MHTMLRedir.Exploit

• 

  Charles

  29-10-2005 09:12

  Goedemorgen,

  Gisteren bij het openen van bericht van “Bertold 28-10 18:19” kreeg ik een waarschuwing van Norton AV over het virus MHTMLRedir.Exploit, daarna mijn pc met Norton, Spybot, Ad-Aware, CWshredder en ewido security gescand, en niets gevonden en ook mijn pc werkt prima. Kan ik er nu van uitgaan dat mijn pc door dat bericht geen besmetting heeft opgelopen?

  Bij voorbaat dank voor uw reactie,

  Charles

  Rapporteren
• 

  Zorba

  29-10-2005 09:22

  Als je zeker wilt gaan plaats dan even een logfile (zie rode link boven aan deze pagina)

  Hans

  Rapporteren
• 

  Charles

  29-10-2005 09:28

  Bedankt, ga het vanmiddag doen, heb nu geen tijd meer.

  mvg, Charles

  Rapporteren
• 

  Erik

  29-10-2005 10:02

  Daar mag je inderdaad vanuit gaan :-)

  Het is nl slechts een stukje test waar je virusscanner overgevoelig voor is, dit stukje text:

  O16 - DPF: {10000000-1000-0000-1000-000000000000} - ms-its:mhtml:file://C:\foo.mht!

  Rapporteren
• 

  Charles

  29-10-2005 12:12

  Goedemiddag,

  In veilige modus gescand met Norton en de rest van de stappen uitgevoerd en als extra gescand mLogfile of HijackThis v1.99.1

  Scan saved at 12:03:00, on 29-10-2005

  Platform: Windows XP SP2 (WinNT 5.01.2600)

  MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

  Running processes:

  C:\WINDOWS\System32\smss.exe

  C:\WINDOWS\system32\winlogon.exe

  C:\WINDOWS\system32\services.exe

  C:\WINDOWS\system32\lsass.exe

  C:\WINDOWS\system32\svchost.exe

  C:\WINDOWS\System32\svchost.exe

  C:\Program Files\Ahead\InCD\InCDsrv.exe

  C:\WINDOWS\system32\spoolsv.exe

  C:\WINDOWS\Explorer.EXE

  C:\Program Files\Analog Devices\SoundMAX\DrvLsnr.exe

  C:\WINDOWS\system32\igfxtray.exe

  C:\WINDOWS\system32\hkcmd.exe

  C:\Program Files\Common Files\Logitech\QCDriver\LVCOMS.EXE

  C:\Program Files\Logitech\ImageStudio\LogiTray.exe

  C:\Program Files\Logitech\Video\LogiTray.exe

  C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb04.exe

  C:\Program Files\Ahead\InCD\InCD.exe

  C:\Program Files\Messenger Plus! 3\MsgPlus.exe

  C:\Program Files\Nuria\Nuria.exe

  C:\PROGRA~1\Support.com\bin\tgcmd.exe

  C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe

  C:\WINDOWS\system32\WDBtnMgr.exe

  C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe

  C:\Program Files\Common Files\Symantec Shared\ccApp.exe

  C:\WINDOWS\system32\wfxsnt40.exe

  C:\WINDOWS\system32\igfxpers.exe

  C:\Program Files\Skype\Phone\Skype.exe

  C:\Program Files\Logitech\MouseWare\system\em_exec.exe

  C:\Program Files\Symantec\WinFax\WFXCTL32.EXE

  C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe

  C:\Program Files\InterVideo\WinDVD4PR\WinScheduler.exe

  C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe

  C:\Program Files\Norton SystemWorks\Norton GoBack\GBTray.exe

  C:\Program Files\ewido\security suite\ewidoctrl.exe

  C:\Program Files\ewido\security suite\ewidoguard.exe

  C:\Program Files\Norton SystemWorks\Norton GoBack\GBPoll.exe

  C:\Program Files\Norton SystemWorks\Norton AntiVirus\navapsvc.exe

  C:\Program Files\Norton SystemWorks\Norton AntiVirus\IWP\NPFMntor.exe

  C:\PROGRA~1\NORTON~1\NORTON~2\NPROTECT.EXE

  C:\Program Files\Dantz\Retrospect\retrorun.exe

  C:\PROGRA~1\Dantz\RETROS~1\wdsvc.exe

  C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe

  C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe

  C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe

  C:\PROGRA~1\NORTON~1\NORTON~2\SPEEDD~1\NOPDB.EXE

  C:\WINDOWS\System32\svchost.exe

  C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe

  C:\WINDOWS\system32\WFXSVC.EXE

  C:\Program Files\Symantec\WinFax\WFXMOD32.EXE

  C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe

  C:\WINDOWS\system32\wuauclt.exe

  C:\Program Files\Outlook Express\msimn.exe

  C:\Program Files\XstreamRadio\XstreamRadio.exe

  C:\Program Files\Wisdom-soft ScreenHunter Free\ScreenHunter.exe

  C:\Program Files\MSN Messenger\msnmsgr.exe

  C:\Program Files\Internet Explorer\iexplore.exe

  C:\Documents and Settings\xxxx\Mijn documenten\hijackthis.exe

  C:\Program Files\Messenger\msmsgs.exe

  R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.startpagina.nl/

  R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.startpagina.nl

  R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =

  R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost

  R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen

  O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll

  O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

  O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll

  O2 - BHO: Trixie.Bho - {B0744341-96E0-4341-9ED2-8BC36CE0CCD0} - mscoree.dll (file missing)

  O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton SystemWorks\Norton AntiVirus\NavShExt.dll

  O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton SystemWorks\Norton AntiVirus\NavShExt.dll

  O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll

  O4 - HKLM\..\Run: C:\Program Files\Analog Devices\SoundMAX\DrvLsnr.exe

  O4 - HKLM\..\Run: C:\WINDOWS\system32\igfxtray.exe

  O4 - HKLM\..\Run: C:\WINDOWS\system32\hkcmd.exe

  O4 - HKLM\..\Run: C:\Program Files\Common Files\Logitech\QCDriver\LVCOMS.EXE

  O4 - HKLM\..\Run: C:\Program Files\Logitech\ImageStudio\ISStart.exe

  O4 - HKLM\..\Run: C:\Program Files\Logitech\ImageStudio\LogiTray.exe

  O4 - HKLM\..\Run: C:\Program Files\Logitech\Video\ISStart.exe

  O4 - HKLM\..\Run: C:\Program Files\Logitech\Video\LogiTray.exe

  O4 - HKLM\..\Run: C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb04.exe

  O4 - HKLM\..\Run: C:\Program Files\Hewlett-Packard\HP PrecisionScan\PrecisionScan Pro\hpppta.exe /ICON

  O4 - HKLM\..\Run: C:\WINDOWS\system32\NeroCheck.exe

  O4 - HKLM\..\Run: C:\Program Files\Ahead\InCD\InCD.exe

  O4 - HKLM\..\Run: “C:\Program Files\Messenger Plus! 3\MsgPlus.exe”

  O4 - HKLM\..\Run: C:\Program Files\Nuria\Nuria.exe

  O4 - HKLM\..\Run: “C:\PROGRA~1\Support.com\bin\tgcmd.exe” /server /startmonitor /deaf

  O4 - HKLM\..\Run: C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer

  O4 - HKLM\..\Run: C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe

  O4 - HKLM\..\Run: Logi_MwX.Exe

  O4 - HKLM\..\Run: WDBtnMgr.exe

  O4 - HKLM\..\Run: C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe

  O4 - HKLM\..\Run: “C:\Program Files\Common Files\Symantec Shared\ccApp.exe”

  O4 - HKLM\..\Run: wfxsnt40.exe

  O4 - HKLM\..\Run: C:\WINDOWS\system32\igfxpers.exe

  O4 - HKCU\..\Run: “C:\Program Files\Ahead\Nero BackItUp\NBJ.exe”

  O4 - HKCU\..\Run: “C:\Program Files\Norton SystemWorks\cfgwiz.exe” /GUID {05858CFD-5CC4-4ceb-AAAF-CF00BF39736A} /MODE CfgWiz

  O4 - HKCU\..\Run: \Program\

  O4 - HKCU\..\Run: “C:\Program Files\Skype\Phone\Skype.exe” /nosplash /minimized

  O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe

  O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe

  O4 - Global Startup: Adobe Reader Snelle start.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe

  O4 - Global Startup: Controller.LNK = C:\Program Files\Symantec\WinFax\WFXCTL32.EXE

  O4 - Global Startup: InterVideo WinCinema Manager.lnk = C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe

  O4 - Global Startup: InterVideo WinScheduler.lnk = C:\Program Files\InterVideo\WinDVD4PR\WinScheduler.exe

  O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe

  O4 - Global Startup: Norton GoBack.lnk = C:\Program Files\Norton SystemWorks\Norton GoBack\GBTray.exe

  O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html

  O8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html

  O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html

  O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html

  O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html

  O8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar2.dll/cmtrans.html

  O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll

  O9 - Extra ‘Tools’ menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll

  O9 - Extra button: (no name) - {20CCCFEC-D26F-4ffe-996B-388B39C8CCCA} - C:\WINDOWS\system32\mscoree.DLL

  O9 - Extra ‘Tools’ menuitem: Tri&xie Options… - {20CCCFEC-D26F-4ffe-996B-388B39C8CCCA} - C:\WINDOWS\system32\mscoree.DLL

  O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)

  O9 - Extra ‘Tools’ menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)

  O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)

  O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

  O9 - Extra ‘Tools’ menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

  O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage) - http://go.microsoft.com/fwlink/?linkid=34738&clcid=0x409

  O16 - DPF: {193C772A-87BE-4B19-A7BB-445B226FE9A1} (ewidoOnlineScan Control) - http://download.ewido.net/ewidoOnlineScan.cab

  O16 - DPF: {1D185838-009D-47C8-824B-B65B4854430E} (Installer Class) - http://quickfix2.chello.nl/quickfix2/asp/chelloInstall.CAB

  O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab

  O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by19fd.bay19.hotmail.msn.com/resources/MsnPUpld.cab

  O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} - http://software-dl.real.com/165fdb2f9f82f7874915/netzip/RdxIE601.cab

  O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.com/scan8/oscan8.cab

  O16 - DPF: {62475759-9E84-458E-A1AB-5D2C442ADFDE} - http://a1540.g.akamai.net/7/1540/52/20040105/qtinstall.info.apple.com/mickey/nl/win/QuickTimeFullInstaller.exe

  O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1120020795875

  O16 - DPF: {72C23FEC-3AF9-48FC-9597-241A8EBDFE0A} (InstallShield International Setup Player) - http://ftp.hp.com/pub/automatic/player/isetupML.cab

  O16 - DPF: {745395C8-D0E1-4227-8586-624CA9A10A8D} (AxisMediaControl Class) - http://82.151.35.244:1024//activex/AMC.cab

  O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Besturing) - http://a840.g.akamai.net/7/840/537/2004061001/housecall.trendmicro.com/housecall/xscan53.cab

  O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} (CamImage Class) - http://activex.webcam.nl/AxisCamControl.cab

  O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab

  O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab

  O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} (ASquaredScanForm Element) - http://www.windowsecurity.com/trojanscan/axscan.cab

  O16 - DPF: {C2FCEF52-ACE9-11D3-BEBD-00105AA9B6AE} (Symantec RuFSI Registry Information Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab

  O16 - DPF: {C58EFA10-2CC0-4C50-8C77-B326555EC1B7} (clsDefault Class) - http://quickfix2.chello.nl/quickfix2/asp/LaunchApp.CAB

  O16 - DPF: {E7DBFB6C-113A-47CF-B278-F5C6AF4DE1BD} - http://download.abacast.com/download/files/abasetup144.cab

  O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} - http://download.mcafee.com/molbin/iss-loc/vso/en-us/tools/mcfscan/2,0,0,4410/mcfscan.cab

  O18 - Protocol: bw+0 - {84D68539-462F-4BB3-92F5-E9385F7D5D10} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

  O18 - Protocol: bw+0s - {84D68539-462F-4BB3-92F5-E9385F7D5D10} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

  O18 - Protocol: bw-0 - {84D68539-462F-4BB3-92F5-E9385F7D5D10} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

  O18 - Protocol: bw-0s - {84D68539-462F-4BB3-92F5-E9385F7D5D10} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

  O18 - Protocol: bw00 - {84D68539-462F-4BB3-92F5-E9385F7D5D10} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

  O18 - Protocol: bw00s - {84D68539-462F-4BB3-92F5-E9385F7D5D10} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

  O18 - Protocol: bw10 - {84D68539-462F-4BB3-92F5-E9385F7D5D10} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

  O18 - Protocol: bw10s - {84D68539-462F-4BB3-92F5-E9385F7D5D10} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

  O18 - Protocol: bw20 - {84D68539-462F-4BB3-92F5-E9385F7D5D10} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

  O18 - Protocol: bw20s - {84D68539-462F-4BB3-92F5-E9385F7D5D10} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

  O18 - Protocol: bw30 - {84D68539-462F-4BB3-92F5-E9385F7D5D10} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

  O18 - Protocol: bw30s - {84D68539-462F-4BB3-92F5-E9385F7D5D10} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

  O18 - Protocol: bw40 - {84D68539-462F-4BB3-92F5-E9385F7D5D10} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

  O18 - Protocol: bw40s - {84D68539-462F-4BB3-92F5-E9385F7D5D10} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

  O18 - Protocol: bw50 - {84D68539-462F-4BB3-92F5-E9385F7D5D10} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

  O18 - Protocol: bw50s - {84D68539-462F-4BB3-92F5-E9385F7D5D10} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

  O18 - Protocol: bw60 - {84D68539-462F-4BB3-92F5-E9385F7D5D10} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

  O18 - Protocol: bw60s - {84D68539-462F-4BB3-92F5-E9385F7D5D10} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

  O18 - Protocol: bw70 - {84D68539-462F-4BB3-92F5-E9385F7D5D10} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

  O18 - Protocol: bw70s - {84D68539-462F-4BB3-92F5-E9385F7D5D10} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

  O18 - Protocol: bw80 - {84D68539-462F-4BB3-92F5-E9385F7D5D10} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

  O18 - Protocol: bw80s - {84D68539-462F-4BB3-92F5-E9385F7D5D10} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

  O18 - Protocol: bw90 - {84D68539-462F-4BB3-92F5-E9385F7D5D10} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

  O18 - Protocol: bw90s - {84D68539-462F-4BB3-92F5-E9385F7D5D10} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

  O18 - Protocol: bwa0 - {84D68539-462F-4BB3-92F5-E9385F7D5D10} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

  O18 - Protocol: bwa0s - {84D68539-462F-4BB3-92F5-E9385F7D5D10} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

  O18 - Protocol: bwb0 - {84D68539-462F-4BB3-92F5-E9385F7D5D10} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

  O18 - Protocol: bwb0s - {84D68539-462F-4BB3-92F5-E9385F7D5D10} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

  O18 - Protocol: bwc0 - {84D68539-462F-4BB3-92F5-E9385F7D5D10} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

  O18 - Protocol: bwc0s - {84D68539-462F-4BB3-92F5-E9385F7D5D10} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

  O18 - Protocol: bwd0 - {84D68539-462F-4BB3-92F5-E9385F7D5D10} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

  O18 - Protocol: bwd0s - {84D68539-462F-4BB3-92F5-E9385F7D5D10} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

  O18 - Protocol: bwe0 - {84D68539-462F-4BB3-92F5-E9385F7D5D10} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

  O18 - Protocol: bwe0s - {84D68539-462F-4BB3-92F5-E9385F7D5D10} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

  O18 - Protocol: bwf0 - {84D68539-462F-4BB3-92F5-E9385F7D5D10} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

  O18 - Protocol: bwf0s - {84D68539-462F-4BB3-92F5-E9385F7D5D10} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

  O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll

  O18 - Protocol: bwg0 - {84D68539-462F-4BB3-92F5-E9385F7D5D10} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

  O18 - Protocol: bwg0s - {84D68539-462F-4BB3-92F5-E9385F7D5D10} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

  O18 - Protocol: bwh0 - {84D68539-462F-4BB3-92F5-E9385F7D5D10} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

  O18 - Protocol: bwh0s - {84D68539-462F-4BB3-92F5-E9385F7D5D10} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

  O18 - Protocol: bwi0 - {84D68539-462F-4BB3-92F5-E9385F7D5D10} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

  O18 - Protocol: bwi0s - {84D68539-462F-4BB3-92F5-E9385F7D5D10} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

  O18 - Protocol: bwj0 - {84D68539-462F-4BB3-92F5-E9385F7D5D10} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

  O18 - Protocol: bwj0s - {84D68539-462F-4BB3-92F5-E9385F7D5D10} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

  O18 - Protocol: bwk0 - {84D68539-462F-4BB3-92F5-E9385F7D5D10} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

  O18 - Protocol: bwk0s - {84D68539-462F-4BB3-92F5-E9385F7D5D10} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

  O18 - Protocol: bwl0 - {84D68539-462F-4BB3-92F5-E9385F7D5D10} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

  O18 - Protocol: bwl0s - {84D68539-462F-4BB3-92F5-E9385F7D5D10} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

  O18 - Protocol: bwm0 - {84D68539-462F-4BB3-92F5-E9385F7D5D10} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

  O18 - Protocol: bwm0s - {84D68539-462F-4BB3-92F5-E9385F7D5D10} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

  O18 - Protocol: bwn0 - {84D68539-462F-4BB3-92F5-E9385F7D5D10} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

  O18 - Protocol: bwn0s - {84D68539-462F-4BB3-92F5-E9385F7D5D10} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

  O18 - Protocol: bwo0 - {84D68539-462F-4BB3-92F5-E9385F7D5D10} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

  O18 - Protocol: bwo0s - {84D68539-462F-4BB3-92F5-E9385F7D5D10} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

  O18 - Protocol: bwp0 - {84D68539-462F-4BB3-92F5-E9385F7D5D10} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

  O18 - Protocol: bwp0s - {84D68539-462F-4BB3-92F5-E9385F7D5D10} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

  O18 - Protocol: bwq0 - {84D68539-462F-4BB3-92F5-E9385F7D5D10} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

  O18 - Protocol: bwq0s - {84D68539-462F-4BB3-92F5-E9385F7D5D10} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

  O18 - Protocol: bwr0 - {84D68539-462F-4BB3-92F5-E9385F7D5D10} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

  O18 - Protocol: bwr0s - {84D68539-462F-4BB3-92F5-E9385F7D5D10} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

  O18 - Protocol: bws0 - {84D68539-462F-4BB3-92F5-E9385F7D5D10} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

  O18 - Protocol: bws0s - {84D68539-462F-4BB3-92F5-E9385F7D5D10} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

  O18 - Protocol: bwt0 - {84D68539-462F-4BB3-92F5-E9385F7D5D10} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

  O18 - Protocol: bwt0s - {84D68539-462F-4BB3-92F5-E9385F7D5D10} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

  O18 - Protocol: bwu0 - {84D68539-462F-4BB3-92F5-E9385F7D5D10} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

  O18 - Protocol: bwu0s - {84D68539-462F-4BB3-92F5-E9385F7D5D10} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

  O18 - Protocol: bwv0 - {84D68539-462F-4BB3-92F5-E9385F7D5D10} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

  O18 - Protocol: bwv0s - {84D68539-462F-4BB3-92F5-E9385F7D5D10} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

  O18 - Protocol: bww0 - {84D68539-462F-4BB3-92F5-E9385F7D5D10} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

  O18 - Protocol: bww0s - {84D68539-462F-4BB3-92F5-E9385F7D5D10} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

  O18 - Protocol: bwx0 - {84D68539-462F-4BB3-92F5-E9385F7D5D10} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

  O18 - Protocol: bwx0s - {84D68539-462F-4BB3-92F5-E9385F7D5D10} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

  O18 - Protocol: bwy0 - {84D68539-462F-4BB3-92F5-E9385F7D5D10} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

  O18 - Protocol: bwy0s - {84D68539-462F-4BB3-92F5-E9385F7D5D10} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

  O18 - Protocol: bwz0 - {84D68539-462F-4BB3-92F5-E9385F7D5D10} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

  O18 - Protocol: bwz0s - {84D68539-462F-4BB3-92F5-E9385F7D5D10} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

  O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - “C:\PROGRA~1\MSNMES~1\msgrapp.dll” (file missing)

  O18 - Protocol: offline-8876480 - {84D68539-462F-4BB3-92F5-E9385F7D5D10} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

  O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxdev.dll

  O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe

  O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe

  O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe

  O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido\security suite\ewidoctrl.exe

  O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido\security suite\ewidoguard.exe

  O23 - Service: GBPoll - Symantec Corporation - C:\Program Files\Norton SystemWorks\Norton GoBack\GBPoll.exe

  O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe

  O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton SystemWorks\Norton AntiVirus\navapsvc.exe

  O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe

  O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton SystemWorks\Norton AntiVirus\IWP\NPFMntor.exe

  O23 - Service: Norton Unerase Protection (NProtectService) - Symantec Corporation - C:\PROGRA~1\NORTON~1\NORTON~2\NPROTECT.EXE

  O23 - Service: Retrospect Launcher (RetroLauncher) - Dantz Development Corporation - C:\Program Files\Dantz\Retrospect\retrorun.exe

  O23 - Service: Retrospect WD Service (RetroWDSvc) - Dantz Development Corporation - C:\PROGRA~1\Dantz\RETROS~1\wdsvc.exe

  O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton SystemWorks\Norton AntiVirus\SAVScan.exe

  O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe

  O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe

  O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe

  O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe

  O23 - Service: Speed Disk service - Symantec Corporation - C:\PROGRA~1\NORTON~1\NORTON~2\SPEEDD~1\NOPDB.EXE

  O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe

  O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe

  O23 - Service: WinFax PRO (wfxsvc) - Symantec Corporation - C:\WINDOWS\system32\WFXSVC.EXE

  et Ewido Security, allen niets gevonden………..Hierbij mijn logje

  Rapporteren
• 

  Charles

  29-10-2005 12:32

  Bedankt Erik, hele geruststelling, maar voor zekerheid heb ik hierboven een logje geplaatst, misschien kan dat na gekeken worden.

  Groet,

  Charles

  Rapporteren
• 

  Astrid

  29-10-2005 13:17

  Ik krijg ook die melding van me virus scanner (Norton).

  Zal idd wel niks wezen, heb dat wel vaker gehad op deze prik schijnt een zenuwachtige reactie te wezen op een gedeelte van de code/cijfers.

  Assie

  Rapporteren