Hoi Benny,
Dank voor je reactie.
Hierbij na het fix'en, het nieuwe logfile van hijack:
Logfile of HijackThis v1.97.3
Scan saved at 17:38:50, on 12-10-2003
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\PROGRA~1\VIRUSP~1\avgserv.exe
C:\WINDOWS\System32\CTsvcCDA.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\Program Files\Trojan en virus pr\Firewall\PavFires.exe
C:\Program Files\Trojan en virus pr\pavsrv51.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\SYSTEM32\ZoneLabs\vsmon.exe
C:\Program Files\Trojan en virus pr\AVENGINE.EXE
C:\Program Files\Trojan en virus pr\apvxdwin.exe
C:\WINDOWS\System32\DSentry.exe
C:\Program Files\Creative\SBAudigy2\Surround Mixer\CTSysVol.exe
C:\Program Files\Creative\SBAudigy2\DVDAudio\CTDVDDet.EXE
C:\WINDOWS\System32\CTHELPER.EXE
C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe
C:\Program Files\Lexmark X5100 Series\lxbabmgr.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\PROGRA~1\VIRUSP~1\avgcc32.exe
C:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\Program Files\Anti-Trojan-55\ATWatch.exe
C:\Program Files\Lexmark X5100 Series\lxbabmon.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\Trojan en virus prWebroot\Spy Sweeper\SpySweeper.exe
C:\Program Files\Trojan en virus pr\pavProxy.exe
C:\Program Files\Zonelab\ZoneAlarm\zonealarm.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Ad-aware 6\Ad-aware.exe
C:\WINDOWS\explorer.exe
C:\Documents and Settings\Cynthia\Local Settings\Temp\Tijdelijke map 1 voor hijackthis[1].zip\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.ad.nl
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://www.euro.dell.com/countries/nl/nld/gen/default.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.ad.nl
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
R3 - Default URLSearchHook is missing
O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O3 - Toolbar: Copernic Agent - {F2E259E8-0FC8-438C-A6E0-342DD80FA53E} - C:\PROGRA~1\COPERN~1\COPERN~1.DLL
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE NvQTwk,NvCplDaemon initialize
O4 - HKLM\..\Run: [DVDSentry] C:\WINDOWS\System32\DSentry.exe
O4 - HKLM\..\Run: [CTSysVol] C:\Program Files\Creative\SBAudigy2\Surround Mixer\CTSysVol.exe
O4 - HKLM\..\Run: [CTDVDDet] C:\Program Files\Creative\SBAudigy2\DVDAudio\CTDVDDet.EXE
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [AsioReg] REGSVR32.EXE /S CTASIO.DLL
O4 - HKLM\..\Run: [AdaptecDirectCD] "C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe"
O4 - HKLM\..\Run: [Lexmark X5100 Series] "C:\Program Files\Lexmark X5100 Series\lxbabmgr.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [AVG_CC] C:\PROGRA~1\VIRUSP~1\avgcc32.exe /STARTUP
O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe
O4 - HKLM\..\Run: [MCUpdateExe] C:\PROGRA~1\mcafee.com\agent\McUpdate.exe
O4 - HKLM\..\Run: [Anti-Trojan-Watch] C:\Program Files\Anti-Trojan-55\ATWatch.exe
O4 - HKLM\..\Run: [SCANINICIO] "C:\Program Files\Trojan en virus pr\Inicio.exe"
O4 - HKLM\..\Run: [APVXDWIN] "C:\Program Files\Trojan en virus pr\APVXDWIN.EXE" /s
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [SpySweeper] C:\Program Files\Trojan en virus prWebroot\Spy Sweeper\SpySweeper.exe /0
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: ZoneAlarm.lnk = C:\Program Files\Zonelab\ZoneAlarm\zonealarm.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Search Using Copernic Agent - C:\Program Files\Copernic Agent\Web\SearchExt.htm
O9 - Extra 'Tools' menuitem: Sun Java Console (HKLM)
O9 - Extra 'Tools' menuitem: Launch Copernic Agent (HKLM)
O9 - Extra button: ICQ Pro (HKLM)
O9 - Extra 'Tools' menuitem: ICQ (HKLM)
O9 - Extra button: Copernic Agent (HKLM)
O9 - Extra button: Messenger (HKLM)
O9 - Extra 'Tools' menuitem: Messenger (HKLM)
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) -
http://security.symantec.com/SSC/SharedContent/vc/bin/AvSniff.cab
O16 - DPF: {41F17733-B041-4099-A042-B518BB6A408C} -
http://a1540.g.akamai.net/7/1540/52...ple.com/drakken/nl/win/QuickTimeInstaller.exe
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) -
http://bin.mcafee.com/molbin/shared/mcinsctl/en-us/4,0,0,73/mcinsctl.cab
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) -
http://207.188.7.150/170fe450e6914d3fa105/netzip/RdxIE601.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Besturing) -
http://a840.g.akamai.net/7/840/537/76808a0e7ae82f/housecall.antivirus.com/housecall/xscan53.cab
O16 - DPF: {90A29DA5-D020-4B18-8660-6689520C7CD7} (DmiReader Class) -
http://support.euro.dell.com/global/apps/systemprofiler/PROFILER.CAB
O16 - DPF: {90C9629E-CD32-11D3-BBFB-00105A1F0D68} (InstallShield International Setup Player) -
http://www.installengine.com/engine/isetup.cab
O16 - DPF: {C2FCEF52-ACE9-11D3-BEBD-00105AA9B6AE} (Symantec RuFSI Registry Information Class) -
http://security.symantec.com/SSC/SharedContent/common/bin/cabsa.cab
O16 - DPF: {CAFEEFAC-0014-0001-0003-ABCDEFFEDCBA} (Java Runtime Environment 1.4.1_03) -
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) -
http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) -
http://download.mcafee.com/molbin/iss-loc/vso/en-us/tools/mcfscan/1,5,0,4297/mcfscan.cab
* Taakbalk en buroblad reageren nog steeds niet.
* Ad-aware blijft melding geven over 2 trojans, waarbij hieronder de logfile.
* I.e. blijft melding geven zodra ik deze opstart over fout, het lijkt wanneer dit schermpje op-pupt de tramalant begint.
Lavasoft Ad-aware Personal Build 6.181
Logfile created on :zondag 12 oktober 2003 17:34:11
Created with Ad-aware Personal, free for private use.
Using reference-file :01R224 06.10.2003
______________________________________________________
Ad-aware Settings
=========================
Set : Activate in-depth scan (Recommended)
Set : Safe mode (always request confirmation)
Set : Scan active processes
Set : Scan registry
Set : Deep scan registry
Set : Scan my IE Favorites for banned URLs
Set : Scan within archives
Set : Scan my Hosts file
12-10-2003 17:34:11 - Scan started. (Custom mode)
Listing running processes
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
#:1 [smss.exe]
FilePath : \SystemRoot\System32\
ThreadCreationTime : 12-10-2003 15:30:25
BasePriority : Normal
#:2 [winlogon.exe]
FilePath : \??\C:\WINDOWS\system32\
ThreadCreationTime : 12-10-2003 15:30:26
BasePriority : High
#:3 [services.exe]
FilePath : C:\WINDOWS\system32\
ThreadCreationTime : 12-10-2003 15:30:27
BasePriority : Normal
FileSize : 99 KB
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
CompanyName : Microsoft Corporation
FileDescription : Services en controllertoepassingen
InternalName : services.exe
OriginalFilename : services.exe
ProductName : Besturingssysteem Microsoft
Created on : 30-9-2002 15:13:04
Last accessed : 12-10-2003 15:30:45
Last modified : 30-9-2002 15:13:04
#:4 [lsass.exe]
FilePath : C:\WINDOWS\system32\
ThreadCreationTime : 12-10-2003 15:30:27
BasePriority : Normal
FileSize : 11 KB
FileVersion : 5.1.2600.1106 (xpsp1.020828-1920)
ProductVersion : 5.1.2600.1106
CompanyName : Microsoft Corporation
FileDescription : LSA Shell (Export Version)
InternalName : lsass.exe
OriginalFilename : lsass.exe
ProductName : Microsoft
Created on : 30-9-2002 15:00:07
Last accessed : 12-10-2003 15:01:54
Last modified : 30-9-2002 15:00:07
#:5 [svchost.exe]
FilePath : C:\WINDOWS\system32\
ThreadCreationTime : 12-10-2003 15:30:27
BasePriority : Normal
FileSize : 12 KB
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
OriginalFilename : svchost.exe
ProductName : Microsoft
Created on : 30-9-2002 15:16:28
Last accessed : 12-10-2003 15:31:05
Last modified : 30-9-2002 15:16:28
#:6 [svchost.exe]
FilePath : C:\WINDOWS\System32\
ThreadCreationTime : 12-10-2003 15:30:27
BasePriority : Normal
FileSize : 12 KB
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
OriginalFilename : svchost.exe
ProductName : Microsoft
Created on : 30-9-2002 15:16:28
Last accessed : 12-10-2003 15:31:05
Last modified : 30-9-2002 15:16:28
#:7 [lexbces.exe]
FilePath : C:\WINDOWS\system32\
ThreadCreationTime : 12-10-2003 15:30:28
BasePriority : Normal
FileSize : 296 KB
FileVersion : 8.09
ProductVersion : 8.09
Copyright : (C) 1993 - 2003 Lexmark International, Inc.
CompanyName : Lexmark International, Inc.
FileDescription : LexBce Service
InternalName : LexBce Service
OriginalFilename : LexBceS.exe
ProductName : MarkVision for Windows (32 bit)
Created on : 16-12-2002 11:04:41
Last accessed : 12-10-2003 15:01:54
Last modified : 16-12-2002 11:04:41
#:8 [spoolsv.exe]
FilePath : C:\WINDOWS\system32\
ThreadCreationTime : 12-10-2003 15:30:28
BasePriority : Normal
FileSize : 50 KB
FileVersion : 5.1.2600.0 (XPClient.010817-1148)
ProductVersion : 5.1.2600.0
CompanyName : Microsoft Corporation
FileDescription : Spooler SubSystem App
InternalName : spoolsv.exe
OriginalFilename : spoolsv.exe
ProductName : Microsoft
Created on : 30-9-2002 15:15:33
Last accessed : 12-10-2003 15:01:54
Last modified : 30-9-2002 15:15:33
#:9 [lexpps.exe]
FilePath : C:\WINDOWS\system32\
ThreadCreationTime : 12-10-2003 15:30:29
BasePriority : Normal
FileSize : 170 KB
FileVersion : 8.09
ProductVersion : 8.09
Copyright : (C) 1993 - 2003 Lexmark International, Inc.
CompanyName : Lexmark International, Inc.
FileDescription : LEXPPS.EXE
InternalName : LEXPPS
OriginalFilename : LEXPPS.EXE
ProductName : MarkVision for Windows (32 bit)
Created on : 16-12-2002 11:01:56
Last accessed : 12-10-2003 15:01:54
Last modified : 16-12-2002 11:01:56
#:10 [avgserv.exe]
FilePath : C:\PROGRA~1\VIRUSP~1\
ThreadCreationTime : 12-10-2003 15:30:40
BasePriority : Normal
FileSize : 20 KB
FileVersion : 6.0.1.9
ProductVersion : 6.0.1.9
Copyright : Copyright (c) GRISOFT(c) SOFTWARE 1998-2001
CompanyName : GRISOFT(c) SOFTWARE s.r.o
FileDescription : AvgServ - displays notification message
InternalName : AvgServ
OriginalFilename : AvgServ
ProductName : AVG6
Created on : 23-9-2003 22:42:53
Last accessed : 12-10-2003 15:01:54
Last modified : 11-9-2003 4:00:00
#:11 [ctsvccda.exe]
FilePath : C:\WINDOWS\System32\
ThreadCreationTime : 12-10-2003 15:30:40
BasePriority : Normal
FileSize : 43 KB
FileVersion : 1.0.1.0
ProductVersion : 1.0.0.0
Copyright : Copyright (c) Creative Technology Ltd., 1999. All rights reserved.
CompanyName : Creative Technology Ltd
FileDescription : Creative Service for CDROM Access
InternalName : CTsvcCDAEXE
OriginalFilename : CTsvcCDA.EXE
ProductName : Creative Service for CDROM Access
Created on : 26-5-2003 12:36:20
Last accessed : 12-10-2003 15:01:54
Last modified : 13-12-1999 0:01:00
#:12 [mdm.exe]
FilePath : C:\Program Files\Common Files\Microsoft Shared\VS7Debug\
ThreadCreationTime : 12-10-2003 15:30:40
BasePriority : Normal
FileSize : 264 KB
FileVersion : 7.00.9064.9150
ProductVersion : 7.00.9064.9150
Copyright : Copyright (C) Microsoft Corp. 1997-2000
CompanyName : Microsoft Corporation
FileDescription : Machine Debug Manager
InternalName : mdm.exe
OriginalFilename : mdm.exe
ProductName : Microsoft Development Environment
Created on : 23-2-2001 8:07:30
Last accessed : 12-10-2003 15:01:54
Last modified : 23-2-2001 8:07:30
#:13 [nvsvc32.exe]
FilePath : C:\WINDOWS\System32\
ThreadCreationTime : 12-10-2003 15:30:40
BasePriority : Normal
FileSize : 60 KB
FileVersion : 6.13.10.2841
ProductVersion : 6.13.10.2841
Copyright : (c) NVIDIA Corporation. All rights reserved.
CompanyName : NVIDIA Corporation
FileDescription : NVIDIA Driver Helper Service, Version 28.41
InternalName : NVSVC
OriginalFilename : nvsvc32.exe
ProductName : NVIDIA Driver Helper Service, Version 28.41
Created on : 31-12-1979 23:00:00
Last accessed : 12-10-2003 15:01:54
Last modified : 18-4-2002 10:08:52
#:14 [pavfires.exe]
FilePath : C:\Program Files\Trojan en virus pr\Firewall\
ThreadCreationTime : 12-10-2003 15:30:40
BasePriority : Normal
FileSize : 168 KB
FileVersion : 1, 3, 0, 0
ProductVersion : 7, 5, 0, 0
Copyright : Panda Software Copyright
CompanyName : Panda Software
FileDescription : Personal Firewall Service
InternalName : Pavfires
OriginalFilename : Pavfires.exe
ProductName : Platinum 7 Pavfires
Created on : 11-10-2003 0:15:46
Last accessed : 12-10-2003 15:01:54
Last modified : 4-6-2003 13:56:46
#:15 [pavsrv51.exe]
FilePath : C:\Program Files\Trojan en virus pr\
ThreadCreationTime : 12-10-2003 15:30:40
BasePriority : High
FileSize : 264 KB
FileVersion : 6, 3, 0, 530
ProductVersion : 6.3
Copyright : Copyright
CompanyName : Panda Software
FileDescription : Panda Antivirus Service for Windows NT/2000
InternalName : pavsrv
OriginalFilename : pavsrv.exe
ProductName : Panda Antivirus
Created on : 11-10-2003 0:15:45
Last accessed : 12-10-2003 15:30:45
Last modified : 2-4-2003 13:38:18
#:16 [svchost.exe]
FilePath : C:\WINDOWS\System32\
ThreadCreationTime : 12-10-2003 15:30:40
BasePriority : Normal
FileSize : 12 KB
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
OriginalFilename : svchost.exe
ProductName : Microsoft
Created on : 30-9-2002 15:16:28
Last accessed : 12-10-2003 15:31:05
Last modified : 30-9-2002 15:16:28
#:17 [vsmon.exe]
FilePath : C:\WINDOWS\SYSTEM32\ZoneLabs\
ThreadCreationTime : 12-10-2003 15:30:40
BasePriority : Normal
FileSize : 901 KB
FileVersion : 3.7.211
ProductVersion : 3.7.211
Copyright : Copyright
CompanyName : Zone Labs Inc.
FileDescription : TrueVector Service
InternalName : vsmon
OriginalFilename : vsmon.exe
ProductName : TrueVector Service
Created on : 8-10-2003 23:38:26
Last accessed : 12-10-2003 15:02:32
Last modified : 4-9-2003 17:37:06
#:18 [avengine.exe]
FilePath : C:\Program Files\Trojan en virus pr\
ThreadCreationTime : 12-10-2003 15:30:40
BasePriority : Normal
FileSize : 100 KB
FileVersion : 6, 3, 0, 492
ProductVersion : 6.3
Copyright : Copyright
CompanyName : Panda Software
FileDescription : Proceso an
InternalName : avengine
OriginalFilename : avengine.exe
ProductName : Panda Antivirus Windows NT/2000
Created on : 11-10-2003 0:15:45
Last accessed : 12-10-2003 14:57:59
Last modified : 8-4-2003 15:51:34
#:19 [explorer.exe]
FilePath : C:\WINDOWS\
ThreadCreationTime : 12-10-2003 15:30:47
BasePriority : Normal
FileSize : 984 KB
FileVersion : 6.00.2800.1106 (xpsp1.020828-1920)
ProductVersion : 6.00.2800.1106
CompanyName : Microsoft Corporation
FileDescription : Windows Verkenner
InternalName : explorer
OriginalFilename : EXPLORER.EXE
ProductName : Besturingssysteem Microsoft
Created on : 30-9-2002 14:56:30
Last accessed : 12-10-2003 15:32:37
Last modified : 30-9-2002 14:56:30
#:20 [apvxdwin.exe]
FilePath : C:\Program Files\Trojan en virus pr\
ThreadCreationTime : 12-10-2003 15:30:47
BasePriority : Normal
FileSize : 276 KB
FileVersion : 2, 12, 12, 0
ProductVersion : 7.00
CompanyName : Panda Software International
FileDescription : Platinum permanent protection
InternalName : Apvxdwin.exe
ProductName : Panda Antivirus Platinum
Created on : 11-10-2003 0:15:41
Last accessed : 12-10-2003 15:31:03
Last modified : 1-7-2003 11:41:30
#:21 [dsentry.exe]
FilePath : C:\WINDOWS\System32\
ThreadCreationTime : 12-10-2003 15:30:55
BasePriority : Normal
FileSize : 28 KB
FileVersion : 1, 0, 2, 0
ProductVersion : 1, 0, 2, 0
Copyright : Copyright
CompanyName : Dell - Advanced Desktop Engineering
FileDescription : DVDSentry
InternalName : DVDSentry
OriginalFilename : DSentry.exe
ProductName : Dell - DVDSentry
Created on : 14-8-2002 17:22:52
Last accessed : 12-10-2003 15:30:25
Last modified : 14-8-2002 17:22:52
#:22 [ctsysvol.exe]
FilePath : C:\Program Files\Creative\SBAudigy2\Surround Mixer\
ThreadCreationTime : 12-10-2003 15:30:55
BasePriority : Normal
FileSize : 48 KB
FileVersion : 1.1.3.0
ProductVersion : 1.0.0.0
Copyright : Copyright (c) Creative Technology Ltd., 2002. All rights reserved.
CompanyName : Creative Technology Ltd
FileDescription : CTSysVol.exe
OriginalFilename : CTSysVol.exe
ProductName : Creative Volume Control
Created on : 26-5-2003 12:36:42
Last accessed : 12-10-2003 15:30:25
Last modified : 29-10-2002 8:18:24
#:23 [ctdvddet.exe]
FilePath : C:\Program Files\Creative\SBAudigy2\DVDAudio\
ThreadCreationTime : 12-10-2003 15:30:55
BasePriority : Normal
FileSize : 44 KB
FileVersion : 1.0.2.0
ProductVersion : 1.0.2.0
Copyright : Copyright (c) Creative Technology Ltd., 2002. All rights reserved.
CompanyName : Creative Technology Ltd
FileDescription : CTDVDDET
InternalName : CTDVDDET
OriginalFilename : CTDVDDET.EXE
ProductName : CTDVDDET
Created on : 26-5-2003 12:36:53
Last accessed : 12-10-2003 15:30:25
Last modified : 30-9-2002
#:24 [cthelper.exe]
FilePath : C:\WINDOWS\System32\
ThreadCreationTime : 12-10-2003 15:30:55
BasePriority : Normal
FileSize : 28 KB
FileVersion : 1, 0, 0, 11
ProductVersion : 1, 0, 0, 11
Copyright : Copyright (C) 2002
CompanyName : Creative Technology Ltd
FileDescription : CtHelper MFC Application
InternalName : CtHelper
OriginalFilename : CtHelper.EXE
ProductName : CtHelper Application
Created on : 26-5-2003 12:36:57
Last accessed : 12-10-2003 15:30:25
Last modified : 20-2-2003 15:45:40
#:25 [directcd.exe]
FilePath : C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\
ThreadCreationTime : 12-10-2003 15:30:56
BasePriority : Normal
FileSize : 668 KB
FileVersion : 5.3.4.21
ProductVersion : 5.3.4.21
Copyright : Copyright (c) 2001,2002, Roxio, Inc.
CompanyName : Roxio
FileDescription : DirectCD Application
InternalName : DirectCD
OriginalFilename : Directcd.exe
ProductName : DirectCD
Created on : 17-12-2002 11:28:00
Last accessed : 12-10-2003 15:30:25
Last modified : 17-12-2002 11:28:00
#:26 [lxbabmgr.exe]
FilePath : C:\Program Files\Lexmark X5100 Series\
ThreadCreationTime : 12-10-2003 15:30:56
BasePriority : Normal
FileSize : 84 KB
FileVersion : 0.1.1.1
ProductVersion : 0.1.1.1
Copyright : (C) 2003 Lexmark International, Inc.
CompanyName : Lexmark International, Inc.
FileDescription : Lexmark X5100 Series Button Manager
InternalName : lxbabmgr.exe
OriginalFilename : lxbabmgr.exe
ProductName : Button Manager Executable
Created on : 16-12-2002 11:09:25
Last accessed : 12-10-2003 15:30:25
Last modified : 16-12-2002 11:09:25
#:27 [qttask.exe]
FilePath : C:\Program Files\QuickTime\
ThreadCreationTime : 12-10-2003 15:30:56
BasePriority : Normal
FileSize : 76 KB
FileVersion : 6.1c
ProductVersion : QuickTime 6.1c
CompanyName : Apple Computer, Inc.
InternalName : QuickTime Task
OriginalFilename : QTTask.exe
ProductName : QuickTime
Created on : 20-6-2003 9:35:36
Last accessed : 12-10-2003 15:30:25
Last modified : 20-6-2003 9:35:36
#:28 [realsched.exe]
FilePath : C:\Program Files\Common Files\Real\Update_OB\
ThreadCreationTime : 12-10-2003 15:30:56
BasePriority : Normal
FileSize : 148 KB
FileVersion : 0.1.0.1622
ProductVersion : 0.1.0.1622
Copyright : Copyright
CompanyName : RealNetworks, Inc.
FileDescription : RealNetworks Scheduler
InternalName : schedapp
OriginalFilename : realsched.exe
ProductName : RealOne Player (32-bit)
Created on : 17-7-2003 10:35:46
Last accessed : 12-10-2003 15:30:25
Last modified : 17-7-2003 10:35:46
#:29 [avgcc32.exe]
FilePath : C:\PROGRA~1\VIRUSP~1\
ThreadCreationTime : 12-10-2003 15:30:56
BasePriority : Normal
FileSize : 337 KB
FileVersion : 6, 0, 0, 515
ProductVersion : 6, 0, 0, 0
Copyright : Copyright
CompanyName : GRISOFT s.r.o.
FileDescription : AVG Control Center
InternalName : AvgCC32
OriginalFilename : AvgCC32.EXE
ProductName : AVG Anti-Virus System
Created on : 23-9-2003 22:42:53
Last accessed : 12-10-2003 15:31:01
Last modified : 11-9-2003 4:00:00
#:30 [mcagent.exe]
FilePath : C:\PROGRA~1\mcafee.com\agent\
ThreadCreationTime : 12-10-2003 15:30:56
BasePriority : Normal
FileSize : 240 KB
FileVersion : 4, 3, 0, 10
ProductVersion : 4, 3, 0, 0
Copyright : Copyright
CompanyName : Networks Associates Technology, Inc
FileDescription : McAfee SecurityCenter Agent
InternalName : mcagent
OriginalFilename : mcagent.exe
ProductName : McAfee SecurityCenter
Created on : 27-9-2003 23:08:50
Last accessed : 12-10-2003 15:30:25
Last modified : 27-8-2003 9:00:12
#:31 [atwatch.exe]
FilePath : C:\Program Files\Anti-Trojan-55\
ThreadCreationTime : 12-10-2003 15:30:57
BasePriority : Normal
FileSize : 26 KB
FileVersion : 1.00.0055
ProductVersion : 1.00.0055
CompanyName : Anti-Trojan Network
FileDescription : Anti-Trojan Watch
InternalName : ATWatch
OriginalFilename : ATWatch.exe
ProductName : ATWatch
Created on : 8-9-2002 7:03:37
Last accessed : 12-10-2003 15:31:06
Last modified : 8-9-2002 7:03:37
#:32 [lxbabmon.exe]
FilePath : C:\Program Files\Lexmark X5100 Series\
ThreadCreationTime : 12-10-2003 15:30:57
BasePriority : Normal
FileSize : 44 KB
FileVersion : 0.1.1.1
ProductVersion : 0.1.1.1
Copyright : (C) 2003 Lexmark International, Inc.
CompanyName : Lexmark International, Inc.
FileDescription : Lexmark X5100 Series Button Monitor
InternalName : lxbabmon.exe
OriginalFilename : lxbabmon.exe
ProductName : Button Monitor Executable
Created on : 16-12-2002 11:26:20
Last accessed : 12-10-2003 15:01:54
Last modified : 16-12-2002 11:26:20
#:33 [ctfmon.exe]
FilePath : C:\WINDOWS\System32\
ThreadCreationTime : 12-10-2003 15:31:00
BasePriority : Normal
FileSize : 13 KB
FileVersion : 5.1.2600.1106 (xpsp1.020828-1920)
ProductVersion : 5.1.2600.1106
CompanyName : Microsoft Corporation
FileDescription : CTF Loader
InternalName : CTFMON
OriginalFilename : CTFMON.EXE
ProductName : Microsoft
Created on : 30-9-2002 14:54:36
Last accessed : 12-10-2003 15:30:25
Last modified : 30-9-2002 14:54:36
#:34 [spysweeper.exe]
FilePath : C:\Program Files\Trojan en virus prWebroot\Spy Sweeper\
ThreadCreationTime : 12-10-2003 15:31:01
BasePriority : Normal
FileSize : 640 KB
FileVersion : 2.1.0.23
ProductVersion : 1.0.0.0
Copyright : Copyright (c) 2001-2003 Webroot Software, Inc.
CompanyName : Webroot Software, Inc.
FileDescription : Spy Sweeper
ProductName : Spy Sweeper
Created on : 11-10-2003 1:07:29
Last accessed : 12-10-2003 15:30:25
Last modified : 24-7-2003 14:46:22
#:35 [pavproxy.exe]
FilePath : C:\Program Files\Trojan en virus pr\
ThreadCreationTime : 12-10-2003 15:31:02
BasePriority : Normal
FileSize : 144 KB
FileVersion : 3, 6, 10, 24
ProductVersion : 3, 6, 10, 24
Copyright : Copyright
CompanyName : Panda Software
FileDescription : PavProxy
InternalName : PavProxy
OriginalFilename : PavProxy.exe
ProductName : Mail Resident
Created on : 11-10-2003 0:15:45
Last accessed : 12-10-2003 15:31:02
Last modified : 12-6-2003 11:44:32
#:36 [zonealarm.exe]
FilePath : C:\Program Files\Zonelab\ZoneAlarm\
ThreadCreationTime : 12-10-2003 15:31:03
BasePriority : Normal
FileSize : 609 KB
FileVersion : 3.7.211
ProductVersion : 3.7.211
Copyright : Copyright
CompanyName : Zone Labs Inc.
FileDescription : ZoneAlarm
InternalName : zonealarm
OriginalFilename : zonealarm.exe
ProductName : ZoneAlarm
Created on : 13-6-2003 13:27:22
Last accessed : 12-10-2003 15:30:25
Last modified : 4-9-2003 17:38:08
#:37 [iexplore.exe]
FilePath : C:\Program Files\Internet Explorer\
ThreadCreationTime : 12-10-2003 15:32:28
BasePriority : Normal
FileSize : 89 KB
FileVersion : 6.00.2800.1106 (xpsp1.020828-1920)
ProductVersion : 6.00.2800.1106
CompanyName : Microsoft Corporation
FileDescription : Internet Explorer
InternalName : iexplore
OriginalFilename : IEXPLORE.EXE
ProductName : Besturingssysteem Microsoft
Created on : 11-9-2002 4:00:00
Last accessed : 12-10-2003 15:32:33
Last modified : 11-9-2002 4:00:00
#:38 [dwwin.exe]
FilePath : C:\WINDOWS\System32\
ThreadCreationTime : 12-10-2003 15:32:37
BasePriority : Normal
FileSize : 176 KB
FileVersion : 10.0.4024
ProductVersion : 10.0.4024
Copyright : Copyright
CompanyName : Microsoft Corporation
FileDescription : Microsoft Application Error Reporting
InternalName : DW
OriginalFilename : DW.Exe
ProductName : Microsoft Application Error Reporting
Created on : 30-9-2002 14:56:08
Last accessed : 12-10-2003 15:31:11
Last modified : 30-9-2002 14:56:08
#:39 [ad-aware.exe]
FilePath : C:\Program Files\Ad-aware 6\
ThreadCreationTime : 12-10-2003 15:34:04
BasePriority : Normal
FileSize : 668 KB
FileVersion : 6.0.1.181
ProductVersion : 6.0.0.0
Copyright : Copyright
CompanyName : Lavasoft Sweden
FileDescription : Ad-aware 6 core application
InternalName : Ad-aware.exe
OriginalFilename : Ad-aware.exe
ProductName : Lavasoft Ad-aware Plus
Created on : 11-10-2003 1:05:36
Last accessed : 12-10-2003 15:31:13
Last modified : 12-7-2003 20:00:20
Memory scan result :
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
New objects : 0
Objects found so far: 0
Started registry scan
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
VX2.BetterInternet Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : CLSID\{DDFFA75A-E81D-4454-89FC-B9FD0631E726}
VX2.BetterInternet Object recognized!
Type : RegValue
Data :
Rootkey : HKEY_LOCAL_MACHINE
Object : SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved
Value : {DDFFA75A-E81D-4454-89FC-B9FD0631E726}
Registry scan result :
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
New objects : 2
Objects found so far: 2
Started deep registry scan
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
Deep registry scan result :
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
New objects : 0
Objects found so far: 2
Deep scanning and examining files (C

¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
Disk scan result for C:\
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
New objects : 0
Objects found so far: 2
Scanning Hosts file(C:\WINDOWS\System32\drivers\etc\hosts)
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
Hosts file scan result:
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
1 entries scanned.
New objects :0
Objects found so far: 2
Performing conditional scans..
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
Conditional scan result:
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
New objects : 0
Objects found so far: 2
17:43:48 Scan complete
Summary of this scan
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
Total scanning time :00:09:36:813
Objects scanned :127990
Objects identified :2
Objects ignored :0
New objects :2
Groetjes,
Cin