Volledige versie bekijken : me pc doet erg traag
Max17 14 January 2007, 20:46 Me pc doet erg traag de laatste paar dagen gebruik nod32 als antivirus en avg anti-spyware...En telkens na het opnieuw starten van mij computer wordt er een lege "nieuwe map" op mijn bureaublad gevormd...
Kan iemand mij helpe? alvast bedankt:)
hier mijn logje:
Logfile of HijackThis v1.99.1
Scan saved at 19:43:16, on 14-1-2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0011)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
D:\Program Files\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\sony\giga pocket\shwserv.exe
C:\Program Files\Eset\nod32krn.exe
D:\Program Files\Sygate Firewall\smc.exe
C:\WINDOWS\System32\PAStiSvc.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\WINDOWS\System32\ezSP_Px.exe
C:\Program Files\MessengerPlus! 3\MsgPlus.exe
C:\Program Files\sony\giga pocket\RM_SV.exe
C:\Program Files\Eset\nod32kui.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
C:\Program Files\sony\usbsircs\USBsircs.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosAVRC.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtPSS.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\tosOBEX.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\tosBtProc.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Furkan Altas\Bureaublad\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.nl/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\PROGRA~1\Skype\IEPlugin\SKYPEI~1.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O2 - BHO: TGTSoft Explorer Toolbar Changer - {C333CF63-767F-4831-94AC-E683D962C63C} - C:\Program Files\TGTSoft\StyleXP\TGT_BHO.dll
O3 - Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - (no file)
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [ezShieldProtector for Px] C:\WINDOWS\System32\ezSP_Px.exe
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [Windows Print Monitor] dichgygil.exe
O4 - HKLM\..\Run: [PrinTray] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\printra y.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [SmcService] D:\PROGRA~1\SYGATE~1\smc.exe -startgui
O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\RunServices: [Windows Print Monitor] dichgygil.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [algchk.exe] C:\WINDOWS\System32\algchk.exe
O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart
O4 - HKCU\..\Run: [STYLEXP] C:\Program Files\TGTSoft\StyleXP\StyleXP.exe -Hide
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - Global Startup: Bluetooth Manager.lnk = ?
O4 - Global Startup: Remocon Driver.lnk = C:\Program Files\sony\usbsircs\USBsircs.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\PROGRA~1\Skype\IEPlugin\SKYPEI~1.DLL
O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O14 - IERESET.INF: START_PAGE_URL=http://www.google.com/
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by110fd.bay110.hotmail.msn.com/resources/MsnPUpld.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1163847136500
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {A18962F6-E6ED-40B1-97C9-1FB36F38BFA8} (Aurigma Image Uploader 3.5 Control) - http://www.kodakimages.com/DesktopModules/SpectorAlbum/ImageUploader3.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {DEB21AD3-FDA4-42F6-B57D-EE696A675EE8} (IPSUploader Control) - http://as.photoprintit.de/ips-opdata/74914090/activex/IPSUploader.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: Hints - C:\WINDOWS\system32\h8j4li1q18.dll (file missing)
O20 - Winlogon Notify: pmkjg - pmkjg.dll (file missing)
O20 - Winlogon Notify: StillImage - C:\WINDOWS\system32\jt0u07d9e.dll (file missing)
O20 - Winlogon Notify: Telephony - C:\WINDOWS\system32\irrsl5971.dll (file missing)
O20 - Winlogon Notify: Themes - C:\WINDOWS\system32\mv4ql9h51.dll (file missing)
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - D:\Program Files\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe (file missing)
O23 - Service: Giga Pocket Hardware Detector - Sony Corporation - C:\Program Files\sony\giga pocket\shwserv.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
O23 - Service: PACSPTISVR - Unknown owner - C:\Program Files\Common Files\Sony Shared\AVLib\Pacsptisvr.exe
O23 - Service: ScriptBlocking Service (SBService) - Unknown owner - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe (file missing)
O23 - Service: Sygate Personal Firewall Pro (SmcService) - Sygate Technologies, Inc. - D:\Program Files\Sygate Firewall\smc.exe
O23 - Service: Sony TV Tuner Controller - Sony Corporation - C:\Program Files\sony\giga pocket\halsv.exe
O23 - Service: Sony TV Tuner Manager - Sony Corporation - C:\Program Files\sony\giga pocket\RM_SV.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\Sptisrv.exe
O23 - Service: STI Simulator - Unknown owner - C:\WINDOWS\System32\PAStiSvc.exe
O23 - Service: StyleXPService - Unknown owner - C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
O23 - Service: VAIO Media Music Server (VAIOMediaPlatform-MusicServer-AppServer) - Unknown owner - C:\Program Files\sony\vaio media music server\SSSvr.exe" /Service=VAIOMediaPlatform-MusicServer-AppServer /DisplayName="VAIO Media Music Server (file missing)
O23 - Service: VAIO Media Music Server (HTTP) (VAIOMediaPlatform-MusicServer-HTTP) - Unknown owner - C:\Program Files\Common Files\Sony Shared\vaio media platform\sv_httpd.exe" /Service=VAIOMediaPlatform-MusicServer-HTTP /RegRoot="Software\Sony Corporation\VAIO Media Platform\2.0" /RegExt="Applications\MusicServer\HTTP (file missing)
O23 - Service: VAIO Media Music Server (UPnP) (VAIOMediaPlatform-MusicServer-UPnP) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\vaio media platform\UPnPFramework.exe
O23 - Service: VAIO Media Photo Server (VAIOMediaPlatform-PhotoServer-AppServer) - Sony Corporation - C:\Program Files\sony\photo server\appsrv\PhotoAppSrv.exe
O23 - Service: VAIO Media Photo Server (HTTP) (VAIOMediaPlatform-PhotoServer-HTTP) - Unknown owner - C:\Program Files\Common Files\sony shared\vaio media platform\SV_Httpd.exe" /Service=VAIOMediaPlatform-PhotoServer-HTTP /RegRoot="Software\Sony Corporation\VAIO Media Platform\2.0" /RegExt="\Applications\PhotoServer\HTTP (file missing)
O23 - Service: VAIO Media Photo Server (UPnP) (VAIOMediaPlatform-PhotoServer-UPnP) - Sony Corporation - C:\Program Files\Common Files\sony shared\vaio media platform\UPnPFramework.exe
O23 - Service: VAIO Media Video Server (VAIOMediaPlatform-VideoServer-AppServer) - Unknown owner - C:\Program Files\sony\giga pocket\GPVSvr.exe" /Service=VAIOMediaPlatform-VideoServer-AppServer /DisplayName="VAIO Media Video Server (file missing)
O23 - Service: VAIO Media Video Server (HTTP) (VAIOMediaPlatform-VideoServer-HTTP) - Unknown owner - C:\Program Files\Common Files\sony shared\vaio media platform\SV_Httpd.exe" /Service=VAIOMediaPlatform-VideoServer-HTTP /RegRoot="SOFTWARE\Sony Corporation\VAIO Media Platform\2.0" /RegExt="\Applications\VideoServer\HTTP (file missing)
O23 - Service: VAIO Media Video Server (UPnP) (VAIOMediaPlatform-VideoServer-UPnP) - Sony Corporation - C:\Program Files\Common Files\sony shared\vaio media platform\UPnPFramework.exe
O23 - Service: Microsoft Windows Update Service (Windows Update Service) - Unknown owner - C:\WINDOWS\
jurgenv 14 January 2007, 20:53 Download combofix.exe: http://download.bleepingcomputer.com/sUBs/combofix.exe
Plaats het op je bureaublad.
Dubbelklik er op om het programma te starten.
In het scherm dat verschijnt tik je een Y in om het cleaningsprocess te starten.
Volg de instructies op het scherm.
Als het tooltje klaar is, opent er een logfile (combofix.txt) Post de inhoud van dit bestandje samen met een nieuwe hijackthislog.
Max17 14 January 2007, 21:09 "Furkan Altas" - 07-01-14 19:56:10 Service Pack 2
ComboFix 07-01-14.2 - Running from: "C:\Documents and Settings\Furkan Altas\Bureaublad"
((((((((((((((((((((((((((((((((((((((((((((( Look2Me's Log ))))))))))))))))))))))))))))))))))))))))))))))))))
REGISTRY ENTRIES REMOVED:
Windows Registry Editor Version 5.00
[HKEY_CLASSES_ROOT\clsid\{83cfa436-013c-48db-a3a2-2947ec31303f}]Windows Registry Editor Version 5.00
[HKEY_CLASSES_ROOT\clsid\{dd79911b-badb-4ec8-9f91-789c4c09706e}]
@=""
"IDEx"="ADDR"
[HKEY_CLASSES_ROOT\clsid\{dd79911b-badb-4ec8-9f91-789c4c09706e}\Implemented Categories]
@=""
[HKEY_CLASSES_ROOT\clsid\{dd79911b-badb-4ec8-9f91-789c4c09706e}\Implemented Categories\{00021492-0000-0000-C000-
000000000046}]
@=""
[HKEY_CLASSES_ROOT\clsid\{dd79911b-badb-4ec8-9f91-789c4c09706e}\InprocServer32]
@="C:\\WINDOWS\\system32\\leeps12n.dll"
"ThreadingModel"="Apartment"Windows Registry Editor Version 5.00
[HKEY_CLASSES_ROOT\clsid\{1cbf9dfb-213b-4658-9902-12d158a50f7e}]
@=""
"IDEx"="ADDR"
[HKEY_CLASSES_ROOT\clsid\{1cbf9dfb-213b-4658-9902-12d158a50f7e}\Implemented Categories]
@=""
[HKEY_CLASSES_ROOT\clsid\{1cbf9dfb-213b-4658-9902-12d158a50f7e}\Implemented Categories\{00021492-0000-0000-C000-
000000000046}]
@=""
[HKEY_CLASSES_ROOT\clsid\{1cbf9dfb-213b-4658-9902-12d158a50f7e}\InprocServer32]
@="C:\\WINDOWS\\system32\\myvcirt.dll"
"ThreadingModel"="Apartment"Windows Registry Editor Version 5.00
[HKEY_CLASSES_ROOT\clsid\{669d0b24-326a-40ed-a952-eac4335dbc17}]
@=""
[HKEY_CLASSES_ROOT\clsid\{669d0b24-326a-40ed-a952-eac4335dbc17}\Implemented Categories]
@=""
[HKEY_CLASSES_ROOT\clsid\{669d0b24-326a-40ed-a952-eac4335dbc17}\Implemented Categories\{00021492-0000-0000-C000-
000000000046}]
@=""
[HKEY_CLASSES_ROOT\clsid\{669d0b24-326a-40ed-a952-eac4335dbc17}\InprocServer32]
@="C:\\WINDOWS\\system32\\guard.tmp"
"ThreadingModel"="Apartment"Windows Registry Editor Version 5.00
[HKEY_CLASSES_ROOT\clsid\{a96caeb2-10bc-4379-9ae2-273c02571120}]
@=""
[HKEY_CLASSES_ROOT\clsid\{a96caeb2-10bc-4379-9ae2-273c02571120}\Implemented Categories]
@=""
[HKEY_CLASSES_ROOT\clsid\{a96caeb2-10bc-4379-9ae2-273c02571120}\Implemented Categories\{00021492-0000-0000-C000-
000000000046}]
@=""
[HKEY_CLASSES_ROOT\clsid\{a96caeb2-10bc-4379-9ae2-273c02571120}\InprocServer32]
@="C:\\WINDOWS\\system32\\ipitpki.dll"
"ThreadingModel"="Apartment"Windows Registry Editor Version 5.00
[HKEY_CLASSES_ROOT\clsid\{7e81b043-737a-4ae3-b344-04be4c4ba854}]
@=""
[HKEY_CLASSES_ROOT\clsid\{7e81b043-737a-4ae3-b344-04be4c4ba854}\Implemented Categories]
@=""
[HKEY_CLASSES_ROOT\clsid\{7e81b043-737a-4ae3-b344-04be4c4ba854}\Implemented Categories\{00021492-0000-0000-C000-
000000000046}]
@=""
[HKEY_CLASSES_ROOT\clsid\{7e81b043-737a-4ae3-b344-04be4c4ba854}\InprocServer32]
@="C:\\WINDOWS\\system32\\guard.tmp"
"ThreadingModel"="Apartment"Windows Registry Editor Version 5.00
[HKEY_CLASSES_ROOT\clsid\{4720b9ca-a475-4f1c-a47e-a6a650302dc3}]
@=""
"IDEx"="ADDR"
[HKEY_CLASSES_ROOT\clsid\{4720b9ca-a475-4f1c-a47e-a6a650302dc3}\Implemented Categories]
@=""
[HKEY_CLASSES_ROOT\clsid\{4720b9ca-a475-4f1c-a47e-a6a650302dc3}\Implemented Categories\{00021492-0000-0000-C000-
000000000046}]
@=""
[HKEY_CLASSES_ROOT\clsid\{4720b9ca-a475-4f1c-a47e-a6a650302dc3}\InprocServer32]
@="C:\\WINDOWS\\system32\\sjrrnnl.dll"
"ThreadingModel"="Apartment"Windows Registry Editor Version 5.00
[HKEY_CLASSES_ROOT\clsid\{eb6086fc-dde3-4803-9ca3-428bb4a6477d}]
@=""
[HKEY_CLASSES_ROOT\clsid\{eb6086fc-dde3-4803-9ca3-428bb4a6477d}\Implemented Categories]
@=""
[HKEY_CLASSES_ROOT\clsid\{eb6086fc-dde3-4803-9ca3-428bb4a6477d}\Implemented Categories\{00021492-0000-0000-C000-
000000000046}]
@=""
[HKEY_CLASSES_ROOT\clsid\{eb6086fc-dde3-4803-9ca3-428bb4a6477d}\InprocServer32]
@="C:\\WINDOWS\\system32\\guard.tmp"
"ThreadingModel"="Apartment"
* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
Granting SeDebugPrivilege to Administrators ... successful
((((((((((((((((((((((((((((((( Files Created from 2006-12-14 to 2007-01-14 ))))))))))))))))))))))))))))))))))
2007-01-14 19:59 <DIR> d-------- C:\WINDOWS\erdnt
2007-01-13 02:26 <DIR> d-------- C:\WINDOWS\ie7updates
2007-01-12 16:40 <DIR> d-------- C:\DOCUME~1\RANABU~1\Application Data\vlc
2007-01-10 19:56 <DIR> d-------- C:\Program Files\toolbars
2007-01-10 19:56 <DIR> d-------- C:\Program Files\Common Files\Skype
2007-01-09 17:25 <DIR> d-------- C:\DOCUME~1\RANABU~1\Application Data\Opera
2007-01-09 17:02 3,968 --a------ C:\WINDOWS\system32\drivers\AvgAsCln.sys
2007-01-09 14:38 <DIR> d--h-c--- C:\WINDOWS\ie7
2007-01-09 14:37 945,936 --a------ C:\WINDOWS\system32\msjava.dll
2007-01-09 14:37 63,248 --a------ C:\WINDOWS\system32\javaprxy.dll
2007-01-09 14:37 49,424 --a------ C:\WINDOWS\system32\clspack.exe
2007-01-09 14:37 46,352 --a------ C:\WINDOWS\setdebug.exe
2007-01-09 14:37 404,752 --a------ C:\WINDOWS\system32\javart.dll
2007-01-09 14:37 313,856 --a------ C:\WINDOWS\system32\dx3j.dll
2007-01-09 14:37 286,992 --a------ C:\WINDOWS\system32\vmhelper.dll
2007-01-09 14:37 21,264 --a------ C:\WINDOWS\system32\msjdbc10.dll
2007-01-09 14:37 187,152 --a------ C:\WINDOWS\system32\javacypt.dll
2007-01-09 14:37 172,304 --a------ C:\WINDOWS\system32\jview.exe
2007-01-09 14:37 171,792 --a------ C:\WINDOWS\system32\wjview.exe
2007-01-09 14:37 171,280 --a------ C:\WINDOWS\system32\jit.dll
2007-01-09 14:37 154,384 --a------ C:\WINDOWS\system32\msawt.dll
2007-01-09 14:37 15,120 --a------ C:\WINDOWS\system32\jdbgmgr.exe
2007-01-09 14:37 139,536 --a------ C:\WINDOWS\system32\javaee.dll
2007-01-09 14:37 113 --a------ C:\WINDOWS\system32\zonedon.reg
2007-01-09 14:37 113 --a------ C:\WINDOWS\system32\zonedoff.reg
2007-01-09 14:23 <DIR> d-------- C:\DOCUME~1\FURKAN~1\Application Data\Opera
2007-01-08 13:08 512,096 --a------ C:\WINDOWS\system32\drivers\amon.sys
2007-01-08 13:08 298,104 --a------ C:\WINDOWS\system32\imon.dll
2007-01-08 13:08 15,424 --a------ C:\WINDOWS\system32\drivers\nod32drv.sys
2007-01-08 12:28 <DIR> d-------- C:\Program Files\Orange
2007-01-08 12:26 <DIR> d-------- C:\Program Files\SAGEM
2007-01-07 15:38 <DIR> d-------- C:\WINDOWS\WBEM
2007-01-07 15:38 <DIR> d-------- C:\WINDOWS\system32\nl-nl
2007-01-07 15:34 121,856 --------- C:\WINDOWS\system32\xmllite.dll
2007-01-07 15:32 <DIR> d-------- C:\WINDOWS\network diagnostic
2007-01-06 23:52 <DIR> d-------- C:\Program Files\Mozilla Firefox
2007-01-06 22:57 <DIR> d-a------ C:\DOCUME~1\ALLUSE~1\Application Data\TEMP
2007-01-06 21:50 83,592 --a------ C:\WINDOWS\system32\SSSensor.dll
2007-01-06 21:50 61,008 --a------ C:\WINDOWS\system32\drivers\Teefer.sys
2007-01-06 21:50 21,075 --a------ C:\WINDOWS\system32\drivers\wpsdrvnt.sys
2007-01-06 21:50 14,944 --a------ C:\WINDOWS\system32\drivers\wg3n.sys
2007-01-04 00:23 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\Application Data\Avg7
2007-01-04 00:20 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\Application Data\McAfee
2006-12-30 16:24 69,632 --a------ C:\WINDOWS\system32\lfgif13n.dll
2006-12-30 16:24 57,344 --a------ C:\WINDOWS\system32\lfbmp13n.dll
2006-12-30 16:24 462,848 --a------ C:\WINDOWS\system32\ltkrn13n.dll
2006-12-30 16:24 450,560 --a------ C:\WINDOWS\system32\ltimg13n.dll
2006-12-30 16:24 401,408 --a------ C:\WINDOWS\system32\lfcmp13n.dll
2006-12-30 16:24 299,008 --a------ C:\WINDOWS\system32\ltdis13n.dll
2006-12-30 16:24 206,336 --a------ C:\WINDOWS\system32\ltefx13n.dll
2006-12-30 16:24 163,840 --a------ C:\WINDOWS\system32\ltfil13n.dll
2006-12-30 16:24 159,744 --a------ C:\WINDOWS\system32\lfpng13n.dll
2006-12-27 01:29 73,216 --a------ C:\WINDOWS\ST6UNST.EXE
2006-12-27 01:29 249,856 --------- C:\WINDOWS\Setup1.exe
2006-12-24 22:29 <DIR> d-------- C:\DOCUME~1\FURKAN~1\Application Data\MoyeaFLV2Video
2006-12-17 17:36 <DIR> d-------- C:\DOCUME~1\RANABU~1\Application Data\Ahead
2006-12-17 17:03 <DIR> d--hs---- C:\DOCUME~1\RANABU~1\UserData
(((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))) )))
2007-01-11 15:16 -------- d-------- C:\Documents and Settings\Furkan Altas\Application Data\skype
2007-01-11 15:15 -------- d---s---- C:\Documents and Settings\Furkan Altas\Application Data\microsoft
2007-01-10 19:56 -------- d-------- C:\Program Files\skype
2007-01-09 17:08 -------- d-------- C:\Documents and Settings\Furkan Altas\Application Data\lavasoft
2007-01-09 16:25 -------- d-------- C:\Program Files\java
2007-01-09 14:23 -------- d-------- C:\Documents and Settings\Furkan Altas\Application Data\opera
2007-01-08 12:26 -------- d--h----- C:\Program Files\installshield installation information
2007-01-06 23:53 -------- d-------- C:\Documents and Settings\Furkan Altas\Application Data\mozilla
2007-01-06 15:14 -------- d-------- C:\Program Files\windows media connect 2
2006-12-28 13:59 -------- d-------- C:\Documents and Settings\Furkan Altas\Application Data\dvdcss
2006-12-25 22:44 12464 --a------ C:\WINDOWS\system32\drivers\secdrv.sys
2006-12-25 22:28 -------- d-------- C:\Documents and Settings\Furkan Altas\Application
Data\moyeaflv2video
2006-12-24 22:25 -------- d-------- C:\Program Files\riva flv encoder 2.0
2006-12-24 13:04 -------- d-------- C:\Program Files\msn messenger
2006-12-24 13:04 -------- d-------- C:\Documents and Settings\Furkan Altas\Application Data\ppstream
2006-12-19 21:04 -------- d-------- C:\Documents and Settings\Furkan Altas\Application Data\adobeum
2006-12-17 14:14 -------- d-------- C:\Program Files\konami
2006-12-17 12:42 -------- d-a------ C:\Documents and Settings\Furkan Altas\Application Data\sopcast
2006-12-05 23:43 -------- d-------- C:\Program Files\maxtv
2006-12-05 23:43 -------- d-------- C:\Program Files\maxsoftware
2006-11-27 23:07 -------- d-------- C:\Program Files\Common Files\adobe
2006-11-26 14:00 -------- d-------- C:\Program Files\tvuplayer
2006-11-26 12:54 -------- d-------- C:\Program Files\ppmate
2006-11-26 12:53 -------- d-------- C:\Documents and Settings\Furkan Altas\Application Data\ppmate
2006-11-18 13:18 -------- d-------- C:\Program Files\messenger
2006-11-18 12:43 -------- d-------- C:\Program Files\movie maker
2006-11-18 12:39 -------- d-------- C:\Program Files\windows nt
2006-11-18 11:53 -------- d--h----- C:\Program Files\windowsupdate
2006-11-16 19:29 86 --ahs---- C:\Documents and Settings\Furkan Altas\Application Data\desktop.ini
2006-11-16 18:49 -------- d-------- C:\Program Files\tgtsoft
2006-11-16 17:49 8464 --a------ C:\WINDOWS\system32\sporder.dll
2006-11-15 16:15 98304 --a------ C:\WINDOWS\system32\cmdlineext.dll
2006-11-08 06:07 679424 --a------ C:\WINDOWS\system32\inetcomm.dll
2006-11-07 21:03 6049280 --------- C:\WINDOWS\system32\ieframe.dll
2006-11-07 21:03 50688 --------- C:\WINDOWS\system32\msfeedsbs.dll
2006-11-07 21:03 458752 --------- C:\WINDOWS\system32\msfeeds.dll
2006-11-07 21:03 413696 --a------ C:\WINDOWS\system32\vbscript.dll
2006-11-07 21:03 231424 --a------ C:\WINDOWS\system32\webcheck.dll
2006-11-07 21:03 180736 --------- C:\WINDOWS\system32\ieui.dll
2006-11-07 21:03 156160 --a------ C:\WINDOWS\system32\msls31.dll
2006-11-07 03:27 382976 --a------ C:\WINDOWS\system32\iedkcs32.dll
2006-11-07 03:27 229376 --a------ C:\WINDOWS\system32\ieaksie.dll
2006-11-07 03:26 71680 --a------ C:\WINDOWS\system32\admparse.dll
2006-11-07 03:26 55296 --a------ C:\WINDOWS\system32\iesetup.dll
2006-11-07 03:26 54784 --a------ C:\WINDOWS\system32\ie4uinit.exe
2006-11-07 03:26 43008 --a------ C:\WINDOWS\system32\iernonce.dll
2006-11-07 03:26 152064 --a------ C:\WINDOWS\system32\ieakeng.dll
2006-11-07 03:26 13312 --a------ C:\WINDOWS\system32\ieudinit.exe
2006-11-07 03:26 123904 --a------ C:\WINDOWS\system32\advpack.dll
2006-11-07 03:25 161792 --a------ C:\WINDOWS\system32\ieakui.dll
2006-11-02 23:35 8271872 --a------ C:\WINDOWS\system32\wmploc.dll
2006-11-02 22:53 99840 --a------ C:\WINDOWS\system32\wmpshell.dll
2006-11-02 22:52 257536 --a------ C:\WINDOWS\system32\wmerror.dll
2006-11-02 22:50 7680 --a------ C:\WINDOWS\system32\asferror.dll
2006-11-02 11:52 42496 --------- C:\WINDOWS\system32\wpdshextres.dll
2006-10-20 02:39 714752 --a------ C:\WINDOWS\system32\sxs.dll
2006-10-18 21:58 8704 --a------ C:\WINDOWS\system32\wdfmgr.exe
2006-10-18 21:58 8704 --a------ C:\WINDOWS\system32\uwdf.exe
2006-10-18 21:47 991744 --a------ C:\WINDOWS\system32\drmv2clt.dll
2006-10-18 21:47 937984 --a------ C:\WINDOWS\system32\wmnetmgr.dll
2006-10-18 21:47 767488 --------- C:\WINDOWS\system32\wmvsencd.dll
2006-10-18 21:47 757248 --a------ C:\WINDOWS\system32\wmadmod.dll
2006-10-18 21:47 656896 --------- C:\WINDOWS\system32\wmvxencd.dll
2006-10-18 21:47 63488 --a------ C:\WINDOWS\system32\wpdmtpus.dll
2006-10-18 21:47 629760 --a------ C:\WINDOWS\system32\wpd_ci.dll
2006-10-18 21:47 613376 --------- C:\WINDOWS\system32\wmpmde.dll
2006-10-18 21:47 603648 --a------ C:\WINDOWS\system32\wmspdmod.dll
2006-10-18 21:47 542720 --a------ C:\WINDOWS\system32\blackbox.dll
2006-10-18 21:47 535040 --------- C:\WINDOWS\system32\wmdrmsdk.dll
2006-10-18 21:47 429056 --a------ C:\WINDOWS\system32\wmdrmdev.dll
2006-10-18 21:47 414208 --a------ C:\WINDOWS\system32\msscp.dll
2006-10-18 21:47 4096 --a------ C:\WINDOWS\system32\wmvdmoe2.dll
2006-10-18 21:47 4096 --a------ C:\WINDOWS\system32\wmvdmod.dll
2006-10-18 21:47 4096 --a------ C:\WINDOWS\system32\wmvadve.dll
2006-10-18 21:47 4096 --a------ C:\WINDOWS\system32\wmvadvd.dll
2006-10-18 21:47 4096 --a------ C:\WINDOWS\system32\wmsdmoe2.dll
2006-10-18 21:47 4096 --a------ C:\WINDOWS\system32\wmsdmod.dll
2006-10-18 21:47 4096 --a------ C:\WINDOWS\system32\wdfapi.dll
2006-10-18 21:47 4096 --a------ C:\WINDOWS\system32\mpg4dmod.dll
2006-10-18 21:47 4096 --a------ C:\WINDOWS\system32\mp4sdmod.dll
2006-10-18 21:47 4096 --a------ C:\WINDOWS\system32\mp43dmod.dll
2006-10-18 21:47 37376 --a------ C:\WINDOWS\system32\wmdmps.dll
2006-10-18 21:47 35840 --a------ C:\WINDOWS\system32\wpdconns.dll
2006-10-18 21:47 356352 --a------ C:\WINDOWS\system32\wpdsp.dll
2006-10-18 21:47 348672 --a------ C:\WINDOWS\system32\wmdrmnet.dll
2006-10-18 21:47 33792 --a------ C:\WINDOWS\system32\wmdmlog.dll
2006-10-18 21:47 321536 --a------ C:\WINDOWS\system32\mswmdm.dll
2006-10-18 21:47 317440 --------- C:\WINDOWS\system32\mp4sdecd.dll
2006-10-18 21:47 314880 --a------ C:\WINDOWS\system32\wmpdxm.dll
2006-10-18 21:47 295936 --a------ C:\WINDOWS\system32\wmpeffects.dll
2006-10-18 21:47 284160 --a------ C:\WINDOWS\system32\portabledeviceapi.dll
2006-10-18 21:47 276992 --a------ C:\WINDOWS\system32\audiodev.dll
2006-10-18 21:47 27136 --a------ C:\WINDOWS\system32\mspmsnsv.dll
2006-10-18 21:47 2603008 --------- C:\WINDOWS\system32\wpdshext.dll
2006-10-18 21:47 259072 --------- C:\WINDOWS\system32\mpg4decd.dll
2006-10-18 21:47 259072 --------- C:\WINDOWS\system32\mp43decd.dll
2006-10-18 21:47 2450944 --a------ C:\WINDOWS\system32\wmvcore.dll
2006-10-18 21:47 242688 --a------ C:\WINDOWS\system32\wmpasf.dll
2006-10-18 21:47 229376 --a------ C:\WINDOWS\system32\cewmdm.dll
2006-10-18 21:47 222208 --a------ C:\WINDOWS\system32\wmasf.dll
2006-10-18 21:47 212992 --a------ C:\WINDOWS\system32\mfplat.dll
2006-10-18 21:47 211456 --a------ C:\WINDOWS\system32\qasf.dll
2006-10-18 21:47 204288 --a------ C:\WINDOWS\system32\wmpsrcwp.dll
2006-10-18 21:47 199168 --------- C:\WINDOWS\system32\portabledevicewmdrm.dll
2006-10-18 21:47 179712 --a------ C:\WINDOWS\system32\msnetobj.dll
2006-10-18 21:47 175616 --a------ C:\WINDOWS\system32\mspmsp.dll
2006-10-18 21:47 166912 --a------ C:\WINDOWS\system32\portabledevicetypes.dll
2006-10-18 21:47 1661440 --a------ C:\WINDOWS\system32\wmpencen.dll
2006-10-18 21:47 1574912 --------- C:\WINDOWS\system32\wmvencod.dll
2006-10-18 21:47 157184 --a------ C:\WINDOWS\system32\wmidx.dll
2006-10-18 21:47 154624 --a------ C:\WINDOWS\system32\wpdmtp.dll
2006-10-18 21:47 1543680 --------- C:\WINDOWS\system32\wmvdecod.dll
2006-10-18 21:47 1382912 --------- C:\WINDOWS\system32\wmvsdecd.dll
2006-10-18 21:47 133632 --a------ C:\WINDOWS\system32\wpdshserviceobj.dll
2006-10-18 21:47 1329152 --a------ C:\WINDOWS\system32\wmspdmoe.dll
2006-10-18 21:47 132096 --------- C:\WINDOWS\system32\portabledevicewiacompat.dll
2006-10-18 21:47 130048 --a------ C:\WINDOWS\system32\wmpps.dll
2006-10-18 21:47 11264 --a------ C:\WINDOWS\system32\laprxy.dll
2006-10-18 21:47 1117696 --a------ C:\WINDOWS\system32\wmadmoe.dll
2006-10-18 21:47 101888 --------- C:\WINDOWS\system32\portabledeviceclassextension.d ll
2006-10-18 20:03 100864 --a------ C:\WINDOWS\system32\logagent.exe
2006-10-18 20:00 249856 --------- C:\WINDOWS\system32\drmupgds.exe
2006-10-18 20:00 17408 --------- C:\WINDOWS\system32\wpdshextautoplay.exe
2006-10-17 12:06 78336 --a------ C:\WINDOWS\system32\ieencode.dll
2006-10-17 12:05 40960 --a------ C:\WINDOWS\system32\licmgr10.dll
2006-10-17 12:05 206336 --------- C:\WINDOWS\system32\winfxdocobj.exe
2006-10-17 12:05 105984 --a------ C:\WINDOWS\system32\url.dll
2006-10-17 12:04 101376 --a------ C:\WINDOWS\system32\occache.dll
2006-10-17 12:03 17408 --a------ C:\WINDOWS\system32\corpol.dll
2006-10-17 11:58 61952 --------- C:\WINDOWS\system32\icardie.dll
2006-10-17 11:58 12288 --------- C:\WINDOWS\system32\msfeedssync.exe
2006-10-17 11:57 36352 --a------ C:\WINDOWS\system32\imgutil.dll
2006-10-17 11:57 266752 --------- C:\WINDOWS\system32\iertutil.dll
2006-10-17 11:56 45568 --a------ C:\WINDOWS\system32\mshta.exe
2006-10-17 11:28 48128 --a------ C:\WINDOWS\system32\mshtmler.dll
2006-10-17 11:27 380928 --------- C:\WINDOWS\system32\ieapfltr.dll
(((((((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))
*Note* empty entries & legit default entries are not shown
[HKEY_CURRENT_USER\software\microsoft\windows\curre ntversion\run]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="\"C:\\Program Files\\Common Files\\Ahead\\Lib\\NMBgMonitor.exe\""
"algchk.exe"="C:\\WINDOWS\\System32\\algchk.exe"
"MessengerPlus3"="\"C:\\Program Files\\MessengerPlus! 3\\MsgPlus.exe\" /WinStart"
"STYLEXP"="C:\\Program Files\\TGTSoft\\StyleXP\\StyleXP.exe -Hide"
"ctfmon.exe"="C:\\WINDOWS\\system32\\ctfmon.exe"
"WMPNSCFG"="C:\\Program Files\\Windows Media Player\\WMPNSCFG.exe"
"msnmsgr"="\"C:\\Program Files\\MSN Messenger\\msnmsgr.exe\" /background"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\run]
"ATIPTA"="C:\\Program Files\\ATI Technologies\\ATI Control Panel\\atiptaxx.exe"
"ezShieldProtector for Px"="C:\\WINDOWS\\System32\\ezSP_Px.exe"
"MessengerPlus3"="\"C:\\Program Files\\MessengerPlus! 3\\MsgPlus.exe\""
"Windows Print Monitor"="dichgygil.exe"
"PrinTray"="C:\\WINDOWS\\System32\\spool\\DRIVERS\\W32X86\\3\\ printray.exe"
"NeroFilterCheck"="C:\\Program Files\\Common Files\\Ahead\\Lib\\NeroCheck.exe"
"SmcService"="D:\\PROGRA~1\\SYGATE~1\\smc.exe -startgui"
"nod32kui"="\"C:\\Program Files\\Eset\\nod32kui.exe\" /WAITSERVICE"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\run\OptionalComponents]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\run\OptionalComponents\IMAIL]
"Installed"="1"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\run\OptionalComponents\MAPI]
"Installed"="1"
"NoChange"="1"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\run\OptionalComponents\MSFS]
"Installed"="1"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\runservices]
"Windows Print Monitor"="dichgygil.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\explorer\shellexecutehooks]
"{F2FA09FB-EE7A-46d8-9145-A1EEF7850052}"=""
"{57B86673-276A-48B2-BAE7-C6DBB3020EB8}"="AVG Anti-Spyware 7.5"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\shellserviceobjectdelayload]
"WPDShServiceObj"="{AAA288BA-9A4C-45B0-95D7-94D524869DB5}"
[HKEY_USERS\.default\software\microsoft\windows\cur rentversion\run]
"ozkq"="C:\\PROGRA~1\\COMMON~1\\ozkq\\ozkqm.exe"
[HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\run]
"ozkq"="C:\\PROGRA~1\\COMMON~1\\ozkq\\ozkqm.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\policies\explorer]
"AllowLegacyWebView"=dword:00000001
"AllowUnhashedWebView"=dword:00000001
"NoCDBurning"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\policies\explorer\run]
[HKEY_USERS\.default\software\microsoft\windows\cur rentversion\policies\explorer]
[HKEY_USERS\.default\software\microsoft\windows\cur rentversion\policies\explorer\Run]
"WinUpdate.exe"="C:\\Program Files\\Windows\\WinUpdate.exe"
[HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\polic ies\explorer]
[HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\polic ies\explorer\Run]
"WinUpdate.exe"="C:\\Program Files\\Windows\\WinUpdate.exe"
HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\pmkjg
HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\StillImage
[HKEY_LOCAL_MACHINE\system\currentcontrolset\contro l\securityproviders]
"SecurityProviders"="msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll"
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows NT\CurrentVersion\Svchost]
LocalService REG_MULTI_SZ Alerter\0WebClient\0LmHosts\0RemoteRegistry\0upnph ost\0SSDPSRV\0\0
NetworkService REG_MULTI_SZ DnsCache\0\0
rpcss REG_MULTI_SZ RpcSs\0\0
imgsvc REG_MULTI_SZ StiSvc\0\0
termsvcs REG_MULTI_SZ TermService\0\0
HTTPFilter REG_MULTI_SZ HTTPFilter\0\0
DcomLaunch REG_MULTI_SZ DcomLaunch\0TermService\0\0
WudfServiceGroup REG_MULTI_SZ WUDFSvc\0\0
Contents of the 'Scheduled Tasks' folder
C:\WINDOWS\tasks\Symantec NetDetect.job
Completion time: 07-01-14 20:02:39
Max17 14 January 2007, 21:09 en dit is me nieuwe logje:
Logfile of HijackThis v1.99.1
Scan saved at 20:08:12, on 14-1-2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0011)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
D:\Program Files\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\sony\giga pocket\shwserv.exe
C:\Program Files\Eset\nod32krn.exe
D:\Program Files\Sygate Firewall\smc.exe
C:\WINDOWS\System32\PAStiSvc.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\sony\giga pocket\RM_SV.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\WINDOWS\System32\ezSP_Px.exe
C:\Program Files\MessengerPlus! 3\MsgPlus.exe
C:\Program Files\Eset\nod32kui.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
C:\Program Files\sony\usbsircs\USBsircs.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosAVRC.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtPSS.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\tosOBEX.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\tosBtProc.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Documents and Settings\Furkan Altas\Bureaublad\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\PROGRA~1\Skype\IEPlugin\SKYPEI~1.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O2 - BHO: TGTSoft Explorer Toolbar Changer - {C333CF63-767F-4831-94AC-E683D962C63C} - C:\Program Files\TGTSoft\StyleXP\TGT_BHO.dll
O3 - Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - (no file)
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [ezShieldProtector for Px] C:\WINDOWS\System32\ezSP_Px.exe
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [Windows Print Monitor] dichgygil.exe
O4 - HKLM\..\Run: [PrinTray] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\printra y.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [SmcService] D:\PROGRA~1\SYGATE~1\smc.exe -startgui
O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\RunServices: [Windows Print Monitor] dichgygil.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [algchk.exe] C:\WINDOWS\System32\algchk.exe
O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart
O4 - HKCU\..\Run: [STYLEXP] C:\Program Files\TGTSoft\StyleXP\StyleXP.exe -Hide
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - Global Startup: Bluetooth Manager.lnk = ?
O4 - Global Startup: Remocon Driver.lnk = C:\Program Files\sony\usbsircs\USBsircs.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\PROGRA~1\Skype\IEPlugin\SKYPEI~1.DLL
O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O14 - IERESET.INF: START_PAGE_URL=http://www.google.com/
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by110fd.bay110.hotmail.msn.com/resources/MsnPUpld.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1163847136500
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {A18962F6-E6ED-40B1-97C9-1FB36F38BFA8} (Aurigma Image Uploader 3.5 Control) - http://www.kodakimages.com/DesktopModules/SpectorAlbum/ImageUploader3.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {DEB21AD3-FDA4-42F6-B57D-EE696A675EE8} (IPSUploader Control) - http://as.photoprintit.de/ips-opdata/74914090/activex/IPSUploader.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: pmkjg - pmkjg.dll (file missing)
O20 - Winlogon Notify: StillImage - C:\WINDOWS\system32\jt0u07d9e.dll (file missing)
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - D:\Program Files\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe (file missing)
O23 - Service: Giga Pocket Hardware Detector - Sony Corporation - C:\Program Files\sony\giga pocket\shwserv.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
O23 - Service: PACSPTISVR - Unknown owner - C:\Program Files\Common Files\Sony Shared\AVLib\Pacsptisvr.exe
O23 - Service: ScriptBlocking Service (SBService) - Unknown owner - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe (file missing)
O23 - Service: Sygate Personal Firewall Pro (SmcService) - Sygate Technologies, Inc. - D:\Program Files\Sygate Firewall\smc.exe
O23 - Service: Sony TV Tuner Controller - Sony Corporation - C:\Program Files\sony\giga pocket\halsv.exe
O23 - Service: Sony TV Tuner Manager - Sony Corporation - C:\Program Files\sony\giga pocket\RM_SV.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\Sptisrv.exe
O23 - Service: STI Simulator - Unknown owner - C:\WINDOWS\System32\PAStiSvc.exe
O23 - Service: StyleXPService - Unknown owner - C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
O23 - Service: VAIO Media Music Server (VAIOMediaPlatform-MusicServer-AppServer) - Unknown owner - C:\Program Files\sony\vaio media music server\SSSvr.exe" /Service=VAIOMediaPlatform-MusicServer-AppServer /DisplayName="VAIO Media Music Server (file missing)
O23 - Service: VAIO Media Music Server (HTTP) (VAIOMediaPlatform-MusicServer-HTTP) - Unknown owner - C:\Program Files\Common Files\Sony Shared\vaio media platform\sv_httpd.exe" /Service=VAIOMediaPlatform-MusicServer-HTTP /RegRoot="Software\Sony Corporation\VAIO Media Platform\2.0" /RegExt="Applications\MusicServer\HTTP (file missing)
O23 - Service: VAIO Media Music Server (UPnP) (VAIOMediaPlatform-MusicServer-UPnP) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\vaio media platform\UPnPFramework.exe
O23 - Service: VAIO Media Photo Server (VAIOMediaPlatform-PhotoServer-AppServer) - Sony Corporation - C:\Program Files\sony\photo server\appsrv\PhotoAppSrv.exe
O23 - Service: VAIO Media Photo Server (HTTP) (VAIOMediaPlatform-PhotoServer-HTTP) - Unknown owner - C:\Program Files\Common Files\sony shared\vaio media platform\SV_Httpd.exe" /Service=VAIOMediaPlatform-PhotoServer-HTTP /RegRoot="Software\Sony Corporation\VAIO Media Platform\2.0" /RegExt="\Applications\PhotoServer\HTTP (file missing)
O23 - Service: VAIO Media Photo Server (UPnP) (VAIOMediaPlatform-PhotoServer-UPnP) - Sony Corporation - C:\Program Files\Common Files\sony shared\vaio media platform\UPnPFramework.exe
O23 - Service: VAIO Media Video Server (VAIOMediaPlatform-VideoServer-AppServer) - Unknown owner - C:\Program Files\sony\giga pocket\GPVSvr.exe" /Service=VAIOMediaPlatform-VideoServer-AppServer /DisplayName="VAIO Media Video Server (file missing)
O23 - Service: VAIO Media Video Server (HTTP) (VAIOMediaPlatform-VideoServer-HTTP) - Unknown owner - C:\Program Files\Common Files\sony shared\vaio media platform\SV_Httpd.exe" /Service=VAIOMediaPlatform-VideoServer-HTTP /RegRoot="SOFTWARE\Sony Corporation\VAIO Media Platform\2.0" /RegExt="\Applications\VideoServer\HTTP (file missing)
O23 - Service: VAIO Media Video Server (UPnP) (VAIOMediaPlatform-VideoServer-UPnP) - Sony Corporation - C:\Program Files\Common Files\sony shared\vaio media platform\UPnPFramework.exe
O23 - Service: Microsoft Windows Update Service (Windows Update Service) - Unknown owner - C:\WINDOWS\
jurgenv 14 January 2007, 21:15 Open Kladblok.
Kopieer de onderstaande vetgedrukte tekst en plak deze in een nieuw document.
REGEDIT4
[HKEY_USERS\.default\software\microsoft\windows\cur rentversion\run]
"ozkq"=-
[HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\run]
"ozkq"=-
[HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\policies\explorer]
"NoCDBurning"=-
[HKEY_USERS\.default\software\microsoft\windows\cur rentversion\policies\explorer\Run]
"WinUpdate.exe"=-
[HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\polic ies\explorer\Run]
"WinUpdate.exe"=-
Kies Bestand -> Opslaan
Selecteer bij "Opslaan in": Bureaublad
Vul bij "Bestandsnaam" in: fix.reg
Selecteer bij "Opslaan als type": Alle bestanden
Klik op "Opslaan".
Dubbelklik op fix.reg, dat nu op je bureaublad staat.
Ga ermee akkoord dat deze gegevens aan het register worden toegevoegd.
* Download en installeer AVG Anti-Spyware (http://www.ewido.net/en/download/).
Na de installatie, open AVG Anti-Spyware:
* onder "Status", klik op Change state naast "Resident shield". (wijzig van active naar inactive!)
* onder "Update", klik op de Start update knop.
* onder "Scanner", tab "Settings":- onder "How to act?", klik op "Recommended actions" en selecteer Quarantine. (ZEER BELANGRIJK!)
* onder "Reports", selecteer Automatically generate report after every scan en verwijder het vinkje bij Only if threats were found
Sluit AVG Anti-Spyware. Laat het nog niet scannen.
* Als je Adaware SE nog niet geïnstalleerd hebt, download, installeer en update het dan volgens de richtlijnen
die je kan vinden op: http://users.pandora.be/marcvn/spyware/1414188.htm
Download link van Ad-aware: http://www.lavasoftusa.com/products/ad-aware_se_personal.php
* Start je computer op in VEILIGE MODUS (http://users.pandora.be/marcvn/spyware/1378056.htm)
* Open hijackthis en vink volgende regels aan:
R3 - URLSearchHook: (no name) - - (no file)
O3 - Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - (no file)
O4 - HKLM\..\RunServices: [Windows Print Monitor] dichgygil.exe
O20 - Winlogon Notify: pmkjg - pmkjg.dll (file missing)
O20 - Winlogon Notify: StillImage - C:\WINDOWS\system32\jt0u07d9e.dll (file missing)
* Sluit dan alle vensters behalve hijackthis en klik op 'fix checked'
* Voer een volledige scan uit met Adaware en verwijder alles wat gevonden wordt.
* Start AVG Anti-Spyware.* Klik op Scan en kies Complete System Scan.
Na de scan; volg onderstaande instructies :
BELANGRIJK : Klik niet op de "Save Scan Report" knop vooraleer je de "Apply all Actions" knop hebt aangeklikt !
* Draag er zorg voor dat Set all elements to: op Quarantine staat (1),
zoniet klik op de link en kies Quarantine in de popup menu. (2)
(Dit geldt niet voor cookies, deze worden onveranderlijk gedelete !)
* Onderaan het venster klik op de Apply all Actions knop. (3)
http://home.scarlet.be/~topalex/ewidoscan.jpg
* Wanneer je de melding krijgt 'All actions have been applied', klik je onderaan op de knop Save Report.
* Herstart je computer in normale modus.
* Download ATF cleaner (http://www.atribune.org/ccount/click.php?id=1) (by Atribune)
Dubbelklik op ATF cleaner om het programma te starten.
Op het tabblad "Main", plaats je een vinkje bij Select All.
Klik op de knop Empty Selected.
Gebruik je ook Firefox als browser:
Klik op tabblad "Firefox", plaats een vinkje bij Select All.
Wil je de door Firefox opgeslagen wachtwoorden behouden, dan klik je in het venster dat verschijnt op "No".
(dit verwijdert het vinkje bij "Firefox saved passwords")
Klik op de knop Empty Selected.
Gebruik je ook Opera als browser:
Klik op tabblad "Opera", plaats een vinkje bij Select All.
Wil je de door Opera opgeslagen wachtwoorden behouden, dan klik je in het venster dat verschijnt op "No".
Klik op de knop Empty Selected.
Ga naar het tabblad "Main" en klik op de knop Exit om het programma af te sluiten.
* Post dan een nieuw hijackthis logje hier met het rapport van AVG antispyware.
Max17 14 January 2007, 22:50 logje na alles uitgevoerd te hebbe:
Logfile of HijackThis v1.99.1
Scan saved at 21:46:32, on 14-1-2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0011)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\WINDOWS\System32\ezSP_Px.exe
C:\Program Files\MessengerPlus! 3\MsgPlus.exe
C:\Program Files\Eset\nod32kui.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
C:\Program Files\sony\usbsircs\USBsircs.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosAVRC.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtPSS.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\tosOBEX.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\tosBtProc.exe
D:\Program Files\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\sony\giga pocket\shwserv.exe
C:\Program Files\Eset\nod32krn.exe
D:\Program Files\Sygate Firewall\smc.exe
C:\WINDOWS\System32\PAStiSvc.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\sony\giga pocket\RM_SV.exe
C:\Documents and Settings\Furkan Altas\Bureaublad\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\PROGRA~1\Skype\IEPlugin\SKYPEI~1.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O2 - BHO: TGTSoft Explorer Toolbar Changer - {C333CF63-767F-4831-94AC-E683D962C63C} - C:\Program Files\TGTSoft\StyleXP\TGT_BHO.dll
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [ezShieldProtector for Px] C:\WINDOWS\System32\ezSP_Px.exe
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [PrinTray] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\printra y.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [SmcService] D:\PROGRA~1\SYGATE~1\smc.exe -startgui
O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [algchk.exe] C:\WINDOWS\System32\algchk.exe
O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart
O4 - HKCU\..\Run: [STYLEXP] C:\Program Files\TGTSoft\StyleXP\StyleXP.exe -Hide
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - Global Startup: Bluetooth Manager.lnk = ?
O4 - Global Startup: Remocon Driver.lnk = C:\Program Files\sony\usbsircs\USBsircs.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\PROGRA~1\Skype\IEPlugin\SKYPEI~1.DLL
O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O14 - IERESET.INF: START_PAGE_URL=http://www.google.com/
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by110fd.bay110.hotmail.msn.com/resources/MsnPUpld.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1163847136500
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {A18962F6-E6ED-40B1-97C9-1FB36F38BFA8} (Aurigma Image Uploader 3.5 Control) - http://www.kodakimages.com/DesktopModules/SpectorAlbum/ImageUploader3.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {DEB21AD3-FDA4-42F6-B57D-EE696A675EE8} (IPSUploader Control) - http://as.photoprintit.de/ips-opdata/74914090/activex/IPSUploader.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - D:\Program Files\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe (file missing)
O23 - Service: Giga Pocket Hardware Detector - Sony Corporation - C:\Program Files\sony\giga pocket\shwserv.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
O23 - Service: PACSPTISVR - Unknown owner - C:\Program Files\Common Files\Sony Shared\AVLib\Pacsptisvr.exe
O23 - Service: ScriptBlocking Service (SBService) - Unknown owner - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe (file missing)
O23 - Service: Sygate Personal Firewall Pro (SmcService) - Sygate Technologies, Inc. - D:\Program Files\Sygate Firewall\smc.exe
O23 - Service: Sony TV Tuner Controller - Sony Corporation - C:\Program Files\sony\giga pocket\halsv.exe
O23 - Service: Sony TV Tuner Manager - Sony Corporation - C:\Program Files\sony\giga pocket\RM_SV.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\Sptisrv.exe
O23 - Service: STI Simulator - Unknown owner - C:\WINDOWS\System32\PAStiSvc.exe
O23 - Service: StyleXPService - Unknown owner - C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
O23 - Service: VAIO Media Music Server (VAIOMediaPlatform-MusicServer-AppServer) - Unknown owner - C:\Program Files\sony\vaio media music server\SSSvr.exe" /Service=VAIOMediaPlatform-MusicServer-AppServer /DisplayName="VAIO Media Music Server (file missing)
O23 - Service: VAIO Media Music Server (HTTP) (VAIOMediaPlatform-MusicServer-HTTP) - Unknown owner - C:\Program Files\Common Files\Sony Shared\vaio media platform\sv_httpd.exe" /Service=VAIOMediaPlatform-MusicServer-HTTP /RegRoot="Software\Sony Corporation\VAIO Media Platform\2.0" /RegExt="Applications\MusicServer\HTTP (file missing)
O23 - Service: VAIO Media Music Server (UPnP) (VAIOMediaPlatform-MusicServer-UPnP) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\vaio media platform\UPnPFramework.exe
O23 - Service: VAIO Media Photo Server (VAIOMediaPlatform-PhotoServer-AppServer) - Sony Corporation - C:\Program Files\sony\photo server\appsrv\PhotoAppSrv.exe
O23 - Service: VAIO Media Photo Server (HTTP) (VAIOMediaPlatform-PhotoServer-HTTP) - Unknown owner - C:\Program Files\Common Files\sony shared\vaio media platform\SV_Httpd.exe" /Service=VAIOMediaPlatform-PhotoServer-HTTP /RegRoot="Software\Sony Corporation\VAIO Media Platform\2.0" /RegExt="\Applications\PhotoServer\HTTP (file missing)
O23 - Service: VAIO Media Photo Server (UPnP) (VAIOMediaPlatform-PhotoServer-UPnP) - Sony Corporation - C:\Program Files\Common Files\sony shared\vaio media platform\UPnPFramework.exe
O23 - Service: VAIO Media Video Server (VAIOMediaPlatform-VideoServer-AppServer) - Unknown owner - C:\Program Files\sony\giga pocket\GPVSvr.exe" /Service=VAIOMediaPlatform-VideoServer-AppServer /DisplayName="VAIO Media Video Server (file missing)
O23 - Service: VAIO Media Video Server (HTTP) (VAIOMediaPlatform-VideoServer-HTTP) - Unknown owner - C:\Program Files\Common Files\sony shared\vaio media platform\SV_Httpd.exe" /Service=VAIOMediaPlatform-VideoServer-HTTP /RegRoot="SOFTWARE\Sony Corporation\VAIO Media Platform\2.0" /RegExt="\Applications\VideoServer\HTTP (file missing)
O23 - Service: VAIO Media Video Server (UPnP) (VAIOMediaPlatform-VideoServer-UPnP) - Sony Corporation - C:\Program Files\Common Files\sony shared\vaio media platform\UPnPFramework.exe
O23 - Service: Microsoft Windows Update Service (Windows Update Service) - Unknown owner - C:\WINDOWS\
Max17 14 January 2007, 22:51 EN VAN AVG:
---------------------------------------------------------
AVG Anti-Spyware - Scan Report
---------------------------------------------------------
+ Created at: 21:37:55 14-1-2007
+ Scan result:
C:\System Volume Information\_restore{DFFE62AE-DCBC-4D7C-A983-1DEE544BE114}\RP279\A0082346.exe -> Downloader.Small : Cleaned with backup (quarantined).
D:\System Volume Information\_restore{DFFE62AE-DCBC-4D7C-A983-1DEE544BE114}\RP279\A0082347.exe -> Not-A-Virus.Constructor.Win32.QQRob.e : Cleaned with backup (quarantined).
C:\Documents and Settings\Rana Busra\Cookies\rana_busra@2o7[1].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\Furkan Altas\Cookies\furkan_altas@adbrite[2].txt -> TrackingCookie.Adbrite : Cleaned.
C:\Documents and Settings\Rana Busra\Cookies\rana_busra@atdmt[2].txt -> TrackingCookie.Atdmt : Cleaned.
C:\Documents and Settings\Rana Busra\Cookies\rana_busra@bluestreak[1].txt -> TrackingCookie.Bluestreak : Cleaned.
C:\Documents and Settings\Rana Busra\Cookies\rana_busra@doubleclick[1].txt -> TrackingCookie.Doubleclick : Cleaned.
C:\Documents and Settings\Rana Busra\Cookies\rana_busra@as-eu.falkag[2].txt -> TrackingCookie.Falkag : Cleaned.
C:\Documents and Settings\Rana Busra\Cookies\rana_busra@mediaplex[1].txt -> TrackingCookie.Mediaplex : Cleaned.
C:\Documents and Settings\Rana Busra\Cookies\rana_busra@statcounter[2].txt -> TrackingCookie.Statcounter : Cleaned.
::Report end
jurgenv 14 January 2007, 22:54 Ziet er goed uit, hoe werkt alles verder?
Max17 15 January 2007, 18:09 Ja alles werkt weer goed,ten minste tot nu toe...
Bedankt!
jurgenv 15 January 2007, 18:11 Graag gedaan. :)
Nog een paar tips om problemen te voorkomen in de toekomst:
Installeer alvast volgende GRATIS programmatjes indien je ze nog niet hebt:
Spywareblaster (http://www.javacoolsoftware.com/spywareblaster.html)
Adaware se (http://www.majorgeeks.com/download506.html)
Spybot s&d (http://www.safer-networking.org/en/index.html)
Tijdens het surfen, klik niet overal klakkeloos op ja als je dit gevraagd wordt... doe dit enkel wanneer je het volledig vertrouwt.
En kies eventueel een alternatieve browser zoals Opera (http://www.opera.com) of Firefox (http://www.mozilla.org/products/firefox/).
En ik raad je ook aan om af en toe een online virusscan uit te voeren. housecall (http://housecall.trendmicro.com/) en/of Bitdefender (http://www.bitdefender.com/scan/licence.php). Want, wat de ene scanner niet kan vinden, kan een andere misschien wel.
Zorg er ook voor dat je virusscanner die op je systeem geïnstalleerd is altijd up to date is!!
En... geregeld eens een bezoekje brengen aan: http://windowsupdate.microsoft.com/
Bekijk ook eens deze 2 filmpjes.. Heel interessant:
http://www2.trosradar.nl/mediaplayer/player.php?videoID=524&mode=dossier#
http://www.benedelman.org/spyware/security-111804.wmv
Meer preventietips zijn ook op volgende sites te vinden:
http://www.bluemedicine.be
http://users.telenet.be/marcvn/spyware
How did I get infected in the first place (http://castlecops.com/postitle7736-0-0-.html) (article by TonyKlein)
Het voorkomen van spyware-infecties en browserhijacking (http://www.antispywareoffensief.nl/forum/showthread.php?t=55)
|
|