ScoobyDoo11
Gebruiker
- Lid geworden
- 3 mrt 2002
- Berichten
- 165
Logfile of HijackThis v1.98.2
Scan saved at 14:47:38, on 5-11-2004
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\wuauclt.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\System32\RunDll32.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Documents and Settings\Tjeerd\Bureaublad\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.richfind.com/ie/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.richfind.com/ie/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.richfind.com/home/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.richfind.com/ie/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.richfind.com/ie/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.richfind.com/home/
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.richfind.com/ie/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.richfind.com/ie/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
R3 - URLSearchHook: (no name) - _{1C78AB3F-A857-482e-80C0-3A1E5238A565} - (no file)
R3 - URLSearchHook: (no name) - _{12F02779-6D88-4958-8AD3-83C12D86ADC7} - (no file)
R3 - URLSearchHook: (no name) - {12F02779-6D88-4958-8AD3-83C12D86ADC7} - (no file)
R3 - URLSearchHook: Richfind - {00000000-0000-0000-0000-000000000000} - C:\WINDOWS\System32\Q9936127.dll (file missing)
O2 - BHO: Richfind - {00000000-0000-0000-0000-000000000000} - C:\WINDOWS\System32\Q9936127.dll (file missing)
O2 - BHO: Richfind - {3B1654C5-BB98-4F18-922C-D5C05670041D} - C:\WINDOWS\System32\Q1149953.dll (file missing)
O2 - BHO: IEHelper - {eb17a0aa-6ce3-4492-ba42-5c3bbb7caf63} - C:\WINDOWS\System32\Q888948.dll (file missing)
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: win32 - {C94158E1-6151-4442-ABE6-FD53D6534EFB} - C:\WINDOWS\Downloaded Program Files\CONFLICT.1\win32.dll
O3 - Toolbar: Richfind - {B1B5BF6D-7F32-463A-9FE7-A0612BE58EEE} - C:\WINDOWS\System32\Q1149953.dll (file missing)
O3 - Toolbar: Richfind - {00000000-0000-0000-0000-000000000000} - C:\WINDOWS\System32\Q9936127.dll (file missing)
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [HGTXPEI] C:\WINDOWS\System32\FirstReboot.exe
O4 - HKLM\..\Run: [SoundFusion] RunDll32 hercplgs.cpl,BootEntryPoint
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O9 - Extra button: Richfind - {00000000-0000-0000-0000-000000000000} - C:\WINDOWS\System32\Q9936127.dll (file missing)
O9 - Extra button: Richfind - {B1B5BF6D-7F32-463A-9FE7-A0612BE58EEE} - C:\WINDOWS\System32\Q1149953.dll (file missing)
O9 - Extra button: Richfind - {DCE75E0E-A5E6-4C83-8955-C23427B8B7CE} - C:\WINDOWS\System32\Q9936127.dll (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {1C78AB3F-A857-482E-80C0-3A1E5238A565} - http://toolbar.isearch.com/general/drm.cab
O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} (FilePlanet Download Control Class) - http://www.fileplanet.com/fpdlmgr/cabs/FPDC_1_0_0_42.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Besturing) - http://a840.g.akamai.net/7/840/537/2004061001/housecall.trendmicro.com/housecall/xscan53.cab
O16 - DPF: {C4925E65-7A1E-11D2-8BB4-00A0C9CC72C3} (Virtools WebPlayer Class) - http://a532.g.akamai.net/7/532/6712...com/downloads/player/Install2.5/Installer.exe
O16 - DPF: {C94158E1-6151-4442-ABE6-FD53D6534EFB} (win32) - http://searchfind.info/bar/win32.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{586CE704-C56D-4919-BA43-DDF1CFB5A18C}: NameServer = 10.0.0.138
O17 - HKLM\System\CCS\Services\Tcpip\..\{A66D6531-03D3-4C08-9E25-89FABE9D38AB}: NameServer = 10.0.0.138
O18 - Filter: text/html - {00000000-0000-0000-0000-000000000000} - C:\WINDOWS\System32\Q9936127.dll
O18 - Filter: text/plain - {00000000-0000-0000-0000-000000000000} - C:\WINDOWS\System32\Q9936127.dll
Scan saved at 14:47:38, on 5-11-2004
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\wuauclt.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\System32\RunDll32.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Documents and Settings\Tjeerd\Bureaublad\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.richfind.com/ie/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.richfind.com/ie/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.richfind.com/home/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.richfind.com/ie/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.richfind.com/ie/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.richfind.com/home/
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.richfind.com/ie/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.richfind.com/ie/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
R3 - URLSearchHook: (no name) - _{1C78AB3F-A857-482e-80C0-3A1E5238A565} - (no file)
R3 - URLSearchHook: (no name) - _{12F02779-6D88-4958-8AD3-83C12D86ADC7} - (no file)
R3 - URLSearchHook: (no name) - {12F02779-6D88-4958-8AD3-83C12D86ADC7} - (no file)
R3 - URLSearchHook: Richfind - {00000000-0000-0000-0000-000000000000} - C:\WINDOWS\System32\Q9936127.dll (file missing)
O2 - BHO: Richfind - {00000000-0000-0000-0000-000000000000} - C:\WINDOWS\System32\Q9936127.dll (file missing)
O2 - BHO: Richfind - {3B1654C5-BB98-4F18-922C-D5C05670041D} - C:\WINDOWS\System32\Q1149953.dll (file missing)
O2 - BHO: IEHelper - {eb17a0aa-6ce3-4492-ba42-5c3bbb7caf63} - C:\WINDOWS\System32\Q888948.dll (file missing)
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: win32 - {C94158E1-6151-4442-ABE6-FD53D6534EFB} - C:\WINDOWS\Downloaded Program Files\CONFLICT.1\win32.dll
O3 - Toolbar: Richfind - {B1B5BF6D-7F32-463A-9FE7-A0612BE58EEE} - C:\WINDOWS\System32\Q1149953.dll (file missing)
O3 - Toolbar: Richfind - {00000000-0000-0000-0000-000000000000} - C:\WINDOWS\System32\Q9936127.dll (file missing)
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [HGTXPEI] C:\WINDOWS\System32\FirstReboot.exe
O4 - HKLM\..\Run: [SoundFusion] RunDll32 hercplgs.cpl,BootEntryPoint
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O9 - Extra button: Richfind - {00000000-0000-0000-0000-000000000000} - C:\WINDOWS\System32\Q9936127.dll (file missing)
O9 - Extra button: Richfind - {B1B5BF6D-7F32-463A-9FE7-A0612BE58EEE} - C:\WINDOWS\System32\Q1149953.dll (file missing)
O9 - Extra button: Richfind - {DCE75E0E-A5E6-4C83-8955-C23427B8B7CE} - C:\WINDOWS\System32\Q9936127.dll (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {1C78AB3F-A857-482E-80C0-3A1E5238A565} - http://toolbar.isearch.com/general/drm.cab
O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} (FilePlanet Download Control Class) - http://www.fileplanet.com/fpdlmgr/cabs/FPDC_1_0_0_42.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Besturing) - http://a840.g.akamai.net/7/840/537/2004061001/housecall.trendmicro.com/housecall/xscan53.cab
O16 - DPF: {C4925E65-7A1E-11D2-8BB4-00A0C9CC72C3} (Virtools WebPlayer Class) - http://a532.g.akamai.net/7/532/6712...com/downloads/player/Install2.5/Installer.exe
O16 - DPF: {C94158E1-6151-4442-ABE6-FD53D6534EFB} (win32) - http://searchfind.info/bar/win32.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{586CE704-C56D-4919-BA43-DDF1CFB5A18C}: NameServer = 10.0.0.138
O17 - HKLM\System\CCS\Services\Tcpip\..\{A66D6531-03D3-4C08-9E25-89FABE9D38AB}: NameServer = 10.0.0.138
O18 - Filter: text/html - {00000000-0000-0000-0000-000000000000} - C:\WINDOWS\System32\Q9936127.dll
O18 - Filter: text/plain - {00000000-0000-0000-0000-000000000000} - C:\WINDOWS\System32\Q9936127.dll
