verwijderen :d )Laatst gewijzigd door Clioke16V; 2 March 2007 om 22:02
-
2 March 2007, 22:02 #5Erelid
- Geregistreerd
- 10 May 2005
- Locatie
- West-Vlaanderen
- Berichten
- 5.852
- Bedankjes
- 90
- Bedankt
- 800 keer in 736 posts
Ziet er dus goed uit.
Member of ASAP
-
De volgende gebruiker bedankt jurgenv voor deze nuttige post:
Clioke16V ( 2 March 2007)
-
2 March 2007, 22:21 #6Geek
- Geregistreerd
- 10 May 2005
- Locatie
- Laakdal
- Berichten
- 1.991
- Bedankjes
- 347
- Bedankt
- 401 keer in 232 posts
hijackthis was voor de rest ook in orde ?
-
2 March 2007, 22:22 #7Erelid
- Geregistreerd
- 10 May 2005
- Locatie
- West-Vlaanderen
- Berichten
- 5.852
- Bedankjes
- 90
- Bedankt
- 800 keer in 736 posts
Jep.
Member of ASAP
-
De volgende gebruiker bedankt jurgenv voor deze nuttige post:
Clioke16V ( 2 March 2007)
-
2 March 2007, 22:40 #8Geek
- Geregistreerd
- 10 May 2005
- Locatie
- Laakdal
- Berichten
- 1.991
- Bedankjes
- 347
- Bedankt
- 401 keer in 232 posts
owke, smijt maar slotteke op.
merci makker voor de mega snelle hulp
-
2 March 2007, 22:40 #9Erelid
- Geregistreerd
- 10 May 2005
- Locatie
- West-Vlaanderen
- Berichten
- 5.852
- Bedankjes
- 90
- Bedankt
- 800 keer in 736 posts
Graag gedaan.
Member of ASAP
Discussie informatie
Users Browsing this Thread
Momenteel bekijken 1 gebruikers deze discussie. (0 leden en 1 gasten)
Soortgelijke discussies
-
Checken > denk trojan
Door Clioke16V in forum HijackThisReacties: 5Laatste bericht: 14 December 2005, 15:00 -
denk da kik problemen heb
Door rafc in forum HijackThisReacties: 17Laatste bericht: 6 November 2005, 18:23 -
ik denk een virus
Door grimson in forum HijackThisReacties: 2Laatste bericht: 18 May 2005, 09:54
Regels voor berichten
- Copyright © 2004 - 2019, Minatica.be
-
Powered by vBulletin®, versie 4.2.2
Copyright © 2024 vBulletin Solutions, Inc. - Design door Gert Bangels
Favorieten/bladwijzers