anoniem Geplaatst: 14 september 2007 Delen Geplaatst: 14 september 2007 Ondanks mij virusscanner heb ik een probleem. Tijdens het opstarten worden er mails uitgegooid, die de scanner tegenhoudt. Dit is mijn Hijacklog Het likt me iets met het bestand cmbpk32a.dll, maar het kan niet gefixed worden. Wie wil er naar kijken en mij helpen? Logfile of HijackThis v1.99.1 Scan saved at 11:07:03, on 14-9-2007 Platform: Windows XP (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 (6.00.2600.0000) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\System32\cisvc.exe C:\WINDOWS\System32\CTsvcCDA.EXE C:\WINDOWS\System32\inetsrv\inetinfo.exe C:\WINDOWS\system32\drivers\KodakCCS.exe C:\Program Files\Norton AntiVirus\navapsvc.exe C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe C:\WINDOWS\System32\nvsvc32.exe C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe C:\WINDOWS\System32\ScsiAccess.EXE C:\WINDOWS\System32\tcpsvcs.exe C:\WINDOWS\System32\snmp.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe C:\WINDOWS\System32\MsPMSPSv.exe C:\Program Files\Linksys Wireless-B Media Adapter\bin\XWPCApplicationLoaderService.exe C:\Program Files\Linksys Wireless-B Media Adapter\bin\XWPCHostService.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\System32\CTHELPER.EXE C:\Program Files\HighCriteria\TotalRecorder\TotRecSched.exe C:\Program Files\Logitech\iTouch\iTouch.exe C:\Program Files\Common Files\Real\Update_OB\realsched.exe C:\WINDOWS\System32\LVCOMSX.EXE C:\Program Files\Logitech\MouseWare\system\em_exec.exe C:\Program Files\Logitech\Video\LogiTray.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Common Files\Symantec Shared\ccApp.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe C:\WINDOWS\System32\ctfmon.exe C:\Program Files\Creative\TaskBar\CTLTray.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\Logitech\Video\FxSvr2.exe C:\Program Files\Linksys Wireless-B Media Adapter\bin\XWPCLauncher.exe C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\backWeb-7288971.exe C:\WINDOWS\System32\cidaemon.exe C:\WINDOWS\System32\cidaemon.exe C:\WINDOWS\system32\ntvdm.exe C:\WINDOWS\System32\dllhost.exe C:\WINDOWS\System32\inetsrv\DavCData.exe C:\Program Files\Norton AntiVirus\OPScan.exe C:\Documents and Settings\Piet\Bureaublad\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.nl/ R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O2 - BHO: Adobe PDF Reader Help bij koppelingen - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {1FB357EC-9647-464A-98DD-321A5EE1EF89} - c:\windows\system32\cmpbk32a.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll O4 - HKLM\..\Run: [CTStartup] C:\Program Files\Creative\SBAudigy\Program\CTEaxSpl.EXE /run O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [TotalRecorderScheduler] "C:\Program Files\HighCriteria\TotalRecorder\TotRecSched.exe" O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [zBrowser Launcher] C:\Program Files\Logitech\iTouch\iTouch.exe O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\System32\LVCOMSX.EXE O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\System32\NeroCheck.exe O4 - HKLM\..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [SSC_UserPrompt] C:\Program Files\Common Files\Symantec Shared\Security Center\UsrPrmpt.exe O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe" O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe O4 - HKCU\..\Run: [NOMAD Detector] "C:\Program Files\Creative\SBAudigy\PlayCenter2\CTNMRun.exe" O4 - HKCU\..\Run: [TaskTray] "C:\Program Files\Creative\TaskBar\CTLTray.exe" O4 - HKCU\..\Run: [TaskBar] "C:\Program Files\Creative\TaskBar\CTLTask.exe" O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background O4 - Global Startup: Adapter Utility.lnk = ? O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: Kodak EasyShare software.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe O4 - Global Startup: KODAK Software Updater.lnk = C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\backWeb-7288971.exe O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office2\Office\OSA9.EXE O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe O9 - Extra button: ShopperReports - Compare travel rates - {946B3E9E-E21A-49c8-9F63-900533FAFE14} - C:\Program Files\ShopperReports\Bin\1.1.0.0\ShprRprt.dll (file missing) O9 - Extra button: ShopperReports - Compare product prices - {946B3E9E-E21A-49c8-9F63-900533FAFE15} - C:\Program Files\ShopperReports\Bin\1.1.0.0\ShprRprt.dll (file missing) O9 - Extra button: PacificPoker - {94EDF7B4-4272-4af3-8F8B-4E2F68E225B7} - C:\PROGRA~1\PACIFI~1\pacificpoker.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE O16 - DPF: {003FADA5-8FEE-11D6-AFB7-0004768F6183} (CryptoRSA Control) - https://www.p3.postbank.nl/sesam/CAX.cab O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} (Creative Software AutoUpdate) - http://www.creative.com/SU/ocx/12119/CTSUEng.cab O16 - DPF: {11260943-421B-11D0-8EAC-0000C07D88CF} (iPIX ActiveX Control) - http://www.ipix.com/viewers/ipixx.cab O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab O16 - DPF: {2CA0FF2C-0CE1-4382-A0C4-B2782965CCC2} (G-Vista ActiveX) - http://www.zugmap.ch/richtplan3d/pages/plugin/gvista30161.cab O16 - DPF: {31B7EB4E-8B4B-11D1-A789-00A0CC6651A8} (Cult3D ActiveX Player) - http://www.cult3d.com/download/cult.cab O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} (FilePlanet Download Control Class) - http://www.fileplanet.com/fpdlmgr/cabs/FPDC_1_0_0_44.cab O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://spaces.msn.com/PhotoUpload/MsnPUpld.cab?10,0,911,0 O16 - DPF: {62789780-B744-11D0-986B-00609731A21D} (Autodesk MapGuide ActiveX Control) - http://pub.plan.at/mgaxctrlde.cab O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} (CamImage Class) - http://activex.webcam.nl/AxisCamControl.cab O16 - DPF: {AE4CEC9D-C836-4579-829B-4C345101B3B9} (GVista Terrain Renderer) - http://www.dilas.ch/plugin/gvista/gvista2709.cab O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmessengersetupdownloader.cab O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab31267.cab O16 - DPF: {E55FD215-A32E-43FE-A777-A7E8F165F551} (Flatcast Viewer 4.15) - http://www.flatcast.com/de/download/NpFv415.dll O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://www.creative.com/SU/ocx/15008/CTPID.cab O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{19BF5DB9-1774-415A-9F9E-CBAD99D3FB20}: NameServer = 62.108.1.67,212.142.26.68 O17 - HKLM\System\CS1\Services\Tcpip\..\{19BF5DB9-1774-415A-9F9E-CBAD99D3FB20}: NameServer = 62.108.1.67,212.142.26.68 O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O20 - Winlogon Notify: suxoukao - C:\WINDOWS\SYSTEM32\cmpbk32a.dll O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.EXE O23 - Service: Routing Protect Access (DATEING) - Unknown owner - C:\WINDOWS\SYSTEM32\RUNDLLFROMWIN2000.EXE (file missing) O23 - Service: iPod-service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Kodak Camera Connection Software (KodakCCS) - Eastman Kodak Company - C:\WINDOWS\system32\drivers\KodakCCS.exe O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE O23 - Service: MySql - Unknown owner - C:/mysql/bin/mysqld-nt.exe (file missing) O23 - Service: Norton AntiVirus Auto-Protect-service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe O23 - Service: Planner voor Automatische LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - %ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini (file missing) O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe O23 - Service: ScsiAccess - Unknown owner - C:\WINDOWS\System32\ScsiAccess.EXE O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe O23 - Service: Digital Media Adapter Application Loader Service (XWPCApplicationLoaderService) - Linksys Corporation - C:\Program Files\Linksys Wireless-B Media Adapter\bin\XWPCApplicationLoaderService.exe O23 - Service: Digital Media Adapter Host Service (XWPCHostService) - Linksys Corporation - C:\Program Files\Linksys Wireless-B Media Adapter\bin\XWPCHostService.exe Quote Link naar reactie
0 anoniem Geplaatst: 22 september 2007 Auteur Delen Geplaatst: 22 september 2007 Ga naar Start - uitvoeren en tik in: [b:5dbb4996d0]services.msc[/b:5dbb4996d0] Druk op OK. Zoek dan naar deze service: Routing Protect Access Stop de service en zet het opstarttype op uitgeschakeld. Sluit alle open vensters. Start HijackThis nog een keer en plaats een vinkje bij de volgende items: [b:5dbb4996d0]O20 - Winlogon Notify: suxoukao - cmpbk32a.dll (file missing)[/b:5dbb4996d0] Klik daarna op "Fix checked" en sluit HijackThis af. Maak een nieuwe log met combofix en post deze. Zijn er nog problemen? Quote Link naar reactie
0 anoniem Geplaatst: 22 september 2007 Auteur Delen Geplaatst: 22 september 2007 Ik heb geen idee of er nog problemen zjn. Het ziet er niet zo uit in in elk geval. Er werden mailtjes verstuurd en geweigerde mailtjes werden geretourneerd en door Norton gescand. NAV werkt niet goed meer. Wat moet ik met de map C:\windows\system32\AppCert want daar heeft NAV problemen mee? ComboFix 07-09-18.4 - "Piet" 2007-09-22 12:12:43.19 - NTFSx86 Microsoft Windows XP Professional 5.1.2600.0.1252.1.1043.18.210 [GMT 2:00] . (((((((((((((((((((( Bestanden Gemaakt van 2007-08-22 to 2007-09-22 )))))))))))))))))))))))))))))) . 2007-09-21 19:39 <DIR> d-------- C:\DOCUME~1\LOCALS~1\APPLIC~1\Symantec 2007-09-21 16:47 <DIR> d-------- C:\Program Files\SymNetDrv 2007-09-21 16:29 91,904 --a------ C:\WINDOWS\system32\S32EVNT1.DLL 2007-09-21 16:29 4,608 --a------ C:\WINDOWS\system32\drivers\symlcbrd.sys 2007-09-21 16:29 124,016 --a------ C:\WINDOWS\system32\drivers\SYMEVENT.SYS 2007-09-20 21:42 90,112 --a------ C:\WINDOWS\system32\regdacl.exe 2007-09-20 21:42 53,248 --a------ C:\WINDOWS\system32\process.exe 2007-09-20 21:42 4,096 --a------ C:\WINDOWS\system32\reboot.exe 2007-09-20 21:42 16,384 --a------ C:\WINDOWS\system32\restart.exe 2007-09-20 21:42 <DIR> d-------- C:\WINDOWS\system32\regdacl 2007-09-20 16:36 <DIR> d-------- C:\!KillBox 2007-09-20 14:55 756,224 --a------ C:\WINDOWS\system32\hhlsmrhk.dll 2007-09-20 14:55 48,640 --a------ C:\WINDOWS\system32\tnzmdbzz.dll 2007-09-20 14:55 46,592 --a------ C:\WINDOWS\system32\atmdcpyk.dll 2007-09-20 14:55 125,440 --a------ C:\WINDOWS\system32\hqfezmcm.dll 2007-09-20 14:55 103,424 --a------ C:\WINDOWS\system32\guicatft.dll 2007-09-17 12:01 684,567 --a------ C:\WINDOWS\system32\libeay32.dll 2007-09-17 12:01 147,729 --a------ C:\WINDOWS\system32\libssl32.dll 2007-09-16 13:23 51,200 --a------ C:\WINDOWS\NirCmd.exe 2007-09-16 12:22 <DIR> d-------- C:\Program Files\Trend Micro 2007-09-13 16:11 <DIR> d-------- C:\WINDOWS\system32\AppCert 2007-09-11 23:25 <DIR> d-------- C:\DOCUME~1\Ellen\APPLIC~1\Magic Academy 2007-08-24 21:46 <DIR> d-------- C:\DOCUME~1\Piet\APPLIC~1\dvdcss 2007-08-22 12:00 <DIR> d-------- C:\DOCUME~1\Piet\Shared 2007-08-22 12:00 <DIR> d-------- C:\DOCUME~1\Piet\Incomplete 2007-08-22 12:00 <DIR> d-------- C:\DOCUME~1\Piet\APPLIC~1\LimeWire 2007-08-22 11:58 <DIR> d-------- C:\Program Files\LimeWire . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2007-09-22 09:55 --------- d-------- C:\Program Files\Common Files\Symantec Shared 2007-09-21 16:50 --------- d-------- C:\Program Files\Norton AntiVirus 2007-09-21 16:47 --------- d-------- C:\Program Files\Symantec 2007-09-21 16:30 --------- d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec 2007-09-20 10:21 221184 --a------ C:\WINDOWS\system32\LVCOMSX.EXE 2007-09-20 10:21 155648 --a------ C:\WINDOWS\system32\NeroCheck.exe 2007-09-11 23:25 --------- d-------- C:\Program Files\Zylom Games 2007-09-11 23:25 --------- d-------- C:\DOCUME~1\Ellen\APPLIC~1\Zylom 2007-09-09 12:19 --------- d-a------ C:\DOCUME~1\Piet\APPLIC~1\SopCast 2007-09-09 12:19 --------- d-------- C:\DOCUME~1\Piet\APPLIC~1\vlc 2007-09-09 12:19 --------- d-------- C:\DOCUME~1\Piet\APPLIC~1\Syntrillium 2007-09-09 12:19 --------- d-------- C:\DOCUME~1\Piet\APPLIC~1\Symantec 2007-09-09 12:19 --------- d-------- C:\DOCUME~1\Piet\APPLIC~1\Real 2007-09-09 12:18 --------- d-------- C:\DOCUME~1\Piet\APPLIC~1\ppStream 2007-09-09 12:18 --------- d-------- C:\DOCUME~1\Piet\APPLIC~1\PPLive 2007-09-09 12:18 --------- d-------- C:\DOCUME~1\Piet\APPLIC~1\MSN6 2007-09-09 12:18 --------- d-------- C:\DOCUME~1\Piet\APPLIC~1\Microsoft Web Folders 2007-09-09 12:17 --------- d-------- C:\DOCUME~1\Piet\APPLIC~1\Lavasoft 2007-09-09 12:17 --------- d-------- C:\DOCUME~1\Piet\APPLIC~1\Kazaa Lite 2007-09-09 12:17 --------- d-------- C:\DOCUME~1\Piet\APPLIC~1\InterTrust 2007-09-09 12:17 --------- d-------- C:\DOCUME~1\Piet\APPLIC~1\Help 2007-09-09 12:17 --------- d-------- C:\DOCUME~1\Piet\APPLIC~1\Google 2007-09-09 12:17 --------- d-------- C:\DOCUME~1\Piet\APPLIC~1\Creative 2007-09-09 12:17 --------- d-------- C:\DOCUME~1\Piet\APPLIC~1\Azureus 2007-09-09 12:17 --------- d-------- C:\DOCUME~1\Piet\APPLIC~1\Apple Computer 2007-09-09 12:17 --------- d-------- C:\DOCUME~1\Piet\APPLIC~1\.ABC 2007-08-12 23:00 --------- d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\SpinTop Games 2007-08-12 20:23 --------- d-------- C:\Program Files\iTunes 2007-08-02 15:41 --------- d-------- C:\Program Files\PokerStars 2007-07-30 19:19 92504 --a------ C:\WINDOWS\system32\cdm.dll 2007-07-30 19:19 549720 --a------ C:\WINDOWS\system32\wuapi.dll 2007-07-30 19:19 53080 --a------ C:\WINDOWS\system32\wuauclt.exe 2007-07-30 19:19 43352 --a------ C:\WINDOWS\system32\wups2.dll 2007-07-30 19:19 325976 --a------ C:\WINDOWS\system32\wucltui.dll 2007-07-30 19:19 203096 --a------ C:\WINDOWS\system32\wuweb.dll 2007-07-30 19:19 1712984 --a------ C:\WINDOWS\system32\wuaueng.dll 2007-07-30 19:18 33624 --a------ C:\WINDOWS\system32\wups.dll . ((((((((((((((((((((((((((((( snapshot_2007-09-16_142320.92 ))))))))))))))))))))))))))))))))))))))))) . ----a-r 10,134 2007-09-21 14:30:27 C:\WINDOWS\Installer\{77772678-817F-4401-9301-ED1D01A8DA56}\ARPPRODUCTICON.exe ----a-w 78,786 2007-09-16 13:03:16 C:\WINDOWS\system32\perfc009.dat ----a-w 96,318 2007-09-16 13:03:16 C:\WINDOWS\system32\perfc013.dat ----a-w 454,114 2007-09-16 13:03:16 C:\WINDOWS\system32\perfh009.dat ----a-w 514,440 2007-09-16 13:03:17 C:\WINDOWS\system32\perfh013.dat ------w 54,684 2001-09-07 12:00:00 C:\WINDOWS\system32\AppCert\wnl32.dll ----a-w 266,240 2007-09-22 10:06:51 C:\WINDOWS\system32\config\systemprofile\ntuser.dat ----a-w 32,768 2007-09-22 08:44:22 C:\WINDOWS\system32\config\systemprofile\Cookies\index.dat ----a-w 16,384 2007-09-22 08:44:22 C:\WINDOWS\system32\config\systemprofile\Local Settings\Geschiedenis\History.IE5\index.dat ----a-w 32,768 2007-09-22 08:44:22 C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat ----a-w 208,012 2007-09-22 08:48:47 C:\WINDOWS\system32\inetsrv\MetaBase.bin ----a-w 4,175 2007-09-21 20:01:10 C:\WINDOWS\system32\regdacl\doc\SMWNCV.cmd ----atw 16,384 2007-09-22 08:44:59 C:\WINDOWS\Temp\Perflib_Perfdata_1f4.dat . ----a-r 10,134 2007-06-22 20:14:23 C:\WINDOWS\Installer\{77772678-817F-4401-9301-ED1D01A8DA56}\ARPPRODUCTICON.exe ----a-w 78,786 2007-09-16 11:38:57 C:\WINDOWS\system32\perfc009.dat ----a-w 96,318 2007-09-16 11:38:57 C:\WINDOWS\system32\perfc013.dat ----a-w 454,114 2007-09-16 11:38:57 C:\WINDOWS\system32\perfh009.dat ----a-w 514,440 2007-09-16 11:38:57 C:\WINDOWS\system32\perfh013.dat ----a-w 54,684 2001-09-07 12:00:00 C:\WINDOWS\system32\AppCert\wnl32.dll ----a-w 266,240 2007-09-16 11:24:08 C:\WINDOWS\system32\config\systemprofile\ntuser.dat ----a-w 32,768 2007-09-16 11:37:14 C:\WINDOWS\system32\config\systemprofile\Cookies\index.dat ----a-w 16,384 2007-09-16 11:37:14 C:\WINDOWS\system32\config\systemprofile\Local Settings\Geschiedenis\History.IE5\index.dat ----a-w 32,768 2007-09-16 11:37:14 C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat ----a-w 208,012 2007-09-16 11:41:19 C:\WINDOWS\system32\inetsrv\MetaBase.bin . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CTStartup"="C:\Program Files\Creative\SBAudigy\Program\CTEaxSpl.exe" [2001-06-04 01:00] "CTHelper"="CTHELPER.EXE" [2003-10-06 15:57 C:\WINDOWS\system32\CTHELPER.EXE] "NvCplDaemon"="C:\WINDOWS\System32\NvCpl.dll" [2004-03-24 10:04] "nwiz"="nwiz.exe" [2004-03-24 10:04 C:\WINDOWS\system32\nwiz.exe] "TotalRecorderScheduler"="C:\Program Files\HighCriteria\TotalRecorder\TotRecSched.exe" [2003-09-14 16:26] "NvMediaCenter"="C:\WINDOWS\System32\NvMcTray.dll" [2004-03-24 10:04] "zBrowser Launcher"="C:\Program Files\Logitech\iTouch\iTouch.exe" [2007-09-20 10:21] "Logitech Utility"="Logi_MwX.Exe" [2003-11-07 11:50 C:\WINDOWS\LOGI_MWX.EXE] "TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [2004-08-25 19:07] "QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2005-10-08 19:16] "LVCOMSX"="C:\WINDOWS\System32\LVCOMSX.EXE" [2007-09-20 10:21] "LogitechVideoRepair"="C:\Program Files\Logitech\Video\ISStart.exe" [2007-09-20 10:21] "LogitechVideoTray"="C:\Program Files\Logitech\Video\LogiTray.exe" [2007-09-20 10:21] "NeroCheck"="C:\WINDOWS\System32\NeroCheck.exe" [2007-09-20 10:21] "iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2007-09-20 10:21] "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-05-11 03:06] "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe" [2007-07-12 04:00] "ccApp"="C:\Program Files\Common Files\Symantec Shared\ccApp.exe" [2007-02-21 17:22] "SSC_UserPrompt"="C:\Program Files\Common Files\Symantec Shared\Security Center\UsrPrmpt.exe" [2004-11-08 12:23] "Symantec NetDriver Monitor"="C:\PROGRA~1\SYMNET~1\SNDMon.exe" [2007-09-21 16:47] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\System32\ctfmon.exe" [2001-09-07 14:00] "NOMAD Detector"="C:\Program Files\Creative\SBAudigy\PlayCenter2\CTNMRun.exe" [] "TaskTray"="C:\Program Files\Creative\TaskBar\CTLTray.exe" [2001-06-29 01:00] "TaskBar"="C:\Program Files\Creative\TaskBar\CTLTask.exe" [2003-05-30 01:00] "LogitechSoftwareUpdate"="C:\Program Files\Logitech\Video\ManifestEngine.exe" [2005-06-08 14:44] "MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2003-04-14 19:30] "msnmsgr"="C:\Program Files\MSN Messenger\msnmsgr.exe" [2007-01-19 13:54] C:\DOCUME~1\ALLUSE~1\MENUST~1\PROGRA~1\OPSTAR~1\ Adapter Utility.lnk - C:\WINDOWS\Installer\{13515E3B-B512-45FF-BA78-0F677794AC99}\Launcher.exe [2004-10-22 15:54:37] Adobe Gamma Loader.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2003-12-05 17:25:55] Kodak EasyShare software.lnk - C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe [2003-06-25 07:25:38] KODAK Software Updater.lnk - C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\backWeb-7288971.exe [2003-06-08 18:48:18] Logitech Desktop Messenger.lnk - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe [2005-01-06 17:00:20] Microsoft Office.lnk - C:\Program Files\Microsoft Office2\Office\OSA9.EXE [1999-02-17 15:05:56] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer] @= R0 PrecSim;PrecSim;C:\WINDOWS\System32\DRIVERS\precsim.sys R1 DcCam;Kodak Camera Proxy;C:\WINDOWS\System32\DRIVERS\DcCam.sys R2 A4SII300;A4SII300;C:\WINDOWS\System32\drivers\A4SII300.SYS R2 DCFS2K;Kodak DCFS2K Driver;C:\WINDOWS\System32\drivers\dcfs2k.sys R2 SMTPSVC;SMTP (Simple Mail Transfer Protocol);C:\WINDOWS\System32\inetsrv\inetinfo.exe R2 XWPCApplicationLoaderService;Digital Media Adapter Application Loader Service;C:\Program Files\Linksys Wireless-B Media Adapter\bin\XWPCApplicationLoaderService.exe R2 XWPCHostService;Digital Media Adapter Host Service;C:\Program Files\Linksys Wireless-B Media Adapter\bin\XWPCHostService.exe R3 itchfltr;iTouch Keyboard Filter;C:\WINDOWS\System32\DRIVERS\itchfltr.sys R3 MTD80X;100/10M Ethernet PCI Adapter;C:\WINDOWS\System32\DRIVERS\feand5.SYS S0 ElbyVCD;ElbyVCD;C:\WINDOWS\System32\DRIVERS\ElbyVCD.sys S1 Exportit;Exportit;C:\WINDOWS\System32\DRIVERS\exportit.sys S2 G11AV;Trust 610 LCD POWERC@M ZOOM, Webcam mode;C:\WINDOWS\System32\Drivers\G11av.sys S3 DcFpoint;DcFpoint;C:\WINDOWS\System32\DRIVERS\DcFpoint.sys S3 DcLps;Legacy Polling Service;C:\WINDOWS\System32\DRIVERS\DcLps.sys S3 DcPTP;dcptp;C:\WINDOWS\System32\DRIVERS\DcPTP.sys S3 SNCT511;PC Camera (6005 CIF);C:\WINDOWS\System32\DRIVERS\snct511.sys S3 USBCamera;Digital Still Image Capture;C:\WINDOWS\System32\Drivers\Bulk533.sys S4 DATEING;Routing Protect Access;C:\WINDOWS\SYSTEM32\RUNDLLFROMWIN2000.EXE C:\WINDOWS\SYSTEM32\WBEM\PIJFEQ22.DLL,Export 1087 HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs rvymvtzo License . Inhoud van de 'Gedeelde Taken' map "2007-09-21 18:00:53 C:\WINDOWS\Tasks\Norton AntiVirus - Mijn computer scannen - Piet.job" . ************************************************************************** catchme 0.3.1061 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2007-09-22 12:18:32 Windows 5.1.2600 NTFS scanning hidden processes ... scanning hidden autostart entries ... HKLM\Software\Microsoft\Windows\CurrentVersion\Run CTStartup = C:\Program Files\Creative\SBAudigy\Program\CTEaxSpl.EXE /run???w????\???????w^?s$????>?wH ?w???????w*??w4???U??w4???????D8?s4????????92?????\???\????????H?s????-A?w?????_?wc_?w\???\????????i_????? Z?w\???\??????s????\??????s\???p92?d??sp92? Z?w???????s??? HKCU\Software\Microsoft\Windows\CurrentVersion\Run msnmsgr = "C:\Program Files\MSN Messenger\msnmsgr.exe" /background?g scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************** [HKEY_LOCAL_MACHINE\system\ControlSet004\Services\MySql] "ImagePath"="C:/mysql/bin/mysqld-nt.exe" . Completion time: 2007-09-22 12:20:33 C:\ComboFix-quarantined-files.txt ... 2007-09-22 12:20 C:\ComboFix2.txt ... 2007-09-21 23:08 C:\ComboFix3.txt ... 2007-09-21 22:52 . --- E O F --- Quote Link naar reactie
0 anoniem Geplaatst: 22 september 2007 Auteur Delen Geplaatst: 22 september 2007 Open Kladblok, kopiëer en plak het volgende (vetgedrukte, blauwe tekst) in een leeg venster: [list:7887bda868][b:7887bda868][color=blue:7887bda868] File:: C:\WINDOWS\system32\atmdcpyk.dll C:\WINDOWS\system32\guicatft.dll C:\WINDOWS\system32\hhlsmrhk.dll C:\WINDOWS\system32\hqfezmcm.dll C:\WINDOWS\system32\hqfezmcm1.dll C:\WINDOWS\system32\tnzmdbzz.dll C:\!KillBox Driver:: Rvymvtzo [/color:7887bda868][/b:7887bda868][/list:u:7887bda868]Sla dit op op je Bureaublad als [b:7887bda868]CFScript.txt[/b:7887bda868] Sleep [b:7887bda868]CFScript.txt[/b:7887bda868] in [b:7887bda868]ComboFix.exe[/b:7887bda868] zoals getoond in onderstaand voorbeeld : [img:7887bda868]http://img.photobucket.com/albums/v666/sUBs/CFScript.gif[/img:7887bda868] Dit zal [b:7887bda868]ComboFix[/b:7887bda868] doen herstarten. Start opnieuw op als daarom gevraagd wordt, en post de inhoud van de [b:7887bda868]Combofix.txt[/b:7887bda868] in je volgende antwoord samen met een nieuw HijackThislogje. Quote Link naar reactie
0 anoniem Geplaatst: 22 september 2007 Auteur Delen Geplaatst: 22 september 2007 ComboFix 07-09-18.4 - "Piet" 2007-09-22 20:05:38.20 - NTFSx86 Microsoft Windows XP Professional 5.1.2600.0.1252.31.1043.18.200 [GMT 2:00] Command switches used :: C:\Documents and Settings\Piet\Bureaublad\CFScript.txt FILE:: C:\WINDOWS\system32\atmdcpyk.dll C:\WINDOWS\system32\guicatft.dll C:\WINDOWS\system32\hhlsmrhk.dll C:\WINDOWS\system32\hqfezmcm.dll C:\WINDOWS\system32\hqfezmcm1.dll C:\WINDOWS\system32\tnzmdbzz.dll C:\!KillBox . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . C:\WINDOWS\system32\atmdcpyk.dll C:\WINDOWS\system32\guicatft.dll C:\WINDOWS\system32\hhlsmrhk.dll C:\WINDOWS\system32\hqfezmcm.dll C:\WINDOWS\system32\tnzmdbzz.dll . (((((((((((((((((((( Bestanden Gemaakt van 2007-08-22 to 2007-09-22 )))))))))))))))))))))))))))))) . 2007-09-21 19:39 <DIR> d-------- C:\DOCUME~1\LOCALS~1\APPLIC~1\Symantec 2007-09-21 16:47 <DIR> d-------- C:\Program Files\SymNetDrv 2007-09-21 16:29 91,904 --a------ C:\WINDOWS\system32\S32EVNT1.DLL 2007-09-21 16:29 4,608 --a------ C:\WINDOWS\system32\drivers\symlcbrd.sys 2007-09-21 16:29 124,016 --a------ C:\WINDOWS\system32\drivers\SYMEVENT.SYS 2007-09-20 21:42 90,112 --a------ C:\WINDOWS\system32\regdacl.exe 2007-09-20 21:42 53,248 --a------ C:\WINDOWS\system32\process.exe 2007-09-20 21:42 4,096 --a------ C:\WINDOWS\system32\reboot.exe 2007-09-20 21:42 16,384 --a------ C:\WINDOWS\system32\restart.exe 2007-09-20 21:42 <DIR> d-------- C:\WINDOWS\system32\regdacl 2007-09-20 16:36 <DIR> d-------- C:\!KillBox 2007-09-17 12:01 684,567 --a------ C:\WINDOWS\system32\libeay32.dll 2007-09-17 12:01 147,729 --a------ C:\WINDOWS\system32\libssl32.dll 2007-09-16 13:23 51,200 --a------ C:\WINDOWS\NirCmd.exe 2007-09-16 12:22 <DIR> d-------- C:\Program Files\Trend Micro 2007-09-13 16:11 <DIR> d-------- C:\WINDOWS\system32\AppCert 2007-09-11 23:25 <DIR> d-------- C:\DOCUME~1\Ellen\APPLIC~1\Magic Academy 2007-08-24 21:46 <DIR> d-------- C:\DOCUME~1\Piet\APPLIC~1\dvdcss 2007-08-22 12:00 <DIR> d-------- C:\DOCUME~1\Piet\Shared 2007-08-22 12:00 <DIR> d-------- C:\DOCUME~1\Piet\Incomplete 2007-08-22 12:00 <DIR> d-------- C:\DOCUME~1\Piet\APPLIC~1\LimeWire 2007-08-22 11:58 <DIR> d-------- C:\Program Files\LimeWire . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2007-09-22 09:55 --------- d-------- C:\Program Files\Common Files\Symantec Shared 2007-09-21 16:50 --------- d-------- C:\Program Files\Norton AntiVirus 2007-09-21 16:47 --------- d-------- C:\Program Files\Symantec 2007-09-21 16:30 --------- d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec 2007-09-11 23:25 --------- d-------- C:\Program Files\Zylom Games 2007-09-11 23:25 --------- d-------- C:\DOCUME~1\Ellen\APPLIC~1\Zylom 2007-09-09 12:19 --------- d-a------ C:\DOCUME~1\Piet\APPLIC~1\SopCast 2007-09-09 12:19 --------- d-------- C:\DOCUME~1\Piet\APPLIC~1\vlc 2007-09-09 12:19 --------- d-------- C:\DOCUME~1\Piet\APPLIC~1\Syntrillium 2007-09-09 12:19 --------- d-------- C:\DOCUME~1\Piet\APPLIC~1\Symantec 2007-09-09 12:19 --------- d-------- C:\DOCUME~1\Piet\APPLIC~1\Real 2007-09-09 12:18 --------- d-------- C:\DOCUME~1\Piet\APPLIC~1\ppStream 2007-09-09 12:18 --------- d-------- C:\DOCUME~1\Piet\APPLIC~1\PPLive 2007-09-09 12:18 --------- d-------- C:\DOCUME~1\Piet\APPLIC~1\MSN6 2007-09-09 12:18 --------- d-------- C:\DOCUME~1\Piet\APPLIC~1\Microsoft Web Folders 2007-09-09 12:17 --------- d-------- C:\DOCUME~1\Piet\APPLIC~1\Lavasoft 2007-09-09 12:17 --------- d-------- C:\DOCUME~1\Piet\APPLIC~1\Kazaa Lite 2007-09-09 12:17 --------- d-------- C:\DOCUME~1\Piet\APPLIC~1\InterTrust 2007-09-09 12:17 --------- d-------- C:\DOCUME~1\Piet\APPLIC~1\Help 2007-09-09 12:17 --------- d-------- C:\DOCUME~1\Piet\APPLIC~1\Google 2007-09-09 12:17 --------- d-------- C:\DOCUME~1\Piet\APPLIC~1\Creative 2007-09-09 12:17 --------- d-------- C:\DOCUME~1\Piet\APPLIC~1\Azureus 2007-09-09 12:17 --------- d-------- C:\DOCUME~1\Piet\APPLIC~1\Apple Computer 2007-09-09 12:17 --------- d-------- C:\DOCUME~1\Piet\APPLIC~1\.ABC 2007-08-12 23:00 --------- d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\SpinTop Games 2007-08-12 20:23 --------- d-------- C:\Program Files\iTunes 2007-08-02 15:41 --------- d-------- C:\Program Files\PokerStars . ((((((((((((((((((((((((((((( snapshot_2007-09-16_142320.92 ))))))))))))))))))))))))))))))))))))))))) . ----a-r 10,134 2007-09-21 14:30:27 C:\WINDOWS\Installer\{77772678-817F-4401-9301-ED1D01A8DA56}\ARPPRODUCTICON.exe ----a-w 221,184 2007-09-20 08:21:54 C:\WINDOWS\system32\LVCOMSX.EXE ----a-w 155,648 2007-09-20 08:21:56 C:\WINDOWS\system32\NeroCheck.exe ----a-w 78,786 2007-09-16 13:03:16 C:\WINDOWS\system32\perfc009.dat ----a-w 96,318 2007-09-16 13:03:16 C:\WINDOWS\system32\perfc013.dat ----a-w 454,114 2007-09-16 13:03:16 C:\WINDOWS\system32\perfh009.dat ----a-w 514,440 2007-09-16 13:03:17 C:\WINDOWS\system32\perfh013.dat ------w 54,684 2001-09-07 12:00:00 C:\WINDOWS\system32\AppCert\wnl32.dll ----a-w 266,240 2007-09-22 10:06:51 C:\WINDOWS\system32\config\systemprofile\ntuser.dat ----a-w 32,768 2007-09-22 18:11:45 C:\WINDOWS\system32\config\systemprofile\Cookies\index.dat ----a-w 16,384 2007-09-22 18:11:45 C:\WINDOWS\system32\config\systemprofile\Local Settings\Geschiedenis\History.IE5\index.dat ----a-w 32,768 2007-09-22 18:11:45 C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat ----a-w 208,011 2007-09-22 18:12:24 C:\WINDOWS\system32\inetsrv\MetaBase.bin ----a-w 4,175 2007-09-21 20:01:10 C:\WINDOWS\system32\regdacl\doc\SMWNCV.cmd ----atw 16,384 2007-09-22 18:12:23 C:\WINDOWS\Temp\Perflib_Perfdata_1f8.dat . ----a-r 10,134 2007-06-22 20:14:23 C:\WINDOWS\Installer\{77772678-817F-4401-9301-ED1D01A8DA56}\ARPPRODUCTICON.exe ----a-w 229,376 2005-07-19 15:32:18 C:\WINDOWS\system32\LVCOMSX.EXE ----a-w 163,840 2001-07-09 09:50:42 C:\WINDOWS\system32\NeroCheck.exe ----a-w 78,786 2007-09-16 11:38:57 C:\WINDOWS\system32\perfc009.dat ----a-w 96,318 2007-09-16 11:38:57 C:\WINDOWS\system32\perfc013.dat ----a-w 454,114 2007-09-16 11:38:57 C:\WINDOWS\system32\perfh009.dat ----a-w 514,440 2007-09-16 11:38:57 C:\WINDOWS\system32\perfh013.dat ----a-w 54,684 2001-09-07 12:00:00 C:\WINDOWS\system32\AppCert\wnl32.dll ----a-w 266,240 2007-09-16 11:24:08 C:\WINDOWS\system32\config\systemprofile\ntuser.dat ----a-w 32,768 2007-09-16 11:37:14 C:\WINDOWS\system32\config\systemprofile\Cookies\index.dat ----a-w 16,384 2007-09-16 11:37:14 C:\WINDOWS\system32\config\systemprofile\Local Settings\Geschiedenis\History.IE5\index.dat ----a-w 32,768 2007-09-16 11:37:14 C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat ----a-w 208,012 2007-09-16 11:41:19 C:\WINDOWS\system32\inetsrv\MetaBase.bin . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "@"="" [] "CTStartup"="C:\Program Files\Creative\SBAudigy\Program\CTEaxSpl.exe" [2001-06-04 01:00] "CTHelper"="CTHELPER.EXE" [2003-10-06 15:57 C:\WINDOWS\system32\CTHELPER.EXE] "NvCplDaemon"="C:\WINDOWS\System32\NvCpl.dll" [2004-03-24 10:04] "nwiz"="nwiz.exe" [2004-03-24 10:04 C:\WINDOWS\system32\nwiz.exe] "TotalRecorderScheduler"="C:\Program Files\HighCriteria\TotalRecorder\TotRecSched.exe" [2003-09-14 16:26] "NvMediaCenter"="C:\WINDOWS\System32\NvMcTray.dll" [2004-03-24 10:04] "zBrowser Launcher"="C:\Program Files\Logitech\iTouch\iTouch.exe" [2007-09-20 10:21] "Logitech Utility"="Logi_MwX.Exe" [2003-11-07 11:50 C:\WINDOWS\LOGI_MWX.EXE] "TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [2004-08-25 19:07] "QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2005-10-08 19:16] "LVCOMSX"="C:\WINDOWS\System32\LVCOMSX.EXE" [2007-09-20 10:21] "LogitechVideoRepair"="C:\Program Files\Logitech\Video\ISStart.exe" [2007-09-20 10:21] "LogitechVideoTray"="C:\Program Files\Logitech\Video\LogiTray.exe" [2007-09-20 10:21] "NeroCheck"="C:\WINDOWS\System32\NeroCheck.exe" [2007-09-20 10:21] "iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2007-09-20 10:21] "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-05-11 03:06] "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe" [2007-07-12 04:00] "ccApp"="C:\Program Files\Common Files\Symantec Shared\ccApp.exe" [2007-02-21 17:22] "SSC_UserPrompt"="C:\Program Files\Common Files\Symantec Shared\Security Center\UsrPrmpt.exe" [2004-11-08 12:23] "Symantec NetDriver Monitor"="C:\PROGRA~1\SYMNET~1\SNDMon.exe" [2007-09-21 16:47] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\System32\ctfmon.exe" [2001-09-07 14:00] "NOMAD Detector"="C:\Program Files\Creative\SBAudigy\PlayCenter2\CTNMRun.exe" [] "TaskTray"="C:\Program Files\Creative\TaskBar\CTLTray.exe" [2001-06-29 01:00] "TaskBar"="C:\Program Files\Creative\TaskBar\CTLTask.exe" [2003-05-30 01:00] "LogitechSoftwareUpdate"="C:\Program Files\Logitech\Video\ManifestEngine.exe" [2005-06-08 14:44] "MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2003-04-14 19:30] "msnmsgr"="C:\Program Files\MSN Messenger\msnmsgr.exe" [2007-01-19 13:54] C:\DOCUME~1\ALLUSE~1\MENUST~1\PROGRA~1\OPSTAR~1\ Adapter Utility.lnk - C:\WINDOWS\Installer\{13515E3B-B512-45FF-BA78-0F677794AC99}\Launcher.exe [2004-10-22 15:54:37] Adobe Gamma Loader.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2003-12-05 17:25:55] Kodak EasyShare software.lnk - C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe [2003-06-25 07:25:38] KODAK Software Updater.lnk - C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\backWeb-7288971.exe [2003-06-08 18:48:18] Logitech Desktop Messenger.lnk - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe [2005-01-06 17:00:20] Microsoft Office.lnk - C:\Program Files\Microsoft Office2\Office\OSA9.EXE [1999-02-17 15:05:56] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer] @= R0 PrecSim;PrecSim;C:\WINDOWS\System32\DRIVERS\precsim.sys R1 DcCam;Kodak Camera Proxy;C:\WINDOWS\System32\DRIVERS\DcCam.sys R2 A4SII300;A4SII300;C:\WINDOWS\System32\drivers\A4SII300.SYS R2 DCFS2K;Kodak DCFS2K Driver;C:\WINDOWS\System32\drivers\dcfs2k.sys R2 SMTPSVC;SMTP (Simple Mail Transfer Protocol);C:\WINDOWS\System32\inetsrv\inetinfo.exe R2 XWPCApplicationLoaderService;Digital Media Adapter Application Loader Service;C:\Program Files\Linksys Wireless-B Media Adapter\bin\XWPCApplicationLoaderService.exe R2 XWPCHostService;Digital Media Adapter Host Service;C:\Program Files\Linksys Wireless-B Media Adapter\bin\XWPCHostService.exe R3 itchfltr;iTouch Keyboard Filter;C:\WINDOWS\System32\DRIVERS\itchfltr.sys R3 MTD80X;100/10M Ethernet PCI Adapter;C:\WINDOWS\System32\DRIVERS\feand5.SYS S0 ElbyVCD;ElbyVCD;C:\WINDOWS\System32\DRIVERS\ElbyVCD.sys S1 Exportit;Exportit;C:\WINDOWS\System32\DRIVERS\exportit.sys S2 DATEING;Routing Protect Access;C:\WINDOWS\SYSTEM32\RUNDLLFROMWIN2000.EXE C:\WINDOWS\SYSTEM32\WBEM\PIJFEQ22.DLL,Export 1087 S2 G11AV;Trust 610 LCD POWERC@M ZOOM, Webcam mode;C:\WINDOWS\System32\Drivers\G11av.sys S3 DcFpoint;DcFpoint;C:\WINDOWS\System32\DRIVERS\DcFpoint.sys S3 DcLps;Legacy Polling Service;C:\WINDOWS\System32\DRIVERS\DcLps.sys S3 DcPTP;dcptp;C:\WINDOWS\System32\DRIVERS\DcPTP.sys S3 SNCT511;PC Camera (6005 CIF);C:\WINDOWS\System32\DRIVERS\snct511.sys S3 USBCamera;Digital Still Image Capture;C:\WINDOWS\System32\Drivers\Bulk533.sys HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs rvymvtzo License . Inhoud van de 'Gedeelde Taken' map "2007-09-21 18:00:53 C:\WINDOWS\Tasks\Norton AntiVirus - Mijn computer scannen - Piet.job" . ************************************************************************** catchme 0.3.1061 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2007-09-22 20:15:05 Windows 5.1.2600 NTFS scanning hidden processes ... scanning hidden autostart entries ... HKLM\Software\Microsoft\Windows\CurrentVersion\Run CTStartup = C:\Program Files\Creative\SBAudigy\Program\CTEaxSpl.EXE /run???w????\???????w^?s$????>?wH ?w???????w*??w4???U??w4???????D8?s4???????|92?????\???\????????H?s????-A?w?????_?wc_?w\???\???????`a`????? Z?w\???\??????s????\??????s\???`92?d??s`92? Z?w???????s??? HKCU\Software\Microsoft\Windows\CurrentVersion\Run msnmsgr = "C:\Program Files\MSN Messenger\msnmsgr.exe" /background?g scanning hidden files ... ************************************************************************** [HKEY_LOCAL_MACHINE\system\ControlSet004\Services\MySql] "ImagePath"="C:/mysql/bin/mysqld-nt.exe" . Completion time: 2007-09-22 20:18:07 - machine was rebooted C:\ComboFix-quarantined-files.txt ... 2007-09-22 20:17 C:\ComboFix2.txt ... 2007-09-22 12:20 C:\ComboFix3.txt ... 2007-09-21 23:08 . --- E O F --- Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 20:19:37, on 22-9-2007 Platform: Windows XP (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 (6.00.2600.0000) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\System32\CTsvcCDA.EXE C:\WINDOWS\System32\inetsrv\inetinfo.exe C:\WINDOWS\system32\drivers\KodakCCS.exe C:\Program Files\Norton AntiVirus\navapsvc.exe C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe C:\WINDOWS\System32\nvsvc32.exe C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe C:\WINDOWS\System32\ScsiAccess.EXE C:\WINDOWS\System32\tcpsvcs.exe C:\WINDOWS\System32\snmp.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe C:\WINDOWS\System32\MsPMSPSv.exe C:\Program Files\Linksys Wireless-B Media Adapter\bin\XWPCApplicationLoaderService.exe C:\Program Files\Linksys Wireless-B Media Adapter\bin\XWPCHostService.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\System32\wuauclt.exe C:\WINDOWS\System32\CTHELPER.EXE C:\Program Files\HighCriteria\TotalRecorder\TotRecSched.exe C:\Program Files\Logitech\iTouch\iTouch.exe C:\Program Files\Common Files\Real\Update_OB\realsched.exe C:\Program Files\Logitech\MouseWare\system\em_exec.exe C:\Program Files\QuickTime\qttask.exe C:\WINDOWS\System32\LVCOMSX.EXE C:\Program Files\Logitech\Video\LogiTray.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Logitech\Video\FxSvr2.exe C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe C:\Program Files\Common Files\Symantec Shared\ccApp.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\Common Files\Symantec Shared\Security Center\UsrPrmpt.exe C:\WINDOWS\System32\ctfmon.exe C:\Program Files\Creative\TaskBar\CTLTray.exe C:\Program Files\Creative\TaskBar\CTLTask.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\Linksys Wireless-B Media Adapter\bin\XWPCLauncher.exe C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\backWeb-7288971.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.nl/ R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost O2 - BHO: Adobe PDF Reader Help bij koppelingen - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll O4 - HKLM\..\Run: [CTStartup] C:\Program Files\Creative\SBAudigy\Program\CTEaxSpl.EXE /run O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [TotalRecorderScheduler] "C:\Program Files\HighCriteria\TotalRecorder\TotRecSched.exe" O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [zBrowser Launcher] C:\Program Files\Logitech\iTouch\iTouch.exe O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\System32\LVCOMSX.EXE O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\System32\NeroCheck.exe O4 - HKLM\..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe" O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [SSC_UserPrompt] C:\Program Files\Common Files\Symantec Shared\Security Center\UsrPrmpt.exe O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe O4 - HKCU\..\Run: [NOMAD Detector] "C:\Program Files\Creative\SBAudigy\PlayCenter2\CTNMRun.exe" O4 - HKCU\..\Run: [TaskTray] "C:\Program Files\Creative\TaskBar\CTLTray.exe" O4 - HKCU\..\Run: [TaskBar] "C:\Program Files\Creative\TaskBar\CTLTask.exe" O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Lokale service') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Netwerkservice') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe (User 'Default user') O4 - Global Startup: Adapter Utility.lnk = ? O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: Kodak EasyShare software.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe O4 - Global Startup: KODAK Software Updater.lnk = C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\backWeb-7288971.exe O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office2\Office\OSA9.EXE O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe O9 - Extra button: ShopperReports - Compare product prices - {946B3E9E-E21A-49c8-9F63-900533FAFE15} - C:\WINDOWS\System32\shdocvw.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll O16 - DPF: {003FADA5-8FEE-11D6-AFB7-0004768F6183} (CryptoRSA Control) - https://www.p3.postbank.nl/sesam/CAX.cab O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} (Creative Software AutoUpdate) - http://www.creative.com/SU/ocx/12119/CTSUEng.cab O16 - DPF: {11260943-421B-11D0-8EAC-0000C07D88CF} (iPIX ActiveX Control) - http://www.ipix.com/viewers/ipixx.cab O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab O16 - DPF: {2CA0FF2C-0CE1-4382-A0C4-B2782965CCC2} (G-Vista ActiveX) - http://www.zugmap.ch/richtplan3d/pages/plugin/gvista30161.cab O16 - DPF: {31B7EB4E-8B4B-11D1-A789-00A0CC6651A8} (Cult3D ActiveX Player) - http://www.cult3d.com/download/cult.cab O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} (FilePlanet Download Control Class) - http://www.fileplanet.com/fpdlmgr/cabs/FPDC_1_0_0_44.cab O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://spaces.msn.com/PhotoUpload/MsnPUpld.cab?10,0,911,0 O16 - DPF: {62789780-B744-11D0-986B-00609731A21D} (Autodesk MapGuide ActiveX Control) - http://pub.plan.at/mgaxctrlde.cab O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} (CamImage Class) - http://activex.webcam.nl/AxisCamControl.cab O16 - DPF: {AE4CEC9D-C836-4579-829B-4C345101B3B9} (GVista Terrain Renderer) - http://www.dilas.ch/plugin/gvista/gvista2709.cab O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmessengersetupdownloader.cab O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab31267.cab O16 - DPF: {E55FD215-A32E-43FE-A777-A7E8F165F551} (Flatcast Viewer 4.15) - http://www.flatcast.com/de/download/NpFv415.dll O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://www.creative.com/SU/ocx/15008/CTPID.cab O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{19BF5DB9-1774-415A-9F9E-CBAD99D3FB20}: NameServer = 62.108.1.67,212.142.26.68 O17 - HKLM\System\CS1\Services\Tcpip\..\{19BF5DB9-1774-415A-9F9E-CBAD99D3FB20}: NameServer = 62.108.1.67,212.142.26.68 O23 - Service: Symantec Event Manager (ccEvtMgr) - Unknown owner - - (file missing) O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.EXE O23 - Service: Routing Protect Access (DATEING) - Unknown owner - C:\WINDOWS\SYSTEM32\RUNDLLFROMWIN2000.EXE (file missing) O23 - Service: iPod-service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Kodak Camera Connection Software (KodakCCS) - Eastman Kodak Company - C:\WINDOWS\system32\drivers\KodakCCS.exe O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE O23 - Service: Norton AntiVirus Auto-Protect-service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe O23 - Service: Planner voor Automatische LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - C:\Program Files\WinPcap\rpcapd.exe O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe O23 - Service: ScsiAccess - Unknown owner - C:\WINDOWS\System32\ScsiAccess.EXE O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe O23 - Service: Digital Media Adapter Application Loader Service (XWPCApplicationLoaderService) - Linksys Corporation - C:\Program Files\Linksys Wireless-B Media Adapter\bin\XWPCApplicationLoaderService.exe O23 - Service: Digital Media Adapter Host Service (XWPCHostService) - Linksys Corporation - C:\Program Files\Linksys Wireless-B Media Adapter\bin\XWPCHostService.exe -- End of file - 12488 bytes Quote Link naar reactie
0 anoniem Geplaatst: 22 september 2007 Auteur Delen Geplaatst: 22 september 2007 Start Hijackthis op en kies voor 'Do a system scan only' Selecteer alleen de items die hieronder zijn genoemd: [b:dedf687057] O9 - Extra button: ShopperReports - Compare product prices - {946B3E9E-E21A-49c8-9F63-900533FAFE15} - C:\WINDOWS\System32\shdocvw.dll O23 - Service: Symantec Event Manager (ccEvtMgr) - Unknown owner - - (file missing) [/b:dedf687057] Klik op 'Fix checked' om de items te verwijderen. Leeg je Temp-mappen (Let op : de mappen leegmaken, niet verwijderen !!): Open de verkenner ("Mijn Computer") en kies [b:dedf687057]Extra[/b:dedf687057] -> [b:dedf687057]Mapopties...[/b:dedf687057] Controleer onder [b:dedf687057]Weergave[/b:dedf687057] de volgende instellingen: Uitzetten: Beveiligde besturingssysteembestanden verbergen (aanbevolen) Uitzetten: Extensies voor bekende bestandstypen verbergen Selecteer: De inhoud van systeemmappen weergeven (alleen bij XP) Selecteer: Verborgen bestanden en mappen weergeven C:\Windows\[b:dedf687057]Temp [/b:dedf687057] C:\Documents and Settings\<user>\Local Settings\[b:dedf687057]Temp [/b:dedf687057] C:\Documents and Settings\<user>\Local Settings\[b:dedf687057]Temporary Internet Files [/b:dedf687057] C:\Documents and Settings\<user>\Local Settings\Temporary Internet Files\[b:dedf687057]content.ie5 [/b:dedf687057] [b:dedf687057]<user> staat hier voor je profielnaam !! [/b:dedf687057] [i:dedf687057]Als de laatste map niet wordt weergegeven, ga dan naar de map Temporary Internet Files en type er [b:dedf687057]\content.ie5[/b:dedf687057] achter in de adresbalk en klik enter. [/i:dedf687057] Maak je prullenbak leeg. start opnieuw op en vertel eens hoe het nu gaat. Quote Link naar reactie
0 anoniem Geplaatst: 22 september 2007 Auteur Delen Geplaatst: 22 september 2007 Wat bedoel je met hoe het nu gaat? Voor de laatste aanpassingen kreeg ik nog van NAV twee meldingen van teruggestuurde mailtjes. Het bestand C:\Windows\Temp\Perflib_Perfdata_1f8.dat kan ik niet verwijderen omdat het gebruikt wordt. In C:\Documents and Settings\<user>\Local Settings\Temp bevindt zich een map met de naam ZTemp met het bestand Files.mct, dat na verwijdering onmiddellijk weer wordt aangemaakt. Ik maak me nog steeds zorgen om de map AppCert met de bestanden filter.drv wsil32.dll prx66f.dll en wnl32.dll EDIT: ik kreeg zojuist weer een mailtje retour. Dit probleem is dus nog niet verholpen. Quote Link naar reactie
0 anoniem Geplaatst: 23 september 2007 Auteur Delen Geplaatst: 23 september 2007 Download en installeer [url=http://www.ewido.net/en/download/][b:eb2be044aa][color=blue:eb2be044aa]AVG Anti-Spyware 7.5[/color:eb2be044aa][/b:eb2be044aa][/url] [list:eb2be044aa] [*:eb2be044aa]Scroll iets naar beneden, klik “download now” en sla het programma op. [*:eb2be044aa]Klik tweemaal “uitvoeren” en selecteer een taal. [*:eb2be044aa]Doorloop enkele vensters en klik op “installeren”. [*:eb2be044aa]Als het niet automatisch gebeurt klik je op “updates” [*:eb2be044aa]Selecteer[b:eb2be044aa] "Scanner"[/b:eb2be044aa] bovenin het scherm en selecteer dan[b:eb2be044aa] "Settings"[/b:eb2be044aa] [*:eb2be044aa]Eenmaal in het Settings gedeelte klik je [b:eb2be044aa]"Recommended actions"[/b:eb2be044aa] en vervolgens [b:eb2be044aa]"Quarantine"[/b:eb2be044aa] [*:eb2be044aa]Sluit Ewido. Laat het nog [b:eb2be044aa]niet[/b:eb2be044aa] scannen [/list:u:eb2be044aa] Start nu je computer op in [b:eb2be044aa]VEILIGE mode[/b:eb2be044aa] Start AVG Anti-Spyware, (er is een icon op je desktop[list:eb2be044aa] [*:eb2be044aa]klik op [b:eb2be044aa]Scanner[/b:eb2be044aa] [*:eb2be044aa]Klik op [b:eb2be044aa]Complete System Scan[/b:eb2be044aa] [*:eb2be044aa]Laat het programma je pc scannen, dit kan even duren. [*:eb2be044aa]Als er geïnfecteerde bestanden zijn gevonden, klik dan op "[b:eb2be044aa]Apply all actions[/b:eb2be044aa]" Daarna zal je een knop zien [b:eb2be044aa]Save report[/b:eb2be044aa] [*:eb2be044aa]Klik op [b:eb2be044aa]Save Report[/b:eb2be044aa] [*:eb2be044aa]Klik daarna op [b:eb2be044aa]Save Report as[/b:eb2be044aa] en bewaar het rapport op op je bureaublad. [*:eb2be044aa]Sluit AVG Anti-spyware af en herstart de computer in normale mode.[/list:u:eb2be044aa] [b:eb2be044aa]Post het log tesamen met een nieuw hijackthis log.[/b:eb2be044aa] Quote Link naar reactie
0 anoniem Geplaatst: 23 september 2007 Auteur Delen Geplaatst: 23 september 2007 --------------------------------------------------------- AVG Anti-Spyware - Scan Report --------------------------------------------------------- + Created at: 14:31:16 23-9-2007 + Scan result: HKLM\SOFTWARE\Classes\SWLAD1.SWLAD -> Adware.AdDestroyer : Cleaned. HKLM\SOFTWARE\Classes\SWLAD1.SWLAD\Clsid -> Adware.AdDestroyer : Cleaned. C:\Documents and Settings\Piet\DoctorWeb\Quarantine\A0207810.dll -> Adware.Altnet : Cleaned. C:\Documents and Settings\Piet\DoctorWeb\Quarantine\A0208576.dll -> Adware.Altnet : Cleaned. C:\Program Files\AutoUpdate -> Adware.Apropos : Cleaned. C:\Documents and Settings\Piet\Bureaublad\backups\backup-20070405-151442-589.dll -> Adware.Bar888 : Cleaned. C:\Documents and Settings\Piet\Bureaublad\backups\backup-20070204-120519-905.dll -> Adware.BHO : Cleaned. C:\Program Files\Everest Poker\Everest Poker.exe -> Adware.Casino : Cleaned. C:\Documents and Settings\Piet\Bureaublad\backups\backup-20061102-202858-606.dll -> Adware.Cdn : Cleaned. C:\Documents and Settings\Piet\Bureaublad\backups\backup-20061102-202926-375.dll -> Adware.Cdn : Cleaned. C:\QooBox\Quarantine\C\WINDOWS\system32\cdnns.dll.vir -> Adware.Cdn : Cleaned. C:\QooBox\Quarantine\C\WINDOWS\system32\drivers\cdnprot.sys.vir -> Adware.Cdn : Cleaned. C:\Documents and Settings\Piet\DoctorWeb\Quarantine\A0207804.dll -> Adware.Cydoor : Cleaned. C:\Documents and Settings\Piet\DoctorWeb\Quarantine\A0207805.dll -> Adware.Cydoor : Cleaned. C:\Documents and Settings\Piet\DoctorWeb\Quarantine\A0208570.dll -> Adware.Cydoor : Cleaned. C:\Documents and Settings\Piet\DoctorWeb\Quarantine\A0208571.dll -> Adware.Cydoor : Cleaned. HKLM\SYSTEM\ControlSet004\Control\DeviceClasses\{65E8773D-8F56-11D0-A3B9-00A0C9223196}\##?#USB#VID_06D6&PID_0031&MI_00#7&2E7FE594&0&0000#{65e8773d-8f56-11d0-a3b9-00a0c9223196} -> Adware.DesktopTraffic : Cleaned. HKLM\SYSTEM\ControlSet004\Control\DeviceClasses\{65E8773D-8F56-11D0-A3B9-00A0C9223196}\##?#USB#VID_06D6&PID_0031&MI_00#7&2E7FE594&0&0000#{65e8773d-8f56-11d0-a3b9-00a0c9223196}\#GLOBAL -> Adware.DesktopTraffic : Cleaned. HKLM\SYSTEM\ControlSet004\Control\DeviceClasses\{65E8773D-8F56-11D0-A3B9-00A0C9223196}\##?#USB#VID_06D6&PID_0031&MI_00#7&2E7FE594&0&0000#{65e8773d-8f56-11d0-a3b9-00a0c9223196}\#GLOBAL\Device Parameters -> Adware.DesktopTraffic : Cleaned. HKLM\SYSTEM\ControlSet004\Control\DeviceClasses\{65E8773D-8F56-11D0-A3B9-00A0C9223196}\##?#USB#VID_06D6&PID_0031&MI_00#7&2E7FE594&0&0000#{65e8773d-8f56-11d0-a3b9-00a0c9223196}\#GLOBAL\Device Parameters\PageAliases -> Adware.DesktopTraffic : Cleaned. HKLM\SYSTEM\ControlSet004\Control\DeviceClasses\{65E8773D-8F56-11D0-A3B9-00A0C9223196}\##?#USB#VID_06D6&PID_0031&MI_00#7&2E7FE594&0&0000#{65e8773d-8f56-11d0-a3b9-00a0c9223196}\#GLOBAL\Device Parameters\PinFactory -> Adware.DesktopTraffic : Cleaned. HKLM\SYSTEM\ControlSet004\Control\DeviceClasses\{65E8773D-8F56-11D0-A3B9-00A0C9223196}\##?#USB#VID_06D6&PID_0031&MI_00#7&2E7FE594&0&0000#{65e8773d-8f56-11d0-a3b9-00a0c9223196}\#GLOBAL\Device Parameters\PinFactory\1 -> Adware.DesktopTraffic : Cleaned. HKLM\SYSTEM\ControlSet004\Control\DeviceClasses\{65E8773D-8F56-11D0-A3B9-00A0C9223196}\##?#USB#VID_06D6&PID_0031&MI_00#7&2E7FE594&0&0000#{65e8773d-8f56-11d0-a3b9-00a0c9223196}\#GLOBAL\Device Parameters\PinFactory\1\Interfaces -> Adware.DesktopTraffic : Cleaned. HKLM\SYSTEM\ControlSet004\Control\DeviceClasses\{65E8773D-8F56-11D0-A3B9-00A0C9223196}\##?#USB#VID_06D6&PID_0031&MI_00#7&2E7FE594&0&0000#{65e8773d-8f56-11d0-a3b9-00a0c9223196}\#GLOBAL\Device Parameters\PinFactory\1\Interfaces\{5BB95400-52BB-11d2-BA41-00A0C90D2B05} -> Adware.DesktopTraffic : Cleaned. C:\Documents and Settings\Piet\DoctorWeb\Quarantine\Xcite.exe -> Adware.F1Organizer : Cleaned. C:\Documents and Settings\Piet\DoctorWeb\Quarantine\A0203432.exe -> Adware.Hotbar : Cleaned. C:\Documents and Settings\Piet\DoctorWeb\Quarantine\A0203433.exe -> Adware.HotBar : Cleaned. C:\Documents and Settings\Piet\DoctorWeb\Quarantine\A0203436.exe -> Adware.HotBar : Cleaned. C:\Documents and Settings\Piet\DoctorWeb\Quarantine\A0203438.exe -> Adware.HotBar : Cleaned. C:\Documents and Settings\Piet\DoctorWeb\Quarantine\A0203439.dll -> Adware.HotBar : Cleaned. C:\Documents and Settings\Piet\DoctorWeb\Quarantine\A0203440.exe -> Adware.HotBar : Cleaned. C:\Documents and Settings\Piet\DoctorWeb\Quarantine\A0203441.dll -> Adware.Hotbar : Cleaned. C:\Documents and Settings\Piet\DoctorWeb\Quarantine\A0203442.dll -> Adware.HotBar : Cleaned. C:\Documents and Settings\Piet\DoctorWeb\Quarantine\A0203482.dll -> Adware.HotBar : Cleaned. C:\Documents and Settings\Piet\DoctorWeb\Quarantine\HbInstI0.dll -> Adware.HotBar : Cleaned. C:\Documents and Settings\Piet\DoctorWeb\Quarantine\HbInstIE.dll -> Adware.HotBar : Cleaned. C:\Documents and Settings\Piet\DoctorWeb\Quarantine\hotbar.exe -> Adware.HotBar : Cleaned. C:\QooBox\Quarantine\C\WINDOWS\DOWNLO~1\HbInstIE.dll.vir -> Adware.HotBar : Cleaned. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/ISTactivex.dll -> Adware.ISTBar : Cleaned. C:\Documents and Settings\Elize\Menu Start\Programma's\Power Scan -> Adware.PowerScan : Cleaned. C:\Documents and Settings\Elize\Menu Start\Programma's\Power Scan\Power Scan.lnk -> Adware.PowerScan : Cleaned. HKLM\SOFTWARE\Classes\SWRT01.RT -> Adware.SecondThought : Cleaned. HKLM\SOFTWARE\Classes\SWRT01.RT\Clsid -> Adware.SecondThought : Cleaned. HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\ins -> Adware.WebRebates : Cleaned. C:\WINDOWS\system32\appstart.exe -> Downloader.Agent.avq : Cleaned. C:\tcsafe.exe -> Downloader.Banload.ase : Cleaned. F:\Program Files\Messenger Plus! 2\Setup.dat/70000010.exe -> Downloader.Swizzor.g : Cleaned. C:\Documents and Settings\Piet\Application Data\Sun\Java\Deployment\cache\6.0\8\181f08c8-4a6fc3f7/Gummy.class -> Not-A-Virus.Exploit.ByteVerify : Cleaned. C:\Documents and Settings\Piet\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\ar3.jar-75c822bf-12bcab4e.zip/Gummy.class -> Not-A-Virus.Exploit.ByteVerify : Cleaned. C:\Documents and Settings\Piet\Cookies\piet@247realmedia[1].txt -> TrackingCookie.247realmedia : Cleaned. C:\Documents and Settings\Elize\Cookies\elize@112.2o7[2].txt -> TrackingCookie.2o7 : Cleaned. C:\Documents and Settings\Elize\Cookies\elize@cbs.112.2o7[1].txt -> TrackingCookie.2o7 : Cleaned. C:\Documents and Settings\Elize\Cookies\elize@maxis.112.2o7[1].txt -> TrackingCookie.2o7 : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@2o7[2].txt -> TrackingCookie.2o7 : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@amznshopbop.122.2o7[1].txt -> TrackingCookie.2o7 : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@detelegraaf.112.2o7[1].txt -> TrackingCookie.2o7 : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@metacafe.122.2o7[1].txt -> TrackingCookie.2o7 : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@microsoftwlmessengermkt.112.2o7[1].txt -> TrackingCookie.2o7 : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@microsoftwlsearchcrm.112.2o7[1].txt -> TrackingCookie.2o7 : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@msnaccountservices.112.2o7[1].txt -> TrackingCookie.2o7 : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@msninvite.112.2o7[1].txt -> TrackingCookie.2o7 : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@msnportal.112.2o7[1].txt -> TrackingCookie.2o7 : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@msnuk.122.2o7[1].txt -> TrackingCookie.2o7 : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@paypal.112.2o7[1].txt -> TrackingCookie.2o7 : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@tpgpost.122.2o7[1].txt -> TrackingCookie.2o7 : Cleaned. C:\Documents and Settings\Piet\Cookies\piet@2o7[2].txt -> TrackingCookie.2o7 : Cleaned. C:\Documents and Settings\Piet\Cookies\piet@babyuniverse.112.2o7[1].txt -> TrackingCookie.2o7 : Cleaned. C:\Documents and Settings\Piet\Cookies\piet@detelegraaf.112.2o7[1].txt -> TrackingCookie.2o7 : Cleaned. C:\Documents and Settings\Piet\Cookies\piet@divx.112.2o7[1].txt -> TrackingCookie.2o7 : Cleaned. C:\Documents and Settings\Piet\Cookies\piet@edsa.122.2o7[1].txt -> TrackingCookie.2o7 : Cleaned. C:\Documents and Settings\Piet\Cookies\piet@heavycom.122.2o7[1].txt -> TrackingCookie.2o7 : Cleaned. C:\Documents and Settings\Piet\Cookies\piet@metacafe.122.2o7[1].txt -> TrackingCookie.2o7 : Cleaned. C:\Documents and Settings\Piet\Cookies\piet@msnportal.112.2o7[1].txt -> TrackingCookie.2o7 : Cleaned. C:\Documents and Settings\Piet\Cookies\piet@partygaming.122.2o7[1].txt -> TrackingCookie.2o7 : Cleaned. C:\Documents and Settings\Piet\Cookies\piet@premiumtv.122.2o7[1].txt -> TrackingCookie.2o7 : Cleaned. C:\Documents and Settings\Piet\Cookies\piet@prisacom.112.2o7[1].txt -> TrackingCookie.2o7 : Cleaned. C:\Documents and Settings\Piet\Cookies\piet@thomascookag.122.2o7[1].txt -> TrackingCookie.2o7 : Cleaned. C:\Documents and Settings\Piet\Cookies\piet@totalvid.122.2o7[1].txt -> TrackingCookie.2o7 : Cleaned. C:\Documents and Settings\Piet\Cookies\piet@usatoday1.112.2o7[1].txt -> TrackingCookie.2o7 : Cleaned. C:\Documents and Settings\Piet\Cookies\piet@71i[1].txt -> TrackingCookie.71i : Cleaned. C:\Documents and Settings\Elize\Cookies\elize@aavalue[2].txt -> TrackingCookie.Aavalue : Cleaned. C:\Documents and Settings\Elize\Cookies\elize@eztracks.aavalue[2].txt -> TrackingCookie.Aavalue : Cleaned. C:\Documents and Settings\Elize\Cookies\elize@prizeamerica.aavalue[1].txt -> TrackingCookie.Aavalue : Cleaned. C:\Documents and Settings\Piet\Cookies\piet@www.abcsearch[1].txt -> TrackingCookie.Abcsearch : Cleaned. C:\Documents and Settings\Elize\Cookies\elize@stats.adbrite[1].txt -> TrackingCookie.Adbrite : Cleaned. C:\Documents and Settings\Piet\Cookies\piet@2.adbrite[1].txt -> TrackingCookie.Adbrite : Cleaned. C:\Documents and Settings\Piet\Cookies\piet@3.adbrite[1].txt -> TrackingCookie.Adbrite : Cleaned. C:\Documents and Settings\Piet\Cookies\piet@4.adbrite[1].txt -> TrackingCookie.Adbrite : Cleaned. C:\Documents and Settings\Piet\Cookies\piet@adbrite[1].txt -> TrackingCookie.Adbrite : Cleaned. C:\Documents and Settings\Piet\Cookies\piet@ads.adbrite[1].txt -> TrackingCookie.Adbrite : Cleaned. C:\Documents and Settings\Piet\Cookies\piet@stats.adbrite[2].txt -> TrackingCookie.Adbrite : Cleaned. F:\WINDOWS\Cookies\anyuser@imgserv.adbutler[1].txt -> TrackingCookie.Adbutler : Cleaned. C:\Documents and Settings\Piet\Cookies\piet@axa.addcontrol[1].txt -> TrackingCookie.Addcontrol : Cleaned. C:\Documents and Settings\Piet\Cookies\piet@ads.addynamix[1].txt -> TrackingCookie.Addynamix : Cleaned. C:\Documents and Settings\Piet\Cookies\piet@adengage[2].txt -> TrackingCookie.Adengage : Cleaned. C:\Documents and Settings\Piet\Cookies\piet@www.adengage[2].txt -> TrackingCookie.Adengage : Cleaned. C:\Documents and Settings\Piet\Cookies\piet@ad.adition[2].txt -> TrackingCookie.Adition : Cleaned. C:\Documents and Settings\Piet\Cookies\piet@ad.admarketplace[2].txt -> TrackingCookie.Admarketplace : Cleaned. C:\Documents and Settings\Piet\Cookies\piet@admarketplace[1].txt -> TrackingCookie.Admarketplace : Cleaned. C:\Documents and Settings\Piet\Cookies\piet@www.adobe[2].txt -> TrackingCookie.Adobe : Cleaned. F:\WINDOWS\Cookies\schenderling@www.adobe[1].txt -> TrackingCookie.Adobe : Cleaned. F:\WINDOWS\Cookies\anyuser@adorigin[1].txt -> TrackingCookie.Adorigin : Cleaned. F:\WINDOWS\Cookies\anyuser@ads.adorigin[1].txt -> TrackingCookie.Adorigin : Cleaned. F:\WINDOWS\Cookies\schenderling@adorigin[2].txt -> TrackingCookie.Adorigin : Cleaned. F:\WINDOWS\Cookies\schenderling@ads.adorigin[1].txt -> TrackingCookie.Adorigin : Cleaned. C:\Documents and Settings\Piet\Cookies\piet@adrenaline[1].txt -> TrackingCookie.Adrenaline : Cleaned. F:\WINDOWS\Cookies\anyuser@adrenaline[1].txt -> TrackingCookie.Adrenaline : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@adrevolver[2].txt -> TrackingCookie.Adrevolver : Cleaned. C:\Documents and Settings\Piet\Cookies\piet@adrevolver[3].txt -> TrackingCookie.Adrevolver : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@adtech[2].txt -> TrackingCookie.Adtech : Cleaned. C:\Documents and Settings\Piet\Cookies\piet@adtech[1].txt -> TrackingCookie.Adtech : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@advertising[2].txt -> TrackingCookie.Advertising : Cleaned. C:\Documents and Settings\Piet\Cookies\piet@advertising[1].txt -> TrackingCookie.Advertising : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@adviva[2].txt -> TrackingCookie.Adviva : Cleaned. C:\Documents and Settings\Piet\Cookies\piet@adviva[1].txt -> TrackingCookie.Adviva : Cleaned. F:\WINDOWS\Cookies\schenderling@www.andr[1].txt -> TrackingCookie.Andr : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@atdmt[2].txt -> TrackingCookie.Atdmt : Cleaned. C:\Documents and Settings\Piet\Cookies\piet@atdmt[2].txt -> TrackingCookie.Atdmt : Cleaned. C:\Documents and Settings\Piet\Cookies\piet@www.belstat[4].txt -> TrackingCookie.Belstat : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@bfast[2].txt -> TrackingCookie.Bfast : Cleaned. C:\Documents and Settings\Piet\Cookies\piet@bfast[2].txt -> TrackingCookie.Bfast : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@bluestreak[2].txt -> TrackingCookie.Bluestreak : Cleaned. C:\Documents and Settings\Piet\Cookies\piet@bluestreak[1].txt -> TrackingCookie.Bluestreak : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@ads18.bpath[1].txt -> TrackingCookie.Bpath : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@ads43.bpath[1].txt -> TrackingCookie.Bpath : Cleaned. C:\Documents and Settings\Piet\Cookies\piet@ads06.bpath[1].txt -> TrackingCookie.Bpath : Cleaned. C:\Documents and Settings\Piet\Cookies\piet@ads25.bpath[1].txt -> TrackingCookie.Bpath : Cleaned. F:\WINDOWS\Cookies\anyuser@ads06.bpath[1].txt -> TrackingCookie.Bpath : Cleaned. F:\WINDOWS\Cookies\anyuser@spms.bpath[1].txt -> TrackingCookie.Bpath : Cleaned. F:\WINDOWS\Cookies\schenderling@ads06.bpath[1].txt -> TrackingCookie.Bpath : Cleaned. C:\Documents and Settings\Elize\Cookies\elize@www.burstbeacon[1].txt -> TrackingCookie.Burstbeacon : Cleaned. C:\Documents and Settings\Piet\Cookies\piet@www.burstbeacon[1].txt -> TrackingCookie.Burstbeacon : Cleaned. C:\Documents and Settings\Elize\Cookies\elize@burstnet[1].txt -> TrackingCookie.Burstnet : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@burstnet[1].txt -> TrackingCookie.Burstnet : Cleaned. C:\Documents and Settings\Piet\Cookies\piet@burstnet[1].txt -> TrackingCookie.Burstnet : Cleaned. C:\Documents and Settings\Piet\Cookies\piet@www.burstnet[2].txt -> TrackingCookie.Burstnet : Cleaned. C:\Documents and Settings\Piet\Cookies\piet@casalemedia[2].txt -> TrackingCookie.Casalemedia : Cleaned. C:\Documents and Settings\Piet\Cookies\piet@isg33.casalemedia[1].txt -> TrackingCookie.Casalemedia : Cleaned. C:\Documents and Settings\Piet\Cookies\piet@castup[1].txt -> TrackingCookie.Castup : Cleaned. C:\Documents and Settings\Piet\Cookies\piet@switch5.castup[1].txt -> TrackingCookie.Castup : Cleaned. F:\WINDOWS\Cookies\schenderling@site.chatpoint[2].txt -> TrackingCookie.Chatpoint : Cleaned. C:\Documents and Settings\Piet\Cookies\piet@ad1.clickhype[1].txt -> TrackingCookie.Clickhype : Cleaned. C:\Documents and Settings\Elize\Cookies\elize@vip.clickzs[2].txt -> TrackingCookie.Clickzs : Cleaned. C:\Documents and Settings\Piet\Cookies\piet@cz4.clickzs[1].txt -> TrackingCookie.Clickzs : Cleaned. C:\Documents and Settings\Piet\Cookies\piet@cz5.clickzs[2].txt -> TrackingCookie.Clickzs : Cleaned. C:\Documents and Settings\Piet\Cookies\piet@cz8.clickzs[2].txt -> TrackingCookie.Clickzs : Cleaned. F:\WINDOWS\Cookies\anyuser@cz4.clickzs[1].txt -> TrackingCookie.Clickzs : Cleaned. F:\WINDOWS\Cookies\anyuser@cz4.clickzs[2].txt -> TrackingCookie.Clickzs : Cleaned. F:\WINDOWS\Cookies\anyuser@cz6.clickzs[1].txt -> TrackingCookie.Clickzs : Cleaned. F:\WINDOWS\Cookies\anyuser@cz7.clickzs[2].txt -> TrackingCookie.Clickzs : Cleaned. F:\WINDOWS\Cookies\anyuser@cz8.clickzs[2].txt -> TrackingCookie.Clickzs : Cleaned. C:\Documents and Settings\Piet\Cookies\piet@ads.cnn[1].txt -> TrackingCookie.Cnn : Cleaned. C:\Documents and Settings\Piet\Cookies\piet@counter.cnw[1].txt -> TrackingCookie.Cnw : Cleaned. F:\WINDOWS\Cookies\anyuser@counter.cnw[1].txt -> TrackingCookie.Cnw : Cleaned. C:\Documents and Settings\Piet\Cookies\piet@ads.guardian.co[1].txt -> TrackingCookie.Co : Cleaned. F:\WINDOWS\Cookies\anyuser@ads.guardian.co[2].txt -> TrackingCookie.Co : Cleaned. C:\Documents and Settings\Elize\Cookies\elize@com[2].txt -> TrackingCookie.Com : Cleaned. C:\Documents and Settings\Piet\Cookies\piet@com[2].txt -> TrackingCookie.Com : Cleaned. F:\WINDOWS\Cookies\anyuser@com[1].txt -> TrackingCookie.Com : Cleaned. F:\WINDOWS\Cookies\anyuser@com[3].txt -> TrackingCookie.Com : Cleaned. F:\WINDOWS\Cookies\schenderling@com[1].txt -> TrackingCookie.Com : Cleaned. C:\Documents and Settings\Elize\Cookies\elize@connextra[1].txt -> TrackingCookie.Connextra : Cleaned. C:\Documents and Settings\Piet\Cookies\piet@connextra[2].txt -> TrackingCookie.Connextra : Cleaned. F:\WINDOWS\Cookies\anyuser@connextra[2].txt -> TrackingCookie.Connextra : Cleaned. C:\Documents and Settings\Piet\Cookies\piet@cpvfeed[2].txt -> TrackingCookie.Cpvfeed : Cleaned. F:\WINDOWS\Cookies\schenderling@1nl.cqcounter[1].txt -> TrackingCookie.Cqcounter : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@www.frenchcoat.com.0.fb.dbbsrv[2].txt -> TrackingCookie.Dbbsrv : Cleaned. C:\Documents and Settings\Elize\Cookies\elize@dealtime[1].txt -> TrackingCookie.Dealtime : Cleaned. C:\Documents and Settings\Elize\Cookies\elize@stat.dealtime[2].txt -> TrackingCookie.Dealtime : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@dealtime[1].txt -> TrackingCookie.Dealtime : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@stat.dealtime[1].txt -> TrackingCookie.Dealtime : Cleaned. F:\WINDOWS\Cookies\anyuser@stat.dealtime[2].txt -> TrackingCookie.Dealtime : Cleaned. C:\Documents and Settings\Elize\Cookies\elize@doubleclick[1].txt -> TrackingCookie.Doubleclick : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@doubleclick[1].txt -> TrackingCookie.Doubleclick : Cleaned. C:\Documents and Settings\Piet\Cookies\piet@doubleclick[1].txt -> TrackingCookie.Doubleclick : Cleaned. F:\WINDOWS\Cookies\anyuser@fwd.emerite[1].txt -> TrackingCookie.Emerite : Cleaned. C:\Documents and Settings\Elize\Cookies\elize@cl.enhance[1].txt -> TrackingCookie.Enhance : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@c.enhance[2].txt -> TrackingCookie.Enhance : Cleaned. C:\Documents and Settings\Piet\Cookies\piet@c.enhance[1].txt -> TrackingCookie.Enhance : Cleaned. C:\Documents and Settings\Elize\Cookies\elize@e-2dj6wfmysoc5aep.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned. C:\Documents and Settings\Elize\Cookies\elize@e-2dj6wjl4qodjglo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned. C:\Documents and Settings\Elize\Cookies\elize@e-2dj6wjlicpajmdq.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned. C:\Documents and Settings\Elize\Cookies\elize@y-1shz2prbmdj6wvny-1sez2pra2dj6wjmiopd5mcqqydj6x9ny-1seq-2-2.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@a-1shz2prbmdj6wvny-1sez2pra2dj6wfkoopazobqa-1dj6x9ny-1seq-2-2.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@e-2dj6wak4sncjsaq.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@e-2dj6wakiagajodo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@e-2dj6wfk4coc5alp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@e-2dj6wfk4codpkdq.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@e-2dj6wfk4ejczwhp.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@e-2dj6wfk4emcpgdp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@e-2dj6wfk4endjiko.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@e-2dj6wfk4eod5ifq.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@e-2dj6wfk4epdzglp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@e-2dj6wfk4gkcpiep.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@e-2dj6wfk4khdjcgp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@e-2dj6wfk4kiajeep.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@e-2dj6wfk4oidpmeq.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@e-2dj6wfk4okd5ggo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@e-2dj6wfk4omazsap.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@e-2dj6wfk4qhcpicq.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@e-2dj6wfk4qhd5eap.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@e-2dj6wfk4skdpogo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@e-2dj6wfk4ulcjokq.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@e-2dj6wfk4wkd5cbo.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@e-2dj6wfkiajazcfo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@e-2dj6wfkichajkhp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@e-2dj6wfkichazkfp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@e-2dj6wfkicicjelo.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@e-2dj6wfkiehdzeko.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@e-2dj6wfkiejdzaeq.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@e-2dj6wfkiepazelo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@e-2dj6wfkikgdjabp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@e-2dj6wfkikhd5ggp.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@e-2dj6wfkiwlcpwdo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@e-2dj6wfkocgdpifp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@e-2dj6wfkogpc5sco.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@e-2dj6wfkogpdjwbp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@e-2dj6wfkoqldpkgp.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@e-2dj6wfkosidjibp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@e-2dj6wfkouldzmfq.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@e-2dj6wfkyaoczaeo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@e-2dj6wfkyclazsap.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@e-2dj6wfkycmc5shp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@e-2dj6wfkyemcpebq.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@e-2dj6wfkygkdpoap.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@e-2dj6wfkyknazsdo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@e-2dj6wfkykpdpabq.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@e-2dj6wfkyqkczikp.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@e-2dj6wfkyqoajgbo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@e-2dj6wfkysgcjsaq.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@e-2dj6wfkyumcjaco.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@e-2dj6wfkywgcpaco.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@e-2dj6wfkywgdzskp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@e-2dj6wfkywkdjaao.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@e-2dj6wfl4ajd5aeq.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@e-2dj6wfl4cndjsbo.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@e-2dj6wfl4eocpmfo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@e-2dj6wfl4ghd5igo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@e-2dj6wfl4kocjgdp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@e-2dj6wfl4ojd5kcp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@e-2dj6wfl4okczklo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@e-2dj6wfl4oldpsgp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@e-2dj6wfl4qkczwfo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@e-2dj6wfl4uiazakp.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@e-2dj6wfl4uicpkfo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@e-2dj6wfliajczwfo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@e-2dj6wfliakdzolp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@e-2dj6wfliamcjmep.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@e-2dj6wflichajgco.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@e-2dj6wflieiczcko.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@e-2dj6wfliejdpmgo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@e-2dj6wfliekazaao.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@e-2dj6wfliemcpwho.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@e-2dj6wflikmdpmao.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@e-2dj6wfliqmazeeq.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@e-2dj6wfliqpajshq.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@e-2dj6wfliwjdjweo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@e-2dj6wfloamd5who.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@e-2dj6wflocldzoeq.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@e-2dj6wfloepazwhq.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@e-2dj6wflogic5abp.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@e-2dj6wflogod5scp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@e-2dj6wflokmdpseo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@e-2dj6wflokpcpelo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@e-2dj6wfloogcpghp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@e-2dj6wfloopdjmhp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@e-2dj6wfloqocjcdq.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@e-2dj6wfloslajago.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@e-2dj6wfloslazicq.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@e-2dj6wflound5map.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@e-2dj6wflowgczigp.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@e-2dj6wflowodjggo.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@e-2dj6wflyghazgeo.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@e-2dj6wflyklczkep.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@e-2dj6wflyumdjigo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@e-2dj6wfmicpdzgfo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@e-2dj6wfmikpcpwbq.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@e-2dj6wfmiohcpgbp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@e-2dj6wfmiukazsko.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@e-2dj6wfmiukdzmdo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@e-2dj6wfmiumd5aaq.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@e-2dj6wfmiuoczieq.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@e-2dj6wfmiwkdzofq.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@e-2dj6wfmyckcjagp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@e-2dj6wfmyckd5slo.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@e-2dj6wfmyckdjeho.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@e-2dj6wfmykidzwbp.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@e-2dj6wfmyoncpwfo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@e-2dj6wfmyqiazmgp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@e-2dj6wfmyshc5abp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@e-2dj6wfmyugdjmap.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@e-2dj6wfmyuldpsbp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@e-2dj6wfmywkdjokq.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@e-2dj6wgk4clcjcep.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@e-2dj6wgk4eiajidp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@e-2dj6wgk4gnajoep.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@e-2dj6wgk4gpdpabo.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@e-2dj6wgk4kmc5shp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@e-2dj6wgk4uoajkbp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@e-2dj6wgk4wmd5khp.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@e-2dj6wgkieicjehp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@e-2dj6wgkiepdzwlp.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@e-2dj6wgkiqjd5eep.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@e-2dj6wgkiqlc5oko.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@e-2dj6wgkiqlcjsdo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@e-2dj6wgkiqodjsbq.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@e-2dj6wgkiuiajweo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@e-2dj6wgkiulajoao.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@e-2dj6wgkoapdjgko.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@e-2dj6wgkokgc5mko.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@e-2dj6wgkokkazcdq.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@e-2dj6wgkokld5aao.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@e-2dj6wgkoogdjeep.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@e-2dj6wgkookazigo.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@e-2dj6wgkoqnd5mgo.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@e-2dj6wgkowmczmho.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@e-2dj6wgkyahdpcho.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@e-2dj6wgkyegcjicp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@e-2dj6wgkykgdjchp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@e-2dj6wgkykldpmcq.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@e-2dj6wgkywjcpekp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@e-2dj6wgl4ckcjglo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@e-2dj6wgl4glcjeho.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@e-2dj6wgliglc5afo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@e-2dj6wgloepdzeco.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@e-2dj6wgmiagd5sco.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@e-2dj6wgmickajwho.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@e-2dj6wgmiejd5oap.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@e-2dj6wgmikldjeco.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@e-2dj6wgmispdzgdp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@e-2dj6wgmiundzshp.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@e-2dj6wgmycmczwdq.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@e-2dj6wgmygkdzolp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@e-2dj6wgmyglcjweo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@e-2dj6wgmyopcjaep.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@e-2dj6wgmysjdjscp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@e-2dj6wgmyumd5kdq.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@e-2dj6whk4wmcpwko.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@e-2dj6whkicpdpsgp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@e-2dj6whkikld5gap.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@e-2dj6whkiqgcpkco.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@e-2dj6whkogic5eeo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@e-2dj6whkowldzmdo.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@e-2dj6whkywkdzaap.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@e-2dj6whlicoc5cao.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@e-2dj6whlokpc5sko.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@e-2dj6wjk4ajdzmap.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@e-2dj6wjk4chdjebo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@e-2dj6wjk4gkc5ogo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@e-2dj6wjk4kjdjklo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@e-2dj6wjk4qlajalo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@e-2dj6wjk4ukc5aaq.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@e-2dj6wjk4ukc5cfo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@e-2dj6wjk4ukc5gdq.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@e-2dj6wjk4ukcjgao.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@e-2dj6wjk4ukcjkep.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@e-2dj6wjk4ukcjsfp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@e-2dj6wjk4ukczslo.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@e-2dj6wjk4ukdzelq.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@e-2dj6wjk4ulazicp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@e-2dj6wjkocnc5oao.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@e-2dj6wjkoqoczibq.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@e-2dj6wjkosod5ifq.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@e-2dj6wjkykpcjoko.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@e-2dj6wjkyqoczwlo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@e-2dj6wjkyukdpeco.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@e-2dj6wjl4apdjmcp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@e-2dj6wjl4ejazefq.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@e-2dj6wjl4qodjglo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@e-2dj6wjl4sicjehp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@e-2dj6wjl4sid5scq.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@e-2dj6wjlicncpagq.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@e-2dj6wjlicpazsgp.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@e-2dj6wjliqiajclp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@e-2dj6wjlisld5wkp.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@e-2dj6wjliugc5ogp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@e-2dj6wjliwkcpoap.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@e-2dj6wjloaidpado.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@e-2dj6wjlogod5aco.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@e-2dj6wjloklazkeo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@e-2dj6wjloomczefp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@e-2dj6wjlosodzoap.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@e-2dj6wjlyagdjwcq.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@e-2dj6wjlyancpwfq.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@e-2dj6wjlyukdjcbp.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@e-2dj6wjmiclczwbp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@e-2dj6wjmieiazweo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@e-2dj6wjmiejdpoao.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@e-2dj6wjmiepazsdp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@e-2dj6wjmigmczwgp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@e-2dj6wjmigocjolp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@e-2dj6wjmikkazscp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@e-2dj6wjmiqnazifp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@e-2dj6wjmiqod5mdp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@e-2dj6wjmiqpcpkfo.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@e-2dj6wjmiupdzskp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@e-2dj6wjmiwhajifq.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@e-2dj6wjmychc5glo.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@e-2dj6wjmycpdjoho.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@e-2dj6wjmykocjofo.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@e-2dj6wjmyqicjgco.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@e-2dj6wjmyqidpoho.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@e-2dj6wjmyqpc5scp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@e-2dj6wjmysmcpsap.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@e-2dj6wjmysoczigp.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@e-2dj6wjmywodpckp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@e-2dj6wjny-1jajwh.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@e-2dj6wjnycjazcep.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@e-2dj6wjnysmdpcbp.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@y-1shz2prbmdj6wvny-1sez2pra2dj6wfkocmc5mdoa2dj6x9ny-1seq-2-2.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@y-1shz2prbmdj6wvny-1sez2pra2dj6wfkyqndzadpaqdj6x9ny-1seq-2-2.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@y-1shz2prbmdj6wvny-1sez2pra2dj6wjlyagdjwcqaidj6x9ny-1seq-2-2.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@y-1shz2prbmdj6wvny-1sez2pra2dj6wjlyajcjslpqmdj6x9ny-1seq-2-2.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@y-1shz2prbmdj6wvny-1sez2pra2dj6wjlyqocpscqqudj6x9ny-1seq-2-2.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@y-1shz2prbmdj6wvny-1sez2pra2dj6wjmighazmdowudj6x9ny-1seq-2-2.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned. C:\Documents and Settings\Piet\Cookies\piet@estat[1].txt -> TrackingCookie.Estat : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@www.etracker[1].txt -> TrackingCookie.Etracker : Cleaned. C:\Documents and Settings\Piet\Cookies\piet@www.etracker[2].txt -> TrackingCookie.Etracker : Cleaned. C:\Documents and Settings\Elize\Cookies\elize@adopt.euroclick[1].txt -> TrackingCookie.Euroclick : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@adopt.euroclick[1].txt -> TrackingCookie.Euroclick : Cleaned. C:\Documents and Settings\Piet\Cookies\piet@adopt.euroclick[2].txt -> TrackingCookie.Euroclick : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@as1.falkag[2].txt -> TrackingCookie.Falkag : Cleaned. C:\Documents and Settings\Piet\Cookies\piet@as1.falkag[2].txt -> TrackingCookie.Falkag : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@fastclick[1].txt -> TrackingCookie.Fastclick : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@media.fastclick[2].txt -> TrackingCookie.Fastclick : Cleaned. C:\Documents and Settings\Piet\Cookies\piet@fastclick[1].txt -> TrackingCookie.Fastclick : Cleaned. C:\Documents and Settings\Piet\Cookies\piet@fortunecity[2].txt -> TrackingCookie.Fortunecity : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@goclick[2].txt -> TrackingCookie.Goclick : Cleaned. C:\Documents and Settings\Piet\Cookies\piet@goldenpalace[1].txt -> TrackingCookie.Goldenpalace : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@ehg-adversitement.hitbox[1].txt -> TrackingCookie.Hitbox : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@ehg-kodak.hitbox[2].txt -> TrackingCookie.Hitbox : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@ehg-nokiafin.hitbox[1].txt -> TrackingCookie.Hitbox : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@ehg-youtube.hitbox[2].txt -> TrackingCookie.Hitbox : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@ehg-yvesrocher.hitbox[2].txt -> TrackingCookie.Hitbox : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@hitbox[1].txt -> TrackingCookie.Hitbox : Cleaned. C:\Documents and Settings\Piet\Cookies\piet@ehg-adversitement.hitbox[1].txt -> TrackingCookie.Hitbox : Cleaned. C:\Documents and Settings\Piet\Cookies\piet@ehg-aon.hitbox[2].txt -> TrackingCookie.Hitbox : Cleaned. C:\Documents and Settings\Piet\Cookies\piet@ehg-deltatre.hitbox[1].txt -> TrackingCookie.Hitbox : Cleaned. C:\Documents and Settings\Piet\Cookies\piet@ehg-dig.hitbox[2].txt -> TrackingCookie.Hitbox : Cleaned. C:\Documents and Settings\Piet\Cookies\piet@ehg-discoverynetwork.hitbox[1].txt -> TrackingCookie.Hitbox : Cleaned. C:\Documents and Settings\Piet\Cookies\piet@ehg-fifa.hitbox[2].txt -> TrackingCookie.Hitbox : Cleaned. C:\Documents and Settings\Piet\Cookies\piet@ehg-ifilm.hitbox[1].txt -> TrackingCookie.Hitbox : Cleaned. C:\Documents and Settings\Piet\Cookies\piet@ehg-mgnlimited.hitbox[2].txt -> TrackingCookie.Hitbox : Cleaned. C:\Documents and Settings\Piet\Cookies\piet@ehg-nokiafin.hitbox[2].txt -> TrackingCookie.Hitbox : Cleaned. C:\Documents and Settings\Piet\Cookies\piet@ehg-upcchellomedia.hitbox[1].txt -> TrackingCookie.Hitbox : Cleaned. C:\Documents and Settings\Piet\Cookies\piet@ehg-vcbs.hitbox[2].txt -> TrackingCookie.Hitbox : Cleaned. C:\Documents and Settings\Piet\Cookies\piet@ehg-veohnetworksinc.hitbox[2].txt -> TrackingCookie.Hitbox : Cleaned. C:\Documents and Settings\Piet\Cookies\piet@ehg-wssuk.hitbox[2].txt -> TrackingCookie.Hitbox : Cleaned. C:\Documents and Settings\Piet\Cookies\piet@ehg-youtube.hitbox[2].txt -> TrackingCookie.Hitbox : Cleaned. C:\Documents and Settings\Piet\Cookies\piet@hitbox[1].txt -> TrackingCookie.Hitbox : Cleaned. F:\WINDOWS\Cookies\anyuser@ehg-dig.hitbox[3].txt -> TrackingCookie.Hitbox : Cleaned. F:\WINDOWS\Cookies\anyuser@hg1.hitbox[2].txt -> TrackingCookie.Hitbox : Cleaned. F:\WINDOWS\Cookies\anyuser@hg1.hitbox[3].txt -> TrackingCookie.Hitbox : Cleaned. F:\WINDOWS\Cookies\anyuser@phg.hitbox[1].txt -> TrackingCookie.Hitbox : Cleaned. F:\WINDOWS\Cookies\anyuser@phg.hitbox[4].txt -> TrackingCookie.Hitbox : Cleaned. F:\WINDOWS\Cookies\schenderling@hg1.hitbox[1].txt -> TrackingCookie.Hitbox : Cleaned. F:\WINDOWS\Cookies\schenderling@ads06.hyperbanner[2].txt -> TrackingCookie.Hyperbanner : Cleaned. C:\Documents and Settings\Piet\Cookies\piet@hypertracker[1].txt -> TrackingCookie.Hypertracker : Cleaned. F:\WINDOWS\Cookies\anyuser@hypertracker[1].txt -> TrackingCookie.Hypertracker : Cleaned. F:\WINDOWS\Cookies\anyuser@hypertracker[2].txt -> TrackingCookie.Hypertracker : Cleaned. C:\Documents and Settings\Elize\Cookies\elize@idot[1].txt -> TrackingCookie.Idot : Cleaned. C:\Documents and Settings\Piet\Cookies\piet@idot[1].txt -> TrackingCookie.Idot : Cleaned. F:\WINDOWS\Cookies\anyuser@idot[1].txt -> TrackingCookie.Idot : Cleaned. F:\WINDOWS\Cookies\schenderling@idot[1].txt -> TrackingCookie.Idot : Cleaned. C:\Documents and Settings\Elize\Cookies\elize@searchportal.information[2].txt -> TrackingCookie.Information : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@searchportal.information[1].txt -> TrackingCookie.Information : Cleaned. C:\Documents and Settings\Piet\Cookies\piet@searchportal.information[1].txt -> TrackingCookie.Information : Cleaned. C:\Documents and Settings\Elize\Cookies\elize@intelli-direct[1].txt -> TrackingCookie.Intelli-direct : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@intelli-direct[1].txt -> TrackingCookie.Intelli-direct : Cleaned. C:\Documents and Settings\Piet\Cookies\piet@intelli-direct[1].txt -> TrackingCookie.Intelli-direct : Cleaned. F:\WINDOWS\Cookies\anyuser@intelli-direct[1].txt -> TrackingCookie.Intelli-direct : Cleaned. F:\WINDOWS\Cookies\anyuser@ilead.itrack[2].txt -> TrackingCookie.Itrack : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@ivwbox[2].txt -> TrackingCookie.Ivwbox : Cleaned. C:\Documents and Settings\Piet\Cookies\piet@ivwbox[1].txt -> TrackingCookie.Ivwbox : Cleaned. C:\Documents and Settings\Piet\Cookies\piet@kmpads[2].txt -> TrackingCookie.Kmpads : Cleaned. C:\Documents and Settings\Piet\Cookies\piet@komtrack[2].txt -> TrackingCookie.Komtrack : Cleaned. C:\Documents and Settings\Piet\Cookies\piet@linkbuddies[1].txt -> TrackingCookie.Linkbuddies : Cleaned. C:\Documents and Settings\Piet\Cookies\piet@search.live[1].txt -> TrackingCookie.Live : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@sales.liveperson[2].txt -> TrackingCookie.Liveperson : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@server.iad.liveperson[1].txt -> TrackingCookie.Liveperson : Cleaned. C:\Documents and Settings\Piet\Cookies\piet@server.iad.liveperson[2].txt -> TrackingCookie.Liveperson : Cleaned. C:\Documents and Settings\Piet\Cookies\piet@ads.lop[2].txt -> TrackingCookie.Lop : Cleaned. C:\Documents and Settings\Elize\Cookies\elize@image.masterstats[1].txt -> TrackingCookie.Masterstats : Cleaned. C:\Documents and Settings\Piet\Cookies\piet@image.masterstats[1].txt -> TrackingCookie.Masterstats : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@mediaplex[2].txt -> TrackingCookie.Mediaplex : Cleaned. C:\Documents and Settings\Piet\Cookies\piet@mediaplex[1].txt -> TrackingCookie.Mediaplex : Cleaned. C:\Documents and Settings\Elize\Cookies\elize@search.msn[1].txt -> TrackingCookie.Msn : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@ie.search.msn[1].txt -> TrackingCookie.Msn : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@search.msn[2].txt -> TrackingCookie.Msn : Cleaned. C:\Documents and Settings\Piet\Cookies\piet@ie.search.msn[1].txt -> TrackingCookie.Msn : Cleaned. C:\Documents and Settings\Piet\Cookies\piet@search.msn[3].txt -> TrackingCookie.Msn : Cleaned. F:\WINDOWS\Cookies\anyuser@search.msn[3].txt -> TrackingCookie.Msn : Cleaned. C:\Documents and Settings\Elize\Cookies\elize@www.myaffiliateprogram[1].txt -> TrackingCookie.Myaffiliateprogram : Cleaned. F:\WINDOWS\Cookies\anyuser@www.myaffiliateprogram[2].txt -> TrackingCookie.Myaffiliateprogram : Cleaned. F:\WINDOWS\Cookies\anyuser@www.myaffiliateprogram[3].txt -> TrackingCookie.Myaffiliateprogram : Cleaned. F:\WINDOWS\Cookies\anyuser@www.myaffiliateprogram[4].txt -> TrackingCookie.Myaffiliateprogram : Cleaned. F:\WINDOWS\Cookies\schenderling@www.myaffiliateprogram[2].txt -> TrackingCookie.Myaffiliateprogram : Cleaned. C:\Documents and Settings\Piet\Cookies\piet@navrcholu[2].txt -> TrackingCookie.Navrcholu : Cleaned. F:\WINDOWS\Cookies\anyuser@navrcholu[1].txt -> TrackingCookie.Navrcholu : Cleaned. F:\WINDOWS\Cookies\anyuser@navrcholu[2].txt -> TrackingCookie.Navrcholu : Cleaned. F:\WINDOWS\Cookies\schenderling@navrcholu[2].txt -> TrackingCookie.Navrcholu : Cleaned. C:\Documents and Settings\Elize\Cookies\elize@ssl-hints.netflame[2].txt -> TrackingCookie.Netflame : Cleaned. C:\Documents and Settings\Piet\Cookies\piet@ssl-hints.netflame[2].txt -> TrackingCookie.Netflame : Cleaned. C:\Documents and Settings\Piet\Cookies\piet@oewabox[2].txt -> TrackingCookie.Oewabox : Cleaned. C:\Documents and Settings\Piet\Cookies\piet@orf.oewabox[1].txt -> TrackingCookie.Oewabox : Cleaned. C:\Documents and Settings\Piet\Cookies\piet@sportat.oewabox[1].txt -> TrackingCookie.Oewabox : Cleaned. C:\Documents and Settings\Piet\Cookies\piet@tiscover.oewabox[1].txt -> TrackingCookie.Oewabox : Cleaned. F:\WINDOWS\Cookies\anyuser@austria.oewabox[1].txt -> TrackingCookie.Oewabox : Cleaned. F:\WINDOWS\Cookies\anyuser@austria.oewabox[2].txt -> TrackingCookie.Oewabox : Cleaned. F:\WINDOWS\Cookies\anyuser@tiscover.oewabox[1].txt -> TrackingCookie.Oewabox : Cleaned. F:\WINDOWS\Cookies\anyuser@tiscover.oewabox[2].txt -> TrackingCookie.Oewabox : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@stat.onestat[1].txt -> TrackingCookie.Onestat : Cleaned. C:\Documents and Settings\Piet\Cookies\piet@stat.onestat[2].txt -> TrackingCookie.Onestat : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@overture[1].txt -> TrackingCookie.Overture : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@perf.overture[1].txt -> TrackingCookie.Overture : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@rc23.overture[2].txt -> TrackingCookie.Overture : Cleaned. C:\Documents and Settings\Piet\Cookies\piet@overture[1].txt -> TrackingCookie.Overture : Cleaned. C:\Documents and Settings\Piet\Cookies\piet@perf.overture[1].txt -> TrackingCookie.Overture : Cleaned. F:\WINDOWS\Cookies\anyuser@oxcash[2].txt -> TrackingCookie.Oxcash : Cleaned. F:\WINDOWS\Cookies\anyuser@oxcash[3].txt -> TrackingCookie.Oxcash : Cleaned. F:\WINDOWS\Cookies\schenderling@oxcash[2].txt -> TrackingCookie.Oxcash : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@www.paypal[1].txt -> TrackingCookie.Paypal : Cleaned. C:\Documents and Settings\Piet\Cookies\piet@www.paypal[2].txt -> TrackingCookie.Paypal : Cleaned. F:\WINDOWS\Cookies\anyuser@www.paypal[1].txt -> TrackingCookie.Paypal : Cleaned. F:\WINDOWS\Cookies\anyuser@www.paypal[2].txt -> TrackingCookie.Paypal : Cleaned. F:\WINDOWS\Cookies\schenderling@www.paypal[1].txt -> TrackingCookie.Paypal : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@ads.planetactive[1].txt -> TrackingCookie.Planetactive : Cleaned. C:\Documents and Settings\Piet\Cookies\piet@ads.planetactive[1].txt -> TrackingCookie.Planetactive : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@ads.pointroll[1].txt -> TrackingCookie.Pointroll : Cleaned. C:\Documents and Settings\Piet\Cookies\piet@ads.pointroll[2].txt -> TrackingCookie.Pointroll : Cleaned. F:\WINDOWS\Cookies\anyuser@www.popuptraffic[2].txt -> TrackingCookie.Popuptraffic : Cleaned. F:\WINDOWS\Cookies\schenderling@www.popuptraffic[2].txt -> TrackingCookie.Popuptraffic : Cleaned. C:\Documents and Settings\Piet\Cookies\piet@pro-market[2].txt -> TrackingCookie.Pro-market : Cleaned. C:\Documents and Settings\Piet\Cookies\piet@ads-205.quarterserver[2].txt -> TrackingCookie.Quarterserver : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@questionmarket[1].txt -> TrackingCookie.Questionmarket : Cleaned. C:\Documents and Settings\Piet\Cookies\piet@questionmarket[1].txt -> TrackingCookie.Questionmarket : Cleaned. C:\Documents and Settings\Piet\Cookies\piet@realguide.real[2].txt -> TrackingCookie.Real : Cleaned. C:\Documents and Settings\Piet\Cookies\piet@www.real[1].txt -> TrackingCookie.Real : Cleaned. F:\WINDOWS\Cookies\anyuser@realguide.real[2].txt -> TrackingCookie.Real : Cleaned. F:\WINDOWS\Cookies\anyuser@realguide.real[3].txt -> TrackingCookie.Real : Cleaned. F:\WINDOWS\Cookies\anyuser@www.real[1].txt -> TrackingCookie.Real : Cleaned. F:\WINDOWS\Cookies\schenderling@realguide.real[1].txt -> TrackingCookie.Real : Cleaned. F:\WINDOWS\Cookies\schenderling@www.real[2].txt -> TrackingCookie.Real : Cleaned. C:\Documents and Settings\Piet\Cookies\piet@ads.realcastmedia[1].txt -> TrackingCookie.Realcastmedia : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@realmedia[2].txt -> TrackingCookie.Realmedia : Cleaned. C:\Documents and Settings\Piet\Cookies\piet@network.realmedia[1].txt -> TrackingCookie.Realmedia : Cleaned. C:\Documents and Settings\Piet\Cookies\piet@realmedia[2].txt -> TrackingCookie.Realmedia : Cleaned. C:\Documents and Settings\Piet\Cookies\piet@talkcity.realtracker[1].txt -> TrackingCookie.Realtracker : Cleaned. C:\Documents and Settings\Piet\Cookies\piet@web4.realtracker[1].txt -> TrackingCookie.Realtracker : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@stats1.reliablestats[2].txt -> TrackingCookie.Reliablestats : Cleaned. C:\Documents and Settings\Piet\Cookies\piet@stats1.reliablestats[1].txt -> TrackingCookie.Reliablestats : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@revenue[2].txt -> TrackingCookie.Revenue : Cleaned. C:\Documents and Settings\Piet\Cookies\piet@revenue[2].txt -> TrackingCookie.Revenue : Cleaned. C:\Documents and Settings\ Quote Link naar reactie
0 anoniem Geplaatst: 23 september 2007 Auteur Delen Geplaatst: 23 september 2007 Vervolg Ellen\Cookies\ellen@revsci[2].txt -> TrackingCookie.Revsci : Cleaned. C:\Documents and Settings\Piet\Cookies\piet@revsci[1].txt -> TrackingCookie.Revsci : Cleaned. C:\Documents and Settings\Piet\Cookies\piet@edge.ru4[2].txt -> TrackingCookie.Ru4 : Cleaned. C:\Documents and Settings\Elize\Cookies\elize@serving-sys[1].txt -> TrackingCookie.Serving-sys : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@bs.serving-sys[2].txt -> TrackingCookie.Serving-sys : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@serving-sys[2].txt -> TrackingCookie.Serving-sys : Cleaned. C:\Documents and Settings\Piet\Cookies\piet@bs.serving-sys[2].txt -> TrackingCookie.Serving-sys : Cleaned. C:\Documents and Settings\Piet\Cookies\piet@serving-sys[2].txt -> TrackingCookie.Serving-sys : Cleaned. C:\Documents and Settings\Piet\Cookies\piet@counter13.sextracker[1].txt -> TrackingCookie.Sextracker : Cleaned. C:\Documents and Settings\Piet\Cookies\piet@sextracker[1].txt -> TrackingCookie.Sextracker : Cleaned. C:\Documents and Settings\Elize\Cookies\elize@www.sidefind[1].txt -> TrackingCookie.Sidefind : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@news.skype[1].txt -> TrackingCookie.Skype : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@smartadserver[2].txt -> TrackingCookie.Smartadserver : Cleaned. C:\Documents and Settings\Piet\Cookies\piet@smartadserver[1].txt -> TrackingCookie.Smartadserver : Cleaned. C:\Documents and Settings\Piet\Cookies\piet@www.smartadserver[1].txt -> TrackingCookie.Smartadserver : Cleaned. C:\Documents and Settings\Piet\Cookies\piet@spylog[1].txt -> TrackingCookie.Spylog : Cleaned. C:\Documents and Settings\Piet\Cookies\piet@starware[2].txt -> TrackingCookie.Starware : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@statcounter[2].txt -> TrackingCookie.Statcounter : Cleaned. C:\Documents and Settings\Piet\Cookies\piet@statcounter[1].txt -> TrackingCookie.Statcounter : Cleaned. C:\Documents and Settings\Piet\Cookies\piet@statistik-gallup[1].txt -> TrackingCookie.Statistik-gallup : Cleaned. C:\Documents and Settings\Elize\Cookies\elize@tacoda[2].txt -> TrackingCookie.Tacoda : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@tacoda[1].txt -> TrackingCookie.Tacoda : Cleaned. C:\Documents and Settings\Piet\Cookies\piet@anad.tacoda[2].txt -> TrackingCookie.Tacoda : Cleaned. C:\Documents and Settings\Piet\Cookies\piet@tacoda[2].txt -> TrackingCookie.Tacoda : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@tfag[2].txt -> TrackingCookie.Tfag : Cleaned. C:\Documents and Settings\Piet\Cookies\piet@tfag[2].txt -> TrackingCookie.Tfag : Cleaned. C:\Documents and Settings\Piet\Cookies\piet@a.total-media[2].txt -> TrackingCookie.Total-media : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@tradedoubler[2].txt -> TrackingCookie.Tradedoubler : Cleaned. C:\Documents and Settings\Piet\Cookies\piet@tradedoubler[1].txt -> TrackingCookie.Tradedoubler : Cleaned. C:\Documents and Settings\Piet\Cookies\piet@trafficmp[1].txt -> TrackingCookie.Trafficmp : Cleaned. F:\WINDOWS\Cookies\anyuser@ads.trafficvenue[1].txt -> TrackingCookie.Trafficvenue : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@tribalfusion[2].txt -> TrackingCookie.Tribalfusion : Cleaned. C:\Documents and Settings\Piet\Cookies\piet@tribalfusion[2].txt -> TrackingCookie.Tribalfusion : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@web-stat[2].txt -> TrackingCookie.Web-stat : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@webstat[1].txt -> TrackingCookie.Web-stat : Cleaned. C:\Documents and Settings\Piet\Cookies\piet@www.web-stat[1].txt -> TrackingCookie.Web-stat : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@weborama[2].txt -> TrackingCookie.Weborama : Cleaned. C:\Documents and Settings\Piet\Cookies\piet@weborama[1].txt -> TrackingCookie.Weborama : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@m.webtrends[2].txt -> TrackingCookie.Webtrends : Cleaned. C:\Documents and Settings\Piet\Cookies\piet@m.webtrends[2].txt -> TrackingCookie.Webtrends : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@statse.webtrendslive[1].txt -> TrackingCookie.Webtrendslive : Cleaned. C:\Documents and Settings\Piet\Cookies\piet@statse.webtrendslive[1].txt -> TrackingCookie.Webtrendslive : Cleaned. C:\Documents and Settings\Elize\Cookies\elize@yadro[2].txt -> TrackingCookie.Yadro : Cleaned. C:\Documents and Settings\Piet\Cookies\piet@yadro[2].txt -> TrackingCookie.Yadro : Cleaned. F:\WINDOWS\Cookies\anyuser@yadro[2].txt -> TrackingCookie.Yadro : Cleaned. F:\WINDOWS\Cookies\anyuser@yadro[3].txt -> TrackingCookie.Yadro : Cleaned. F:\WINDOWS\Cookies\schenderling@yadro[2].txt -> TrackingCookie.Yadro : Cleaned. C:\Documents and Settings\Elize\Cookies\elize@ad.yieldmanager[2].txt -> TrackingCookie.Yieldmanager : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@ad.yieldmanager[1].txt -> TrackingCookie.Yieldmanager : Cleaned. C:\Documents and Settings\Piet\Cookies\piet@ad.yieldmanager[2].txt -> TrackingCookie.Yieldmanager : Cleaned. C:\Documents and Settings\Elize\Cookies\elize@www.ysbweb[2].txt -> TrackingCookie.Ysbweb : Cleaned. C:\Documents and Settings\Piet\Cookies\piet@www.ysbweb[1].txt -> TrackingCookie.Ysbweb : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@zedo[1].txt -> TrackingCookie.Zedo : Cleaned. C:\Documents and Settings\Piet\Cookies\piet@zedo[1].txt -> TrackingCookie.Zedo : Cleaned. F:\Mijn documenten\Mijn ontvangen bestanden\kisses(1).exe -> Trojan.Delf.tm : Cleaned. C:\Documents and Settings\Piet\Piet\Cylonix_18_Channel_Vocoder_2[1].0.zip/patch.exe -> Trojan.Proxcrak.A : Cleaned. C:\Documents and Settings\Piet\Piet\cylonix\patch.exe -> Trojan.Proxcrak.A : Cleaned. ::Report end Quote Link naar reactie
0 anoniem Geplaatst: 23 september 2007 Auteur Delen Geplaatst: 23 september 2007 Hmm meerdere gebruikers zie ik. verwijder deze map C:\[b:a68ef81ef0]QooBox[/b:a68ef81ef0] Mag ik van [b:a68ef81ef0]elke[/b:a68ef81ef0] account een Hijackthis logje zien aub Piet Ellen anyuser Elize Quote Link naar reactie
0 anoniem Geplaatst: 23 september 2007 Auteur Delen Geplaatst: 23 september 2007 Anyuser kan ik niet vinden [b:1757da6e60]HijackthisPiet[/b:1757da6e60] Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 20:40:53, on 23-9-2007 Platform: Windows XP (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 (6.00.2600.0000) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe C:\WINDOWS\System32\CTsvcCDA.EXE C:\WINDOWS\System32\inetsrv\inetinfo.exe C:\WINDOWS\system32\drivers\KodakCCS.exe C:\Program Files\Norton AntiVirus\navapsvc.exe C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe C:\WINDOWS\System32\nvsvc32.exe C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe C:\WINDOWS\System32\ScsiAccess.EXE C:\WINDOWS\System32\tcpsvcs.exe C:\WINDOWS\System32\snmp.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe C:\WINDOWS\System32\MsPMSPSv.exe C:\Program Files\Linksys Wireless-B Media Adapter\bin\XWPCApplicationLoaderService.exe C:\Program Files\Linksys Wireless-B Media Adapter\bin\XWPCHostService.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\System32\CTHELPER.EXE C:\Program Files\HighCriteria\TotalRecorder\TotRecSched.exe C:\Program Files\Logitech\iTouch\iTouch.exe C:\Program Files\Common Files\Real\Update_OB\realsched.exe C:\Program Files\QuickTime\qttask.exe C:\Program Files\Logitech\MouseWare\system\em_exec.exe C:\WINDOWS\System32\LVCOMSX.EXE C:\Program Files\Logitech\Video\LogiTray.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Logitech\Video\FxSvr2.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe C:\Program Files\Common Files\Symantec Shared\ccApp.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe C:\WINDOWS\System32\ctfmon.exe C:\Program Files\Creative\TaskBar\CTLTray.exe C:\Program Files\Creative\TaskBar\CTLTask.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\Linksys Wireless-B Media Adapter\bin\XWPCLauncher.exe C:\Documents and Settings\Piet\Application Data\SopCast\adv\SopAdver.exe C:\WINDOWS\system32\winlogon.exe C:\Program Files\MSN Messenger\usnsvc.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\backWeb-7288971.exe C:\WINDOWS\System32\wuauclt.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.nl/ R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost O2 - BHO: Adobe PDF Reader Help bij koppelingen - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll O4 - HKLM\..\Run: [CTStartup] C:\Program Files\Creative\SBAudigy\Program\CTEaxSpl.EXE /run O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [TotalRecorderScheduler] "C:\Program Files\HighCriteria\TotalRecorder\TotRecSched.exe" O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [zBrowser Launcher] C:\Program Files\Logitech\iTouch\iTouch.exe O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\System32\LVCOMSX.EXE O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\System32\NeroCheck.exe O4 - HKLM\..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe" O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [SSC_UserPrompt] C:\Program Files\Common Files\Symantec Shared\Security Center\UsrPrmpt.exe O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe O4 - HKCU\..\Run: [NOMAD Detector] "C:\Program Files\Creative\SBAudigy\PlayCenter2\CTNMRun.exe" O4 - HKCU\..\Run: [TaskTray] "C:\Program Files\Creative\TaskBar\CTLTray.exe" O4 - HKCU\..\Run: [TaskBar] "C:\Program Files\Creative\TaskBar\CTLTask.exe" O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Lokale service') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Netwerkservice') O4 - HKUS\S-1-5-21-583907252-706699826-682003330-1005\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe (User 'Elize') O4 - HKUS\S-1-5-21-583907252-706699826-682003330-1005\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background (User 'Elize') O4 - HKUS\S-1-5-21-583907252-706699826-682003330-1006\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe (User 'Ellen') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe (User 'Default user') O4 - S-1-5-21-583907252-706699826-682003330-1005 Startup: AdDestroyer.lnk = C:\Program Files\AdDestroyer\AdDestroyer.exe (User 'Elize') O4 - S-1-5-21-583907252-706699826-682003330-1005 User Startup: AdDestroyer.lnk = C:\Program Files\AdDestroyer\AdDestroyer.exe (User 'Elize') O4 - Global Startup: Adapter Utility.lnk = ? O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: Kodak EasyShare software.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe O4 - Global Startup: KODAK Software Updater.lnk = C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\backWeb-7288971.exe O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office2\Office\OSA9.EXE O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe O9 - Extra button: ShopperReports - Compare product prices - {946B3E9E-E21A-49c8-9F63-900533FAFE15} - C:\WINDOWS\System32\shdocvw.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll O16 - DPF: {003FADA5-8FEE-11D6-AFB7-0004768F6183} (CryptoRSA Control) - https://www.p3.postbank.nl/sesam/CAX.cab O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} (Creative Software AutoUpdate) - http://www.creative.com/SU/ocx/12119/CTSUEng.cab O16 - DPF: {11260943-421B-11D0-8EAC-0000C07D88CF} (iPIX ActiveX Control) - http://www.ipix.com/viewers/ipixx.cab O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab O16 - DPF: {2CA0FF2C-0CE1-4382-A0C4-B2782965CCC2} (G-Vista ActiveX) - http://www.zugmap.ch/richtplan3d/pages/plugin/gvista30161.cab O16 - DPF: {31B7EB4E-8B4B-11D1-A789-00A0CC6651A8} (Cult3D ActiveX Player) - http://www.cult3d.com/download/cult.cab O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} (FilePlanet Download Control Class) - http://www.fileplanet.com/fpdlmgr/cabs/FPDC_1_0_0_44.cab O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://spaces.msn.com/PhotoUpload/MsnPUpld.cab?10,0,911,0 O16 - DPF: {62789780-B744-11D0-986B-00609731A21D} (Autodesk MapGuide ActiveX Control) - http://pub.plan.at/mgaxctrlde.cab O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} (CamImage Class) - http://activex.webcam.nl/AxisCamControl.cab O16 - DPF: {AE4CEC9D-C836-4579-829B-4C345101B3B9} (GVista Terrain Renderer) - http://www.dilas.ch/plugin/gvista/gvista2709.cab O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmessengersetupdownloader.cab O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab31267.cab O16 - DPF: {E55FD215-A32E-43FE-A777-A7E8F165F551} (Flatcast Viewer 4.15) - http://www.flatcast.com/de/download/NpFv415.dll O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://www.creative.com/SU/ocx/15008/CTPID.cab O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{19BF5DB9-1774-415A-9F9E-CBAD99D3FB20}: NameServer = 62.108.1.67,212.142.26.68 O17 - HKLM\System\CS1\Services\Tcpip\..\{19BF5DB9-1774-415A-9F9E-CBAD99D3FB20}: NameServer = 62.108.1.67,212.142.26.68 O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe O23 - Service: Symantec Event Manager (ccEvtMgr) - Unknown owner - - (file missing) O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.EXE O23 - Service: Routing Protect Access (DATEING) - Unknown owner - C:\WINDOWS\SYSTEM32\RUNDLLFROMWIN2000.EXE (file missing) O23 - Service: iPod-service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Kodak Camera Connection Software (KodakCCS) - Eastman Kodak Company - C:\WINDOWS\system32\drivers\KodakCCS.exe O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE O23 - Service: Norton AntiVirus Auto-Protect-service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe O23 - Service: Planner voor Automatische LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - C:\Program Files\WinPcap\rpcapd.exe O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe O23 - Service: ScsiAccess - Unknown owner - C:\WINDOWS\System32\ScsiAccess.EXE O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe O23 - Service: Digital Media Adapter Application Loader Service (XWPCApplicationLoaderService) - Linksys Corporation - C:\Program Files\Linksys Wireless-B Media Adapter\bin\XWPCApplicationLoaderService.exe O23 - Service: Digital Media Adapter Host Service (XWPCHostService) - Linksys Corporation - C:\Program Files\Linksys Wireless-B Media Adapter\bin\XWPCHostService.exe -- End of file - 13610 bytes [b:1757da6e60]HijackthisEllen[/b:1757da6e60] Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 20:31:50, on 23-9-2007 Platform: Windows XP (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 (6.00.2600.0000) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe C:\WINDOWS\System32\CTsvcCDA.EXE C:\WINDOWS\System32\inetsrv\inetinfo.exe C:\WINDOWS\system32\drivers\KodakCCS.exe C:\Program Files\Norton AntiVirus\navapsvc.exe C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe C:\WINDOWS\System32\nvsvc32.exe C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe C:\WINDOWS\System32\ScsiAccess.EXE C:\WINDOWS\System32\tcpsvcs.exe C:\WINDOWS\System32\snmp.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe C:\WINDOWS\System32\MsPMSPSv.exe C:\Program Files\Linksys Wireless-B Media Adapter\bin\XWPCApplicationLoaderService.exe C:\Program Files\Linksys Wireless-B Media Adapter\bin\XWPCHostService.exe C:\Program Files\iPod\bin\iPodService.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\System32\CTHELPER.EXE C:\Program Files\HighCriteria\TotalRecorder\TotRecSched.exe C:\Program Files\Logitech\iTouch\iTouch.exe C:\Program Files\Logitech\MouseWare\system\em_exec.exe C:\Program Files\QuickTime\qttask.exe C:\WINDOWS\System32\LVCOMSX.EXE C:\Program Files\Logitech\Video\LogiTray.exe C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe C:\Program Files\Common Files\Symantec Shared\ccApp.exe C:\Program Files\Logitech\Video\FxSvr2.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe C:\WINDOWS\System32\ctfmon.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\Linksys Wireless-B Media Adapter\bin\XWPCLauncher.exe C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe C:\Program Files\MSN Messenger\msnmsgr.exe C:\Program Files\MSN Messenger\usnsvc.exe C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\backWeb-7288971.exe C:\WINDOWS\System32\wuauclt.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.nl/0SENLNL/SAOS01?FORM=TOOLBR R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://g.msn.nl/0SENLNL/SAOS01?FORM=TOOLBR R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.nl/0SENLNL/SAOS01?FORM=TOOLBR R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen R3 - URLSearchHook: (no name) - _{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file) R3 - URLSearchHook: (no name) - {00A6FAF6-072E-44cf-8957-5838F569A31D} - (no file) O2 - BHO: Adobe PDF Reader Help bij koppelingen - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll O4 - HKLM\..\Run: [CTStartup] C:\Program Files\Creative\SBAudigy\Program\CTEaxSpl.EXE /run O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [TotalRecorderScheduler] "C:\Program Files\HighCriteria\TotalRecorder\TotRecSched.exe" O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [zBrowser Launcher] C:\Program Files\Logitech\iTouch\iTouch.exe O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\System32\LVCOMSX.EXE O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\System32\NeroCheck.exe O4 - HKLM\..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe" O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [SSC_UserPrompt] C:\Program Files\Common Files\Symantec Shared\Security Center\UsrPrmpt.exe O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\3.bin\mwsoemon.exe O4 - HKCU\..\Run: [SweetIM] C:\Program Files\Macrogaming\SweetIM\SweetIM.exe O4 - HKCU\..\Run: [AdobeUpdater] C:\Program Files\Common Files\Adobe\Updater5\AdobeUpdater.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Lokale service') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Netwerkservice') O4 - HKUS\S-1-5-21-583907252-706699826-682003330-1003\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe (User 'Piet') O4 - HKUS\S-1-5-21-583907252-706699826-682003330-1003\..\Run: [TaskBar] "C:\Program Files\Creative\TaskBar\CTLTask.exe" (User 'Piet') O4 - HKUS\S-1-5-21-583907252-706699826-682003330-1003\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot (User 'Piet') O4 - HKUS\S-1-5-21-583907252-706699826-682003330-1003\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background (User 'Piet') O4 - HKUS\S-1-5-21-583907252-706699826-682003330-1003\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background (User 'Piet') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe (User 'Default user') O4 - Global Startup: Adapter Utility.lnk = ? O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: Kodak EasyShare software.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe O4 - Global Startup: KODAK Software Updater.lnk = C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\backWeb-7288971.exe O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office2\Office\OSA9.EXE O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbaredits/menusearch.jhtml?p=ZNxmk846YYNL O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe O9 - Extra button: ShopperReports - Compare product prices - {946B3E9E-E21A-49c8-9F63-900533FAFE15} - C:\WINDOWS\System32\shdocvw.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll O16 - DPF: {003FADA5-8FEE-11D6-AFB7-0004768F6183} (CryptoRSA Control) - https://www.p3.postbank.nl/sesam/CAX.cab O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} (Creative Software AutoUpdate) - http://www.creative.com/SU/ocx/12119/CTSUEng.cab O16 - DPF: {11260943-421B-11D0-8EAC-0000C07D88CF} (iPIX ActiveX Control) - http://www.ipix.com/viewers/ipixx.cab O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab O16 - DPF: {2CA0FF2C-0CE1-4382-A0C4-B2782965CCC2} (G-Vista ActiveX) - http://www.zugmap.ch/richtplan3d/pages/plugin/gvista30161.cab O16 - DPF: {31B7EB4E-8B4B-11D1-A789-00A0CC6651A8} (Cult3D ActiveX Player) - http://www.cult3d.com/download/cult.cab O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} (FilePlanet Download Control Class) - http://www.fileplanet.com/fpdlmgr/cabs/FPDC_1_0_0_44.cab O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://spaces.msn.com/PhotoUpload/MsnPUpld.cab?10,0,911,0 O16 - DPF: {62789780-B744-11D0-986B-00609731A21D} (Autodesk MapGuide ActiveX Control) - http://pub.plan.at/mgaxctrlde.cab O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} (CamImage Class) - http://activex.webcam.nl/AxisCamControl.cab O16 - DPF: {AE4CEC9D-C836-4579-829B-4C345101B3B9} (GVista Terrain Renderer) - http://www.dilas.ch/plugin/gvista/gvista2709.cab O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmessengersetupdownloader.cab O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab31267.cab O16 - DPF: {E55FD215-A32E-43FE-A777-A7E8F165F551} (Flatcast Viewer 4.15) - http://www.flatcast.com/de/download/NpFv415.dll O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://www.creative.com/SU/ocx/15008/CTPID.cab O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{19BF5DB9-1774-415A-9F9E-CBAD99D3FB20}: NameServer = 62.108.1.67,212.142.26.68 O17 - HKLM\System\CS1\Services\Tcpip\..\{19BF5DB9-1774-415A-9F9E-CBAD99D3FB20}: NameServer = 62.108.1.67,212.142.26.68 O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe O23 - Service: Symantec Event Manager (ccEvtMgr) - Unknown owner - - (file missing) O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.EXE O23 - Service: Routing Protect Access (DATEING) - Unknown owner - C:\WINDOWS\SYSTEM32\RUNDLLFROMWIN2000.EXE (file missing) O23 - Service: iPod-service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Kodak Camera Connection Software (KodakCCS) - Eastman Kodak Company - C:\WINDOWS\system32\drivers\KodakCCS.exe O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE O23 - Service: Norton AntiVirus Auto-Protect-service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe O23 - Service: Planner voor Automatische LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - C:\Program Files\WinPcap\rpcapd.exe O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe O23 - Service: ScsiAccess - Unknown owner - C:\WINDOWS\System32\ScsiAccess.EXE O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe O23 - Service: Digital Media Adapter Application Loader Service (XWPCApplicationLoaderService) - Linksys Corporation - C:\Program Files\Linksys Wireless-B Media Adapter\bin\XWPCApplicationLoaderService.exe O23 - Service: Digital Media Adapter Host Service (XWPCHostService) - Linksys Corporation - C:\Program Files\Linksys Wireless-B Media Adapter\bin\XWPCHostService.exe -- End of file - 13876 bytes [b:1757da6e60]HijackthisElize[/b:1757da6e60] Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 20:38:34, on 23-9-2007 Platform: Windows XP (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 (6.00.2600.0000) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe C:\WINDOWS\System32\CTsvcCDA.EXE C:\WINDOWS\System32\inetsrv\inetinfo.exe C:\WINDOWS\system32\drivers\KodakCCS.exe C:\Program Files\Norton AntiVirus\navapsvc.exe C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe C:\WINDOWS\System32\nvsvc32.exe C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe C:\WINDOWS\System32\ScsiAccess.EXE C:\WINDOWS\System32\tcpsvcs.exe C:\WINDOWS\System32\snmp.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe C:\WINDOWS\System32\MsPMSPSv.exe C:\Program Files\Linksys Wireless-B Media Adapter\bin\XWPCApplicationLoaderService.exe C:\Program Files\Linksys Wireless-B Media Adapter\bin\XWPCHostService.exe C:\Program Files\iPod\bin\iPodService.exe C:\WINDOWS\system32\winlogon.exe C:\Program Files\MSN Messenger\usnsvc.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\System32\CTHELPER.EXE C:\Program Files\HighCriteria\TotalRecorder\TotRecSched.exe C:\WINDOWS\System32\RUNDLL32.EXE C:\Program Files\Logitech\iTouch\iTouch.exe C:\WINDOWS\System32\wuauclt.exe C:\Program Files\Logitech\MouseWare\system\em_exec.exe C:\Program Files\QuickTime\qttask.exe C:\WINDOWS\System32\LVCOMSX.EXE C:\Program Files\Logitech\Video\LogiTray.exe C:\Program Files\Logitech\Video\FxSvr2.exe C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe C:\Program Files\Common Files\Symantec Shared\ccApp.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe C:\WINDOWS\System32\ctfmon.exe C:\Program Files\MSN Messenger\msnmsgr.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\Linksys Wireless-B Media Adapter\bin\XWPCLauncher.exe C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\backWeb-7288971.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.nl/ R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak = http://www.google.nl/ R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen R3 - URLSearchHook: (no name) - _{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file) R3 - URLSearchHook: (no name) - {00A6FAF6-072E-44cf-8957-5838F569A31D} - (no file) O2 - BHO: Adobe PDF Reader Help bij koppelingen - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll O4 - HKLM\..\Run: [CTStartup] C:\Program Files\Creative\SBAudigy\Program\CTEaxSpl.EXE /run O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [TotalRecorderScheduler] "C:\Program Files\HighCriteria\TotalRecorder\TotRecSched.exe" O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [zBrowser Launcher] C:\Program Files\Logitech\iTouch\iTouch.exe O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\System32\LVCOMSX.EXE O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\System32\NeroCheck.exe O4 - HKLM\..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe" O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [SSC_UserPrompt] C:\Program Files\Common Files\Symantec Shared\Security Center\UsrPrmpt.exe O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\Messenger Plus! 3\MsgPlus.exe" /WinStart O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Lokale service') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Netwerkservice') O4 - HKUS\S-1-5-21-583907252-706699826-682003330-1003\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe (User 'Piet') O4 - HKUS\S-1-5-21-583907252-706699826-682003330-1003\..\Run: [TaskBar] "C:\Program Files\Creative\TaskBar\CTLTask.exe" (User 'Piet') O4 - HKUS\S-1-5-21-583907252-706699826-682003330-1003\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot (User 'Piet') O4 - HKUS\S-1-5-21-583907252-706699826-682003330-1003\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background (User 'Piet') O4 - HKUS\S-1-5-21-583907252-706699826-682003330-1003\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background (User 'Piet') O4 - HKUS\S-1-5-21-583907252-706699826-682003330-1006\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe (User 'Ellen') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe (User 'Default user') O4 - Startup: AdDestroyer.lnk = C:\Program Files\AdDestroyer\AdDestroyer.exe O4 - Global Startup: Adapter Utility.lnk = ? O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: Kodak EasyShare software.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe O4 - Global Startup: KODAK Software Updater.lnk = C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\backWeb-7288971.exe O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office2\Office\OSA9.EXE O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe O9 - Extra button: ShopperReports - Compare product prices - {946B3E9E-E21A-49c8-9F63-900533FAFE15} - C:\WINDOWS\System32\shdocvw.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll O16 - DPF: {003FADA5-8FEE-11D6-AFB7-0004768F6183} (CryptoRSA Control) - https://www.p3.postbank.nl/sesam/CAX.cab O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} (Creative Software AutoUpdate) - http://www.creative.com/SU/ocx/12119/CTSUEng.cab O16 - DPF: {11260943-421B-11D0-8EAC-0000C07D88CF} (iPIX ActiveX Control) - http://www.ipix.com/viewers/ipixx.cab O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab O16 - DPF: {2CA0FF2C-0CE1-4382-A0C4-B2782965CCC2} (G-Vista ActiveX) - http://www.zugmap.ch/richtplan3d/pages/plugin/gvista30161.cab O16 - DPF: {31B7EB4E-8B4B-11D1-A789-00A0CC6651A8} (Cult3D ActiveX Player) - http://www.cult3d.com/download/cult.cab O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} (FilePlanet Download Control Class) - http://www.fileplanet.com/fpdlmgr/cabs/FPDC_1_0_0_44.cab O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://spaces.msn.com/PhotoUpload/MsnPUpld.cab?10,0,911,0 O16 - DPF: {62789780-B744-11D0-986B-00609731A21D} (Autodesk MapGuide ActiveX Control) - http://pub.plan.at/mgaxctrlde.cab O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} (CamImage Class) - http://activex.webcam.nl/AxisCamControl.cab O16 - DPF: {AE4CEC9D-C836-4579-829B-4C345101B3B9} (GVista Terrain Renderer) - http://www.dilas.ch/plugin/gvista/gvista2709.cab O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmessengersetupdownloader.cab O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab31267.cab O16 - DPF: {E55FD215-A32E-43FE-A777-A7E8F165F551} (Flatcast Viewer 4.15) - http://www.flatcast.com/de/download/NpFv415.dll O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://www.creative.com/SU/ocx/15008/CTPID.cab O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{19BF5DB9-1774-415A-9F9E-CBAD99D3FB20}: NameServer = 62.108.1.67,212.142.26.68 O17 - HKLM\System\CS1\Services\Tcpip\..\{19BF5DB9-1774-415A-9F9E-CBAD99D3FB20}: NameServer = 62.108.1.67,212.142.26.68 O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe O23 - Service: Symantec Event Manager (ccEvtMgr) - Unknown owner - - (file missing) O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.EXE O23 - Service: Routing Protect Access (DATEING) - Unknown owner - C:\WINDOWS\SYSTEM32\RUNDLLFROMWIN2000.EXE (file missing) O23 - Service: iPod-service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Kodak Camera Connection Software (KodakCCS) - Eastman Kodak Company - C:\WINDOWS\system32\drivers\KodakCCS.exe O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE O23 - Service: Norton AntiVirus Auto-Protect-service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe O23 - Service: Planner voor Automatische LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - C:\Program Files\WinPcap\rpcapd.exe O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe O23 - Service: ScsiAccess - Unknown owner - C:\WINDOWS\System32\ScsiAccess.EXE O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe O23 - Service: Digital Media Adapter Application Loader Service (XWPCApplicationLoaderService) - Linksys Corporation - C:\Program Files\Linksys Wireless-B Media Adapter\bin\XWPCApplicationLoaderService.exe O23 - Service: Digital Media Adapter Host Service (XWPCHostService) - Linksys Corporation - C:\Program Files\Linksys Wireless-B Media Adapter\bin\XWPCHostService.exe -- End of file - 13690 bytes Quote Link naar reactie
0 anoniem Geplaatst: 23 september 2007 Auteur Delen Geplaatst: 23 september 2007 Hallo, allereerst een pluim voor het volhouden. Logje Piet, Schoon genoeg, Logje Ellen (log dus in onder acount Ellen) Voer de volgende acties eerst uit: Klik op Start -> (Settings) -> Configuratiescherm -> Software en verwijder het volgende programma: [b:0c55fd9944]My Web Search My Web Speedbar WebSearch Tools Search Assistant - My Way [/b:0c55fd9944] Start opnieuw op (onder Ellen) Start Hijackthis op en kies voor 'Do a system scan only' Selecteer alleen de items die hieronder zijn genoemd: [b:0c55fd9944] R3 - URLSearchHook: (no name) - _{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file) R3 - URLSearchHook: (no name) - {00A6FAF6-072E-44cf-8957-5838F569A31D} - (no file) O4 - HKCU\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\3.bin\mwsoemon.exe O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbaredits/menusearch.jhtml?p=ZNxmk846YYNL [/b:0c55fd9944] Klik op 'Fix checked' om de items te verwijderen. Open de verkenner ("Mijn Computer") en kies [b:0c55fd9944]Extra[/b:0c55fd9944] -> [b:0c55fd9944]Mapopties...[/b:0c55fd9944] Controleer onder [b:0c55fd9944]Weergave[/b:0c55fd9944] de volgende instellingen: Uitzetten: Beveiligde besturingssysteembestanden verbergen (aanbevolen) Uitzetten: Extensies voor bekende bestandstypen verbergen Selecteer: De inhoud van systeemmappen weergeven (alleen bij XP) Selecteer: Verborgen bestanden en mappen weergeven Verwijder de volgende directories: C:\PROGRA~1\MYWEBS~1\bar\[b:0c55fd9944]3.bin[/b:0c55fd9944]\ Logje Elize Log dus in onder deze naam Voer de volgende acties eerst uit: Klik op Start -> (Settings) -> Configuratiescherm -> Software en verwijder het volgende programma: [b:0c55fd9944]AdDestroyer [/b:0c55fd9944] Start opnieuw op onder deze naam. Start Hijackthis op en kies voor 'Do a system scan only' Selecteer alleen de items die hieronder zijn genoemd: [b:0c55fd9944] R3 - URLSearchHook: (no name) - _{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file) R3 - URLSearchHook: (no name) - {00A6FAF6-072E-44cf-8957-5838F569A31D} - (no file) O4 - Startup: AdDestroyer.lnk = C:\Program Files\AdDestroyer\AdDestroyer.exe O9 - Extra button: ShopperReports - Compare product prices - {946B3E9E-E21A-49c8-9F63-900533FAFE15} - C:\WINDOWS\System32\shdocvw.dll [/b:0c55fd9944] Klik op 'Fix checked' om de items te verwijderen. Open de verkenner ("Mijn Computer") en kies [b:0c55fd9944]Extra[/b:0c55fd9944] -> [b:0c55fd9944]Mapopties...[/b:0c55fd9944] Controleer onder [b:0c55fd9944]Weergave[/b:0c55fd9944] de volgende instellingen: Uitzetten: Beveiligde besturingssysteembestanden verbergen (aanbevolen) Uitzetten: Extensies voor bekende bestandstypen verbergen Selecteer: De inhoud van systeemmappen weergeven (alleen bij XP) Selecteer: Verborgen bestanden en mappen weergeven Verwijder de volgende directories: C:\Program Files\[b:0c55fd9944]AdDestroyer[/b:0c55fd9944]\ Start opnieuw op en plaats van Ellen En Elize een nieuw HJT logje aub. Quote Link naar reactie
0 anoniem Geplaatst: 23 september 2007 Auteur Delen Geplaatst: 23 september 2007 Wie zijn billen brandt... Al heb ik wel een moment gehad, dat ik de PC het raam uit wilde gooien, maar ik ben allang blij, dat je me nog steeds wilt helpen. My Web Search My Web Speedbar WebSearch Tools Search Assistant - My Way AdDestroyer komen niet voor in de lijst met software of zijn te vinden met de verkenner. Hier het HJL van Ellen Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 22:29:19, on 23-9-2007 Platform: Windows XP (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 (6.00.2600.0000) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe C:\WINDOWS\System32\CTsvcCDA.EXE C:\WINDOWS\System32\inetsrv\inetinfo.exe C:\WINDOWS\system32\drivers\KodakCCS.exe C:\Program Files\Norton AntiVirus\navapsvc.exe C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe C:\WINDOWS\System32\nvsvc32.exe C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe C:\WINDOWS\System32\ScsiAccess.EXE C:\WINDOWS\System32\tcpsvcs.exe C:\WINDOWS\System32\snmp.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe C:\WINDOWS\System32\MsPMSPSv.exe C:\Program Files\Linksys Wireless-B Media Adapter\bin\XWPCApplicationLoaderService.exe C:\Program Files\Linksys Wireless-B Media Adapter\bin\XWPCHostService.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\MSN Messenger\usnsvc.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\System32\CTHELPER.EXE C:\Program Files\HighCriteria\TotalRecorder\TotRecSched.exe C:\Program Files\Logitech\iTouch\iTouch.exe C:\Program Files\QuickTime\qttask.exe C:\Program Files\Logitech\MouseWare\system\em_exec.exe C:\WINDOWS\System32\LVCOMSX.EXE C:\Program Files\Logitech\Video\LogiTray.exe C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe C:\Program Files\Common Files\Symantec Shared\ccApp.exe C:\Program Files\Logitech\Video\FxSvr2.exe C:\Program Files\Common Files\Symantec Shared\Security Center\UsrPrmpt.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe C:\WINDOWS\System32\ctfmon.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\Linksys Wireless-B Media Adapter\bin\XWPCLauncher.exe C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\backWeb-7288971.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.nl/0SENLNL/SAOS01?FORM=TOOLBR R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://g.msn.nl/0SENLNL/SAOS01?FORM=TOOLBR R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.nl/0SENLNL/SAOS01?FORM=TOOLBR R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen O2 - BHO: Adobe PDF Reader Help bij koppelingen - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll O4 - HKLM\..\Run: [CTStartup] C:\Program Files\Creative\SBAudigy\Program\CTEaxSpl.EXE /run O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [TotalRecorderScheduler] "C:\Program Files\HighCriteria\TotalRecorder\TotRecSched.exe" O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [zBrowser Launcher] C:\Program Files\Logitech\iTouch\iTouch.exe O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\System32\LVCOMSX.EXE O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\System32\NeroCheck.exe O4 - HKLM\..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe" O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [SSC_UserPrompt] C:\Program Files\Common Files\Symantec Shared\Security Center\UsrPrmpt.exe O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [SweetIM] C:\Program Files\Macrogaming\SweetIM\SweetIM.exe O4 - HKCU\..\Run: [AdobeUpdater] C:\Program Files\Common Files\Adobe\Updater5\AdobeUpdater.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Lokale service') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Netwerkservice') O4 - HKUS\S-1-5-21-583907252-706699826-682003330-1005\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe (User 'Elize') O4 - HKUS\S-1-5-21-583907252-706699826-682003330-1005\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background (User 'Elize') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe (User 'Default user') O4 - Global Startup: Adapter Utility.lnk = ? O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: Kodak EasyShare software.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe O4 - Global Startup: KODAK Software Updater.lnk = C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\backWeb-7288971.exe O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office2\Office\OSA9.EXE O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe O9 - Extra button: ShopperReports - Compare product prices - {946B3E9E-E21A-49c8-9F63-900533FAFE15} - C:\WINDOWS\System32\shdocvw.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll O16 - DPF: {003FADA5-8FEE-11D6-AFB7-0004768F6183} (CryptoRSA Control) - https://www.p3.postbank.nl/sesam/CAX.cab O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} (Creative Software AutoUpdate) - http://www.creative.com/SU/ocx/12119/CTSUEng.cab O16 - DPF: {11260943-421B-11D0-8EAC-0000C07D88CF} (iPIX ActiveX Control) - http://www.ipix.com/viewers/ipixx.cab O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab O16 - DPF: {2CA0FF2C-0CE1-4382-A0C4-B2782965CCC2} (G-Vista ActiveX) - http://www.zugmap.ch/richtplan3d/pages/plugin/gvista30161.cab O16 - DPF: {31B7EB4E-8B4B-11D1-A789-00A0CC6651A8} (Cult3D ActiveX Player) - http://www.cult3d.com/download/cult.cab O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} (FilePlanet Download Control Class) - http://www.fileplanet.com/fpdlmgr/cabs/FPDC_1_0_0_44.cab O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://spaces.msn.com/PhotoUpload/MsnPUpld.cab?10,0,911,0 O16 - DPF: {62789780-B744-11D0-986B-00609731A21D} (Autodesk MapGuide ActiveX Control) - http://pub.plan.at/mgaxctrlde.cab O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} (CamImage Class) - http://activex.webcam.nl/AxisCamControl.cab O16 - DPF: {AE4CEC9D-C836-4579-829B-4C345101B3B9} (GVista Terrain Renderer) - http://www.dilas.ch/plugin/gvista/gvista2709.cab O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmessengersetupdownloader.cab O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab31267.cab O16 - DPF: {E55FD215-A32E-43FE-A777-A7E8F165F551} (Flatcast Viewer 4.15) - http://www.flatcast.com/de/download/NpFv415.dll O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://www.creative.com/SU/ocx/15008/CTPID.cab O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{19BF5DB9-1774-415A-9F9E-CBAD99D3FB20}: NameServer = 62.108.1.67,212.142.26.68 O17 - HKLM\System\CS1\Services\Tcpip\..\{19BF5DB9-1774-415A-9F9E-CBAD99D3FB20}: NameServer = 62.108.1.67,212.142.26.68 O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe O23 - Service: Symantec Event Manager (ccEvtMgr) - Unknown owner - - (file missing) O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.EXE O23 - Service: Routing Protect Access (DATEING) - Unknown owner - C:\WINDOWS\SYSTEM32\RUNDLLFROMWIN2000.EXE (file missing) O23 - Service: iPod-service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Kodak Camera Connection Software (KodakCCS) - Eastman Kodak Company - C:\WINDOWS\system32\drivers\KodakCCS.exe O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE O23 - Service: Norton AntiVirus Auto-Protect-service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe O23 - Service: Planner voor Automatische LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - C:\Program Files\WinPcap\rpcapd.exe O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe O23 - Service: ScsiAccess - Unknown owner - C:\WINDOWS\System32\ScsiAccess.EXE O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe O23 - Service: Digital Media Adapter Application Loader Service (XWPCApplicationLoaderService) - Linksys Corporation - C:\Program Files\Linksys Wireless-B Media Adapter\bin\XWPCApplicationLoaderService.exe O23 - Service: Digital Media Adapter Host Service (XWPCHostService) - Linksys Corporation - C:\Program Files\Linksys Wireless-B Media Adapter\bin\XWPCHostService.exe -- End of file - 13064 bytes Het logje van Elize Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 22:26:22, on 23-9-2007 Platform: Windows XP (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 (6.00.2600.0000) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe C:\WINDOWS\System32\CTsvcCDA.EXE C:\WINDOWS\System32\inetsrv\inetinfo.exe C:\WINDOWS\system32\drivers\KodakCCS.exe C:\Program Files\Norton AntiVirus\navapsvc.exe C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe C:\WINDOWS\System32\nvsvc32.exe C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe C:\WINDOWS\System32\ScsiAccess.EXE C:\WINDOWS\System32\tcpsvcs.exe C:\WINDOWS\System32\snmp.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe C:\WINDOWS\System32\MsPMSPSv.exe C:\Program Files\Linksys Wireless-B Media Adapter\bin\XWPCApplicationLoaderService.exe C:\Program Files\Linksys Wireless-B Media Adapter\bin\XWPCHostService.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\System32\CTHELPER.EXE C:\Program Files\HighCriteria\TotalRecorder\TotRecSched.exe C:\WINDOWS\System32\wuauclt.exe C:\WINDOWS\System32\RUNDLL32.EXE C:\Program Files\Logitech\iTouch\iTouch.exe C:\Program Files\QuickTime\qttask.exe C:\Program Files\Logitech\MouseWare\system\em_exec.exe C:\WINDOWS\System32\LVCOMSX.EXE C:\Program Files\Logitech\Video\LogiTray.exe C:\Program Files\Logitech\Video\FxSvr2.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe C:\Program Files\Common Files\Symantec Shared\ccApp.exe C:\Program Files\Common Files\Symantec Shared\Security Center\UsrPrmpt.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe C:\WINDOWS\System32\ctfmon.exe C:\Program Files\MSN Messenger\msnmsgr.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\Linksys Wireless-B Media Adapter\bin\XWPCLauncher.exe C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\backWeb-7288971.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe C:\Program Files\MSN Messenger\usnsvc.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.nl/ R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak = http://www.google.nl/ R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen O2 - BHO: Adobe PDF Reader Help bij koppelingen - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll O4 - HKLM\..\Run: [CTStartup] C:\Program Files\Creative\SBAudigy\Program\CTEaxSpl.EXE /run O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [TotalRecorderScheduler] "C:\Program Files\HighCriteria\TotalRecorder\TotRecSched.exe" O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [zBrowser Launcher] C:\Program Files\Logitech\iTouch\iTouch.exe O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\System32\LVCOMSX.EXE O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\System32\NeroCheck.exe O4 - HKLM\..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe" O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [SSC_UserPrompt] C:\Program Files\Common Files\Symantec Shared\Security Center\UsrPrmpt.exe O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\Messenger Plus! 3\MsgPlus.exe" /WinStart O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Lokale service') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Netwerkservice') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe (User 'Default user') O4 - Global Startup: Adapter Utility.lnk = ? O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: Kodak EasyShare software.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe O4 - Global Startup: KODAK Software Updater.lnk = C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\backWeb-7288971.exe O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office2\Office\OSA9.EXE O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe O9 - Extra button: ShopperReports - Compare product prices - {946B3E9E-E21A-49c8-9F63-900533FAFE15} - C:\WINDOWS\System32\shdocvw.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll O16 - DPF: {003FADA5-8FEE-11D6-AFB7-0004768F6183} (CryptoRSA Control) - https://www.p3.postbank.nl/sesam/CAX.cab O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} (Creative Software AutoUpdate) - http://www.creative.com/SU/ocx/12119/CTSUEng.cab O16 - DPF: {11260943-421B-11D0-8EAC-0000C07D88CF} (iPIX ActiveX Control) - http://www.ipix.com/viewers/ipixx.cab O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab O16 - DPF: {2CA0FF2C-0CE1-4382-A0C4-B2782965CCC2} (G-Vista ActiveX) - http://www.zugmap.ch/richtplan3d/pages/plugin/gvista30161.cab O16 - DPF: {31B7EB4E-8B4B-11D1-A789-00A0CC6651A8} (Cult3D ActiveX Player) - http://www.cult3d.com/download/cult.cab O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} (FilePlanet Download Control Class) - http://www.fileplanet.com/fpdlmgr/cabs/FPDC_1_0_0_44.cab O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://spaces.msn.com/PhotoUpload/MsnPUpld.cab?10,0,911,0 O16 - DPF: {62789780-B744-11D0-986B-00609731A21D} (Autodesk MapGuide ActiveX Control) - http://pub.plan.at/mgaxctrlde.cab O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} (CamImage Class) - http://activex.webcam.nl/AxisCamControl.cab O16 - DPF: {AE4CEC9D-C836-4579-829B-4C345101B3B9} (GVista Terrain Renderer) - http://www.dilas.ch/plugin/gvista/gvista2709.cab O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmessengersetupdownloader.cab O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab31267.cab O16 - DPF: {E55FD215-A32E-43FE-A777-A7E8F165F551} (Flatcast Viewer 4.15) - http://www.flatcast.com/de/download/NpFv415.dll O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://www.creative.com/SU/ocx/15008/CTPID.cab O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{19BF5DB9-1774-415A-9F9E-CBAD99D3FB20}: NameServer = 62.108.1.67,212.142.26.68 O17 - HKLM\System\CS1\Services\Tcpip\..\{19BF5DB9-1774-415A-9F9E-CBAD99D3FB20}: NameServer = 62.108.1.67,212.142.26.68 O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe O23 - Service: Symantec Event Manager (ccEvtMgr) - Unknown owner - - (file missing) O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.EXE O23 - Service: Routing Protect Access (DATEING) - Unknown owner - C:\WINDOWS\SYSTEM32\RUNDLLFROMWIN2000.EXE (file missing) O23 - Service: iPod-service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Kodak Camera Connection Software (KodakCCS) - Eastman Kodak Company - C:\WINDOWS\system32\drivers\KodakCCS.exe O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE O23 - Service: Norton AntiVirus Auto-Protect-service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe O23 - Service: Planner voor Automatische LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - C:\Program Files\WinPcap\rpcapd.exe O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe O23 - Service: ScsiAccess - Unknown owner - C:\WINDOWS\System32\ScsiAccess.EXE O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe O23 - Service: Digital Media Adapter Application Loader Service (XWPCApplicationLoaderService) - Linksys Corporation - C:\Program Files\Linksys Wireless-B Media Adapter\bin\XWPCApplicationLoaderService.exe O23 - Service: Digital Media Adapter Host Service (XWPCHostService) - Linksys Corporation - C:\Program Files\Linksys Wireless-B Media Adapter\bin\XWPCHostService.exe -- End of file - 12673 bytes Quote Link naar reactie
0 anoniem Geplaatst: 23 september 2007 Auteur Delen Geplaatst: 23 september 2007 Account Ellen. Download en installeer [url=http://www.ewido.net/en/download/][b:786b97f0ec][color=blue:786b97f0ec]AVG Anti-Spyware 7.5[/color:786b97f0ec][/b:786b97f0ec][/url] [list:786b97f0ec] [*:786b97f0ec]Scroll iets naar beneden, klik “download now” en sla het programma op. [*:786b97f0ec]Klik tweemaal “uitvoeren” en selecteer een taal. [*:786b97f0ec]Doorloop enkele vensters en klik op “installeren”. [*:786b97f0ec]Als het niet automatisch gebeurt klik je op “updates” [*:786b97f0ec]Selecteer[b:786b97f0ec] "Scanner"[/b:786b97f0ec] bovenin het scherm en selecteer dan[b:786b97f0ec] "Settings"[/b:786b97f0ec] [*:786b97f0ec]Eenmaal in het Settings gedeelte klik je [b:786b97f0ec]"Recommended actions"[/b:786b97f0ec] en vervolgens [b:786b97f0ec]"Quarantine"[/b:786b97f0ec] [*:786b97f0ec]Sluit Ewido. Laat het nog [b:786b97f0ec]niet[/b:786b97f0ec] scannen [/list:u:786b97f0ec] Start nu je computer op in [b:786b97f0ec]VEILIGE mode[/b:786b97f0ec] Start AVG Anti-Spyware, (er is een icon op je desktop[list:786b97f0ec] [*:786b97f0ec]klik op [b:786b97f0ec]Scanner[/b:786b97f0ec] [*:786b97f0ec]Klik op [b:786b97f0ec]Complete System Scan[/b:786b97f0ec] [*:786b97f0ec]Laat het programma je pc scannen, dit kan even duren. [*:786b97f0ec]Als er geïnfecteerde bestanden zijn gevonden, klik dan op "[b:786b97f0ec]Apply all actions[/b:786b97f0ec]" Daarna zal je een knop zien [b:786b97f0ec]Save report[/b:786b97f0ec] [*:786b97f0ec]Klik op [b:786b97f0ec]Save Report[/b:786b97f0ec] [*:786b97f0ec]Klik daarna op [b:786b97f0ec]Save Report as[/b:786b97f0ec] en bewaar het rapport op op je bureaublad. [*:786b97f0ec]Sluit AVG Anti-spyware af en herstart de computer in normale mode.[/list:u:786b97f0ec] [b:786b97f0ec]Post het log tesamen met een nieuw hijackthis log.[/b:786b97f0ec] Account Elize Ga naar Start > Uitvoeren en typ (of kopiëer en plak) : [b:786b97f0ec]sc delete ccEvtMgr[/b:786b97f0ec] Start Hijackthis op en kies voor 'Do a system scan only' Selecteer alleen de items die hieronder zijn genoemd: [b:786b97f0ec] O23 - Service: Symantec Event Manager (ccEvtMgr) - Unknown owner - - (file missing) [/b:786b97f0ec] Klik op 'Fix checked' om de items te verwijderen. vertel eens hoe het nu gaat. Quote Link naar reactie
0 anoniem Geplaatst: 24 september 2007 Auteur Delen Geplaatst: 24 september 2007 Ik kreeg vanmorgen nog een mail retour. --------------------------------------------------------- AVG Anti-Spyware - Scan Report --------------------------------------------------------- + Created at: 12:58:24 24-9-2007 + Scan result: HKU\S-1-5-21-583907252-706699826-682003330-1006\Software\LocalNRD -> Adware.BetterInternet : Cleaned. C:\Documents and Settings\Elize\Menu Start\Programma's\Power Scan -> Adware.PowerScan : Cleaned. F:\Program Files\Messenger Plus! 2\Setup.dat/70000010.exe -> Downloader.Swizzor.g : Cleaned. C:\Documents and Settings\Piet\Application Data\Sun\Java\Deployment\cache\6.0\8\181f08c8-4a6fc3f7/Gummy.class -> Not-A-Virus.Exploit.ByteVerify : Cleaned. C:\Documents and Settings\Piet\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\ar3.jar-75c822bf-12bcab4e.zip/Gummy.class -> Not-A-Virus.Exploit.ByteVerify : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@2o7[2].txt -> TrackingCookie.2o7 : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@msnportal.112.2o7[1].txt -> TrackingCookie.2o7 : Cleaned. C:\Documents and Settings\Piet\Cookies\piet@adbrite[2].txt -> TrackingCookie.Adbrite : Cleaned. C:\Documents and Settings\Piet\Cookies\piet@ads.adbrite[2].txt -> TrackingCookie.Adbrite : Cleaned. C:\Documents and Settings\Piet\Cookies\piet@adtech[2].txt -> TrackingCookie.Adtech : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@atdmt[1].txt -> TrackingCookie.Atdmt : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@bluestreak[1].txt -> TrackingCookie.Bluestreak : Cleaned. C:\Documents and Settings\Piet\Cookies\piet@bluestreak[1].txt -> TrackingCookie.Bluestreak : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@doubleclick[1].txt -> TrackingCookie.Doubleclick : Cleaned. C:\Documents and Settings\Piet\Cookies\piet@doubleclick[1].txt -> TrackingCookie.Doubleclick : Cleaned. C:\Documents and Settings\Piet\Cookies\piet@ssl-hints.netflame[1].txt -> TrackingCookie.Netflame : Cleaned. C:\Documents and Settings\Piet\Cookies\piet@stat.onestat[2].txt -> TrackingCookie.Onestat : Cleaned. C:\Documents and Settings\Piet\Cookies\piet@revsci[2].txt -> TrackingCookie.Revsci : Cleaned. C:\Documents and Settings\Piet\Cookies\piet@bs.serving-sys[2].txt -> TrackingCookie.Serving-sys : Cleaned. C:\Documents and Settings\Piet\Cookies\piet@serving-sys[2].txt -> TrackingCookie.Serving-sys : Cleaned. C:\Documents and Settings\Ellen\Cookies\ellen@weborama[1].txt -> TrackingCookie.Weborama : Cleaned. C:\Documents and Settings\Piet\Cookies\piet@weborama[1].txt -> TrackingCookie.Weborama : Cleaned. C:\Documents and Settings\Piet\Cookies\piet@ad.yieldmanager[2].txt -> TrackingCookie.Yieldmanager : Cleaned. C:\Documents and Settings\Piet\Piet\Cylonix_18_Channel_Vocoder_2[1].0.zip/patch.exe -> Trojan.Proxcrak.A : Cleaned. ::Report end Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 13:17:32, on 24-9-2007 Platform: Windows XP (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 (6.00.2600.0000) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe C:\WINDOWS\System32\CTsvcCDA.EXE C:\WINDOWS\System32\inetsrv\inetinfo.exe C:\WINDOWS\system32\drivers\KodakCCS.exe C:\Program Files\Norton AntiVirus\navapsvc.exe C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe C:\WINDOWS\System32\nvsvc32.exe C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe C:\WINDOWS\System32\ScsiAccess.EXE C:\WINDOWS\System32\tcpsvcs.exe C:\WINDOWS\System32\snmp.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe C:\WINDOWS\System32\MsPMSPSv.exe C:\Program Files\Linksys Wireless-B Media Adapter\bin\XWPCApplicationLoaderService.exe C:\Program Files\Linksys Wireless-B Media Adapter\bin\XWPCHostService.exe C:\Program Files\iPod\bin\iPodService.exe C:\WINDOWS\system32\winlogon.exe C:\Program Files\MSN Messenger\usnsvc.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\System32\CTHELPER.EXE C:\Program Files\HighCriteria\TotalRecorder\TotRecSched.exe C:\Program Files\Logitech\iTouch\iTouch.exe C:\Program Files\QuickTime\qttask.exe C:\WINDOWS\System32\LVCOMSX.EXE C:\Program Files\Logitech\Video\LogiTray.exe C:\Program Files\Logitech\MouseWare\system\em_exec.exe C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe C:\Program Files\Common Files\Symantec Shared\ccApp.exe C:\Program Files\Logitech\Video\FxSvr2.exe C:\Program Files\Common Files\Symantec Shared\Security Center\UsrPrmpt.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe C:\WINDOWS\System32\ctfmon.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\Linksys Wireless-B Media Adapter\bin\XWPCLauncher.exe C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\backWeb-7288971.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.nl/0SENLNL/SAOS01?FORM=TOOLBR R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://g.msn.nl/0SENLNL/SAOS01?FORM=TOOLBR R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.nl/0SENLNL/SAOS01?FORM=TOOLBR R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen O2 - BHO: Adobe PDF Reader Help bij koppelingen - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll O4 - HKLM\..\Run: [CTStartup] C:\Program Files\Creative\SBAudigy\Program\CTEaxSpl.EXE /run O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [TotalRecorderScheduler] "C:\Program Files\HighCriteria\TotalRecorder\TotRecSched.exe" O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [zBrowser Launcher] C:\Program Files\Logitech\iTouch\iTouch.exe O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\System32\LVCOMSX.EXE O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\System32\NeroCheck.exe O4 - HKLM\..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe" O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [SSC_UserPrompt] C:\Program Files\Common Files\Symantec Shared\Security Center\UsrPrmpt.exe O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [SweetIM] C:\Program Files\Macrogaming\SweetIM\SweetIM.exe O4 - HKCU\..\Run: [AdobeUpdater] C:\Program Files\Common Files\Adobe\Updater5\AdobeUpdater.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Lokale service') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Netwerkservice') O4 - HKUS\S-1-5-21-583907252-706699826-682003330-1003\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe (User 'Piet') O4 - HKUS\S-1-5-21-583907252-706699826-682003330-1003\..\Run: [TaskBar] "C:\Program Files\Creative\TaskBar\CTLTask.exe" (User 'Piet') O4 - HKUS\S-1-5-21-583907252-706699826-682003330-1003\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot (User 'Piet') O4 - HKUS\S-1-5-21-583907252-706699826-682003330-1003\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background (User 'Piet') O4 - HKUS\S-1-5-21-583907252-706699826-682003330-1003\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background (User 'Piet') O4 - HKUS\S-1-5-21-583907252-706699826-682003330-1005\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe (User 'Elize') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe (User 'Default user') O4 - Global Startup: Adapter Utility.lnk = ? O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: Kodak EasyShare software.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe O4 - Global Startup: KODAK Software Updater.lnk = C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\backWeb-7288971.exe O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office2\Office\OSA9.EXE O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe O9 - Extra button: ShopperReports - Compare product prices - {946B3E9E-E21A-49c8-9F63-900533FAFE15} - C:\WINDOWS\System32\shdocvw.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll O16 - DPF: {003FADA5-8FEE-11D6-AFB7-0004768F6183} (CryptoRSA Control) - https://www.p3.postbank.nl/sesam/CAX.cab O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} (Creative Software AutoUpdate) - http://www.creative.com/SU/ocx/12119/CTSUEng.cab O16 - DPF: {11260943-421B-11D0-8EAC-0000C07D88CF} (iPIX ActiveX Control) - http://www.ipix.com/viewers/ipixx.cab O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab O16 - DPF: {2CA0FF2C-0CE1-4382-A0C4-B2782965CCC2} (G-Vista ActiveX) - http://www.zugmap.ch/richtplan3d/pages/plugin/gvista30161.cab O16 - DPF: {31B7EB4E-8B4B-11D1-A789-00A0CC6651A8} (Cult3D ActiveX Player) - http://www.cult3d.com/download/cult.cab O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} (FilePlanet Download Control Class) - http://www.fileplanet.com/fpdlmgr/cabs/FPDC_1_0_0_44.cab O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://spaces.msn.com/PhotoUpload/MsnPUpld.cab?10,0,911,0 O16 - DPF: {62789780-B744-11D0-986B-00609731A21D} (Autodesk MapGuide ActiveX Control) - http://pub.plan.at/mgaxctrlde.cab O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} (CamImage Class) - http://activex.webcam.nl/AxisCamControl.cab O16 - DPF: {AE4CEC9D-C836-4579-829B-4C345101B3B9} (GVista Terrain Renderer) - http://www.dilas.ch/plugin/gvista/gvista2709.cab O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmessengersetupdownloader.cab O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab31267.cab O16 - DPF: {E55FD215-A32E-43FE-A777-A7E8F165F551} (Flatcast Viewer 4.15) - http://www.flatcast.com/de/download/NpFv415.dll O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://www.creative.com/SU/ocx/15008/CTPID.cab O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{19BF5DB9-1774-415A-9F9E-CBAD99D3FB20}: NameServer = 62.108.1.67,212.142.26.68 O17 - HKLM\System\CS1\Services\Tcpip\..\{19BF5DB9-1774-415A-9F9E-CBAD99D3FB20}: NameServer = 62.108.1.67,212.142.26.68 O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.EXE O23 - Service: Routing Protect Access (DATEING) - Unknown owner - C:\WINDOWS\SYSTEM32\RUNDLLFROMWIN2000.EXE (file missing) O23 - Service: iPod-service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Kodak Camera Connection Software (KodakCCS) - Eastman Kodak Company - C:\WINDOWS\system32\drivers\KodakCCS.exe O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE O23 - Service: Norton AntiVirus Auto-Protect-service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe O23 - Service: Planner voor Automatische LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - C:\Program Files\WinPcap\rpcapd.exe O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe O23 - Service: ScsiAccess - Unknown owner - C:\WINDOWS\System32\ScsiAccess.EXE O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe O23 - Service: Digital Media Adapter Application Loader Service (XWPCApplicationLoaderService) - Linksys Corporation - C:\Program Files\Linksys Wireless-B Media Adapter\bin\XWPCApplicationLoaderService.exe O23 - Service: Digital Media Adapter Host Service (XWPCHostService) - Linksys Corporation - C:\Program Files\Linksys Wireless-B Media Adapter\bin\XWPCHostService.exe -- End of file - 13572 bytes Quote Link naar reactie
0 anoniem Geplaatst: 24 september 2007 Auteur Delen Geplaatst: 24 september 2007 zelfde gebruiker als laatste logje. Open een leeg kladblokscherm en plak daar de onderstaande tekst in: [code:1:65126df340] REGEDIT4 [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{946B3E9E-E21A-49c8-9F63-900533FAFE15}] [/code:1:65126df340] Sla het op je bureaublad op als fixreg.reg met als type alle bestanden Dubbelklik het bestand en klik op de vraag of je aan het register wil toevoegen op JA Quote Link naar reactie
0 anoniem Geplaatst: 24 september 2007 Auteur Delen Geplaatst: 24 september 2007 Is gebeurd, en nu? Quote Link naar reactie
0 anoniem Geplaatst: 24 september 2007 Auteur Delen Geplaatst: 24 september 2007 een nieuw logje van HJT van die gebruiker zou welkom zijn :D Quote Link naar reactie
0 anoniem Geplaatst: 24 september 2007 Auteur Delen Geplaatst: 24 september 2007 Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 20:39:41, on 24-9-2007 Platform: Windows XP (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 (6.00.2600.0000) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe C:\WINDOWS\System32\CTsvcCDA.EXE C:\WINDOWS\System32\inetsrv\inetinfo.exe C:\WINDOWS\system32\drivers\KodakCCS.exe C:\Program Files\Norton AntiVirus\navapsvc.exe C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe C:\WINDOWS\System32\nvsvc32.exe C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe C:\WINDOWS\System32\ScsiAccess.EXE C:\WINDOWS\System32\tcpsvcs.exe C:\WINDOWS\System32\snmp.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe C:\WINDOWS\System32\MsPMSPSv.exe C:\Program Files\Linksys Wireless-B Media Adapter\bin\XWPCApplicationLoaderService.exe C:\Program Files\Linksys Wireless-B Media Adapter\bin\XWPCHostService.exe C:\Program Files\iPod\bin\iPodService.exe C:\WINDOWS\system32\winlogon.exe C:\Program Files\MSN Messenger\usnsvc.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\System32\CTHELPER.EXE C:\Program Files\HighCriteria\TotalRecorder\TotRecSched.exe C:\Program Files\Logitech\iTouch\iTouch.exe C:\Program Files\QuickTime\qttask.exe C:\WINDOWS\System32\LVCOMSX.EXE C:\Program Files\Logitech\Video\LogiTray.exe C:\Program Files\Logitech\MouseWare\system\em_exec.exe C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe C:\Program Files\Common Files\Symantec Shared\ccApp.exe C:\Program Files\Logitech\Video\FxSvr2.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe C:\WINDOWS\System32\ctfmon.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\Linksys Wireless-B Media Adapter\bin\XWPCLauncher.exe C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\backWeb-7288971.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.nl/0SENLNL/SAOS01?FORM=TOOLBR R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://g.msn.nl/0SENLNL/SAOS01?FORM=TOOLBR R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.nl/0SENLNL/SAOS01?FORM=TOOLBR R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen O2 - BHO: Adobe PDF Reader Help bij koppelingen - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll O4 - HKLM\..\Run: [CTStartup] C:\Program Files\Creative\SBAudigy\Program\CTEaxSpl.EXE /run O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [TotalRecorderScheduler] "C:\Program Files\HighCriteria\TotalRecorder\TotRecSched.exe" O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [zBrowser Launcher] C:\Program Files\Logitech\iTouch\iTouch.exe O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\System32\LVCOMSX.EXE O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\System32\NeroCheck.exe O4 - HKLM\..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe" O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [SSC_UserPrompt] C:\Program Files\Common Files\Symantec Shared\Security Center\UsrPrmpt.exe O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [SweetIM] C:\Program Files\Macrogaming\SweetIM\SweetIM.exe O4 - HKCU\..\Run: [AdobeUpdater] C:\Program Files\Common Files\Adobe\Updater5\AdobeUpdater.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Lokale service') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Netwerkservice') O4 - HKUS\S-1-5-21-583907252-706699826-682003330-1003\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe (User 'Piet') O4 - HKUS\S-1-5-21-583907252-706699826-682003330-1003\..\Run: [TaskBar] "C:\Program Files\Creative\TaskBar\CTLTask.exe" (User 'Piet') O4 - HKUS\S-1-5-21-583907252-706699826-682003330-1003\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot (User 'Piet') O4 - HKUS\S-1-5-21-583907252-706699826-682003330-1003\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background (User 'Piet') O4 - HKUS\S-1-5-21-583907252-706699826-682003330-1003\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background (User 'Piet') O4 - HKUS\S-1-5-21-583907252-706699826-682003330-1005\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe (User 'Elize') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe (User 'Default user') O4 - Global Startup: Adapter Utility.lnk = ? O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: Kodak EasyShare software.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe O4 - Global Startup: KODAK Software Updater.lnk = C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\backWeb-7288971.exe O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office2\Office\OSA9.EXE O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll O16 - DPF: {003FADA5-8FEE-11D6-AFB7-0004768F6183} (CryptoRSA Control) - https://www.p3.postbank.nl/sesam/CAX.cab O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} (Creative Software AutoUpdate) - http://www.creative.com/SU/ocx/12119/CTSUEng.cab O16 - DPF: {11260943-421B-11D0-8EAC-0000C07D88CF} (iPIX ActiveX Control) - http://www.ipix.com/viewers/ipixx.cab O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab O16 - DPF: {2CA0FF2C-0CE1-4382-A0C4-B2782965CCC2} (G-Vista ActiveX) - http://www.zugmap.ch/richtplan3d/pages/plugin/gvista30161.cab O16 - DPF: {31B7EB4E-8B4B-11D1-A789-00A0CC6651A8} (Cult3D ActiveX Player) - http://www.cult3d.com/download/cult.cab O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} (FilePlanet Download Control Class) - http://www.fileplanet.com/fpdlmgr/cabs/FPDC_1_0_0_44.cab O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://spaces.msn.com/PhotoUpload/MsnPUpld.cab?10,0,911,0 O16 - DPF: {62789780-B744-11D0-986B-00609731A21D} (Autodesk MapGuide ActiveX Control) - http://pub.plan.at/mgaxctrlde.cab O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} (CamImage Class) - http://activex.webcam.nl/AxisCamControl.cab O16 - DPF: {AE4CEC9D-C836-4579-829B-4C345101B3B9} (GVista Terrain Renderer) - http://www.dilas.ch/plugin/gvista/gvista2709.cab O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmessengersetupdownloader.cab O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab31267.cab O16 - DPF: {E55FD215-A32E-43FE-A777-A7E8F165F551} (Flatcast Viewer 4.15) - http://www.flatcast.com/de/download/NpFv415.dll O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://www.creative.com/SU/ocx/15008/CTPID.cab O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{19BF5DB9-1774-415A-9F9E-CBAD99D3FB20}: NameServer = 62.108.1.67,212.142.26.68 O17 - HKLM\System\CS1\Services\Tcpip\..\{19BF5DB9-1774-415A-9F9E-CBAD99D3FB20}: NameServer = 62.108.1.67,212.142.26.68 O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.EXE O23 - Service: Routing Protect Access (DATEING) - Unknown owner - C:\WINDOWS\SYSTEM32\RUNDLLFROMWIN2000.EXE (file missing) O23 - Service: iPod-service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Kodak Camera Connection Software (KodakCCS) - Eastman Kodak Company - C:\WINDOWS\system32\drivers\KodakCCS.exe O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE O23 - Service: Norton AntiVirus Auto-Protect-service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe O23 - Service: Planner voor Automatische LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - C:\Program Files\WinPcap\rpcapd.exe O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe O23 - Service: ScsiAccess - Unknown owner - C:\WINDOWS\System32\ScsiAccess.EXE O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe O23 - Service: Digital Media Adapter Application Loader Service (XWPCApplicationLoaderService) - Linksys Corporation - C:\Program Files\Linksys Wireless-B Media Adapter\bin\XWPCApplicationLoaderService.exe O23 - Service: Digital Media Adapter Host Service (XWPCHostService) - Linksys Corporation - C:\Program Files\Linksys Wireless-B Media Adapter\bin\XWPCHostService.exe -- End of file - 13361 bytes Quote Link naar reactie
0 anoniem Geplaatst: 24 september 2007 Auteur Delen Geplaatst: 24 september 2007 ziet er goed uit, kan je nu al je windows updaten??????? Quote Link naar reactie
Vraag
anoniem
Link naar reactie
Beste reacties voor deze vraag
69
Populaire dagen
21 sep
12
20 sep
9
23 sep
8
22 sep
7
Beste reacties voor deze vraag
anoniem 69 berichten
Populaire dagen
21 sep 2007
12 berichten
20 sep 2007
9 berichten
23 sep 2007
8 berichten
22 sep 2007
7 berichten
68 antwoorden op deze vraag
Aanbevolen berichten
Om een reactie te plaatsen, moet je eerst inloggen