Du-toube
Legacy Member
Hallo
Enkele dagen was mijn pc suuupertraag.
Cpu stond constant op 100%.
Ik heb dan eens een system restore gedaan, en dat was verholpen.
Maar er zijn nog enkele problemen:
als ik op start klik, ( links beneden) kan ik niets selecteren bij 'all programs'.
Ik kan wel klikken op mijn computer, of controlepaneel etc.
Maar als ik op 'all programs" ga, zie ik de lijst maar kan ik niets selecteren ( de muis wijst op iets, maar er verandert niets, en kan op niets klikken om het te starten )
Ook heb ik bij mijn processes bij task manager, enkele bestanden dat altijd terugkomen als ik ze sluit.
Ze hebben altijd verschillende nummers
( momenteel: 194043, 166180 en 552551 draaien )
Misschien kunnen jullie me helpen?
Alvast mijn hijacklog file en bedankt
------------------
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:43:50, on 30/12/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16762)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\SCardSvr.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\userinit.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\WINDOWS\system32\taskmagr.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\System32\wbem\wmiprvse.exe
C:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe
C:\WINDOWS\system32\System.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\PROGRA~1\MICROS~4\rapimgr.exe
C:\WINDOWS\system32\devldr32.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\DOCUME~1\Nguyen\LOCALS~1\Temp\166180
C:\DOCUME~1\Nguyen\LOCALS~1\Temp\194043
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\WINDOWS\System32\wbem\wmiprvse.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Live Search
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Live Search
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN.com
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O1 - Hosts: 127.0.0.2 ymsdasdw1.cn
O1 - Hosts: 127.0.0.3 h96b.info
O1 - Hosts: 127.0.0.0 fuck.zttwp.cn
O1 - Hosts: 127.0.0.0 :::ÌìÌìÍâ¹ÒÍø::: www.WaiGua365.com »¶ÓµÇ½ www.WaiGua365.com
O1 - Hosts: 127.0.0.0 ww.popdm.cn
O1 - Hosts: 127.1.1.1 bbt.etimes888.com
O1 - Hosts: 127.1.1.1 219.147.13.53
O1 - Hosts: 127.1.1.1 l.neter888.cn
O1 - Hosts: 127.1.1.1 stat.untang.com
O1 - Hosts: 127.1.1.1 www.ikdy.cn
O1 - Hosts: 127.0.0.0 geekbyfeng.cn
O1 - Hosts: 127.0.0.0 121.14.101.68
O1 - Hosts: 127.0.0.0 ppp.etimes888.com
O1 - Hosts: 127.0.0.0 www.bypk.com
O1 - Hosts: 127.0.0.0 CSC3-2004-crl.verisign.com
O1 - Hosts: 127.0.0.0 udp.hjob123.com
O1 - Hosts: 127.1.1.1 999.hfdy2828.com
O1 - Hosts: 127.1.1.1 www.hfdy2929.com
O1 - Hosts: 127.1.1.1 www.xiazaide1.cn
O1 - Hosts: 127.1.1.1 www.vuf51579.cn
O1 - Hosts: 127.1.1.1 wm.eo2q.cn
O1 - Hosts: 127.1.1.1 d.www-263.com
O1 - Hosts: 127.1.1.1 www.ssy1688.cn
O1 - Hosts: 127.1.1.1 121.12.173.218
O1 - Hosts: 127.1.1.1 qq.18i16.net
O1 - Hosts: 127.1.1.1 a.baidu-6661.com
O1 - Hosts: 127.1.1.1 www.vuf51579.cn
O1 - Hosts: 127.1.1.1 www.1079223105.cn
O1 - Hosts: 127.1.1.1 home.xzx6.cn
O1 - Hosts: 127.1.1.1 top.fgc3.cn
O1 - Hosts: 127.1.1.1 165.246.44.228
O1 - Hosts: 127.1.1.1 wwww.ttfafa.com
O1 - Hosts: 127.1.1.1 pa.tt-09.com
O1 - Hosts: 127.0.0.2 bnasnd83nd.cn
O1 - Hosts: 127.0.0.0 www.gamehacker.com.cn
O1 - Hosts: 127.0.0.0 gamehacker.com.cn
O1 - Hosts: 127.1.1.1 ½¨ÉèÖÐ
O1 - Hosts: 127.1.1.1 222.73.208.141
O1 - Hosts: 127.0.0.3 adlaji.cn
O1 - Hosts: 127.1.1.1 aiyyw.com
O1 - Hosts: 127.1.1.1 bnasnd83nd.cn
O1 - Hosts: 127.0.0.0 user1.12-27.net
O1 - Hosts: 127.0.0.0 fengent.cn
O1 - Hosts: 127.0.0.0 www.sony888.cn
O1 - Hosts: 127.0.0.0 user1.asp-33.cn
O1 - Hosts: 127.0.0.0 www.netkwek.cn
O1 - Hosts: 127.0.0.0 ymsdkad6.cn
O1 - Hosts: 127.0.0.0 www.lkwueir.cn
O1 - Hosts: 127.0.1.1 user1.23-17.net
O1 - Hosts: 127.0.0.0 upa.luzhiai.net
O1 - Hosts: 127.0.0.0 www.guccia.net
O1 - Hosts: 127.0.0.0 4m9mnlmi.cn
O1 - Hosts: 127.0.0.0 mm119mkssd.cn
O1 - Hosts: 127.0.0.0 61.128.171.115:8080
O1 - Hosts: 127.0.0.0 ½¨ÉèÖÐ
O1 - Hosts: 127.0.0.0 win.nihao69.cn
O1 - Hosts: 127.0.0.0 puc.lianxiac.net
O1 - Hosts: 127.0.0.0 pud.lianxiac.net
O1 - Hosts: 127.0.0.0 210.76.0.133
O1 - Hosts: 127.0.0.0 61.166.32.2
O1 - Hosts: 127.0.0.0 218.92.186.27
O1 - Hosts: 127.0.0.0 www.fsfsfag.cn
O1 - Hosts: 127.0.0.0 ovo.ovovov.cn
O1 - Hosts: 127.0.0.0 dw.com.com
O1 - Hosts: 127.0.0.0 t.myblank.cn
O1 - Hosts: 127.0.0.0 x.myblank.cn
O1 - Hosts: 127.0.0.0 qq-xing.com.cn
O1 - Hosts: 127.0.0.0 59.125.231.177:17777
O2 - BHO: Adobe PDF Reader Help bij koppelingen - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: msvbcr40 Class - {2756BAD7-2F9F-47ef-AE6D-8D39CCEB396F} - C:\WINDOWS\system32\msvbcr40.dll
O2 - BHO: (no name) - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - (no file)
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: (no name) - {7D182ECE-BFD3-4482-902F-035F4CE9A3C4} - C:\Program Files\Internet Explorer\ftsKetNt.7ps
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Skype Control Class - {9018F6A8-2495-45DF-9F16-C738F8F3C8FF} - C:\WINDOWS\system32\SkypeComm.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: (no name) - {EF8EFC85-0038-479B-BB0E-B0A52A15CECA} - C:\Program Files\Internet Explorer\SysKetNt.Sys
O4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe" /icon
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [HBService32] System.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O4 - HKLM\..\Policies\Explorer\Run: [nwiz] alien32.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [RunNarrator] Narrator.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [RunNarrator] Narrator.exe (User 'Default user')
O4 - Startup: Alcatel Speedtouch Connection (2).lnk = C:\Program Files\Alcatel\SpeedTouch USB\STDialUp.exe
O8 - Extra context menu item: &Download All with FlashGet - C:\Program Files\FlashGet\jc_all.htm
O8 - Extra context menu item: &Download with FlashGet - C:\Program Files\FlashGet\jc_link.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
O9 - Extra 'Tools' menuitem: Mobiele favorieten maken... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\Nguyen\Start Menu\Programs\IMVU\Run IMVU.lnk (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w2/resources/MSNPUpld.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/NL-BE/a-UNO1/GAME_UNO1.cab
O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://liezj1987.spaces.live.com/PhotoUpload/MsnPUpld.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{465DA6C4-6D5C-4F0D-8DE4-5D48525FABFB}: NameServer = 195.238.2.21 195.238.2.22
O20 - AppInit_DLLs: HBmhly.dllHBXY2.dllHBJXSJ.dllHBSHQ.dllHBWULIN2.dllHBW2I.dllHBKDXY.dllHBASKTAO.dllHBZHUXIAN.dllHBWOW.dllHBCHIBI.dllHBTW2.dllHBWD.dllHBZG.dllHBXMJ.dllDDEE51F5.dll4FC21891.dll,6EDCDE33.dll,F75F0F2C.dll,F232B3DD.dll,EC9630EB.dll,7243154B.dll,F2FC9D59.dll,159618C4.dll,C8A53922.dll,E0ACEE5E.dll,E2993CD3.dll,5C6D2558.dll,31A3B66D.dll,F3A1DFD5.dll,FE8B1EDD.dll,47CF8F38.dll,E63F51B7.dll,FC192B38.dll,7E4296D6.dll,C60CBF1A.dll,7044AB41.dll,B0CD19AD.dll,A47298E3.dll,139B8D72.dll
O21 - SSODL: DDEE51F5 - {DDEE51F5-94F8-417E-8482-2B089CE2F732} - C:\WINDOWS\system32\DDEE51F5.dll
O21 - SSODL: 4FC21891 - {4FC21891-B9B6-422A-ADDF-C68333FD4B0B} - C:\WINDOWS\system32\4FC21891.dll
O21 - SSODL: 6EDCDE33 - {6EDCDE33-671C-4E16-8BE1-6CAAEAC1F7B0} - C:\WINDOWS\system32\6EDCDE33.dll
O21 - SSODL: F75F0F2C - {F75F0F2C-3915-42C5-A2B0-DC67D5E1F002} - C:\WINDOWS\system32\F75F0F2C.dll
O21 - SSODL: F232B3DD - {F232B3DD-3A70-4517-8C9F-1D857FA5BD50} - C:\WINDOWS\system32\F232B3DD.dll
O21 - SSODL: EC9630EB - {EC9630EB-C001-42E3-AE10-2F3B6D087230} - C:\WINDOWS\system32\EC9630EB.dll
O21 - SSODL: 7243154B - {7243154B-6CE8-434D-BD99-961302942DA1} - C:\WINDOWS\system32\7243154B.dll
O21 - SSODL: F2FC9D59 - {F2FC9D59-7D13-48EC-A146-DE7BE915F89A} - C:\WINDOWS\system32\F2FC9D59.dll
O21 - SSODL: 159618C4 - {159618C4-D230-4E8C-A7B4-C1FBA3A83A9B} - C:\WINDOWS\system32\159618C4.dll
O21 - SSODL: C8A53922 - {C8A53922-BE24-4621-B77A-8D97C371B543} - C:\WINDOWS\system32\C8A53922.dll
O21 - SSODL: E0ACEE5E - {E0ACEE5E-4850-4ABF-AF5C-44710093FC26} - C:\WINDOWS\system32\E0ACEE5E.dll
O21 - SSODL: E2993CD3 - {E2993CD3-6506-4842-A390-97D4D8A08BF2} - C:\W”ý (file missing)
O21 - SSODL: 5C6D2558 - {5C6D2558-CBF7-4762-903E-BF786CE993CF} - C:\WINDOWS\system32\5C6D2558.dll
O21 - SSODL: 31A3B66D - {31A3B66D-C0CC-4122-A105-8F51F5EDB4DC} - C:\WINDOWS\system32\31A3B66D.dll
O21 - SSODL: F3A1DFD5 - {F3A1DFD5-8362-4B60-991F-DB612A12C447} - C:\WINDOWS\system32\F3A1DFD5.dll
O21 - SSODL: FE8B1EDD - {FE8B1EDD-9A68-49D4-A010-A10195EDADDF} - C:\WINDOWS\system32\FE8B1EDD.dll
O21 - SSODL: 47CF8F38 - {47CF8F38-19EA-4CE9-AC96-980AD2A97620} - C:\WINDOWS\system32\47CF8F38.dll
O21 - SSODL: E63F51B7 - {E63F51B7-0064-4D6C-A71B-507B64192E01} - C:\WINDOWS\system32\E63F51B7.dll
O21 - SSODL: FC192B38 - {FC192B38-9F74-4871-86E6-DFBD508A4D2D} - C:\WINDOWS\system32\FC192B38.dll
O21 - SSODL: 7E4296D6 - {7E4296D6-9A8C-4125-8CD0-84B7E5DD59E6} - C:\WINDOWS\system32\7E4296D6.dll
O21 - SSODL: C60CBF1A - {C60CBF1A-FAED-4E01-A38B-D13D398BF38E} - C:\WINDOWS\system32\C60CBF1A.dll
O21 - SSODL: 7044AB41 - {7044AB41-F524-416D-99F8-C8F1B1BA6833} - C:\WINDOWS\system32\7044AB41.dll
O21 - SSODL: B0CD19AD - {B0CD19AD-924D-4348-B9E6-18745AA6D8C9} - C:\WINDOWS\system32\B0CD19AD.dll
O21 - SSODL: A47298E3 - {A47298E3-8A65-497B-B802-8A53A93492E9} - C:\WINDOWS\system32\A47298E3.dll
O21 - SSODL: 139B8D72 - {139B8D72-13F4-46EB-8B13-E5C80E22F43D} - C:\WINDOWS\system32\139B8D72.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Kaspersky Anti-Virus 7.0 (avp) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
--
End of file - 13040 bytes
Enkele dagen was mijn pc suuupertraag.
Cpu stond constant op 100%.
Ik heb dan eens een system restore gedaan, en dat was verholpen.
Maar er zijn nog enkele problemen:
als ik op start klik, ( links beneden) kan ik niets selecteren bij 'all programs'.
Ik kan wel klikken op mijn computer, of controlepaneel etc.
Maar als ik op 'all programs" ga, zie ik de lijst maar kan ik niets selecteren ( de muis wijst op iets, maar er verandert niets, en kan op niets klikken om het te starten )
Ook heb ik bij mijn processes bij task manager, enkele bestanden dat altijd terugkomen als ik ze sluit.
Ze hebben altijd verschillende nummers
( momenteel: 194043, 166180 en 552551 draaien )
Misschien kunnen jullie me helpen?
Alvast mijn hijacklog file en bedankt
------------------
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:43:50, on 30/12/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16762)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\SCardSvr.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\userinit.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\WINDOWS\system32\taskmagr.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\System32\wbem\wmiprvse.exe
C:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe
C:\WINDOWS\system32\System.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\PROGRA~1\MICROS~4\rapimgr.exe
C:\WINDOWS\system32\devldr32.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\DOCUME~1\Nguyen\LOCALS~1\Temp\166180
C:\DOCUME~1\Nguyen\LOCALS~1\Temp\194043
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\WINDOWS\System32\wbem\wmiprvse.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Live Search
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Live Search
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN.com
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O1 - Hosts: 127.0.0.2 ymsdasdw1.cn
O1 - Hosts: 127.0.0.3 h96b.info
O1 - Hosts: 127.0.0.0 fuck.zttwp.cn
O1 - Hosts: 127.0.0.0 :::ÌìÌìÍâ¹ÒÍø::: www.WaiGua365.com »¶ÓµÇ½ www.WaiGua365.com
O1 - Hosts: 127.0.0.0 ww.popdm.cn
O1 - Hosts: 127.1.1.1 bbt.etimes888.com
O1 - Hosts: 127.1.1.1 219.147.13.53
O1 - Hosts: 127.1.1.1 l.neter888.cn
O1 - Hosts: 127.1.1.1 stat.untang.com
O1 - Hosts: 127.1.1.1 www.ikdy.cn
O1 - Hosts: 127.0.0.0 geekbyfeng.cn
O1 - Hosts: 127.0.0.0 121.14.101.68
O1 - Hosts: 127.0.0.0 ppp.etimes888.com
O1 - Hosts: 127.0.0.0 www.bypk.com
O1 - Hosts: 127.0.0.0 CSC3-2004-crl.verisign.com
O1 - Hosts: 127.0.0.0 udp.hjob123.com
O1 - Hosts: 127.1.1.1 999.hfdy2828.com
O1 - Hosts: 127.1.1.1 www.hfdy2929.com
O1 - Hosts: 127.1.1.1 www.xiazaide1.cn
O1 - Hosts: 127.1.1.1 www.vuf51579.cn
O1 - Hosts: 127.1.1.1 wm.eo2q.cn
O1 - Hosts: 127.1.1.1 d.www-263.com
O1 - Hosts: 127.1.1.1 www.ssy1688.cn
O1 - Hosts: 127.1.1.1 121.12.173.218
O1 - Hosts: 127.1.1.1 qq.18i16.net
O1 - Hosts: 127.1.1.1 a.baidu-6661.com
O1 - Hosts: 127.1.1.1 www.vuf51579.cn
O1 - Hosts: 127.1.1.1 www.1079223105.cn
O1 - Hosts: 127.1.1.1 home.xzx6.cn
O1 - Hosts: 127.1.1.1 top.fgc3.cn
O1 - Hosts: 127.1.1.1 165.246.44.228
O1 - Hosts: 127.1.1.1 wwww.ttfafa.com
O1 - Hosts: 127.1.1.1 pa.tt-09.com
O1 - Hosts: 127.0.0.2 bnasnd83nd.cn
O1 - Hosts: 127.0.0.0 www.gamehacker.com.cn
O1 - Hosts: 127.0.0.0 gamehacker.com.cn
O1 - Hosts: 127.1.1.1 ½¨ÉèÖÐ
O1 - Hosts: 127.1.1.1 222.73.208.141
O1 - Hosts: 127.0.0.3 adlaji.cn
O1 - Hosts: 127.1.1.1 aiyyw.com
O1 - Hosts: 127.1.1.1 bnasnd83nd.cn
O1 - Hosts: 127.0.0.0 user1.12-27.net
O1 - Hosts: 127.0.0.0 fengent.cn
O1 - Hosts: 127.0.0.0 www.sony888.cn
O1 - Hosts: 127.0.0.0 user1.asp-33.cn
O1 - Hosts: 127.0.0.0 www.netkwek.cn
O1 - Hosts: 127.0.0.0 ymsdkad6.cn
O1 - Hosts: 127.0.0.0 www.lkwueir.cn
O1 - Hosts: 127.0.1.1 user1.23-17.net
O1 - Hosts: 127.0.0.0 upa.luzhiai.net
O1 - Hosts: 127.0.0.0 www.guccia.net
O1 - Hosts: 127.0.0.0 4m9mnlmi.cn
O1 - Hosts: 127.0.0.0 mm119mkssd.cn
O1 - Hosts: 127.0.0.0 61.128.171.115:8080
O1 - Hosts: 127.0.0.0 ½¨ÉèÖÐ
O1 - Hosts: 127.0.0.0 win.nihao69.cn
O1 - Hosts: 127.0.0.0 puc.lianxiac.net
O1 - Hosts: 127.0.0.0 pud.lianxiac.net
O1 - Hosts: 127.0.0.0 210.76.0.133
O1 - Hosts: 127.0.0.0 61.166.32.2
O1 - Hosts: 127.0.0.0 218.92.186.27
O1 - Hosts: 127.0.0.0 www.fsfsfag.cn
O1 - Hosts: 127.0.0.0 ovo.ovovov.cn
O1 - Hosts: 127.0.0.0 dw.com.com
O1 - Hosts: 127.0.0.0 t.myblank.cn
O1 - Hosts: 127.0.0.0 x.myblank.cn
O1 - Hosts: 127.0.0.0 qq-xing.com.cn
O1 - Hosts: 127.0.0.0 59.125.231.177:17777
O2 - BHO: Adobe PDF Reader Help bij koppelingen - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: msvbcr40 Class - {2756BAD7-2F9F-47ef-AE6D-8D39CCEB396F} - C:\WINDOWS\system32\msvbcr40.dll
O2 - BHO: (no name) - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - (no file)
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: (no name) - {7D182ECE-BFD3-4482-902F-035F4CE9A3C4} - C:\Program Files\Internet Explorer\ftsKetNt.7ps
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Skype Control Class - {9018F6A8-2495-45DF-9F16-C738F8F3C8FF} - C:\WINDOWS\system32\SkypeComm.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: (no name) - {EF8EFC85-0038-479B-BB0E-B0A52A15CECA} - C:\Program Files\Internet Explorer\SysKetNt.Sys
O4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe" /icon
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [HBService32] System.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O4 - HKLM\..\Policies\Explorer\Run: [nwiz] alien32.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [RunNarrator] Narrator.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [RunNarrator] Narrator.exe (User 'Default user')
O4 - Startup: Alcatel Speedtouch Connection (2).lnk = C:\Program Files\Alcatel\SpeedTouch USB\STDialUp.exe
O8 - Extra context menu item: &Download All with FlashGet - C:\Program Files\FlashGet\jc_all.htm
O8 - Extra context menu item: &Download with FlashGet - C:\Program Files\FlashGet\jc_link.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
O9 - Extra 'Tools' menuitem: Mobiele favorieten maken... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\Nguyen\Start Menu\Programs\IMVU\Run IMVU.lnk (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w2/resources/MSNPUpld.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/NL-BE/a-UNO1/GAME_UNO1.cab
O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://liezj1987.spaces.live.com/PhotoUpload/MsnPUpld.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{465DA6C4-6D5C-4F0D-8DE4-5D48525FABFB}: NameServer = 195.238.2.21 195.238.2.22
O20 - AppInit_DLLs: HBmhly.dllHBXY2.dllHBJXSJ.dllHBSHQ.dllHBWULIN2.dllHBW2I.dllHBKDXY.dllHBASKTAO.dllHBZHUXIAN.dllHBWOW.dllHBCHIBI.dllHBTW2.dllHBWD.dllHBZG.dllHBXMJ.dllDDEE51F5.dll4FC21891.dll,6EDCDE33.dll,F75F0F2C.dll,F232B3DD.dll,EC9630EB.dll,7243154B.dll,F2FC9D59.dll,159618C4.dll,C8A53922.dll,E0ACEE5E.dll,E2993CD3.dll,5C6D2558.dll,31A3B66D.dll,F3A1DFD5.dll,FE8B1EDD.dll,47CF8F38.dll,E63F51B7.dll,FC192B38.dll,7E4296D6.dll,C60CBF1A.dll,7044AB41.dll,B0CD19AD.dll,A47298E3.dll,139B8D72.dll
O21 - SSODL: DDEE51F5 - {DDEE51F5-94F8-417E-8482-2B089CE2F732} - C:\WINDOWS\system32\DDEE51F5.dll
O21 - SSODL: 4FC21891 - {4FC21891-B9B6-422A-ADDF-C68333FD4B0B} - C:\WINDOWS\system32\4FC21891.dll
O21 - SSODL: 6EDCDE33 - {6EDCDE33-671C-4E16-8BE1-6CAAEAC1F7B0} - C:\WINDOWS\system32\6EDCDE33.dll
O21 - SSODL: F75F0F2C - {F75F0F2C-3915-42C5-A2B0-DC67D5E1F002} - C:\WINDOWS\system32\F75F0F2C.dll
O21 - SSODL: F232B3DD - {F232B3DD-3A70-4517-8C9F-1D857FA5BD50} - C:\WINDOWS\system32\F232B3DD.dll
O21 - SSODL: EC9630EB - {EC9630EB-C001-42E3-AE10-2F3B6D087230} - C:\WINDOWS\system32\EC9630EB.dll
O21 - SSODL: 7243154B - {7243154B-6CE8-434D-BD99-961302942DA1} - C:\WINDOWS\system32\7243154B.dll
O21 - SSODL: F2FC9D59 - {F2FC9D59-7D13-48EC-A146-DE7BE915F89A} - C:\WINDOWS\system32\F2FC9D59.dll
O21 - SSODL: 159618C4 - {159618C4-D230-4E8C-A7B4-C1FBA3A83A9B} - C:\WINDOWS\system32\159618C4.dll
O21 - SSODL: C8A53922 - {C8A53922-BE24-4621-B77A-8D97C371B543} - C:\WINDOWS\system32\C8A53922.dll
O21 - SSODL: E0ACEE5E - {E0ACEE5E-4850-4ABF-AF5C-44710093FC26} - C:\WINDOWS\system32\E0ACEE5E.dll
O21 - SSODL: E2993CD3 - {E2993CD3-6506-4842-A390-97D4D8A08BF2} - C:\W”ý (file missing)
O21 - SSODL: 5C6D2558 - {5C6D2558-CBF7-4762-903E-BF786CE993CF} - C:\WINDOWS\system32\5C6D2558.dll
O21 - SSODL: 31A3B66D - {31A3B66D-C0CC-4122-A105-8F51F5EDB4DC} - C:\WINDOWS\system32\31A3B66D.dll
O21 - SSODL: F3A1DFD5 - {F3A1DFD5-8362-4B60-991F-DB612A12C447} - C:\WINDOWS\system32\F3A1DFD5.dll
O21 - SSODL: FE8B1EDD - {FE8B1EDD-9A68-49D4-A010-A10195EDADDF} - C:\WINDOWS\system32\FE8B1EDD.dll
O21 - SSODL: 47CF8F38 - {47CF8F38-19EA-4CE9-AC96-980AD2A97620} - C:\WINDOWS\system32\47CF8F38.dll
O21 - SSODL: E63F51B7 - {E63F51B7-0064-4D6C-A71B-507B64192E01} - C:\WINDOWS\system32\E63F51B7.dll
O21 - SSODL: FC192B38 - {FC192B38-9F74-4871-86E6-DFBD508A4D2D} - C:\WINDOWS\system32\FC192B38.dll
O21 - SSODL: 7E4296D6 - {7E4296D6-9A8C-4125-8CD0-84B7E5DD59E6} - C:\WINDOWS\system32\7E4296D6.dll
O21 - SSODL: C60CBF1A - {C60CBF1A-FAED-4E01-A38B-D13D398BF38E} - C:\WINDOWS\system32\C60CBF1A.dll
O21 - SSODL: 7044AB41 - {7044AB41-F524-416D-99F8-C8F1B1BA6833} - C:\WINDOWS\system32\7044AB41.dll
O21 - SSODL: B0CD19AD - {B0CD19AD-924D-4348-B9E6-18745AA6D8C9} - C:\WINDOWS\system32\B0CD19AD.dll
O21 - SSODL: A47298E3 - {A47298E3-8A65-497B-B802-8A53A93492E9} - C:\WINDOWS\system32\A47298E3.dll
O21 - SSODL: 139B8D72 - {139B8D72-13F4-46EB-8B13-E5C80E22F43D} - C:\WINDOWS\system32\139B8D72.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Kaspersky Anti-Virus 7.0 (avp) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
--
End of file - 13040 bytes
