Archief - kan iemand mijn hijackthis checke ?

Het archief is een bevroren moment uit een vorige versie van dit forum, met andere regels en andere bazen. Deze posts weerspiegelen op geen enkele manier onze huidige ideeën, waarden of wereldbeelden en zijn op sommige plaatsen gecensureerd wegens ontoelaatbaar. Veel zijn in een andere tijdsgeest gemaakt, al dan niet ironisch - zoals in het ironische subforum Off-Topic - en zouden op dit moment niet meer gepost (mogen) worden. Toch bieden we dit archief nog graag aan als informatiedatabank en naslagwerk. Lees er hier meer over of start een gesprek met anderen.
T

Th3 aLmIgHtY

Legacy Member
kan iemand hem checke ? thx!
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Msn plus\MsgPlus.exe
E:\Program Files\Software\Microsoft Antispyware\gcasServ.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
E:\Program Files\Software\Logitech MX 510\MouseWare\system\em_exec.exe
E:\Program Files\Software\Microsoft Antispyware\gcasDtServ.exe
c:\progra~1\intern~1\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
E:\PROGRA~1\Software\NORTON~2\NORTON~4\GHOSTS~2.EXE
E:\Program Files\Software\Norton SystemWorks 2004 Pro\Norton Antivirus\navapsvc.exe
C:\Program Files\ASUS\Probe\ASUSPROB.EXE
E:\PROGRA~1\Software\NORTON~2\NORTON~3\NPROTECT.EXE
E:\Program Files\Software\Norton SystemWorks 2004 Pro\Norton Antivirus\SAVScan.exe
E:\PROGRA~1\Software\NORTON~2\NORTON~3\SPEEDD~1\NOPDB.EXE
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
C:\WINDOWS\System32\svchost.exe
E:\Program Files\Stuff\Daemon Tools\daemon.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\System32\WISPTIS.EXE
E:\Program Files\Stuff\Adobe Reader\Reader\AcroRd32.exe
C:\Program Files\Common Files\Sony Shared\AVLib\Sptisrv.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
E:\Program Files\Stuff\WinAce\WinAce.exe
C:\DOCUME~1\Guido\LOCALS~1\Temp\~AceTemp\hijackthis[1]\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.zwepzmtpvkxptrcdrexqzgsx...IDNuDdclBj5NVm44YUKYzlKsu1UQ5N81l5RVrpgn.html
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.be/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.be/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Startpagina = file:///C:/Program%20Files/FirstEnter/Portal/portal.html
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
R3 - Default URLSearchHook is missing
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - E:\Program Files\Stuff\Adobe Reader\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - E:\PROGRA~1\Software\SPYBOT~1\SDHelper.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - E:\Program Files\Software\Norton SystemWorks 2004 Pro\Norton Antivirus\NavShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - E:\Program Files\Software\Norton SystemWorks 2004 Pro\Norton Antivirus\NavShExt.dll
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\Msn plus\MsgPlus.exe"
O4 - HKLM\..\Run: [gcasServ] "E:\Program Files\Software\Microsoft Antispyware\gcasServ.exe"
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\Msn plus\MsgPlus.exe" /WinStart
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [LDM] E:\Program Files\Software\Logitech MX 510\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
O4 - HKCU\..\Run: [Defy bait] C:\DOCUME~1\Guido\APPLIC~1\JOYOOZ~1\MfcdRoam.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - Startup: Probe V2.21.03.lnk = ?
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://E:\PROGRA~1\Software\MICROS~1\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - E:\PROGRA~1\Software\MICROS~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab28578.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab30149.cab
O16 - DPF: {205FF73B-CA67-11D5-99DD-444553540006} (CInstall Class) - http://www.errorguard.com/installation/Install.cab
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
O16 - DPF: {31B7EB4E-8B4B-11D1-A789-00A0CC6651A8} (Cult3D ActiveX Player) - http://www.cult3d.com/download/cult.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab28578.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://www.pandasoftware.com/activescan/as5/asinst.cab
O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary/Bankshot.cab30149.cab
O16 - DPF: {C2FCEF52-ACE9-11D3-BEBD-00105AA9B6AE} (Symantec RuFSI Registry Information Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab31267.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{079E9E54-E713-4A1B-8651-2777D841518C}: NameServer = 209.47.15.118,64.157.143.38,
O17 - HKLM\System\CS1\Services\Tcpip\..\{079E9E54-E713-4A1B-8651-2777D841518C}: NameServer = 209.47.15.118,64.157.143.38,
O17 - HKLM\System\CS2\Services\Tcpip\..\{079E9E54-E713-4A1B-8651-2777D841518C}: NameServer = 209.47.15.118,64.157.143.38,
O20 - Winlogon Notify: WB - E:\PROGRA~1\Stuff\WINDOW~1\fastload.dll
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Fix-It Task Manager - Unknown owner - E:\PROGRA~1\Stuff\VCOMFI~1\mxtask.exe (file missing)
O23 - Service: GhostStartService - Symantec Corporation - E:\PROGRA~1\Software\NORTON~2\NORTON~4\GHOSTS~2.EXE
O23 - Service: iPod-service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - E:\Program Files\Software\Norton SystemWorks 2004 Pro\Norton Antivirus\navapsvc.exe
O23 - Service: Norton Unerase Protection (NProtectService) - Symantec Corporation - E:\PROGRA~1\Software\NORTON~2\NORTON~3\NPROTECT.EXE
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\Pacsptisvr.exe
O23 - Service: SAVScan - Symantec Corporation - E:\Program Files\Software\Norton SystemWorks 2004 Pro\Norton Antivirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Speed Disk service - Symantec Corporation - E:\PROGRA~1\Software\NORTON~2\NORTON~3\SPEEDD~1\NOPDB.EXE
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\Sptisrv.exe
O23 - Service: StyleXPService - Unknown owner - C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
Klik om te vergroten...
E

Exit

Legacy Member
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.zwepzmtpvkxptrcdrexqzgsx...81l5RVrpgn.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Startpagina = file:///C:/Program%20Files/FirstEnter/Portal/portal.html
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyOverride = localhost
O4 - HKCU\..\Run: [Defy bait] C:\DOCUME~1\Guido\APPLIC~1\JOYOOZ~1\MfcdRoam.exe
O16 - DPF: {205FF73B-CA67-11D5-99DD-444553540006} (CInstall Class) - http://www.errorguard.com/installation/Install.cab

O20 - Winlogon Notify: WB - E:\PROGRA~1\Stuff\WINDOW~1\fastload.dll **strange**

welke dns klopt?
O17 - HKLM\System\CCS\Services\Tcpip\..\{079E9E54-E713-4A1B-8651-2777D841518C}: NameServer = 209.47.15.118,64.157.143.38,
O17 - HKLM\System\CS1\Services\Tcpip\..\{079E9E54-E713-4A1B-8651-2777D841518C}: NameServer = 209.47.15.118,64.157.143.38,
O17 - HKLM\System\CS2\Services\Tcpip\..\{079E9E54-E713-4A1B-8651-2777D841518C}: NameServer = 209.47.15.118,64.157.143.38,
O23 - Service: Fix-It Task Manager - Unknown owner - E:\PROGRA~1\Stuff\VCOMFI~1\mxtask.exe (file missing)
Het archief is een bevroren moment uit een vorige versie van dit forum, met andere regels en andere bazen. Deze posts weerspiegelen op geen enkele manier onze huidige ideeën, waarden of wereldbeelden en zijn op sommige plaatsen gecensureerd wegens ontoelaatbaar. Veel zijn in een andere tijdsgeest gemaakt, al dan niet ironisch - zoals in het ironische subforum Off-Topic - en zouden op dit moment niet meer gepost (mogen) worden. Toch bieden we dit archief nog graag aan als informatiedatabank en naslagwerk. Lees er hier meer over of start een gesprek met anderen.
Terug
Bovenaan