PDA

Volledige versie bekijken : Mijn log



Datadev
27 januari 2007, 14:28
Logfile of HijackThis v1.99.1
Scan saved at 14:25:20, on 26/01/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
K:\WINDOWS\System32\smss.exe
K:\WINDOWS\system32\winlogon.exe
K:\WINDOWS\system32\services.exe
K:\WINDOWS\system32\lsass.exe
K:\WINDOWS\system32\Ati2evxx.exe
K:\WINDOWS\system32\svchost.exe
K:\WINDOWS\System32\svchost.exe
K:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
K:\WINDOWS\system32\Ati2evxx.exe
K:\WINDOWS\system32\spoolsv.exe
K:\WINDOWS\Explorer.EXE
K:\Program Files\Java\j2re1.4.2_04\bin\jusched.exe
K:\Program Files\ATI Technologies\ATI.ACE\cli.exe
K:\Program Files\Telenet Internet Security Pack\Common\FSM32.EXE
K:\WINDOWS\SkyTel.EXE
K:\WINDOWS\RTHDCPL.EXE
K:\Program Files\DAEMON Tools\daemon.exe
K:\Program Files\AGEIA Technologies\TrayIcon.exe
K:\WINDOWS\ALCFDRTM.EXE
K:\WINDOWS\system32\ctfmon.exe
K:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
K:\Program Files\TGTSoft\StyleXP\StyleXP.exe
K:\Program Files\Logitech\SetPoint\KEM.exe
K:\PROGRA~1\TELENE~1\backweb\3638286\Program\SERVI C~1.EXE
K:\Program Files\Logitech\SetPoint\KHALMNPR.EXE
K:\Program Files\Telenet Internet Security Pack\Anti-Virus\fsgk32st.exe
K:\Program Files\Telenet Internet Security Pack\backweb\3638286\Program\fspex.exe
K:\Program Files\Telenet Internet Security Pack\Anti-Virus\FSGK32.EXE
K:\Program Files\Telenet Internet Security Pack\backweb\3638286\program\fsbwsys.exe
K:\Program Files\Telenet Internet Security Pack\Common\FSMA32.EXE
K:\Program Files\Telenet Internet Security Pack\Common\FSMB32.EXE
K:\Program Files\Telenet Internet Security Pack\Anti-Virus\fssm32.exe
K:\WINDOWS\System32\svchost.exe
K:\Program Files\Telenet Internet Security Pack\Common\FCH32.EXE
K:\Program Files\Telenet Internet Security Pack\Common\FAMEH32.EXE
K:\Program Files\Telenet Internet Security Pack\Anti-Virus\fsqh.exe
K:\Program Files\Telenet Internet Security Pack\Anti-Virus\fsrw.exe
K:\Program Files\Telenet Internet Security Pack\FSPC\fspc.exe
K:\Program Files\Telenet Internet Security Pack\Anti-Virus\fsav32.exe
K:\Program Files\Telenet Internet Security Pack\FWES\Program\fsdfwd.exe
K:\PROGRA~1\TELENE~1\ANTI-S~1\fsaw.exe
K:\Program Files\Telenet Internet Security Pack\FSGUI\fsguidll.exe
K:\Program Files\ATI Technologies\ATI.ACE\cli.exe
K:\Program Files\ATI Technologies\ATI.ACE\cli.exe
K:\Program Files\Mozilla Firefox\firefox.exe
K:\Documents and Settings\Exist\Desktop\HijackThis.exe

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyOverride = localhost
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - K:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Flashget Catch Url Class - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - K:\Program Files\FlashGet\jccatch.dll
O2 - BHO: gFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - K:\Program Files\FlashGet\getflash.dll
O3 - Toolbar: FlashGet - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - K:\Program Files\FlashGet\fgiebar.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] K:\Program Files\Java\j2re1.4.2_04\bin\jusched.exe
O4 - HKLM\..\Run: [ATICCC] "K:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKLM\..\Run: [F-Secure Manager] "K:\Program Files\Telenet Internet Security Pack\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [F-Secure TNB] "K:\Program Files\Telenet Internet Security Pack\TNB\TNBUtil.exe" /CHECKALL /WAITFORSW
O4 - HKLM\..\Run: [F-Secure Startup Wizard] "K:\Program Files\Telenet Internet Security Pack\FSGUI\FSSW.EXE" /reboot
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [DAEMON Tools] "K:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [AGEIA PhysX SysTray] K:\Program Files\AGEIA Technologies\TrayIcon.exe
O4 - HKLM\..\Run: [AlcFDMonitor] K:\WINDOWS\ALCFDRTM.EXE
O4 - HKCU\..\Run: [CTFMON.EXE] K:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [LDM] K:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
O4 - HKCU\..\Run: [STYLEXP] K:\Program Files\TGTSoft\StyleXP\StyleXP.exe -Hide
O4 - HKCU\..\Run: [Skype] "K:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - Global Startup: Adobe Reader Speed Launch.lnk = K:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = K:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Logitech SetPoint.lnk = K:\Program Files\Logitech\SetPoint\KEM.exe
O4 - Global Startup: Telenet Internet Security Pack.lnk = K:\Program Files\Telenet Internet Security Pack\backweb\3638286\Program\fspex.exe
O8 - Extra context menu item: &Deze pop-up blokkeren - K:\Program Files\Telenet Internet Security Pack\Anti-Spyware\blockpopups.htm
O8 - Extra context menu item: &Download All with FlashGet - K:\Program Files\FlashGet\jc_all.htm
O8 - Extra context menu item: &Download with FlashGet - K:\Program Files\FlashGet\jc_link.htm
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://K:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - K:\Program Files\Java\j2re1.4.2_04\bin\npjpi142_04.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - K:\Program Files\Java\j2re1.4.2_04\bin\npjpi142_04.dll
O9 - Extra button: Webfilter - {200DB664-75B5-47c0-8B45-A44ACCF73C00} - K:\Program Files\Telenet Internet Security Pack\FSPC\fspcmsie.dll
O9 - Extra button: (no name) - {200DB664-75B5-47c0-8B45-A44ACCF73F01} - K:\Program Files\Telenet Internet Security Pack\FSPC\fspcmsie.dll
O9 - Extra 'Tools' menuitem: Webfilter - {200DB664-75B5-47c0-8B45-A44ACCF73F01} - K:\Program Files\Telenet Internet Security Pack\FSPC\fspcmsie.dll
O9 - Extra button: IE-shield - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - K:\Program Files\Telenet Internet Security Pack\Anti-Spyware\ieshield.dll
O9 - Extra 'Tools' menuitem: IE-shield... - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - K:\Program Files\Telenet Internet Security Pack\Anti-Spyware\ieshield.dll
O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - K:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - K:\PROGRA~1\FlashGet\flashget.exe
O9 - Extra 'Tools' menuitem: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - K:\PROGRA~1\FlashGet\flashget.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - K:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - K:\Program Files\Messenger\msmsgs.exe
O10 - Broken Internet access because of LSP provider 'winsflt.dll' missing
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1167328875021
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - K:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - K:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - K:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: WgaLogon - K:\WINDOWS\
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - K:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - K:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - K:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Telenet Internet Security Pack (BackWeb Plug-in - 3638286) - BackWeb Technologies Inc. - K:\PROGRA~1\TELENE~1\backweb\3638286\Program\SERVI C~1.EXE
O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - F-Secure Corporation - K:\Program Files\Telenet Internet Security Pack\Anti-Virus\fsgk32st.exe
O23 - Service: fsbwsys - F-Secure Corp. - K:\Program Files\Telenet Internet Security Pack\backweb\3638286\program\fsbwsys.exe
O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - K:\Program Files\Telenet Internet Security Pack\FWES\Program\fsdfwd.exe
O23 - Service: F-Secure HTTP Server (fshttps) - F-Secure Corporation - K:\Program Files\Telenet Internet Security Pack\FSPC\fshttps\fshttps.exe
O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - K:\Program Files\Telenet Internet Security Pack\Common\FSMA32.EXE
O23 - Service: StyleXPService - Unknown owner - K:\Program Files\TGTSoft\StyleXP\StyleXPService.exe

Jurgenv1
27 januari 2007, 14:34
Je Java software is verouderd.
Oudere versies hebben lekken die malware de kans geeft om zich te installeren op je systeem.
Doe eerst deze stappen om Java te de-installeren en de nieuwere versie te installeren:

Download Java Runtime Environment (JRE) 6.0 (http://java.sun.com/javase/downloads/index.jsp).
Scroll omlaag naar : "The J2SE Runtime Environment (JRE) allows end-users to run Java applications".
Klik op de "Download" knop aan de rechterkant.
Vink aan: "Accept License Agreement".
De pagina zal herladen.
Klik op de link om Windows Offline Installation te downloaden met Meerdere-talen, en bewaar het naar je Bureaublad.
Sluit alle programma's die eventueel open zijn - Zeker je web browser!
Ga dan naar Start > Configuratiescherm > Software en verwijder alle oudere versies van Java uit de Softwarelijst.
Vink alles aan met Java Runtime Environment (JRE of J2SE) in de naam.
Klik dan op Verwijderen of op de Wijzig/Verwijder knop.
Herhaal dit tot alle oudere versies verdwenen zijn.
Na het verwijderen van alle oudere versies, herstart je pc.
Dubbelklik vervolgens op jre-6-windows-i586.exe op je Bureaublad om de nieuwste versie van Java te installeren.

* Als je logitech desktop messenger niet echt gebruikt, dan raad ik je aan die te de-installeren omdat dit onnodig je systeem vertraagd, het zoekt namelijk naar updates voor je logitech producten terwijl dit perfect handmatig kan zonder zo te vertragen.

* Post dan een nieuw hijackthis logje hier.

Datadev
27 januari 2007, 15:49
Logfile of HijackThis v1.99.1
Scan saved at 15:48:21, on 26/01/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
K:\WINDOWS\System32\smss.exe
K:\WINDOWS\system32\winlogon.exe
K:\WINDOWS\system32\services.exe
K:\WINDOWS\system32\lsass.exe
K:\WINDOWS\system32\Ati2evxx.exe
K:\WINDOWS\system32\svchost.exe
K:\WINDOWS\System32\svchost.exe
K:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
K:\WINDOWS\system32\Ati2evxx.exe
K:\WINDOWS\system32\spoolsv.exe
K:\WINDOWS\Explorer.EXE
K:\Program Files\ATI Technologies\ATI.ACE\cli.exe
K:\Program Files\Telenet Internet Security Pack\Common\FSM32.EXE
K:\WINDOWS\SkyTel.EXE
K:\WINDOWS\RTHDCPL.EXE
K:\Program Files\DAEMON Tools\daemon.exe
K:\Program Files\AGEIA Technologies\TrayIcon.exe
K:\WINDOWS\ALCFDRTM.EXE
K:\WINDOWS\system32\ctfmon.exe
K:\Program Files\TGTSoft\StyleXP\StyleXP.exe
K:\Program Files\Skype\Phone\Skype.exe
K:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
K:\Program Files\Logitech\SetPoint\KEM.exe
K:\PROGRA~1\TELENE~1\backweb\3638286\Program\SERVI C~1.EXE
K:\Program Files\Telenet Internet Security Pack\Anti-Virus\fsgk32st.exe
K:\Program Files\Telenet Internet Security Pack\Anti-Virus\FSGK32.EXE
K:\Program Files\Telenet Internet Security Pack\backweb\3638286\program\fsbwsys.exe
K:\Program Files\Telenet Internet Security Pack\Common\FSMA32.EXE
K:\Program Files\Telenet Internet Security Pack\Common\FSMB32.EXE
K:\Program Files\Telenet Internet Security Pack\Anti-Virus\fssm32.exe
K:\WINDOWS\System32\svchost.exe
K:\Program Files\Logitech\SetPoint\KHALMNPR.EXE
K:\Program Files\Telenet Internet Security Pack\Common\FCH32.EXE
K:\Program Files\Telenet Internet Security Pack\Anti-Virus\fsqh.exe
K:\Program Files\Telenet Internet Security Pack\Common\FAMEH32.EXE
K:\Program Files\Telenet Internet Security Pack\Anti-Virus\fsrw.exe
K:\Program Files\Telenet Internet Security Pack\FSPC\fspc.exe
K:\Program Files\Telenet Internet Security Pack\backweb\3638286\Program\fspex.exe
K:\Program Files\Telenet Internet Security Pack\Anti-Virus\fsav32.exe
K:\Program Files\Telenet Internet Security Pack\FWES\Program\fsdfwd.exe
K:\PROGRA~1\TELENE~1\ANTI-S~1\fsaw.exe
K:\Program Files\Telenet Internet Security Pack\FSGUI\fsguidll.exe
K:\WINDOWS\System32\wbem\wmiapsrv.exe
K:\Program Files\ATI Technologies\ATI.ACE\cli.exe
K:\Program Files\ATI Technologies\ATI.ACE\cli.exe
K:\Program Files\Skype\Plugin Manager\SkypePM.exe
K:\WINDOWS\system32\msiexec.exe
K:\Documents and Settings\All Users\Application Data\Skype\Plugins\Plugins\E12C95FCBD1240FEAE314D8 9676CA6F8\LieDetector.exe
K:\WINDOWS\system32\wuauclt.exe
K:\Documents and Settings\Exist\Desktop\HijackThis.exe

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyOverride = localhost
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - K:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Flashget Catch Url Class - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - K:\Program Files\FlashGet\jccatch.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - K:\Program Files\Java\jre1.6.0\bin\ssv.dll
O2 - BHO: gFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - K:\Program Files\FlashGet\getflash.dll
O3 - Toolbar: FlashGet - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - K:\Program Files\FlashGet\fgiebar.dll
O4 - HKLM\..\Run: [ATICCC] "K:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKLM\..\Run: [F-Secure Manager] "K:\Program Files\Telenet Internet Security Pack\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [F-Secure TNB] "K:\Program Files\Telenet Internet Security Pack\TNB\TNBUtil.exe" /CHECKALL /WAITFORSW
O4 - HKLM\..\Run: [F-Secure Startup Wizard] "K:\Program Files\Telenet Internet Security Pack\FSGUI\FSSW.EXE" /reboot
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [DAEMON Tools] "K:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [AGEIA PhysX SysTray] K:\Program Files\AGEIA Technologies\TrayIcon.exe
O4 - HKLM\..\Run: [AlcFDMonitor] K:\WINDOWS\ALCFDRTM.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "K:\Program Files\Java\jre1.6.0\bin\jusched.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] K:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [STYLEXP] K:\Program Files\TGTSoft\StyleXP\StyleXP.exe -Hide
O4 - HKCU\..\Run: [Skype] "K:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - Global Startup: Adobe Reader Speed Launch.lnk = K:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Logitech SetPoint.lnk = K:\Program Files\Logitech\SetPoint\KEM.exe
O4 - Global Startup: Telenet Internet Security Pack.lnk = K:\Program Files\Telenet Internet Security Pack\backweb\3638286\Program\fspex.exe
O8 - Extra context menu item: &Deze pop-up blokkeren - K:\Program Files\Telenet Internet Security Pack\Anti-Spyware\blockpopups.htm
O8 - Extra context menu item: &Download All with FlashGet - K:\Program Files\FlashGet\jc_all.htm
O8 - Extra context menu item: &Download with FlashGet - K:\Program Files\FlashGet\jc_link.htm
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://K:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - K:\Program Files\Java\jre1.6.0\bin\npjpi160.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - K:\Program Files\Java\jre1.6.0\bin\npjpi160.dll
O9 - Extra button: Webfilter - {200DB664-75B5-47c0-8B45-A44ACCF73C00} - K:\Program Files\Telenet Internet Security Pack\FSPC\fspcmsie.dll
O9 - Extra button: (no name) - {200DB664-75B5-47c0-8B45-A44ACCF73F01} - K:\Program Files\Telenet Internet Security Pack\FSPC\fspcmsie.dll
O9 - Extra 'Tools' menuitem: Webfilter - {200DB664-75B5-47c0-8B45-A44ACCF73F01} - K:\Program Files\Telenet Internet Security Pack\FSPC\fspcmsie.dll
O9 - Extra button: IE-shield - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - K:\Program Files\Telenet Internet Security Pack\Anti-Spyware\ieshield.dll
O9 - Extra 'Tools' menuitem: IE-shield... - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - K:\Program Files\Telenet Internet Security Pack\Anti-Spyware\ieshield.dll
O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - K:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - K:\PROGRA~1\FlashGet\flashget.exe
O9 - Extra 'Tools' menuitem: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - K:\PROGRA~1\FlashGet\flashget.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - K:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - K:\Program Files\Messenger\msmsgs.exe
O10 - Broken Internet access because of LSP provider 'winsflt.dll' missing
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1167328875021
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - K:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - K:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - K:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: WgaLogon - K:\WINDOWS\
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - K:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - K:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - K:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Telenet Internet Security Pack (BackWeb Plug-in - 3638286) - BackWeb Technologies Inc. - K:\PROGRA~1\TELENE~1\backweb\3638286\Program\SERVI C~1.EXE
O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - F-Secure Corporation - K:\Program Files\Telenet Internet Security Pack\Anti-Virus\fsgk32st.exe
O23 - Service: fsbwsys - F-Secure Corp. - K:\Program Files\Telenet Internet Security Pack\backweb\3638286\program\fsbwsys.exe
O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - K:\Program Files\Telenet Internet Security Pack\FWES\Program\fsdfwd.exe
O23 - Service: F-Secure HTTP Server (fshttps) - F-Secure Corporation - K:\Program Files\Telenet Internet Security Pack\FSPC\fshttps\fshttps.exe
O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - K:\Program Files\Telenet Internet Security Pack\Common\FSMA32.EXE
O23 - Service: StyleXPService - Unknown owner - K:\Program Files\TGTSoft\StyleXP\StyleXPService.exe

Jurgenv1
27 januari 2007, 16:06
* Open hijackthis en vink volgende regel aan:

O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE

* Sluit dan alle vensters behalve hijackthis en klik op 'fix checked'

* Voor de rest ziet het er goed uit. :)

Datadev
27 januari 2007, 16:18
Ok, bedankt Jurgen

Jurgenv1
27 januari 2007, 16:32
Graag gedaan.