fener33
Gebruiker
- Lid geworden
- 5 jun 2004
- Berichten
- 318
hoi buffy of hans
een vriend van mij. heeft vreselijke problemen met spyware. waardoor hij een langzame pc heeft. ad-aware se en virus controller en cw-shrreder zijn er over geweest
nou nog de rest.
Logfile of HijackThis v1.98.2
Scan saved at 18:41:44, on 13-9-2004
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\TDK Systems\Bluetooth Software\bin\btwdins.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton AntiVirus\SAVScan.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Messenger Plus! 3\MsgPlus.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\TDK Systems\Bluetooth Software\BTTray.exe
C:\Program Files\Nikon\NkView6\NkvMon.exe
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\TDKSYS~1\BLUETO~1\BTSTAC~1.EXE
C:\Program Files\Symantec\LiveUpdate\ALUNOTIFY.EXE
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Messenger Plus! 3\MsgPlus.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\TDK Systems\Bluetooth Software\BTTray.exe
C:\Program Files\Nikon\NkView6\NkvMon.exe
C:\PROGRA~1\TDKSYS~1\BLUETO~1\BTSTAC~1.EXE
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Messenger Plus! 3\MsgPlus.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\TDK Systems\Bluetooth Software\BTTray.exe
C:\Program Files\Nikon\NkView6\NkvMon.exe
C:\PROGRA~1\TDKSYS~1\BLUETO~1\BTSTAC~1.EXE
C:\PROGRA~1\Lavasoft\AD-AWA~1\Ad-Aware.exe
c:\progra~1\intern~1\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\System32\taskmgr.exe
C:\Documents and Settings\Michel\My Documents\Mijn ontvangen bestanden\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.nl/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.starwars.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.cruhuacgspstvt.net/M257HstmSIxKisfvawDx5apGn0wqg5im7VeIp4zUwuiLz6YADdhzuVQOE7sqdHhv.html
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {7D42CF6A-7F73-20A3-556D-A1632E206197} - C:\PROGRA~1\METAEQ~1\Slow Army.exe
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll (file missing)
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll (file missing)
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\Messenger Plus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [playexit] C:\PROGRA~1\OKAYBL~1\UserTrans.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [README BEEP PHONE COAL] C:\Documents and Settings\All Users\Application Data\Meow Drive Readme Beep\Okay cake.exe
O4 - HKLM\..\Run: [DPMApp] "C:\Program Files\Philips Speech\DPMApp.exe" /h
O4 - HKLM\..\RunOnce: [AAW] "C:\PROGRA~1\Lavasoft\AD-AWA~1\Ad-Aware.exe" "+b1"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\Messenger Plus! 3\MsgPlus.exe" /WinStart
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [StartPage] C:\windows\rundll32.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: NkvMon.exe.lnk = C:\Program Files\Nikon\NkView6\NkvMon.exe
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\TDK Systems\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\TDK Systems\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O16 - DPF: v2cab - http://searchmiracle.com/cab/v2cab.cab
O16 - DPF: {09CAC315-9D88-42AA-11A2-7EA86BE207FB} - http://66.117.42.151/1/gdnNL19.exe
O16 - DPF: {0ECE9869-B93F-06E4-505C-2010166B51B7} - http://66.117.42.151/1/gdnNL19.exe
O16 - DPF: {10003000-1000-0000-1000-000000000000} - ms-its:mhtml:file://C:\foo.mht!http://195.225.177.13/11225/online.chm::/on-line.exe
O16 - DPF: {117D3316-6BE7-75CC-5A96-15832FD9B98B} - http://66.117.42.151/1/rdgNL19.exe
O16 - DPF: {12D5B3BE-8CAD-59BA-4661-72F376C15052} - http://66.117.42.151/1/gdnNL19.exe
O16 - DPF: {18153E2D-6E82-2748-1EB0-26C52AB920EA} - http://66.117.42.151/1/rdgNL19.exe
O16 - DPF: {1A0EDC84-2F6B-4AB9-89BC-5B942B27CAAD} - http://66.117.42.151/1/rdgNL19.exe
O16 - DPF: {30CE93AE-4987-483C-9ABE-F2BD5301AB70} - http://64.158.165.147/060570/nl/adult1/adult1.exe
O16 - DPF: {3A0BF10E-BE50-158A-017F-1E34430E1A56} - http://66.117.42.151/1/rdgNL19.exe
O16 - DPF: {3D84B3BD-D2F7-2D5D-2FD1-58415CC66785} - http://66.117.42.151/1/rdgNL19.exe
O16 - DPF: {54D5AB3B-2B2A-3DA2-2C1C-77820713F80E} - http://66.117.42.151/1/gdnNL19.exe
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://software-dl.real.com/06d05e81772e6bfffb05/netzip/RdxIE601.cab
O16 - DPF: {571B3855-047D-7FC8-C94D-61853547E8E5} - http://66.117.42.151/1/gdnNL19.exe
O16 - DPF: {5DC97101-0FAE-7DE8-D541-603A054C1029} - http://66.117.42.151/1/rdgNL19.exe
O16 - DPF: {7448FBBA-A76F-0765-4E37-466702B29E93} - http://66.117.42.151/1/rdgNL19.exe
O16 - DPF: {79EBF2DF-2636-29D0-C846-54E31D7C2CB9} - http://66.117.42.151/1/gdnNL19.exe
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab28578.cab
O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://chat.msn.com/bin/msnchat45.cab
een vriend van mij. heeft vreselijke problemen met spyware. waardoor hij een langzame pc heeft. ad-aware se en virus controller en cw-shrreder zijn er over geweest
nou nog de rest.
Logfile of HijackThis v1.98.2
Scan saved at 18:41:44, on 13-9-2004
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\TDK Systems\Bluetooth Software\bin\btwdins.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton AntiVirus\SAVScan.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Messenger Plus! 3\MsgPlus.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\TDK Systems\Bluetooth Software\BTTray.exe
C:\Program Files\Nikon\NkView6\NkvMon.exe
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\TDKSYS~1\BLUETO~1\BTSTAC~1.EXE
C:\Program Files\Symantec\LiveUpdate\ALUNOTIFY.EXE
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Messenger Plus! 3\MsgPlus.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\TDK Systems\Bluetooth Software\BTTray.exe
C:\Program Files\Nikon\NkView6\NkvMon.exe
C:\PROGRA~1\TDKSYS~1\BLUETO~1\BTSTAC~1.EXE
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Messenger Plus! 3\MsgPlus.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\TDK Systems\Bluetooth Software\BTTray.exe
C:\Program Files\Nikon\NkView6\NkvMon.exe
C:\PROGRA~1\TDKSYS~1\BLUETO~1\BTSTAC~1.EXE
C:\PROGRA~1\Lavasoft\AD-AWA~1\Ad-Aware.exe
c:\progra~1\intern~1\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\System32\taskmgr.exe
C:\Documents and Settings\Michel\My Documents\Mijn ontvangen bestanden\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.nl/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.starwars.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.cruhuacgspstvt.net/M257HstmSIxKisfvawDx5apGn0wqg5im7VeIp4zUwuiLz6YADdhzuVQOE7sqdHhv.html
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {7D42CF6A-7F73-20A3-556D-A1632E206197} - C:\PROGRA~1\METAEQ~1\Slow Army.exe
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll (file missing)
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll (file missing)
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\Messenger Plus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [playexit] C:\PROGRA~1\OKAYBL~1\UserTrans.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [README BEEP PHONE COAL] C:\Documents and Settings\All Users\Application Data\Meow Drive Readme Beep\Okay cake.exe
O4 - HKLM\..\Run: [DPMApp] "C:\Program Files\Philips Speech\DPMApp.exe" /h
O4 - HKLM\..\RunOnce: [AAW] "C:\PROGRA~1\Lavasoft\AD-AWA~1\Ad-Aware.exe" "+b1"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\Messenger Plus! 3\MsgPlus.exe" /WinStart
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [StartPage] C:\windows\rundll32.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: NkvMon.exe.lnk = C:\Program Files\Nikon\NkView6\NkvMon.exe
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\TDK Systems\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\TDK Systems\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O16 - DPF: v2cab - http://searchmiracle.com/cab/v2cab.cab
O16 - DPF: {09CAC315-9D88-42AA-11A2-7EA86BE207FB} - http://66.117.42.151/1/gdnNL19.exe
O16 - DPF: {0ECE9869-B93F-06E4-505C-2010166B51B7} - http://66.117.42.151/1/gdnNL19.exe
O16 - DPF: {10003000-1000-0000-1000-000000000000} - ms-its:mhtml:file://C:\foo.mht!http://195.225.177.13/11225/online.chm::/on-line.exe
O16 - DPF: {117D3316-6BE7-75CC-5A96-15832FD9B98B} - http://66.117.42.151/1/rdgNL19.exe
O16 - DPF: {12D5B3BE-8CAD-59BA-4661-72F376C15052} - http://66.117.42.151/1/gdnNL19.exe
O16 - DPF: {18153E2D-6E82-2748-1EB0-26C52AB920EA} - http://66.117.42.151/1/rdgNL19.exe
O16 - DPF: {1A0EDC84-2F6B-4AB9-89BC-5B942B27CAAD} - http://66.117.42.151/1/rdgNL19.exe
O16 - DPF: {30CE93AE-4987-483C-9ABE-F2BD5301AB70} - http://64.158.165.147/060570/nl/adult1/adult1.exe
O16 - DPF: {3A0BF10E-BE50-158A-017F-1E34430E1A56} - http://66.117.42.151/1/rdgNL19.exe
O16 - DPF: {3D84B3BD-D2F7-2D5D-2FD1-58415CC66785} - http://66.117.42.151/1/rdgNL19.exe
O16 - DPF: {54D5AB3B-2B2A-3DA2-2C1C-77820713F80E} - http://66.117.42.151/1/gdnNL19.exe
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://software-dl.real.com/06d05e81772e6bfffb05/netzip/RdxIE601.cab
O16 - DPF: {571B3855-047D-7FC8-C94D-61853547E8E5} - http://66.117.42.151/1/gdnNL19.exe
O16 - DPF: {5DC97101-0FAE-7DE8-D541-603A054C1029} - http://66.117.42.151/1/rdgNL19.exe
O16 - DPF: {7448FBBA-A76F-0765-4E37-466702B29E93} - http://66.117.42.151/1/rdgNL19.exe
O16 - DPF: {79EBF2DF-2636-29D0-C846-54E31D7C2CB9} - http://66.117.42.151/1/gdnNL19.exe
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab28578.cab
O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://chat.msn.com/bin/msnchat45.cab