spybot
heb spybot gedraaid, kreeg deze lijst
--- Search result list ---
--- Spybot-S&D version: 1.1 rel 4 ---
2003-01-01 Includes\Browserpages.tnfo
2003-01-30 Includes\CLSIDs.tnfo
2002-11-11 Includes\Cookies.Deutsch.nfo
2002-11-11 Includes\Cookies.Espanol.nfo
2002-11-11 Includes\Cookies.Italiano.nfo
2002-11-11 Includes\Cookies.Lietuviu.nfo
2003-01-01 Includes\Cookies.nfo
2003-01-29 Includes\Cookies.sbb
2003-01-29 Includes\Cookies.sbi
2003-01-29 Includes\Cookies.sbs
2002-11-11 Includes\Dialer.Deutsch.nfo
2002-11-11 Includes\Dialer.Italiano.nfo
2002-11-11 Includes\Dialer.Lietuviu.nfo
2003-01-01 Includes\Dialer.nfo
2003-01-29 Includes\Dialer.sbi
2003-01-01 Includes\Dialer.sbs
2002-11-11 Includes\Hijackers.Deutsch.nfo
2002-11-11 Includes\Hijackers.Espanol.nfo
2002-11-11 Includes\Hijackers.Italiano.nfo
2002-11-11 Includes\Hijackers.Lietuviu.nfo
2003-01-01 Includes\Hijackers.nfo
2003-02-02 Includes\Hijackers.sbi
2002-11-16 Includes\Hosts.sbs
2002-11-11 Includes\Keyloggers.Deutsch.nfo
2002-11-11 Includes\Keyloggers.Espanol.nfo
2002-11-11 Includes\Keyloggers.Italiano.nfo
2002-11-11 Includes\Keyloggers.Lietuviu.nfo
2003-01-01 Includes\Keyloggers.nfo
2003-01-28 Includes\Keyloggers.sbi
2003-01-01 Includes\Logs.uts
2002-11-11 Includes\Malware.Deutsch.nfo
2002-11-11 Includes\Malware.Espanol.nfo
2002-11-11 Includes\Malware.Italiano.nfo
2002-11-11 Includes\Malware.Lietuviu.nfo
2003-01-30 Includes\Malware.nfo
2003-01-30 Includes\Malware.sbi
2003-01-01 Includes\plugin-ignore.ini
2003-01-01 Includes\Searchpages.tnfo
2002-11-11 Includes\Security.Deutsch.nfo
2002-11-11 Includes\Security.Espanol.nfo
2002-11-11 Includes\Security.Italiano.nfo
2002-11-11 Includes\Security.Lietuviu.nfo
2003-01-01 Includes\Security.nfo
2003-01-01 Includes\Security.sbi
2002-11-11 Includes\Spybots.Deutsch.nfo
2002-11-11 Includes\Spybots.Espanol.nfo
2002-11-11 Includes\Spybots.Italiano.nfo
2002-11-11 Includes\Spybots.Lietuviu.nfo
2003-01-27 Includes\Spybots.nfo
2003-01-30 Includes\Spybots.sbi
2002-11-11 Includes\Tracks.Deutsch.nfo
2002-11-11 Includes\Tracks.Espanol.nfo
2002-11-11 Includes\Tracks.Italiano.nfo
2002-11-11 Includes\Tracks.Lietuviu.nfo
2003-01-01 Includes\Tracks.nfo
2003-01-30 Includes\Tracks.uti
2002-11-11 Includes\Trojans.Deutsch.nfo
2002-11-11 Includes\Trojans.Espanol.nfo
2002-11-11 Includes\Trojans.Italiano.nfo
2002-11-11 Includes\Trojans.Lietuviu.nfo
2003-01-01 Includes\Trojans.nfo
2003-01-29 Includes\Trojans.sbi
2003-01-27 Includes\URL-Blacklist.sbs
--- System information ---
Windows XP (Build: 2600) Service Pack 1
/ Windows XP / SP1: Windows XP Service Pack 1
/ Windows XP / SP2: Windows XP Hotfix-pakket (Zie Q323255 voor meer informatie)
/ Windows XP / SP2: Windows XP Hotfix (SP2), Q328310
/ Windows XP / SP2: Windows XP Hotfix-pakket (Zie Q329048 voor meer informatie)
/ Windows XP / SP2: Windows XP Hotfix-pakket (Zie Q329115 voor meer informatie)
/ Windows XP / SP2: Windows XP Hotfix (SP2), Q329170
/ Windows XP / SP2: Windows XP Hotfix-pakket (Zie Q329390 voor meer informatie)
/ Windows XP / SP2: Windows XP Hotfix-pakket (Zie Q329834 voor meer informatie)
/ Windows XP / SP2: Windows XP Hotfix (SP2), Q810565
/ Windows XP / SP2: Windows XP Hotfix (SP2), Q810833
--- Startup entries list ---
Spybot-S&D Startup list report, 4-2-2003 0:57:44
Located: HK_CU:Run, CTFMON.EXE
file: C:\WINDOWS\System32\ctfmon.exe
MD5: BC69FEECC644021E56745C2E10C49EF2
Located: HK_CU:Run, MSMSGS
file: "C:\Program Files\Messenger\msmsgs.exe" /background
Located: HK_CU:Run, LDM
file: \Program\BackWeb-8876480.exe
Located: HK_LM:Run, C-Media Mixer
file: Mixer.exe /startup
Located: HK_LM:Run, NAV Agent
file: C:\PROGRA~1\NORTON~1\navapw32.exe
MD5: 44A716C6EDA439A804C2833E0C16DA82
Located: HK_LM:Run, iamapp
file: C:\Program Files\Norton Personal Firewall\IAMAPP.EXE
MD5: F3FED0A68D8E2ECF261079B8842BE596
Located: HK_LM:Run, CloneCDElbyCDFL
file: "C:\Program Files\Elaborate Bytes\CloneCD\ElbyCheck.exe" /L ElbyCDFL
Located: HK_LM:Run, CloneCDTray
file: "C:\Program Files\Elaborate Bytes\CloneCD\CloneCDTray.exe"
Located: HK_LM:Run, zBrowser Launcher
file: C:\Program Files\Logitech\iTouch\iTouch.exe
MD5: 5A24096190D68FDBC193229A6AD99896
Located: HK_LM:Run, EM_EXEC
file: C:\PROGRA~1\Logitech\MOUSEW~1\SYSTEM\EM_EXEC.EXE
MD5: BCDBCD110DAE1ABCA8F3787C8FCD3166
Located: HK_LM:Run, thbrquea
file: C:\DOCUME~1\Charles\APPLIC~1\blgloosf.exe -QuieT
Located: HK_LM:Run, THGuard
file: "C:\Program Files\TrojanHunter 2.5\TH_Guard.exe"
Located: Startup (common), Logitech Desktop Messenger.lnk
file: C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
MD5: 91291CA1490F952D977618544D540B87
Located: Startup (common), Norton System Doctor.lnk
file: C:\Program Files\Norton Utilities\SYSDOC32.EXE
MD5: 56A05AC436A98EAD93CC9924CB8E0F78
Located: Startup (common), WinZip Quick Pick.lnk
file: C:\Program Files\WinZip\WZQKPICK.EXE
MD5: 2FE253973433442C2CB234FB2BC4BF29
--- Browser helper object list ---
Spybot-S&D Browser helper object report, 4-2-2003 0:57:44
{5a7698f0-1e1a-4f5b-bca1-0b35c2ccb1a8}
Class file: ceawprbrquly.dll
Attributes: archive
Date: 2-2-2003 23:40:56
MD5: 9B4CF91CB90A00EBAE2798EE89AFE58E
Path: C:\DOCUME~1\Charles\APPLIC~1\
Short name: CEAWPR~1.DLL
Size: 98304 bytes
Version: 255.255.255.255
Class name: cicgwqyfrmiiztzmrdec
{BDF3E430-B101-42AD-A544-FADC6B084872}
Class file: NavShExt.dll
Attributes: archive
Date: 20-3-2002 10:00:40
MD5: 2EAB9D2A0AFE9BE089924458522CDF93
Path: C:\Program Files\Norton AntiVirus\
Short name:
Size: 102400 bytes
Version: 0.8.0.0
Class name: CNavExtBho Class
CLSID database: legitimate software
Description: Norton Antivirus
Filename: NavShExt.dll
Name: NAV Helper
--- ActiveX list ---
Spybot-S&D ActiveX report, 4-2-2003 0:57:44
Microsoft XML Parser for Java
Download location: file://C:\WINDOWS\Java\classes\xmldso.cab
Name: Microsoft XML Parser for Java
Version: 1,0,9,2
{9F1C11AA-197B-4942-BA54-47A8489BB47F}
Class file: iuctl.dll
Attributes: archive
Date: 15-1-2003 17:15:10
MD5: B3BF89D8C625E9AC5F43F78BE6545B81
Path: C:\WINDOWS\System32\
Short name:
Size: 101496 bytes
Version: 0.5.0.4
Class name: Update Class
CLSID database: legitimate software
Description: Windows Update
Filename: %WINDIR%\System32\iuctl.dll,iuengine.dll
Contains file: iuctl.dll
Attributes: archive
Date: 15-1-2003 17:15:10
MD5: B3BF89D8C625E9AC5F43F78BE6545B81
Path: C:\WINDOWS\System32\
Short name:
Size: 101496 bytes
Version: 0.5.0.4
Contains file: iuengine.dll
Attributes: archive
Date: 15-1-2003 17:15:12
MD5: 093EDE3A3EBB452F655C8C3822148D1A
Path: C:\WINDOWS\System32\
Short name:
Size: 182904 bytes
Version: 0.5.0.4
Download location:
http://v4.windowsupdate.microsoft.com/CAB/x86/unicode/iuctl.CAB?37652.7344560185
Last modified: Wed, 29 Jan 2003 17:28:45 GMT
Version: 5,4,3630,2550
--- Process list ---
Spybot-S&D process list report, 4-2-2003 0:57:44
PID: 0 ( 0) [System]
PID: 4 ( 0) System
PID: 340 ( 4) \SystemRoot\System32\smss.exe
PID: 400 ( 340) csrss.exe
PID: 544 ( 340) \??\C:\WINDOWS\system32\winlogon.exe
PID: 588 ( 544) C:\WINDOWS\system32\services.exe
PID: 600 ( 544) C:\WINDOWS\system32\lsass.exe
PID: 636 (1208) C:\DOCUME~1\Charles\APPLIC~1\blgloosf.exe
PID: 716 (1208) C:\Program Files\Messenger\msmsgs.exe
PID: 772 ( 588) C:\WINDOWS\system32\svchost.exe
PID: 816 (1208) C:\WINDOWS\Mixer.exe
PID: 820 ( 588) C:\WINDOWS\System32\svchost.exe
PID: 852 (1208) C:\PROGRA~1\NORTON~1\navapw32.exe
PID: 872 (1208) C:\PROGRA~1\Logitech\MOUSEW~1\SYSTEM\EM_EXEC.EXE
PID: 916 ( 588) svchost.exe
PID: 924 (1208) C:\Program Files\Norton Personal Firewall\IAMAPP.EXE
PID: 944 (1208) C:\Program Files\Logitech\iTouch\iTouch.exe
PID: 960 ( 588) svchost.exe
PID: 988 (1208) C:\Program Files\Elaborate Bytes\CloneCD\CloneCDTray.exe
PID: 1148 (1208) C:\Program Files\Norton Utilities\SYSDOC32.EXE
PID: 1208 (1180) C:\WINDOWS\Explorer.EXE
PID: 1236 ( 588) C:\WINDOWS\system32\spoolsv.exe
PID: 1332 (1208) C:\Program Files\TrojanHunter 2.5\TH_Guard.exe
PID: 1364 (1208) C:\WINDOWS\System32\ctfmon.exe
PID: 1432 ( 636) C:\DOCUME~1\Charles\LOCALS~1\Temp\deo1.exe
PID: 1564 ( 588) C:\Program Files\Norton AntiVirus\navapsvc.exe
PID: 1588 ( 588) C:\Program Files\Norton Personal Firewall\NISUM.EXE
PID: 1616 ( 588) C:\Program Files\Norton Utilities\NPROTECT.EXE
PID: 1632 (3696) C:\PROGRA~1\WINZIP\wzqkpick.exe
PID: 1748 ( 924) C:\Program Files\Norton Personal Firewall\ATRACK.EXE
PID: 1752 ( 588) C:\Program Files\Speed Disk\nopdb.exe
PID: 1772 ( 588) C:\Program Files\Norton Personal Firewall\SymProxySvc.exe
PID: 1856 ( 588) C:\Program Files\Norton Personal Firewall\NISSERV.EXE
PID: 2344 ( 588) C:\WINDOWS\System32\svchost.exe
PID: 2540 (1208) C:\Program Files\Spybot - Search & Destroy 1.1\SpybotSD.exe
PID: 2872 (1208) C:\Program Files\Lavasoft Ad-Aware\Ad-aware.exe
PID: 3148 (1208) C:\WINDOWS\system32\ntvdm.exe
PID: 3628 (1208) C:\Program Files\Internet Explorer\iexplore.exe
--- Browser start & search pages list ---
Spybot-S&D browser pages report, 4-2-2003 0:57:44
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Start Page
http://tjem.com/passthrough/index.html?about:blank
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Start Page
http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Default_Page_URL
http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Default_Search_URL
http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search\CustomizeSearch
http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
en nu ?