Mededeling

Collapse
No announcement yet.

luuk

Collapse
X
Collapse
  •  
  • Page of 1
  • Filter
  • Tijd
  • Show
Clear All
new posts
Vorige template Volgende
  • #1

    luuk

    Logfile of HijackThis v1.98.2
    Scan saved at 11:19:12, on 19-9-2004
    Platform: Windows 2000 (WinNT 5.00.2195)
    MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

    Running processes:
    C:\WINNT\System32\smss.exe
    C:\WINNT\system32\winlogon.exe
    C:\WINNT\system32\services.exe
    C:\WINNT\system32\lsass.exe
    C:\WINNT\system32\svchost.exe
    C:\WINNT\system32\spoolsv.exe
    C:\Program Files\McAfee\McAfee VirusScan\Avsynmgr.exe
    C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
    C:\WINNT\System32\svchost.exe
    C:\WINNT\system32\hidserv.exe
    C:\WINNT\System32\nvsvc32.exe
    C:\WINNT\system32\regsvc.exe
    C:\WINNT\System32\r_server.exe
    C:\WINNT\system32\MSTask.exe
    C:\WINNT\system32\stisvc.exe
    C:\WINNT\System32\WBEM\WinMgmt.exe
    C:\Program Files\McAfee\McAfee VirusScan\VsStat.exe
    C:\WINNT\System32\mspmspsv.exe
    C:\WINNT\Explorer.exe
    C:\Program Files\McAfee\McAfee VirusScan\Vshwin32.exe
    C:\WINNT\System32\carpserv.exe
    C:\Program Files\Messenger Plus! 3\MsgPlus.exe
    C:\WINNT\System32\szxftk.exe
    C:\WINNT\System32\P2P Networking\P2P Networking.exe
    C:\WINNT\System32\iexplore32.exe
    C:\do***ents and settings\alferink.alferink-x13m4y\local settings\temp\dSL.exe
    C:\Program Files\Common Files\Network Associates\McShield\Mcshield.exe
    C:\do***ents and settings\alferink.alferink-x13m4y\local settings\temp\oN5t.exe
    C:\Program Files\McAfee\McAfee VirusScan\Avconsol.exe
    C:\WINNT\System32\dp-him.exe
    C:\WINNT\System32\glmepl40.exe
    C:\do***ents and settings\alferink.alferink-x13m4y\local settings\temp\k41xP.exe
    C:\do***ents and settings\alferink.alferink-x13m4y\local settings\temp\KC9KU.exe
    C:\do***ents and settings\alferink.alferink-x13m4y\local settings\temp\b.exe
    C:\do***ents and settings\alferink.alferink-x13m4y\local settings\temp\D.exe
    C:\do***ents and settings\alferink.alferink-x13m4y\local settings\temp\hPUPVJzWC.exe
    C:\do***ents and settings\alferink.alferink-x13m4y\local settings\temp\K9UrvG.exe
    C:\do***ents and settings\alferink.alferink-x13m4y\local settings\temp\uJ.exe
    C:\WINNT\System32\IEHost.exe
    C:\WINNT\systray.exe
    C:\do***ents and settings\alferink.alferink-x13m4y\local settings\temp\RbJXL45.exe
    C:\do***ents and settings\alferink.alferink-x13m4y\local settings\temp\0pbACYp.exe
    C:\do***ents and settings\alferink.alferink-x13m4y\local settings\temp\qHsLtQMFL.exe
    C:\do***ents and settings\alferink.alferink-x13m4y\local settings\temp\sn.exe
    C:\do***ents and settings\alferink.alferink-x13m4y\local settings\temp\FDqT.exe
    C:\do***ents and settings\alferink.alferink-x13m4y\local settings\temp\0eE.exe
    C:\do***ents and settings\alferink.alferink-x13m4y\local settings\temp\GcLq.exe
    C:\do***ents and settings\alferink.alferink-x13m4y\local settings\temp\QKq.exe
    C:\WINNT\System32\rundll32.exe
    C:\WINNT\uptodate.exe
    C:\do***ents and settings\alferink.alferink-x13m4y\local settings\temp\H.exe
    C:\do***ents and settings\alferink.alferink-x13m4y\local settings\temp\9NupoG8.exe
    C:\do***ents and settings\alferink.alferink-x13m4y\local settings\temp\0was8y.exe
    C:\do***ents and settings\alferink.alferink-x13m4y\local settings\temp\SOie4S9ns.exe
    C:\Program Files\AutoUpdate\AutoUpdate.exe
    C:\WINNT\System32\internat.exe
    C:\Program Files\McAfee\McAfee Shared Components\Instant Updater\RuLaunch.exe
    C:\Program Files\SpeedTouch\Dr SpeedTouch\drst.exe
    C:\Program Files\DR_S\DR_S.exe
    C:\WINNT\System32\gpkuserr.exe
    C:\WINNT\System32\RUNDLL32.EXE
    C:\Program Files\MSN Messenger\msnmsgr.exe
    C:\WINNT\System32\rundll32.exe
    C:\Program Files\MicroStar\Bluetooth Software\BTTray.exe
    C:\Program Files\Wireless Device\Wireless Keyboard\Magickey.exe
    C:\Program Files\Wireless Device\Wireless Mouse\MouseAp.exe
    C:\Program Files\SeeStorm\SSM\SSMtray.exe
    C:\Program Files\Wireless Device\Wireless Keyboard\osd.exe
    C:\Program Files\MicroStar\Bluetooth Software\BTStackServer.exe
    C:\Program Files\Kazaa Lite K++\KazaaLite.kpp
    C:\Program Files\Internet Explorer\iexplore.exe
    c:\do***ents and settings\alferink.alferink-x13m4y\local settings\temp\aMawQ.exe
    C:\WINNT\System32\BuhgfaH.exe
    C:\WINNT\System32\NrsmM36.exe
    C:\WINNT\System32\IEHost.exe
    C:\hijack this\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = http://www.searchtraffic.com/search.php3?l=protect1&term=
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.searchtraffic.com/search.php3?l=protect1&term=
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.searchtraffic.com/search.php3?l=protect1&term=
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.searchforit.com/searchbar
    R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.searchtraffic.com/search.php3?l=protect1&term=
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.searchtraffic.com/search.php3?l=protect1&term=
    R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://search.yahoo.com/search?p=%s
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak = http://www.startpagina.nl/
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    O2 - BHO: PerfectNavBHO Class - {00D6A7E7-4A97-456f-848A-3B75BF7554D7} - C:\PROGRA~1\PERFEC~1\BHO\PERFEC~1.DLL
    O2 - BHO: Band Class - {01F44A8A-8C97-4325-A378-76E68DC4AB2E} - C:\WINNT\systb.dll (file missing)
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
    O2 - BHO: ohb Class - {086CEFD5-A88D-4981-8915-D51F04360ED1} - C:\WINNT\System32\winhot32.dll
    O2 - BHO: iSearch Toolbar - {1C78AB3F-A857-482e-80C0-3A1E5238A565} - C:\WINNT\System32\toolbar.dll
    O2 - BHO: Search Toolbar BHO Object - {2CF0B992-5EEB-4143-99C0-5297EF71F443} - C:\WINNT\System32\stlbdist.DLL
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: ReplaceSearchCtl Class - {832BEBED-C3DA-4534-A2C2-B2FFF220C820} - C:\WINNT\System32\replaceSearch.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
    O2 - BHO: Band Class - {C5183ABC-EB6E-4E05-B8C9-500A16B6CF94} - C:\Program Files\SEP\sep.dll
    O2 - BHO: Search Help - {E8EAEB34-F7B5-4C55-87FF-720FAF53D841} - C:\Do***ents and Settings\alferink.ALFERINK-X13M4Y\Local Settings\Temp\m4um.dll
    O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\System32\msdxm.ocx
    O3 - Toolbar: HotSearchBar.com Bar - {8B224779-3B0E-4FEA-8AE1-B66C20DD840F} - C:\WINNT\System32\winhot32.dll
    O3 - Toolbar: iSearch Toolbar - {1C78AB3F-A857-482e-80C0-3A1E5238A565} - C:\WINNT\System32\toolbar.dll
    O3 - Toolbar: (no name) - {2CDE1A7D-A478-4291-BF31-E1B4C16F92EB} - (no file)
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
    O3 - Toolbar: Search - {2CF0B992-5EEB-4143-99C0-5297EF71F444} - C:\WINNT\System32\stlbdist.DLL
    O3 - Toolbar: Band Class - {C5183ABC-EB6E-4E05-B8C9-500A16B6CF94} - C:\Program Files\SEP\sep.dll
    O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
    O4 - HKLM\..\Run: [LiveMonitor] C:\Program Files\MSI\Live Update 3\LMonitor.exe
    O4 - HKLM\..\Run: [CARPService] carpserv.exe
    O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\Messenger Plus! 3\MsgPlus.exe"
    O4 - HKLM\..\Run: [tvpkuraxrpoc] C:\WINNT\System32\szxftk.exe
    O4 - HKLM\..\Run: [alchem] C:\WINNT\alchem.exe
    O4 - HKLM\..\Run: [Microsoft Internet Explorer Add-In Manager] C:\WINNT\SYSTEM32\msiexplore.exe
    O4 - HKLM\..\Run: [P2P Networking] C:\WINNT\System32\P2P Networking\P2P Networking.exe /AUTOSTART
    O4 - HKLM\..\Run: [UsbD] C:\WINNT\System32\iexplore32.exe
    O4 - HKLM\..\Run: [dSL] C:\do***ents and settings\alferink.alferink-x13m4y\local settings\temp\dSL.exe
    O4 - HKLM\..\Run: [oN5t] C:\do***ents and settings\alferink.alferink-x13m4y\local settings\temp\oN5t.exe
    O4 - HKLM\..\Run: [Dsi] C:\WINNT\System32\dp-him.exe
    O4 - HKLM\..\Run: [3s6U3nX] glmepl40.exe
    O4 - HKLM\..\Run: [k41xP] C:\do***ents and settings\alferink.alferink-x13m4y\local settings\temp\k41xP.exe
    O4 - HKLM\..\Run: [KC9KU] C:\do***ents and settings\alferink.alferink-x13m4y\local settings\temp\KC9KU.exe
    O4 - HKLM\..\Run: [b] C:\do***ents and settings\alferink.alferink-x13m4y\local settings\temp\b.exe
    O4 - HKLM\..\Run: [D] C:\do***ents and settings\alferink.alferink-x13m4y\local settings\temp\D.exe
    O4 - HKLM\..\Run: [hPUPVJzWC] C:\do***ents and settings\alferink.alferink-x13m4y\local settings\temp\hPUPVJzWC.exe
    O4 - HKLM\..\Run: [K9UrvG] C:\do***ents and settings\alferink.alferink-x13m4y\local settings\temp\K9UrvG.exe
    O4 - HKLM\..\Run: [OSS] C:\WINNT\system32\ossproxy.exe -boot
    O4 - HKLM\..\Run: [uJ] C:\do***ents and settings\alferink.alferink-x13m4y\local settings\temp\uJ.exe
    O4 - HKLM\..\Run: [Bakra] C:\WINNT\System32\IEHost.exe
    O4 - HKLM\..\Run: [4PR9F2W39AMQMM] C:\WINNT\System32\Fah1q6.exe
    O4 - HKLM\..\Run: [System] C:\WINNT\systray.exe
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINNT\System32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [RbJXL45] C:\do***ents and settings\alferink.alferink-x13m4y\local settings\temp\RbJXL45.exe
    O4 - HKLM\..\Run: [0pbACYp] C:\do***ents and settings\alferink.alferink-x13m4y\local settings\temp\0pbACYp.exe
    O4 - HKLM\..\Run: [qHsLtQMFL] C:\do***ents and settings\alferink.alferink-x13m4y\local settings\temp\qHsLtQMFL.exe
    O4 - HKLM\..\Run: [sn] C:\do***ents and settings\alferink.alferink-x13m4y\local settings\temp\sn.exe
    O4 - HKLM\..\Run: [FDqT] C:\do***ents and settings\alferink.alferink-x13m4y\local settings\temp\FDqT.exe
    O4 - HKLM\..\Run: [0eE] C:\do***ents and settings\alferink.alferink-x13m4y\local settings\temp\0eE.exe
    O4 - HKLM\..\Run: [GcLq] C:\do***ents and settings\alferink.alferink-x13m4y\local settings\temp\GcLq.exe
    O4 - HKLM\..\Run: [Spyware Stormer] C:\Program Files\Spyware Stormer\SpywareStormer.Exe
    O4 - HKLM\..\Run: [QKq] C:\do***ents and settings\alferink.alferink-x13m4y\local settings\temp\QKq.exe
    O4 - HKLM\..\Run: [{2CF0B992-5EEB-4143-99C0-5297EF71F444}] rundll32.exe C:\WINNT\System32\stlbdist.DLL,DllRunMain
    O4 - HKLM\..\Run: [RunWindowsUpdate] C:\WINNT\uptodate.exe
    O4 - HKLM\..\Run: [H] C:\do***ents and settings\alferink.alferink-x13m4y\local settings\temp\H.exe
    O4 - HKLM\..\Run: [9NupoG8] C:\do***ents and settings\alferink.alferink-x13m4y\local settings\temp\9NupoG8.exe
    O4 - HKLM\..\Run: [0was8y] C:\do***ents and settings\alferink.alferink-x13m4y\local settings\temp\0was8y.exe
    O4 - HKLM\..\Run: [SOie4S9ns] C:\do***ents and settings\alferink.alferink-x13m4y\local settings\temp\SOie4S9ns.exe
    O4 - HKLM\..\Run: [AutoUpdater] "C:\Program Files\AutoUpdate\AutoUpdate.exe"
    O4 - HKLM\..\Run: [aMawQ] c:\do***ents and settings\alferink.alferink-x13m4y\local settings\temp\aMawQ.exe
    O4 - HKLM\..\RunServices: [Generic Service Process] regsvc32.exe
    O4 - HKCU\..\Run: [internat.exe] internat.exe
    O4 - HKCU\..\Run: [McAfee.InstantUpdate.Monitor] "C:\Program Files\McAfee\McAfee Shared Components\Instant Updater\RuLaunch.exe" /STARTMONITOR
    O4 - HKCU\..\Run: [NVIEW] rundll32.exe nview.dll,nViewLoadHook
    O4 - HKCU\..\Run: [STManager] C:/Program Files/SpeedTouch/Dr SpeedTouch/drst.exe -b
    O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\Messenger Plus! 3\MsgPlus.exe" /WinStart
    O4 - HKCU\..\Run: [DR_S] C:\Program Files\DR_S\DR_S.exe
    O4 - HKCU\..\Run: [ClockSync] "C:\PROGRA~1\CLOCKS~1\Sync.exe" /q
    O4 - HKCU\..\Run: [Microsoft Internet Explorer Add-In Manager] C:\WINNT\SYSTEM32\msiexplore.exe
    O4 - HKCU\..\Run: [IBp8Rhb6W] gpkuserr.exe
    O4 - HKCU\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINNT\System32\NVMCTRAY.DLL,NvTaskbarInit
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
    O4 - Global Startup: BTTray.lnk = C:\Program Files\MicroStar\Bluetooth Software\BTTray.exe
    O4 - Global Startup: Enable Wireless Keyboard Driver.lnk = C:\Program Files\Wireless Device\Wireless Keyboard\Magickey.exe
    O4 - Global Startup: Enable Wireless Mouse Driver.lnk = C:\Program Files\Wireless Device\Wireless Mouse\MouseAp.exe
    O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
    O4 - Global Startup: SeeStorm Messenger.lnk = C:\Program Files\SeeStorm\SSM\SSMtray.exe
    O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
    O8 - Extra context menu item: &IE Toolbar search - res://C:\WINNT\System32\toolbar.dll/SEARCH.HTML
    O8 - Extra context menu item: Gelijkwaardige pagina's - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
    O8 - Extra context menu item: Koppelingspagina's - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
    O8 - Extra context menu item: Opgeslagen momentopname van de pagina - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
    O9 - Extra button: (no name) - {120E090D-9136-4b78-8258-F0B44B4BD2AC} - C:\WINNT\System32\ms.exe
    O9 - Extra 'Tools' menuitem: MaxSpeed - {120E090D-9136-4b78-8258-F0B44B4BD2AC} - C:\WINNT\System32\ms.exe
    O10 - Broken Internet access because of LSP provider 'xfire_lsp_9028.dll' missing
    O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab27571.cab
    O16 - DPF: {0B682CC1-FB40-4006-A5DD-99EDD3C9095D} (vbiewer control) - http://www.thepaymentcentre.com/build/vbiewer.cab
    O16 - DPF: {10000000-1000-0000-1000-000000000000} - ms-its:mhtml:file://C:\foo.mht!http://www.free32.com/POP.CHM::/sp.exe
    O16 - DPF: {1C78AB3F-A857-482E-80C0-3A1E5238A565} (iSearch Toolbar) - http://toolbar.isearch.com/general/drm.cab
    O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.imgfarm.com/images/nocache/funwebproducts/ei/PopularScreenSaversInitialSetup1.0.0.8.cab
    O16 - DPF: {1D6711C8-7154-40BB-8380-3DEA45B69CBF} (Web P2P Installer) -
    O16 - DPF: {205FF73B-CA67-11D5-99DD-444553540000} (CInstall Class) - http://www.spywarestormer.com/files2/Install.cab
    O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - http://us.dl1.yimg.com/download.yahoo.com/dl/installs/yinst0401.cab
    O16 - DPF: {42F2D240-B23C-11D6-8C73-70A05DC10000} - http://www.oyunfabrikasi.com/nl/2/060187nl.exe
    O16 - DPF: {4E330863-6A11-11D0-BFD8-006097237877} (InstallFromTheWeb ActiveX Control) - http://tw.msi.com.tw/autobios/client/iftwclix.cab
    O16 - DPF: {841A9192-5690-11D4-A258-0040954A01BE} (DialXSCtl Object) - http://dialxs.nl/install/dialxs.ocx
    O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab27571.cab
    O16 - DPF: {91433D86-9F27-402C-B5E3-DEBDD122C339} - http://www.netvenda.com/sites/games-intl/nl/games4.cab
    O16 - DPF: {99802379-7362-40E2-9D28-8A3B9AF880B7} (iiittt Class) - http://hotsearchbar.com/toolbar2/winhot32.cab
    O16 - DPF: {A27AD582-5BE5-4C2D-82F0-48B24FE02040} - http://www.adshooter.com/pop_shooter/install/win2000/SYSsfitb.cab
    O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://utu.popcap.com/games/popcaploader_v6.cab
    O16 - DPF: {E0B795B4-FD95-4ABD-A375-27962EFCE8CF} - http://install.power-url.de/StarInstall.ocx
    O16 - DPF: {F00F4763-7355-4725-82F7-0DA94A256D46} (IMDownloader Class) - http://www2.incredimail.com/contents/setup/downloader/imloader.cab
    O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab28578.cab
    O18 - Filter: text/html - {D7A6E75E-9385-448C-9223-5AEA30F8D6AB} - C:\Do***ents and Settings\alferink.ALFERINK-X13M4Y\Local Settings\Application Data\microsoft\internet explorer\V0.21.dat
    Labels: Geen
    • Citaat
  • #2
    Hoi Luuk,

    Dat ziet er niet bepaald fris uit...

    Draai eerst de programma's Ad Aware en Spybot S&D zoals hier beschreven:

    Nucia Security Forums
    http://www.nucia.eu/forum/showthread.php?t=12
    • Citaat

    Comment

    • #3
      Oorspronkelijk geplaatst door [email protected]
      Hoi Luuk,

      Dat ziet er niet bepaald fris uit...

      Draai eerst de programma's Ad Aware en Spybot S&D zoals hier beschreven:

      http://www.nucia.eu/forum/showthread.php?t=12
      Hoi Hans

      Ik zal het er wel ff overheen gooien en dan een nieuwe sturen. Maar ik heb het laatst nog gedaan dus veel zal er wel niet verschillen. Over een minuutje of 10 staat het er wel.

      luuk

      ADMIN EDIT: Gebruik aub wat beter Nederlands, is ook wat makkelijker voor mij te lezen END AMDIN EDIT
      Last edited by [email protected]; 19-09-04, 10:47. Reden: Slecht Nederlands verbeterd
      • Citaat

      Comment

      • #4
        Logfile of HijackThis v1.98.2
        Scan saved at 11:56:26, on 19-9-2004
        Platform: Windows 2000 (WinNT 5.00.2195)
        MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

        Running processes:
        C:\WINNT\System32\smss.exe
        C:\WINNT\system32\winlogon.exe
        C:\WINNT\system32\services.exe
        C:\WINNT\system32\lsass.exe
        C:\WINNT\system32\svchost.exe
        C:\WINNT\system32\spoolsv.exe
        C:\Program Files\McAfee\McAfee VirusScan\Avsynmgr.exe
        C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
        C:\WINNT\System32\svchost.exe
        C:\WINNT\system32\hidserv.exe
        C:\WINNT\System32\nvsvc32.exe
        C:\WINNT\system32\regsvc.exe
        C:\WINNT\System32\r_server.exe
        C:\WINNT\system32\MSTask.exe
        C:\WINNT\system32\stisvc.exe
        C:\WINNT\System32\WBEM\WinMgmt.exe
        C:\Program Files\McAfee\McAfee VirusScan\VsStat.exe
        C:\WINNT\System32\mspmspsv.exe
        C:\WINNT\Explorer.exe
        C:\Program Files\McAfee\McAfee VirusScan\Vshwin32.exe
        C:\WINNT\System32\carpserv.exe
        C:\Program Files\Messenger Plus! 3\MsgPlus.exe
        C:\WINNT\System32\szxftk.exe
        C:\WINNT\System32\P2P Networking\P2P Networking.exe
        C:\WINNT\System32\iexplore32.exe
        C:\documents and settings\alferink.alferink-x13m4y\local settings\temp\dSL.exe
        C:\Program Files\Common Files\Network Associates\McShield\Mcshield.exe
        C:\documents and settings\alferink.alferink-x13m4y\local settings\temp\oN5t.exe
        C:\Program Files\McAfee\McAfee VirusScan\Avconsol.exe
        C:\WINNT\System32\glmepl40.exe
        C:\documents and settings\alferink.alferink-x13m4y\local settings\temp\k41xP.exe
        C:\documents and settings\alferink.alferink-x13m4y\local settings\temp\KC9KU.exe
        C:\documents and settings\alferink.alferink-x13m4y\local settings\temp\b.exe
        C:\documents and settings\alferink.alferink-x13m4y\local settings\temp\D.exe
        C:\documents and settings\alferink.alferink-x13m4y\local settings\temp\hPUPVJzWC.exe
        C:\documents and settings\alferink.alferink-x13m4y\local settings\temp\K9UrvG.exe
        C:\documents and settings\alferink.alferink-x13m4y\local settings\temp\uJ.exe
        C:\WINNT\systray.exe
        C:\documents and settings\alferink.alferink-x13m4y\local settings\temp\RbJXL45.exe
        C:\documents and settings\alferink.alferink-x13m4y\local settings\temp\0pbACYp.exe
        C:\documents and settings\alferink.alferink-x13m4y\local settings\temp\qHsLtQMFL.exe
        C:\documents and settings\alferink.alferink-x13m4y\local settings\temp\sn.exe
        C:\documents and settings\alferink.alferink-x13m4y\local settings\temp\FDqT.exe
        C:\documents and settings\alferink.alferink-x13m4y\local settings\temp\0eE.exe
        C:\documents and settings\alferink.alferink-x13m4y\local settings\temp\GcLq.exe
        C:\documents and settings\alferink.alferink-x13m4y\local settings\temp\QKq.exe
        C:\WINNT\System32\rundll32.exe
        C:\documents and settings\alferink.alferink-x13m4y\local settings\temp\H.exe
        C:\documents and settings\alferink.alferink-x13m4y\local settings\temp\9NupoG8.exe
        C:\documents and settings\alferink.alferink-x13m4y\local settings\temp\0was8y.exe
        C:\documents and settings\alferink.alferink-x13m4y\local settings\temp\SOie4S9ns.exe
        C:\WINNT\System32\internat.exe
        C:\Program Files\McAfee\McAfee Shared Components\Instant Updater\RuLaunch.exe
        C:\Program Files\SpeedTouch\Dr SpeedTouch\drst.exe
        C:\Program Files\DR_S\DR_S.exe
        C:\WINNT\System32\gpkuserr.exe
        C:\WINNT\System32\RUNDLL32.EXE
        C:\Program Files\MSN Messenger\msnmsgr.exe
        C:\WINNT\System32\rundll32.exe
        C:\Program Files\MicroStar\Bluetooth Software\BTTray.exe
        C:\Program Files\Wireless Device\Wireless Keyboard\Magickey.exe
        C:\Program Files\Wireless Device\Wireless Mouse\MouseAp.exe
        C:\Program Files\SeeStorm\SSM\SSMtray.exe
        C:\Program Files\Wireless Device\Wireless Keyboard\osd.exe
        C:\Program Files\MicroStar\Bluetooth Software\BTStackServer.exe
        C:\Program Files\Kazaa Lite K++\KazaaLite.kpp
        C:\Program Files\Internet Explorer\iexplore.exe
        c:\documents and settings\alferink.alferink-x13m4y\local settings\temp\aMawQ.exe
        C:\WINNT\System32\BuhgfaH.exe
        C:\WINNT\System32\NrsmM36.exe
        C:\Program Files\McAfee\McAfee VirusScan\VsMain.exe
        C:\Program Files\McAfee\McAfee VirusScan\AlogServ.exe
        C:\hijack this\HijackThis.exe

        R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = http://www.searchtraffic.com/search.php3?l=protect1&term=
        R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.searchtraffic.com/search.php3?l=protect1&term=
        R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.searchtraffic.com/search.php3?l=protect1&term=
        R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
        R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.searchforit.com/searchbar
        R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.searchtraffic.com/search.php3?l=protect1&term=
        R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.searchtraffic.com/search.php3?l=protect1&term=
        R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://search.yahoo.com/search?p=%s
        R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak = http://www.startpagina.nl/
        R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
        O2 - BHO: PerfectNavBHO Class - {00D6A7E7-4A97-456f-848A-3B75BF7554D7} - C:\PROGRA~1\PERFEC~1\BHO\PERFEC~1.DLL
        O2 - BHO: Band Class - {01F44A8A-8C97-4325-A378-76E68DC4AB2E} - C:\WINNT\systb.dll (file missing)
        O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
        O2 - BHO: ohb Class - {086CEFD5-A88D-4981-8915-D51F04360ED1} - C:\WINNT\System32\winhot32.dll
        O2 - BHO: iSearch Toolbar - {1C78AB3F-A857-482e-80C0-3A1E5238A565} - C:\WINNT\System32\toolbar.dll
        O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
        O2 - BHO: ReplaceSearchCtl Class - {832BEBED-C3DA-4534-A2C2-B2FFF220C820} - C:\WINNT\System32\replaceSearch.dll
        O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
        O2 - BHO: Band Class - {C5183ABC-EB6E-4E05-B8C9-500A16B6CF94} - C:\Program Files\SEP\sep.dll
        O2 - BHO: Search Help - {E8EAEB34-F7B5-4C55-87FF-720FAF53D841} - C:\Documents and Settings\alferink.ALFERINK-X13M4Y\Local Settings\Temp\m4um.dll
        O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\System32\msdxm.ocx
        O3 - Toolbar: HotSearchBar.com Bar - {8B224779-3B0E-4FEA-8AE1-B66C20DD840F} - C:\WINNT\System32\winhot32.dll
        O3 - Toolbar: iSearch Toolbar - {1C78AB3F-A857-482e-80C0-3A1E5238A565} - C:\WINNT\System32\toolbar.dll
        O3 - Toolbar: (no name) - {2CDE1A7D-A478-4291-BF31-E1B4C16F92EB} - (no file)
        O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
        O3 - Toolbar: Band Class - {C5183ABC-EB6E-4E05-B8C9-500A16B6CF94} - C:\Program Files\SEP\sep.dll
        O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
        O4 - HKLM\..\Run: [LiveMonitor] C:\Program Files\MSI\Live Update 3\LMonitor.exe
        O4 - HKLM\..\Run: [CARPService] carpserv.exe
        O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\Messenger Plus! 3\MsgPlus.exe"
        O4 - HKLM\..\Run: [tvpkuraxrpoc] C:\WINNT\System32\szxftk.exe
        O4 - HKLM\..\Run: [alchem] C:\WINNT\alchem.exe
        O4 - HKLM\..\Run: [Microsoft Internet Explorer Add-In Manager] C:\WINNT\SYSTEM32\msiexplore.exe
        O4 - HKLM\..\Run: [P2P Networking] C:\WINNT\System32\P2P Networking\P2P Networking.exe /AUTOSTART
        O4 - HKLM\..\Run: [UsbD] C:\WINNT\System32\iexplore32.exe
        O4 - HKLM\..\Run: [dSL] C:\documents and settings\alferink.alferink-x13m4y\local settings\temp\dSL.exe
        O4 - HKLM\..\Run: [oN5t] C:\documents and settings\alferink.alferink-x13m4y\local settings\temp\oN5t.exe
        O4 - HKLM\..\Run: [Dsi] C:\WINNT\System32\dp-him.exe
        O4 - HKLM\..\Run: [3s6U3nX] glmepl40.exe
        O4 - HKLM\..\Run: [k41xP] C:\documents and settings\alferink.alferink-x13m4y\local settings\temp\k41xP.exe
        O4 - HKLM\..\Run: [KC9KU] C:\documents and settings\alferink.alferink-x13m4y\local settings\temp\KC9KU.exe
        O4 - HKLM\..\Run: [b] C:\documents and settings\alferink.alferink-x13m4y\local settings\temp\b.exe
        O4 - HKLM\..\Run: [D] C:\documents and settings\alferink.alferink-x13m4y\local settings\temp\D.exe
        O4 - HKLM\..\Run: [hPUPVJzWC] C:\documents and settings\alferink.alferink-x13m4y\local settings\temp\hPUPVJzWC.exe
        O4 - HKLM\..\Run: [K9UrvG] C:\documents and settings\alferink.alferink-x13m4y\local settings\temp\K9UrvG.exe
        O4 - HKLM\..\Run: [OSS] C:\WINNT\system32\ossproxy.exe -boot
        O4 - HKLM\..\Run: [uJ] C:\documents and settings\alferink.alferink-x13m4y\local settings\temp\uJ.exe
        O4 - HKLM\..\Run: [Bakra] C:\WINNT\System32\IEHost.exe
        O4 - HKLM\..\Run: [4PR9F2W39AMQMM] C:\WINNT\System32\Fah1q6.exe
        O4 - HKLM\..\Run: [System] C:\WINNT\systray.exe
        O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINNT\System32\NvCpl.dll,NvStartup
        O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
        O4 - HKLM\..\Run: [RbJXL45] C:\documents and settings\alferink.alferink-x13m4y\local settings\temp\RbJXL45.exe
        O4 - HKLM\..\Run: [0pbACYp] C:\documents and settings\alferink.alferink-x13m4y\local settings\temp\0pbACYp.exe
        O4 - HKLM\..\Run: [qHsLtQMFL] C:\documents and settings\alferink.alferink-x13m4y\local settings\temp\qHsLtQMFL.exe
        O4 - HKLM\..\Run: [sn] C:\documents and settings\alferink.alferink-x13m4y\local settings\temp\sn.exe
        O4 - HKLM\..\Run: [FDqT] C:\documents and settings\alferink.alferink-x13m4y\local settings\temp\FDqT.exe
        O4 - HKLM\..\Run: [0eE] C:\documents and settings\alferink.alferink-x13m4y\local settings\temp\0eE.exe
        O4 - HKLM\..\Run: [GcLq] C:\documents and settings\alferink.alferink-x13m4y\local settings\temp\GcLq.exe
        O4 - HKLM\..\Run: [Spyware Stormer] C:\Program Files\Spyware Stormer\SpywareStormer.Exe
        O4 - HKLM\..\Run: [QKq] C:\documents and settings\alferink.alferink-x13m4y\local settings\temp\QKq.exe
        O4 - HKLM\..\Run: [H] C:\documents and settings\alferink.alferink-x13m4y\local settings\temp\H.exe
        O4 - HKLM\..\Run: [9NupoG8] C:\documents and settings\alferink.alferink-x13m4y\local settings\temp\9NupoG8.exe
        O4 - HKLM\..\Run: [0was8y] C:\documents and settings\alferink.alferink-x13m4y\local settings\temp\0was8y.exe
        O4 - HKLM\..\Run: [SOie4S9ns] C:\documents and settings\alferink.alferink-x13m4y\local settings\temp\SOie4S9ns.exe
        O4 - HKLM\..\Run: [AutoUpdater] "C:\Program Files\AutoUpdate\AutoUpdate.exe"
        O4 - HKLM\..\Run: [aMawQ] c:\documents and settings\alferink.alferink-x13m4y\local settings\temp\aMawQ.exe
        O4 - HKLM\..\RunServices: [Generic Service Process] regsvc32.exe
        O4 - HKCU\..\Run: [internat.exe] internat.exe
        O4 - HKCU\..\Run: [McAfee.InstantUpdate.Monitor] "C:\Program Files\McAfee\McAfee Shared Components\Instant Updater\RuLaunch.exe" /STARTMONITOR
        O4 - HKCU\..\Run: [NVIEW] rundll32.exe nview.dll,nViewLoadHook
        O4 - HKCU\..\Run: [STManager] C:/Program Files/SpeedTouch/Dr SpeedTouch/drst.exe -b
        O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\Messenger Plus! 3\MsgPlus.exe" /WinStart
        O4 - HKCU\..\Run: [DR_S] C:\Program Files\DR_S\DR_S.exe
        O4 - HKCU\..\Run: [ClockSync] "C:\PROGRA~1\CLOCKS~1\Sync.exe" /q
        O4 - HKCU\..\Run: [Microsoft Internet Explorer Add-In Manager] C:\WINNT\SYSTEM32\msiexplore.exe
        O4 - HKCU\..\Run: [IBp8Rhb6W] gpkuserr.exe
        O4 - HKCU\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINNT\System32\NVMCTRAY.DLL,NvTaskbarInit
        O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
        O4 - Global Startup: BTTray.lnk = C:\Program Files\MicroStar\Bluetooth Software\BTTray.exe
        O4 - Global Startup: Enable Wireless Keyboard Driver.lnk = C:\Program Files\Wireless Device\Wireless Keyboard\Magickey.exe
        O4 - Global Startup: Enable Wireless Mouse Driver.lnk = C:\Program Files\Wireless Device\Wireless Mouse\MouseAp.exe
        O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
        O4 - Global Startup: SeeStorm Messenger.lnk = C:\Program Files\SeeStorm\SSM\SSMtray.exe
        O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
        O8 - Extra context menu item: &IE Toolbar search - res://C:\WINNT\System32\toolbar.dll/SEARCH.HTML
        O8 - Extra context menu item: Gelijkwaardige pagina's - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
        O8 - Extra context menu item: Koppelingspagina's - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
        O8 - Extra context menu item: Opgeslagen momentopname van de pagina - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
        O9 - Extra button: (no name) - {120E090D-9136-4b78-8258-F0B44B4BD2AC} - C:\WINNT\System32\ms.exe
        O9 - Extra 'Tools' menuitem: MaxSpeed - {120E090D-9136-4b78-8258-F0B44B4BD2AC} - C:\WINNT\System32\ms.exe
        O10 - Broken Internet access because of LSP provider 'xfire_lsp_9028.dll' missing
        O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab27571.cab
        O16 - DPF: {0B682CC1-FB40-4006-A5DD-99EDD3C9095D} (vbiewer control) - http://www.thepaymentcentre.com/build/vbiewer.cab
        O16 - DPF: {10000000-1000-0000-1000-000000000000} - ms-its:mhtml:file://C:\foo.mht!http://www.free32.com/POP.CHM::/sp.exe
        O16 - DPF: {1C78AB3F-A857-482E-80C0-3A1E5238A565} (iSearch Toolbar) - http://toolbar.isearch.com/general/drm.cab
        O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.imgfarm.com/images/nocache/funwebproducts/ei/PopularScreenSaversInitialSetup1.0.0.8.cab
        O16 - DPF: {1D6711C8-7154-40BB-8380-3DEA45B69CBF} (Web P2P Installer) -
        O16 - DPF: {205FF73B-CA67-11D5-99DD-444553540000} (CInstall Class) - http://www.spywarestormer.com/files2/Install.cab
        O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - http://us.dl1.yimg.com/download.yahoo.com/dl/installs/yinst0401.cab
        O16 - DPF: {42F2D240-B23C-11D6-8C73-70A05DC10000} - http://www.oyunfabrikasi.com/nl/2/060187nl.exe
        O16 - DPF: {4E330863-6A11-11D0-BFD8-006097237877} (InstallFromTheWeb ActiveX Control) - http://tw.msi.com.tw/autobios/client/iftwclix.cab
        O16 - DPF: {841A9192-5690-11D4-A258-0040954A01BE} (DialXSCtl Object) - http://dialxs.nl/install/dialxs.ocx
        O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab27571.cab
        O16 - DPF: {91433D86-9F27-402C-B5E3-DEBDD122C339} - http://www.netvenda.com/sites/games-intl/nl/games4.cab
        O16 - DPF: {99802379-7362-40E2-9D28-8A3B9AF880B7} (iiittt Class) - http://hotsearchbar.com/toolbar2/winhot32.cab
        O16 - DPF: {A27AD582-5BE5-4C2D-82F0-48B24FE02040} - http://www.adshooter.com/pop_shooter/install/win2000/SYSsfitb.cab
        O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://utu.popcap.com/games/popcaploader_v6.cab
        O16 - DPF: {E0B795B4-FD95-4ABD-A375-27962EFCE8CF} - http://install.power-url.de/StarInstall.ocx
        O16 - DPF: {F00F4763-7355-4725-82F7-0DA94A256D46} (IMDownloader Class) - http://www2.incredimail.com/contents/setup/downloader/imloader.cab
        O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab28578.cab
        O18 - Filter: text/html - {D7A6E75E-9385-448C-9223-5AEA30F8D6AB} - C:\Documents and Settings\alferink.ALFERINK-X13M4Y\Local Settings\Application Data\microsoft\internet explorer\V0.21.dat
        • Citaat

        Comment

        • #5
          Goed, die hebben we dus gedraaid.

          Download nu: CleanUp!

          Draai CleanUp!, met ALLE andere vensters en browsers gesloten.

          Start opnieuw op in veilige modus door diverse malen op F8 te drukken tijdens het opstarten, en draai CleanUp! opnieuw.

          Start nu weer opnieuw op in normale modus, maak een nieuw logje aan met HijackThis, en post dat hier.
          • Citaat

          Comment

          • #6
            hoi hans ik kan niet in veilige modus komen heel *** maar lukt niet dus ik stuur nog ff 1 keer die log oke

            Logfile of HijackThis v1.98.2
            Scan saved at 20:29:03, on 20-9-2004
            Platform: Windows 2000 (WinNT 5.00.2195)
            MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

            Running processes:
            C:\WINNT\System32\smss.exe
            C:\WINNT\system32\winlogon.exe
            C:\WINNT\system32\services.exe
            C:\WINNT\system32\lsass.exe
            C:\WINNT\system32\svchost.exe
            C:\WINNT\system32\spoolsv.exe
            C:\Program Files\McAfee\McAfee VirusScan\Avsynmgr.exe
            C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
            C:\WINNT\System32\svchost.exe
            C:\WINNT\system32\hidserv.exe
            C:\WINNT\System32\nvsvc32.exe
            C:\Program Files\McAfee\McAfee VirusScan\VsStat.exe
            C:\WINNT\system32\regsvc.exe
            C:\WINNT\System32\r_server.exe
            C:\WINNT\system32\MSTask.exe
            C:\WINNT\system32\stisvc.exe
            C:\Program Files\McAfee\McAfee VirusScan\Vshwin32.exe
            C:\WINNT\System32\WBEM\WinMgmt.exe
            C:\WINNT\Explorer.exe
            C:\WINNT\System32\mspmspsv.exe
            C:\Program Files\McAfee\McAfee VirusScan\Avconsol.exe
            C:\WINNT\systray.exe
            C:\Program Files\Messenger Plus! 3\MsgPlus.exe
            C:\WINNT\System32\carpserv.exe
            C:\Program Files\McAfee\McAfee Shared Components\Instant Updater\RuLaunch.exe
            C:\Program Files\Common Files\Network Associates\McShield\Mcshield.exe
            C:\WINNT\System32\internat.exe
            C:\Program Files\SpeedTouch\Dr SpeedTouch\drst.exe
            C:\WINNT\System32\RUNDLL32.EXE
            C:\Program Files\MicroStar\Bluetooth Software\BTTray.exe
            C:\Program Files\Wireless Device\Wireless Keyboard\Magickey.exe
            C:\Program Files\Wireless Device\Wireless Mouse\MouseAp.exe
            C:\WINNT\System32\rundll32.exe
            C:\Program Files\MSN Messenger\msnmsgr.exe
            C:\Program Files\MicroStar\Bluetooth Software\BTStackServer.exe
            C:\Program Files\Wireless Device\Wireless Keyboard\osd.exe
            C:\WINNT\System32\WscW.exe
            C:\WINNT\System32\JmkzKUg.exe
            C:\hijack this\HijackThis.exe

            R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = http://www.searchtraffic.com/search.php3?l=protect1&term==
            R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.searchtraffic.com/search.php3?l=protect1&term==
            R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.searchtraffic.com/search.php3?l=protect1&term==
            R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
            R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.searchforit.com/searchbar
            R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.searchtraffic.com/search.php3?l=protect1&term==
            R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.searchtraffic.com/search.php3?l=protect1&term=
            R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://search.yahoo.com/search?p=%s
            R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak = http://www.startpagina.nl/
            R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
            O2 - BHO: PerfectNavBHO Class - {00D6A7E7-4A97-456f-848A-3B75BF7554D7} - C:\PROGRA~1\PERFEC~1\BHO\PERFEC~1.DLL (file missing)
            O2 - BHO: Band Class - {01F44A8A-8C97-4325-A378-76E68DC4AB2E} - C:\WINNT\systb.dll (file missing)
            O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
            O2 - BHO: ohb Class - {086CEFD5-A88D-4981-8915-D51F04360ED1} - C:\WINNT\System32\winhot32.dll (file missing)
            O2 - BHO: iSearch Toolbar - {1C78AB3F-A857-482e-80C0-3A1E5238A565} - C:\WINNT\System32\toolbar.dll (file missing)
            O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
            O2 - BHO: ReplaceSearchCtl Class - {832BEBED-C3DA-4534-A2C2-B2FFF220C820} - C:\WINNT\System32\replaceSearch.dll (file missing)
            O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
            O2 - BHO: Band Class - {C5183ABC-EB6E-4E05-B8C9-500A16B6CF94} - C:\Program Files\SEP\sep.dll (file missing)
            O2 - BHO: Search Help - {E8EAEB34-F7B5-4C55-87FF-720FAF53D841} - C:\Documents and Settings\alferink.ALFERINK-X13M4Y\Local Settings\Temp\m4um.dll (file missing)
            O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
            O3 - Toolbar: (no name) - {8B224779-3B0E-4FEA-8AE1-B66C20DD840F} - (no file)
            O3 - Toolbar: (no name) - {2CDE1A7D-A478-4291-BF31-E1B4C16F92EB} - (no file)
            O3 - Toolbar: iSearch Toolbar - {1C78AB3F-A857-482e-80C0-3A1E5238A565} - C:\WINNT\System32\toolbar.dll (file missing)
            O3 - Toolbar: (no name) - {C5183ABC-EB6E-4E05-B8C9-500A16B6CF94} - C:\Program Files\SEP\sep.dll (file missing)
            O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\System32\msdxm.ocx
            O4 - HKLM\..\Run: [4PR9F2W39AMQMM] C:\WINNT\System32\Fah1q6.exe
            O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
            O4 - HKLM\..\Run: [KC9KU] C:\documents and settings\alferink.alferink-x13m4y\local settings\temp\KC9KU.exe
            O4 - HKLM\..\Run: [Microsoft Internet Explorer Add-In Manager] C:\WINNT\SYSTEM32\msiexplore.exe
            O4 - HKLM\..\Run: [aMawQ] C:\documents and settings\alferink.alferink-x13m4y\local settings\temp\aMawQ.exe
            O4 - HKLM\..\Run: [alchem] C:\WINNT\alchem.exe
            O4 - HKLM\..\Run: [k41xP] C:\documents and settings\alferink.alferink-x13m4y\local settings\temp\k41xP.exe
            O4 - HKLM\..\Run: [3s6U3nX] glmepl40.exe
            O4 - HKLM\..\Run: [RbJXL45] C:\documents and settings\alferink.alferink-x13m4y\local settings\temp\RbJXL45.exe
            O4 - HKLM\..\Run: [b] C:\documents and settings\alferink.alferink-x13m4y\local settings\temp\b.exe
            O4 - HKLM\..\Run: [hPUPVJzWC] C:\documents and settings\alferink.alferink-x13m4y\local settings\temp\hPUPVJzWC.exe
            O4 - HKLM\..\Run: [0was8y] C:\documents and settings\alferink.alferink-x13m4y\local settings\temp\0was8y.exe
            O4 - HKLM\..\Run: [tvpkuraxrpoc] C:\WINNT\System32\szxftk.exe
            O4 - HKLM\..\Run: [GcLq] C:\documents and settings\alferink.alferink-x13m4y\local settings\temp\GcLq.exe
            O4 - HKLM\..\Run: [P2P Networking] C:\WINNT\System32\P2P Networking\P2P Networking.exe /AUTOSTART
            O4 - HKLM\..\Run: [K9UrvG] C:\documents and settings\alferink.alferink-x13m4y\local settings\temp\K9UrvG.exe
            O4 - HKLM\..\Run: [uJ] C:\documents and settings\alferink.alferink-x13m4y\local settings\temp\uJ.exe
            O4 - HKLM\..\Run: [H] C:\documents and settings\alferink.alferink-x13m4y\local settings\temp\H.exe
            O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
            O4 - HKLM\..\Run: [Dsi] C:\WINNT\System32\dp-him.exe
            O4 - HKLM\..\Run: [UsbD] C:\WINNT\System32\iexplore32.exe
            O4 - HKLM\..\Run: [qHsLtQMFL] C:\documents and settings\alferink.alferink-x13m4y\local settings\temp\qHsLtQMFL.exe
            O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINNT\System32\NvCpl.dll,NvStartup
            O4 - HKLM\..\Run: [AutoUpdater] "C:\Program Files\AutoUpdate\AutoUpdate.exe"
            O4 - HKLM\..\Run: [LiveMonitor] C:\Program Files\MSI\Live Update 3\LMonitor.exe
            O4 - HKLM\..\Run: [oN5t] C:\documents and settings\alferink.alferink-x13m4y\local settings\temp\oN5t.exe
            O4 - HKLM\..\Run: [System] C:\WINNT\systray.exe
            O4 - HKLM\..\Run: [SOie4S9ns] C:\documents and settings\alferink.alferink-x13m4y\local settings\temp\SOie4S9ns.exe
            O4 - HKLM\..\Run: [FDqT] C:\documents and settings\alferink.alferink-x13m4y\local settings\temp\FDqT.exe
            O4 - HKLM\..\Run: [0pbACYp] C:\documents and settings\alferink.alferink-x13m4y\local settings\temp\0pbACYp.exe
            O4 - HKLM\..\Run: [dSL] C:\documents and settings\alferink.alferink-x13m4y\local settings\temp\dSL.exe
            O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\Messenger Plus! 3\MsgPlus.exe"
            O4 - HKLM\..\Run: [D] C:\documents and settings\alferink.alferink-x13m4y\local settings\temp\D.exe
            O4 - HKLM\..\Run: [OSS] C:\WINNT\system32\ossproxy.exe -boot
            O4 - HKLM\..\Run: [sn] C:\documents and settings\alferink.alferink-x13m4y\local settings\temp\sn.exe
            O4 - HKLM\..\Run: [0eE] C:\documents and settings\alferink.alferink-x13m4y\local settings\temp\0eE.exe
            O4 - HKLM\..\Run: [CARPService] carpserv.exe
            O4 - HKLM\..\Run: [9NupoG8] C:\documents and settings\alferink.alferink-x13m4y\local settings\temp\9NupoG8.exe
            O4 - HKLM\..\Run: [QKq] C:\documents and settings\alferink.alferink-x13m4y\local settings\temp\QKq.exe
            O4 - HKLM\..\RunServices: [Generic Service Process] regsvc32.exe
            O4 - HKCU\..\Run: [Spyware Doctor] "C:\Program Files\Spyware Doctor\spydoctor.exe" /Q
            O4 - HKCU\..\Run: [McAfee.InstantUpdate.Monitor] "C:\Program Files\McAfee\McAfee Shared Components\Instant Updater\RuLaunch.exe" /STARTMONITOR
            O4 - HKCU\..\Run: [NVIEW] rundll32.exe nview.dll,nViewLoadHook
            O4 - HKCU\..\Run: [internat.exe] internat.exe
            O4 - HKCU\..\Run: [STManager] C:/Program Files/SpeedTouch/Dr SpeedTouch/drst.exe -b
            O4 - HKCU\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINNT\System32\NVMCTRAY.DLL,NvTaskbarInit
            O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\Messenger Plus! 3\MsgPlus.exe" /WinStart
            O4 - HKCU\..\Run: [ClockSync] "C:\PROGRA~1\CLOCKS~1\Sync.exe" /q
            O4 - HKCU\..\Run: [DR_S] C:\Program Files\DR_S\DR_S.exe
            O4 - HKCU\..\Run: [Microsoft Internet Explorer Add-In Manager] C:\WINNT\SYSTEM32\msiexplore.exe
            O4 - HKCU\..\Run: [IBp8Rhb6W] gpkuserr.exe
            O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
            O4 - HKCU\..\RunOnce: [CleanUp!] C:\Program Files\CleanUp!\Cleanup.exe /WindowsRestart
            O4 - Global Startup: BTTray.lnk = C:\Program Files\MicroStar\Bluetooth Software\BTTray.exe
            O4 - Global Startup: Enable Wireless Keyboard Driver.lnk = C:\Program Files\Wireless Device\Wireless Keyboard\Magickey.exe
            O4 - Global Startup: Enable Wireless Mouse Driver.lnk = C:\Program Files\Wireless Device\Wireless Mouse\MouseAp.exe
            O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
            O4 - Global Startup: SeeStorm Messenger.lnk = C:\Program Files\SeeStorm\SSM\SSMtray.exe
            O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
            O8 - Extra context menu item: &IE Toolbar search - res://C:\WINNT\System32\toolbar.dll/SEARCH.HTML
            O8 - Extra context menu item: Gelijkwaardige pagina's - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
            O8 - Extra context menu item: Koppelingspagina's - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
            O8 - Extra context menu item: Opgeslagen momentopname van de pagina - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
            O9 - Extra button: (no name) - {120E090D-9136-4b78-8258-F0B44B4BD2AC} - C:\WINNT\System32\ms.exe
            O9 - Extra 'Tools' menuitem: MaxSpeed - {120E090D-9136-4b78-8258-F0B44B4BD2AC} - C:\WINNT\System32\ms.exe
            O10 - Broken Internet access because of LSP provider 'xfire_lsp_9028.dll' missing
            O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab27571.cab
            O16 - DPF: {0B682CC1-FB40-4006-A5DD-99EDD3C9095D} (vbiewer control) - http://www.thepaymentcentre.com/build/vbiewer.cab
            O16 - DPF: {1C78AB3F-A857-482E-80C0-3A1E5238A565} (iSearch Toolbar) - http://toolbar.isearch.com/general/drm.cab
            O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.imgfarm.com/images/nocache/funwebproducts/ei/PopularScreenSaversInitialSetup1.0.0.8.cab
            O16 - DPF: {1D6711C8-7154-40BB-8380-3DEA45B69CBF} (Web P2P Installer) -
            O16 - DPF: {205FF73B-CA67-11D5-99DD-444553540000} (CInstall Class) - http://www.spywarestormer.com/files2/Install.cab
            O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - http://us.dl1.yimg.com/download.yahoo.com/dl/installs/yinst0401.cab
            O16 - DPF: {42F2D240-B23C-11D6-8C73-70A05DC10000} - http://www.oyunfabrikasi.com/nl/2/060187nl.exe
            O16 - DPF: {4E330863-6A11-11D0-BFD8-006097237877} (InstallFromTheWeb ActiveX Control) - http://tw.msi.com.tw/autobios/client/iftwclix.cab
            O16 - DPF: {841A9192-5690-11D4-A258-0040954A01BE} (DialXSCtl Object) - http://dialxs.nl/install/dialxs.ocx
            O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab27571.cab
            O16 - DPF: {91433D86-9F27-402C-B5E3-DEBDD122C339} - http://www.netvenda.com/sites/games-intl/nl/games4.cab
            O16 - DPF: {99802379-7362-40E2-9D28-8A3B9AF880B7} (iiittt Class) - http://hotsearchbar.com/toolbar2/winhot32.cab
            O16 - DPF: {A27AD582-5BE5-4C2D-82F0-48B24FE02040} - http://www.adshooter.com/pop_shooter/install/win2000/SYSsfitb.cab
            O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://utu.popcap.com/games/popcaploader_v6.cab
            O16 - DPF: {E0B795B4-FD95-4ABD-A375-27962EFCE8CF} - http://install.power-url.de/StarInstall.ocx
            O16 - DPF: {F00F4763-7355-4725-82F7-0DA94A256D46} (IMDownloader Class) - http://www2.incredimail.com/contents/setup/downloader/imloader.cab
            O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab28578.cab
            O18 - Filter: text/html - {D7A6E75E-9385-448C-9223-5AEA30F8D6AB} - C:\Documents and Settings\alferink.ALFERINK-X13M4Y\Local Settings\Application Data\microsoft\internet explorer\V0.21.dat

            ik weet dat de log een beetje aan de grote kant is. maar zou je me willen helpen
            luuk
            Last edited by [email protected]; 22-09-04, 21:06.
            • Citaat

            Comment

            • #7
              Is een format hier geen optie?
              • Citaat

              Comment

              Vorige template Volgende
              Sorry, you are not authorized to view this page
              Working...
              X