Vraag & Antwoord

Beveiliging & privacy

probleem: asappsrv.dll (hijackthis log)

8 antwoorden
  • Hello, Ik heb sinds vanochtend zeer traag internet en bureaublad weergeven is ook bijzonder traag. Even na het opstarten van de pc gaf mcaffee een melding van "asappsrv.dll" en hij kan dit niet verwijderen. Heb al verschillende programma's laten lopen maar geen die dit verwijderd. Weet er iemand hoe ik het (asappsrv.dll) kan verwijderen of fixen? Ik ben ondertussen ook bezig met het zoeken achter een oplossing voor "command service" dat spybot altijd blijft geven en maar niet kan verwijderen, mss dat jullie in dit logje ook een oplossing hiervoor kunnen vinden? Dank bij voorbaat Logfile of HijackThis v1.99.1 Scan saved at 14:32:55, on 22/06/2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\csrss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe c:\program files\mcafee.com\agent\mcdetect.exe c:\PROGRA~1\mcafee.com\vso\mcshield.exe c:\PROGRA~1\mcafee.com\agent\mctskshd.exe c:\PROGRA~1\mcafee.com\vso\OasClnt.exe C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe C:\Program Files\Eset\nod32krn.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\wdfmgr.exe C:\WINDOWS\Explorer.EXE c:\program files\mcafee.com\vso\mcvsshld.exe c:\progra~1\mcafee.com\vso\mcvsescn.exe C:\WINDOWS\System32\alg.exe C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe D:\logitech\iTouch\iTouch.exe D:\daemon\daemon.exe D:\logitech\MouseWare\system\em_exec.exe D:\quicktime\qttask.exe C:\Program Files\Common Files\Real\Update_OB\realsched.exe D:\d-link\AirGCFG.exe C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe C:\Program Files\MSN Messenger\MsnMsgr.Exe C:\Program Files\Skype\Phone\Skype.exe D:\HP\Digital Imaging\bin\hpohmr08.exe D:\HP\Digital Imaging\bin\hpotdd01.exe C:\Program Files\VIA\RAID\raid_tool.exe D:\HP\Digital Imaging\bin\hpoevm08.exe D:\HP\Digital Imaging\Bin\hpoSTS08.exe c:\progra~1\mcafee.com\vso\mcvsftsn.exe C:\WINDOWS\system32\svchost.exe D:\counterspy\sunThreatEngine.exe D:\counterspy\SunProtectionServer.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\McAfee.com\Agent\mcagent.exe D:\Hijackthis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = about:blank R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.be/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://windowsupdate.microsoft.com/ R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - D:\spybot\SPYBOT~1\SDHelper.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:\progra~1\mcafee.com\vso\mcvsshl.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe" O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" O4 - HKLM\..\Run: [VSOCheckTask] "C:\PROGRA~1\McAfee.com\VSO\mcmnhdlr.exe" /checktask O4 - HKLM\..\Run: [VirusScan Online] C:\Program Files\McAfee.com\VSO\mcvsshld.exe O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe O4 - HKLM\..\Run: [MCUpdateExe] C:\PROGRA~1\McAfee.com\Agent\McUpdate.exe O4 - HKLM\..\Run: [Snelkoppeling naar eigenschappenvenster voor High Definition Audio] HDAudPropShortcut.exe O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe O4 - HKLM\..\Run: [zBrowser Launcher] D:\logitech\iTouch\iTouch.exe O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe O4 - HKLM\..\Run: [D-Link AirPlus G] D:\d-link\AirGCFG.exe O4 - HKLM\..\Run: [OASClnt] C:\Program Files\McAfee.com\VSO\oasclnt.exe O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto O4 - HKLM\..\Run: [eTrustPPAP] "C:\Program Files\CA\eTrust Internet Security Suite\eTrust PestPatrol Anti-Spyware\PPActiveDetection.exe" O4 - HKLM\..\Run: [SunServer] D:\counterspy\sunserver.exe O4 - HKLM\..\RunOnce: [eISS_cleanup] "C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\cacu_001.exe" /cleanup O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized O4 - HKCU\..\Run: [SpyBrowser] "C:\Program Files\SpyBro\SpyBro.exe" /autostart O4 - Global Startup: hp psc 1000 series.lnk = ? O4 - Global Startup: hpoddt01.exe.lnk = ? O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE O4 - Global Startup: VIA RAID TOOL.lnk = C:\Program Files\VIA\RAID\raid_tool.exe O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html O8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html O8 - Extra context menu item: E&xport to Microsoft Excel - res://E:\DOWNLO~1\OFFICE12\EXCEL.EXE/3000 O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html O8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar2.dll/cmtrans.html O9 - Extra button: (no name) - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - (no file) O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) - http://download.mcafee.com/molbin/shared/mcinsctl/nl/4,0,0,90/mcinsctl.cab O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} (DwnldGroupMgr Class) - http://download.mcafee.com/molbin/shared/mcgdmgr/nl/1,0,0,23/mcgdmgr.cab O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing) O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing) O20 - Winlogon Notify: Run - C:\WINDOWS\system32\cLbview.dll O20 - Winlogon Notify: WRNotifier - C:\WINDOWS\SYSTEM32\WRLogonNTF.dll O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: McAfee WSC Integration (McDetect.exe) - McAfee, Inc - c:\program files\mcafee.com\agent\mcdetect.exe O23 - Service: McAfee.com McShield (McShield) - McAfee Inc. - c:\PROGRA~1\mcafee.com\vso\mcshield.exe O23 - Service: McAfee Task Scheduler (McTskshd.exe) - McAfee, Inc - c:\PROGRA~1\mcafee.com\agent\mctskshd.exe O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: Webroot Spy Sweeper Engine (svcWRSSSDK) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe
  • Start HJT en doe een systemscan only en vink onderstaande regels aan en klik op fix checked. [b:bd02fd5745]R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = about:blank R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank O4 - HKCU\..\Run: [SpyBrowser] "C:\Program Files\SpyBro\SpyBro.exe" /autostart[/b:bd02fd5745] Verwijder via verkenner onderstaand bestand.(dikgedrukt) C:\Program Files\[b:bd02fd5745]SpyBro\SpyBro.exe" /autostart[/b:bd02fd5745] Wil je onderstaand bestand uploaden bij jotti aub. http://virusscan.jotti.org/ C:\WINDOWS\system32\[b:bd02fd5745]cLbview.dll[/b:bd02fd5745] Voer eens een online virusscan uit bij [url="http://www.pandasoftware.com/products/activescan.htm"][b:bd02fd5745]Panda[/b:bd02fd5745][/url]. Klik op[b:bd02fd5745]"scan your PC"[/b:bd02fd5745] Er opent een nieuw venster Klik op [b:bd02fd5745]"check now"[/b:bd02fd5745] Er opent een nieuw venster. Vul daar je land in en een geldig e-mail adres. Klik dan op [b:bd02fd5745]"scan now"[/b:bd02fd5745] [i:bd02fd5745]Als je Panda nog nooit hebt gebruikt, wordt er een [b:bd02fd5745]Active X[/b:bd02fd5745] element gedownload, geef hier toestemming voor door op [b:bd02fd5745]"install"[/b:bd02fd5745] te drukken.[/i:bd02fd5745] Je ziet dan in beeld [b:bd02fd5745]"Select a device to scan..." [/b:bd02fd5745] kies voor [b:bd02fd5745]"My Computer"[/b:bd02fd5745] De computer wordt nu gescand (dit duurt wel even). Als de scan klaar is Klik op [b:bd02fd5745]"See report" [/b:bd02fd5745]en dan op [b:bd02fd5745]"save report"[/b:bd02fd5745] Open het tekstbestand en selecteer de gehele tekst. Kies [b:bd02fd5745]"kopieren"[/b:bd02fd5745] en post het hier in je antwoord. Dus in volgende post. 1 : Het jotti antwoord 2 : Het panda logje 3 : een nieuw HJT logje ter controle. Succes
  • oke, Ik heb ongeveer gedaan wat je me hebt gezegd. dit is ten eerste de log van de panda scan: Incident Status Location Adware:Adware/Look2Me Not disinfected C:\WINDOWS\system32\cLbview.dll Adware:adware/dollarrevenue Not disinfected c:\windows\keyboard121.dat Adware:adware/look2me Not disinfected Windows Registry Adware:adware/commad Not disinfected Windows Registry Spyware:Cookie/onestat.com Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\asdlf3vv.default\cookies.txt[.stat.onestat.com/] Spyware:Cookie/onestat.com Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\asdlf3vv.default\cookies.txt[stat.onestat.com/] Spyware:Cookie/onestat.com Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\asdlf3vv.default\cookies.txt[.stat.onestat.com/] Spyware:Cookie/Doubleclick Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\asdlf3vv.default\cookies.txt[.doubleclick.net/] Spyware:Cookie/Falkag Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\asdlf3vv.default\cookies.txt[.as-eu.falkag.net/] Spyware:Cookie/MetriWeb Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\asdlf3vv.default\cookies.txt[.metriweb.be/] Spyware:Cookie/Mediaplex Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\asdlf3vv.default\cookies.txt[.mediaplex.com/] Spyware:Cookie/Hitbox Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\asdlf3vv.default\cookies.txt[.hitbox.com/] Spyware:Cookie/Atlas DMT Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\asdlf3vv.default\cookies.txt[.atdmt.com/] Spyware:Cookie/Bluestreak Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\asdlf3vv.default\cookies.txt[.bluestreak.com/] Spyware:Cookie/Bfast Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\asdlf3vv.default\cookies.txt[.bfast.com/] Spyware:Cookie/Statcounter Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\asdlf3vv.default\cookies.txt[.statcounter.com/] Spyware:Cookie/Advertising Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\asdlf3vv.default\cookies.txt[.advertising.com/] Spyware:Cookie/Adtech Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\asdlf3vv.default\cookies.txt[.adtech.de/] Spyware:Cookie/Clickbank Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\asdlf3vv.default\cookies.txt[.clickbank.net/] Spyware:Cookie/MetriWeb Not disinfected C:\Documents and Settings\Administrator\Cookies\administrator@metriweb[1].txt Spyware:Cookie/onestat.com Not disinfected C:\Documents and Settings\Administrator\Cookies\administrator@stat.onestat[2].txt Adware:Adware/SaveNow Not disinfected C:\Program Files\BSplayer_WhenUSave_Installer\BSplayer_WhenUSave_Installer.exe Adware:Adware/Yazzle Not disinfected C:\SnowballWarsInstaller.exe Dialer:Dialer.Gen Not disinfected D:\scansoft\ScanSoft PaperPort Pro Office 9.0\Other\PagisConverter\ENGLISH\data1.cab[convproc.exe] Adware:Adware/Bitamobar Not disinfected E:\games\COD II\cod2 uitgepakt\xtape[1].net.ru_Call_Of_Duty2.rar[call.of.duty.2.multiplayer.private.server.1.0.patch-icu.zip][crack-inf.exe][autoupdatev2.exe] Adware:Adware/Bitamobar Not disinfected E:\games\COD II\cod2 uitgepakt\xtape[1].net.ru_Call_Of_Duty2.rar[Call_of_Duty_PLUS_2_TRAINER-PiZZADOX.ZIP][crack-inf.exe][autoupdatev2.exe] Spyware:Cookie/Atlas DMT Not disinfected F:\Backup\Documents and Settings\gebruiker\Cookies\gebruiker@atdmt[2].txt Spyware:Cookie/Doubleclick Not disinfected F:\Backup\Documents and Settings\gebruiker\Cookies\gebruiker@doubleclick[1].txt Spyware:Cookie/MetriWeb Not disinfected F:\Backup\Documents and Settings\gebruiker\Cookies\gebruiker@metriweb[1].txt Spyware:Cookie/YieldManager Not disinfected F:\backup 30-08-2005\20053008_173552_PC\C\Documents and Settings\PC\Cookies\pc@ad.yieldmanager[2].txt.nco[20053008_173552_PC\C\DOCUME~1\PC\Cookies\PC@ADY~2.TXT] Spyware:Cookie/Belnk Not disinfected F:\backup 30-08-2005\20053008_173552_PC\C\Documents and Settings\PC\Cookies\pc@belnk[1].txt.nco[20053008_173552_PC\C\DOCUME~1\PC\Cookies\PC@BEL~1.TXT] Spyware:Cookie/Belnk Not disinfected F:\backup 30-08-2005\20053008_173552_PC\C\Documents and Settings\PC\Cookies\pc@dist.belnk[2].txt.nco[20053008_173552_PC\C\DOCUME~1\PC\Cookies\PC@DIS~2.TXT] Spyware:Cookie/Doubleclick Not disinfected F:\backup 30-08-2005\20053008_173552_PC\C\Documents and Settings\PC\Cookies\pc@doubleclick[1].txt.nco[20053008_173552_PC\C\DOCUME~1\PC\Cookies\PC@DOU~1.TXT] Spyware:Cookie/MetriWeb Not disinfected F:\backup 30-08-2005\20053008_173552_PC\C\Documents and Settings\PC\Cookies\pc@metriweb[1].txt.nco[20053008_173552_PC\C\DOCUME~1\PC\Cookies\PC@MET~1.TXT] als 2de heb is dit de lijst van jotti: eerste kader AntiVir Found Adware-Spyware/Look2Me.ab adware ArcaVir Found Adware.Looktome.Ab Avast Found Win32:Adware-gen. AVG Antivirus Found Generic.FWR BitDefender Found Trojan.Candebe.CZ ClamAV Found Adware.Lookme-26 Dr.Web Found Adware.Look2me F-Prot Antivirus Found security risk or a "backdoor" program Fortinet Found Adware/Look2me Kaspersky Anti-Virus Found not-a-virus:AdWare.Win32.Look2Me.ab NOD32 Found Win32/Adware.Look2Me application Norman Virus Control Found W32/Look2Me.DE UNA Found nothing VirusBuster Found Trojan.PolyAgent.A VBA32 Found AdWare.Look2Me.ab 2de kader: AntiVir Trojan/PSW.LdPinch.jm1 ArcaVir X Avast X AVG Antivirus Dropper.Small.27.AC BitDefender Trojan.Dropper.Joiner.AJ ClamAV X Dr.Web Trojan.MulDrop.1161 F-Prot Antivirus X Fortinet W32/Joiner.AJ!tr Kaspersky Anti-Virus Constructor.Win32.MicroJoiner.17 NOD32 X Norman Virus Control X UNA X VirusBuster X VBA32 TrojanDropper.Win32.Joiner.aj en dan tenslotte het nieuwe hjt logje: Logfile of HijackThis v1.99.1 Scan saved at 19:50:38, on 23/06/2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe c:\program files\mcafee.com\agent\mcdetect.exe c:\PROGRA~1\mcafee.com\vso\mcshield.exe c:\PROGRA~1\mcafee.com\agent\mctskshd.exe c:\PROGRA~1\mcafee.com\vso\OasClnt.exe C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe C:\Program Files\Eset\nod32krn.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE c:\program files\mcafee.com\vso\mcvsshld.exe C:\PROGRA~1\mcafee.com\vso\mcvsescn.exe C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe D:\logitech\iTouch\iTouch.exe D:\d-link\AirGCFG.exe D:\logitech\MouseWare\system\em_exec.exe C:\Program Files\MSN Messenger\MsnMsgr.Exe D:\HP\Digital Imaging\bin\hpohmr08.exe D:\HP\Digital Imaging\bin\hpotdd01.exe C:\Program Files\VIA\RAID\raid_tool.exe D:\HP\Digital Imaging\bin\hpoevm08.exe D:\HP\Digital Imaging\Bin\hpoSTS08.exe c:\progra~1\mcafee.com\vso\mcvsftsn.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\McAfee.com\Agent\mcagent.exe E:\games\hl2\Steam.exe C:\Program Files\Windows Media Player\wmplayer.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\WINDOWS\system32\NOTEPAD.EXE c:\program files\mcafee.com\vso\mcmnhdlr.exe c:\program files\mcafee.com\shared\mghtml.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Microsoft Office\Office\WINWORD.EXE C:\WINDOWS\msagent\AgentSvr.exe D:\Hijackthis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.be/ R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://windowsupdate.microsoft.com/ R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - D:\spybot\SPYBOT~1\SDHelper.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:\progra~1\mcafee.com\vso\mcvsshl.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe" O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" O4 - HKLM\..\Run: [VSOCheckTask] "C:\PROGRA~1\McAfee.com\VSO\mcmnhdlr.exe" /checktask O4 - HKLM\..\Run: [VirusScan Online] C:\Program Files\McAfee.com\VSO\mcvsshld.exe O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe O4 - HKLM\..\Run: [MCUpdateExe] C:\PROGRA~1\McAfee.com\Agent\McUpdate.exe O4 - HKLM\..\Run: [Snelkoppeling naar eigenschappenvenster voor High Definition Audio] HDAudPropShortcut.exe O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe O4 - HKLM\..\Run: [zBrowser Launcher] D:\logitech\iTouch\iTouch.exe O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe O4 - HKLM\..\Run: [D-Link AirPlus G] D:\d-link\AirGCFG.exe O4 - HKLM\..\Run: [OASClnt] C:\Program Files\McAfee.com\VSO\oasclnt.exe O4 - HKLM\..\Run: [eTrustPPAP] "C:\Program Files\CA\eTrust Internet Security Suite\eTrust PestPatrol Anti-Spyware\PPActiveDetection.exe" O4 - HKLM\..\Run: [SunServer] D:\counterspy\sunserver.exe O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized O4 - Global Startup: hp psc 1000 series.lnk = ? O4 - Global Startup: hpoddt01.exe.lnk = ? O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE O4 - Global Startup: VIA RAID TOOL.lnk = C:\Program Files\VIA\RAID\raid_tool.exe O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html O8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html O8 - Extra context menu item: E&xport to Microsoft Excel - res://E:\DOWNLO~1\OFFICE12\EXCEL.EXE/3000 O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html O8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar2.dll/cmtrans.html O9 - Extra button: (no name) - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - (no file) O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) - http://download.mcafee.com/molbin/shared/mcinsctl/nl/4,0,0,90/mcinsctl.cab O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} (DwnldGroupMgr Class) - http://download.mcafee.com/molbin/shared/mcgdmgr/nl/1,0,0,23/mcgdmgr.cab O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing) O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing) O20 - Winlogon Notify: Run - C:\WINDOWS\system32\cLbview.dll O20 - Winlogon Notify: WRNotifier - C:\WINDOWS\SYSTEM32\WRLogonNTF.dll O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: McAfee WSC Integration (McDetect.exe) - McAfee, Inc - c:\program files\mcafee.com\agent\mcdetect.exe O23 - Service: McAfee.com McShield (McShield) - McAfee Inc. - c:\PROGRA~1\mcafee.com\vso\mcshield.exe O23 - Service: McAfee Task Scheduler (McTskshd.exe) - McAfee, Inc - c:\PROGRA~1\mcafee.com\agent\mctskshd.exe O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: Webroot Spy Sweeper Engine (svcWRSSSDK) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe [/url]
  • Heel wat wijzer nu. * [u:e5c1fac68f]Clean de Cache and Cookies in [color=blue:e5c1fac68f]IE[/color:e5c1fac68f][/u:e5c1fac68f]:[list:e5c1fac68f][*:e5c1fac68f][b:e5c1fac68f]Sluit[/b:e5c1fac68f] Internet Explorer. [*:e5c1fac68f]Ga naar Configuratiescherm > Internet Opties > tab Algemeen [*:e5c1fac68f]Klik de [b:e5c1fac68f]Cookies verwijderen[/b:e5c1fac68f] knop [*:e5c1fac68f]Klik op de [b:e5c1fac68f]Bestanden verwijderen[/b:e5c1fac68f] knop ernaast [*:e5c1fac68f][b:e5c1fac68f]Vink aan[/b:e5c1fac68f]: Ook alle off line items verwijderen, klik OK[/list:u:e5c1fac68f]* [u:e5c1fac68f]Clean de Cache and Cookies in [color=blue:e5c1fac68f]Firefox[/color:e5c1fac68f][/u:e5c1fac68f] (In geval Firefox geïnstalleerd is):[list:e5c1fac68f][*:e5c1fac68f]Go to Extra > Opties. [*:e5c1fac68f]Klik [b:e5c1fac68f]Privacy[/b:e5c1fac68f] in het menu. [*:e5c1fac68f]Klik op de knop [b:e5c1fac68f]Wissen[/b:e5c1fac68f] (Geschiedenis, Cookies, Cache). [*:e5c1fac68f]Klik OK om het venster opnieuw te sluiten.[/list:u:e5c1fac68f] * [u:e5c1fac68f]Clean [color=blue:e5c1fac68f]andere Temporary files + Prullenbak[/color:e5c1fac68f][/u:e5c1fac68f][list:e5c1fac68f][*:e5c1fac68f]Ga naar Start > Uitvoeren en typ: [b:e5c1fac68f]cleanmgr[/b:e5c1fac68f] en klik ok. [*:e5c1fac68f]Laat het je systeem scannen op bestanden die moeten verwijderd worden [*:e5c1fac68f]Zorg er wel voor dat je daar [b:e5c1fac68f]enkel[/b:e5c1fac68f] maar 'tijdelijke bestanden', 'tijdelijke internetbestanden' en 'prullenbak' staan aangevinkt. [*:e5c1fac68f]Klik daarna op OK.[/list:u:e5c1fac68f] Download [url=http://www.atribune.org/ccount/click.php?id=7][b:e5c1fac68f][color=red:e5c1fac68f]Look2Me-Destroyer.exe [/color:e5c1fac68f][/b:e5c1fac68f][/url] naar je Bureaublad. [list:e5c1fac68f] * Sluit alle open vensters. * Dubbelklik [b:e5c1fac68f]Look2Me-Destroyer.exe[/b:e5c1fac68f] om het te starten. * Zet een vinkje naast [b:e5c1fac68f]Run this program as a task[/b:e5c1fac68f]. * Je zal een melding krijgen met: 'Look2Me-Destroyer will close and re-open in approximately 1 minute'. Klik [b:e5c1fac68f]OK[/b:e5c1fac68f]. * Wanneer Look2Me-Remover opnieuw opent, Klik de [b:e5c1fac68f]Scan for L2M[/b:e5c1fac68f] knop. * Je bureaublad icoontjes en taakbalk zullen verdwijnen, dit is normaal. * Eénmaal gedaan met scannen, klik de [b:e5c1fac68f]Remove L2M[/b:e5c1fac68f] knop. * Je zal de boodschap [b:e5c1fac68f]Done Scanning[/b:e5c1fac68f] krijgen, klik [b:e5c1fac68f]OK[/b:e5c1fac68f]. * Nadien zal je volgende melding krijgen: [b:e5c1fac68f]Done removing infected files! Look2Me-Destroyer will now shutdown your computer[/b:e5c1fac68f], klik [b:e5c1fac68f]OK[/b:e5c1fac68f]. * Je computer zal dan afsluiten. * Start je computer opnieuw op. * [color=green:e5c1fac68f]Post de inhoud van [b:e5c1fac68f]C:\Look2Me-Destroyer.txt[/b:e5c1fac68f] samen met een nieuw hijackthislogje.[/color:e5c1fac68f][/list:u:e5c1fac68f] Indien je een alert krijgt van je firewall dat dit programma probeert toegang te krijgen met het internet, sta het toe en blokkeer het niet! Indien je een [b:e5c1fac68f]runtime error '339'[/b:e5c1fac68f] krijgt, download [b:e5c1fac68f]MSWINSCK.OCX[/b:e5c1fac68f] via onderstaande link en plaats het in je C:\Windows\System32 map. [url]http://www.ascentive.com/support/new/images/lib/MSWINSCK.OCX[/url]
  • heb gedaan wat je hebt gezegd Look2Me-Destroyer logje: Look2Me-Destroyer V1.0.12 Scanning for infected files..... Scan started at 24/06/2006 0:30:06 Infected! C:\WINDOWS\system32\cLbview.dll Infected! C:\WINDOWS\system32\cLbview.dll Attempting to delete infected files... Attempting to delete: C:\WINDOWS\system32\cLbview.dll C:\WINDOWS\system32\cLbview.dll Deleted successfully! Attempting to delete: C:\WINDOWS\system32\cLbview.dll C:\WINDOWS\system32\cLbview.dll Deleted successfully! Making registry repairs. Removing: HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\Run Restoring Windows certificates. Replaced hosts file with default windows hosts file Restoring SeDebugPrivilege for Administrators - Succeeded nieuw hjt logje: Logfile of HijackThis v1.99.1 Scan saved at 0:38:44, on 24/06/2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe c:\program files\mcafee.com\agent\mcdetect.exe c:\PROGRA~1\mcafee.com\vso\mcshield.exe c:\PROGRA~1\mcafee.com\agent\mctskshd.exe c:\PROGRA~1\mcafee.com\vso\OasClnt.exe C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe C:\Program Files\Eset\nod32krn.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\Ati2evxx.exe c:\program files\mcafee.com\vso\mcvsshld.exe C:\WINDOWS\Explorer.EXE C:\PROGRA~1\mcafee.com\vso\mcvsescn.exe C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe C:\PROGRA~1\mcafee.com\agent\mcagent.exe C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe D:\logitech\iTouch\iTouch.exe D:\d-link\AirGCFG.exe D:\logitech\MouseWare\system\em_exec.exe C:\Program Files\MSN Messenger\MsnMsgr.Exe C:\Program Files\Skype\Phone\Skype.exe D:\HP\Digital Imaging\bin\hpohmr08.exe D:\HP\Digital Imaging\bin\hpotdd01.exe C:\Program Files\VIA\RAID\raid_tool.exe D:\HP\Digital Imaging\bin\hpoevm08.exe c:\progra~1\mcafee.com\vso\mcvsftsn.exe D:\HP\Digital Imaging\Bin\hpoSTS08.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Mozilla Firefox\firefox.exe D:\Hijackthis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.be/ R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://windowsupdate.microsoft.com/ R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - D:\spybot\SPYBOT~1\SDHelper.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:\progra~1\mcafee.com\vso\mcvsshl.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe" O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" O4 - HKLM\..\Run: [VSOCheckTask] "C:\PROGRA~1\McAfee.com\VSO\mcmnhdlr.exe" /checktask O4 - HKLM\..\Run: [VirusScan Online] C:\Program Files\McAfee.com\VSO\mcvsshld.exe O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe O4 - HKLM\..\Run: [MCUpdateExe] C:\PROGRA~1\mcafee.com\agent\McUpdate.exe O4 - HKLM\..\Run: [Snelkoppeling naar eigenschappenvenster voor High Definition Audio] HDAudPropShortcut.exe O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe O4 - HKLM\..\Run: [zBrowser Launcher] D:\logitech\iTouch\iTouch.exe O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe O4 - HKLM\..\Run: [D-Link AirPlus G] D:\d-link\AirGCFG.exe O4 - HKLM\..\Run: [OASClnt] C:\Program Files\McAfee.com\VSO\oasclnt.exe O4 - HKLM\..\Run: [eTrustPPAP] "C:\Program Files\CA\eTrust Internet Security Suite\eTrust PestPatrol Anti-Spyware\PPActiveDetection.exe" O4 - HKLM\..\Run: [SunServer] D:\counterspy\sunserver.exe O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized O4 - Global Startup: hp psc 1000 series.lnk = ? O4 - Global Startup: hpoddt01.exe.lnk = ? O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE O4 - Global Startup: VIA RAID TOOL.lnk = C:\Program Files\VIA\RAID\raid_tool.exe O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html O8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html O8 - Extra context menu item: E&xport to Microsoft Excel - res://E:\DOWNLO~1\OFFICE12\EXCEL.EXE/3000 O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html O8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar2.dll/cmtrans.html O9 - Extra button: (no name) - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - (no file) O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) - http://download.mcafee.com/molbin/shared/mcinsctl/nl/4,0,0,90/mcinsctl.cab O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} (DwnldGroupMgr Class) - http://download.mcafee.com/molbin/shared/mcgdmgr/nl/1,0,0,23/mcgdmgr.cab O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing) O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing) O20 - Winlogon Notify: WRNotifier - C:\WINDOWS\SYSTEM32\WRLogonNTF.dll O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: McAfee WSC Integration (McDetect.exe) - McAfee, Inc - c:\program files\mcafee.com\agent\mcdetect.exe O23 - Service: McAfee.com McShield (McShield) - McAfee Inc. - c:\PROGRA~1\mcafee.com\vso\mcshield.exe O23 - Service: McAfee Task Scheduler (McTskshd.exe) - McAfee, Inc - c:\PROGRA~1\mcafee.com\agent\mctskshd.exe O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: Webroot Spy Sweeper Engine (svcWRSSSDK) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe
  • Hoeveel virusscanners heb je nu draaien, volgens mij zie ik macfee en NOD32 klopt dat. Als NOD32 onderdeel is van HITman :cry: zou ik die IIG uitzetten of liever helemaal verwijderen(samen met HMP maar dat is persoonlijk) Ik zie op dit moment geen rare dingen meer in je logje maar ik wil je toch nog even onderstaande aanbieden. * [u:c487205c05]Clean de Cache and Cookies in [color=blue:c487205c05]IE[/color:c487205c05][/u:c487205c05]:[list:c487205c05][*:c487205c05][b:c487205c05]Sluit[/b:c487205c05] Internet Explorer. [*:c487205c05]Ga naar Configuratiescherm > Internet Opties > tab Algemeen [*:c487205c05]Klik de [b:c487205c05]Cookies verwijderen[/b:c487205c05] knop [*:c487205c05]Klik op de [b:c487205c05]Bestanden verwijderen[/b:c487205c05] knop ernaast [*:c487205c05][b:c487205c05]Vink aan[/b:c487205c05]: Ook alle off line items verwijderen, klik OK[/list:u:c487205c05]* [u:c487205c05]Clean de Cache and Cookies in [color=blue:c487205c05]Firefox[/color:c487205c05][/u:c487205c05] (In geval Firefox geïnstalleerd is):[list:c487205c05][*:c487205c05]Go to Extra > Opties. [*:c487205c05]Klik [b:c487205c05]Privacy[/b:c487205c05] in het menu. [*:c487205c05]Klik op de knop [b:c487205c05]Wissen[/b:c487205c05] (Geschiedenis, Cookies, Cache). [*:c487205c05]Klik OK om het venster opnieuw te sluiten.[/list:u:c487205c05] * [u:c487205c05]Clean [color=blue:c487205c05]andere Temporary files + Prullenbak[/color:c487205c05][/u:c487205c05][list:c487205c05][*:c487205c05]Ga naar Start > Uitvoeren en typ: [b:c487205c05]cleanmgr[/b:c487205c05] en klik ok. [*:c487205c05]Laat het je systeem scannen op bestanden die moeten verwijderd worden [*:c487205c05]Zorg er wel voor dat je daar [b:c487205c05]enkel[/b:c487205c05] maar 'tijdelijke bestanden', 'tijdelijke internetbestanden' en 'prullenbak' staan aangevinkt. [*:c487205c05]Klik daarna op OK.[/list:u:c487205c05] Download en installeer [url=http://www.ewido.net/en/download/][color=blue:c487205c05][b:c487205c05]Ewido Anti-Spyware 4.0[/b:c487205c05][/color:c487205c05][/url].[list:c487205c05] Na de installatie, open Ewido Anti-Spyware 4.0: * onder "[b:c487205c05]Status[/b:c487205c05]", klik op [b:c487205c05]Change state[/b:c487205c05] naast "Resident shield". * onder "[b:c487205c05]Update[/b:c487205c05]", klik op de [b:c487205c05]Start update[/b:c487205c05] knop. * onder "[b:c487205c05]Scanner[/b:c487205c05]", tab "Settings":[list:c487205c05]- onder "How to act?", klik op "[u:c487205c05]Recommended actions[/u:c487205c05]" en selecteer [b:c487205c05]Quarantine[/b:c487205c05]. - onder "Reports", selecteer [b:c487205c05]Automatically generate report after every scan[/b:c487205c05] en [u:c487205c05]verwijder[/u:c487205c05] het vinkje bij [b:c487205c05]Only if threats were found[/b:c487205c05][/list:u:c487205c05] Sluit Ewido. Laat het [b:c487205c05]nog niet[/b:c487205c05] scannen.[/list:u:c487205c05] Start je computer op in VEILIGE MODUS http://users.pandora.be/marcvn/spyware/1378056.htm [b:c487205c05]*BELANGRIJK*[/b:c487205c05] Zorg dat de verborgen bestanden en systeembestanden worden weergegeven. (klik hier voor hulp) http://users.telenet.be/marcvn/spyware/1117602.htm [b:c487205c05] start Ewido[/b:c487205c05] Open Ewido Security Suite * klik op Scanner * Klik op complete system scan * Laat het programma je pc scannen Tijdens de scan zal je gevraagd worden of je gevonden bestanden wil verwijderen. Klik dan op OK Als de scan beëindigd is, zal je een knop zienBewaar rapport * Klik op Bewaar rapport * Sla het rapport op op je bureaublad * Sluit Ewido af Herstart je computer in normale modus. plaats dan een nieuw logje van Hijackthis, samen met het rapport van Ewido.
  • heb wat weinig tijd gehad gisteren maar hier is het rapport van Hjt en ewido ewido C:\Program Files\BSplayer_WhenUSave_Installer\BSplayer_WhenUSave_Installer.exe -> Adware.SaveNow : Cleaned with backup (quarantined). E:\games\COD II\cod2 uitgepakt\xtape[1].net.ru_Call_Of_Duty2.rar/Call_of_Duty_PLUS_2_TRAINER-PiZZADOX.ZIP/crack-inf.exe -> Dropper.Agent.aao : Error during cleaning. E:\games\COD II\cod2 uitgepakt\xtape[1].net.ru_Call_Of_Duty2.rar/call.of.duty.2.multiplayer.private.server.1.0.patch-icu.zip/crack-inf.exe -> Dropper.Agent.aao : Error during cleaning. :mozilla.29:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\asdlf3vv.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined). :mozilla.30:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\asdlf3vv.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined). :mozilla.32:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\asdlf3vv.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined). :mozilla.102:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\asdlf3vv.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned with backup (quarantined). :mozilla.103:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\asdlf3vv.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned with backup (quarantined). :mozilla.172:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\asdlf3vv.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned with backup (quarantined). :mozilla.152:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\asdlf3vv.default\cookies.txt -> TrackingCookie.Adjuggler : Cleaned with backup (quarantined). :mozilla.155:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\asdlf3vv.default\cookies.txt -> TrackingCookie.Adjuggler : Cleaned with backup (quarantined). :mozilla.156:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\asdlf3vv.default\cookies.txt -> TrackingCookie.Adjuggler : Cleaned with backup (quarantined). :mozilla.27:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\asdlf3vv.default\cookies.txt -> TrackingCookie.Adtech : Cleaned with backup (quarantined). :mozilla.28:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\asdlf3vv.default\cookies.txt -> TrackingCookie.Adtech : Cleaned with backup (quarantined). :mozilla.86:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\asdlf3vv.default\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup (quarantined). :mozilla.87:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\asdlf3vv.default\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup (quarantined). :mozilla.88:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\asdlf3vv.default\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup (quarantined). :mozilla.89:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\asdlf3vv.default\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup (quarantined). :mozilla.33:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\asdlf3vv.default\cookies.txt -> TrackingCookie.Atdmt : Cleaned with backup (quarantined). F:\Backup\Documents and Settings\gebruiker\Cookies\gebruiker@atdmt[2].txt -> TrackingCookie.Atdmt : Cleaned with backup (quarantined). :mozilla.145:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\asdlf3vv.default\cookies.txt -> TrackingCookie.Bluestreak : Cleaned with backup (quarantined). :mozilla.171:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\asdlf3vv.default\cookies.txt -> TrackingCookie.Burstnet : Cleaned with backup (quarantined). :mozilla.75:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\asdlf3vv.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup (quarantined). :mozilla.77:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\asdlf3vv.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup (quarantined). :mozilla.78:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\asdlf3vv.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup (quarantined). :mozilla.79:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\asdlf3vv.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup (quarantined). :mozilla.80:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\asdlf3vv.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup (quarantined). :mozilla.81:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\asdlf3vv.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup (quarantined). :mozilla.82:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\asdlf3vv.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup (quarantined). F:\nieuwe backup\20043108_165635_PC1\C\Documents and Settings\PC\Cookies\pc@cz8.clickzs[1].txt.nco/20043108_165635_PC1\C\DOCUME~1\PC\Cookies\PC@CZ8~1.TXT -> TrackingCookie.Clickzs : Error during cleaning. :mozilla.43:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\asdlf3vv.default\cookies.txt -> TrackingCookie.Doubleclick : Cleaned with backup (quarantined). F:\Backup\Documents and Settings\gebruiker\Cookies\gebruiker@doubleclick[1].txt -> TrackingCookie.Doubleclick : Cleaned with backup (quarantined). F:\backup 30-08-2005\20053008_173552_PC\C\Documents and Settings\PC\Cookies\pc@doubleclick[1].txt.nco/20053008_173552_PC\C\DOCUME~1\PC\Cookies\PC@DOU~1.TXT -> TrackingCookie.Doubleclick : Error during cleaning. :mozilla.13:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\asdlf3vv.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup (quarantined). :mozilla.34:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\asdlf3vv.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup (quarantined). :mozilla.35:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\asdlf3vv.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup (quarantined). :mozilla.36:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\asdlf3vv.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup (quarantined). :mozilla.37:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\asdlf3vv.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup (quarantined). :mozilla.38:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\asdlf3vv.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup (quarantined). :mozilla.39:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\asdlf3vv.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup (quarantined). :mozilla.40:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\asdlf3vv.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup (quarantined). :mozilla.90:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\asdlf3vv.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned with backup (quarantined). :mozilla.91:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\asdlf3vv.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned with backup (quarantined). :mozilla.92:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\asdlf3vv.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned with backup (quarantined). :mozilla.93:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\asdlf3vv.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned with backup (quarantined). :mozilla.94:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\asdlf3vv.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned with backup (quarantined). :mozilla.95:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\asdlf3vv.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned with backup (quarantined). :mozilla.26:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\asdlf3vv.default\cookies.txt -> TrackingCookie.Mediaplex : Cleaned with backup (quarantined). :mozilla.105:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\asdlf3vv.default\cookies.txt -> TrackingCookie.Onestat : Cleaned with backup (quarantined). :mozilla.106:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\asdlf3vv.default\cookies.txt -> TrackingCookie.Onestat : Cleaned with backup (quarantined). :mozilla.107:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\asdlf3vv.default\cookies.txt -> TrackingCookie.Onestat : Cleaned with backup (quarantined). :mozilla.108:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\asdlf3vv.default\cookies.txt -> TrackingCookie.Onestat : Cleaned with backup (quarantined). :mozilla.210:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\asdlf3vv.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned with backup (quarantined). :mozilla.211:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\asdlf3vv.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned with backup (quarantined). :mozilla.212:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\asdlf3vv.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned with backup (quarantined). :mozilla.213:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\asdlf3vv.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned with backup (quarantined). :mozilla.214:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\asdlf3vv.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned with backup (quarantined). :mozilla.178:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\asdlf3vv.default\cookies.txt -> TrackingCookie.Sitestat : Cleaned with backup (quarantined). :mozilla.194:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\asdlf3vv.default\cookies.txt -> TrackingCookie.Sitestat : Cleaned with backup (quarantined). :mozilla.12:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\asdlf3vv.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup (quarantined). :mozilla.8:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\asdlf3vv.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned with backup (quarantined). :mozilla.9:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\asdlf3vv.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned with backup (quarantined). :mozilla.151:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\asdlf3vv.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned with backup (quarantined). :mozilla.73:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\asdlf3vv.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup (quarantined). :mozilla.74:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\asdlf3vv.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup (quarantined). F:\backup 30-08-2005\20053008_173552_PC\C\Documents and Settings\PC\Cookies\pc@ad.yieldmanager[2].txt.nco/20053008_173552_PC\C\DOCUME~1\PC\Cookies\PC@ADY~2.TXT -> TrackingCookie.Yieldmanager : Error during cleaning. :mozilla.112:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\asdlf3vv.default\cookies.txt -> TrackingCookie.Zedo : Cleaned with backup (quarantined). :mozilla.113:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\asdlf3vv.default\cookies.txt -> TrackingCookie.Zedo : Cleaned with backup (quarantined). :mozilla.114:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\asdlf3vv.default\cookies.txt -> TrackingCookie.Zedo : Cleaned with backup (quarantined). :mozilla.115:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\asdlf3vv.default\cookies.txt -> TrackingCookie.Zedo : Cleaned with backup (quarantined). :mozilla.116:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\asdlf3vv.default\cookies.txt -> TrackingCookie.Zedo : Cleaned with backup (quarantined). ::Report end HJt log Logfile of HijackThis v1.99.1 Scan saved at 14:00:28, on 26/06/2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe D:\ewido\ewido anti-spyware 4.0\guard.exe c:\program files\mcafee.com\agent\mcdetect.exe c:\PROGRA~1\mcafee.com\vso\mcshield.exe c:\PROGRA~1\mcafee.com\agent\mctskshd.exe C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe C:\Program Files\McAfee.com\VSO\mcvsshld.exe C:\PROGRA~1\mcafee.com\agent\mcagent.exe C:\PROGRA~1\mcafee.com\vso\mcvsescn.exe C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe D:\logitech\iTouch\iTouch.exe D:\d-link\AirGCFG.exe D:\logitech\MouseWare\system\em_exec.exe C:\Program Files\McAfee.com\VSO\oasclnt.exe C:\Program Files\MSN Messenger\MsnMsgr.Exe C:\Program Files\Skype\Phone\Skype.exe D:\HP\Digital Imaging\bin\hpohmr08.exe D:\HP\Digital Imaging\bin\hpotdd01.exe C:\Program Files\VIA\RAID\raid_tool.exe E:\games\hl2\Steam.exe D:\HP\Digital Imaging\bin\hpoevm08.exe D:\HP\Digital Imaging\Bin\hpoSTS08.exe c:\progra~1\mcafee.com\vso\mcvsftsn.exe D:\counterspy\sunThreatEngine.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Windows Media Player\wmplayer.exe D:\Hijackthis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.be/ R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://windowsupdate.microsoft.com/ R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - D:\spybot\SPYBOT~1\SDHelper.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:\progra~1\mcafee.com\vso\mcvsshl.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe" O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" O4 - HKLM\..\Run: [VSOCheckTask] "C:\PROGRA~1\McAfee.com\VSO\mcmnhdlr.exe" /checktask O4 - HKLM\..\Run: [VirusScan Online] C:\Program Files\McAfee.com\VSO\mcvsshld.exe O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe O4 - HKLM\..\Run: [MCUpdateExe] c:\PROGRA~1\mcafee.com\agent\mcupdate.exe O4 - HKLM\..\Run: [Snelkoppeling naar eigenschappenvenster voor High Definition Audio] HDAudPropShortcut.exe O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe O4 - HKLM\..\Run: [zBrowser Launcher] D:\logitech\iTouch\iTouch.exe O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe O4 - HKLM\..\Run: [D-Link AirPlus G] D:\d-link\AirGCFG.exe O4 - HKLM\..\Run: [OASClnt] C:\Program Files\McAfee.com\VSO\oasclnt.exe O4 - HKLM\..\Run: [eTrustPPAP] "C:\Program Files\CA\eTrust Internet Security Suite\eTrust PestPatrol Anti-Spyware\PPActiveDetection.exe" O4 - HKLM\..\Run: [SunServer] D:\counterspy\sunserver.exe O4 - HKLM\..\Run: [!ewido] "D:\ewido\ewido anti-spyware 4.0\ewido.exe" /minimized O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized O4 - Global Startup: hp psc 1000 series.lnk = ? O4 - Global Startup: hpoddt01.exe.lnk = ? O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE O4 - Global Startup: VIA RAID TOOL.lnk = C:\Program Files\VIA\RAID\raid_tool.exe O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html O8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html O8 - Extra context menu item: E&xport to Microsoft Excel - res://E:\DOWNLO~1\OFFICE12\EXCEL.EXE/3000 O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html O8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar2.dll/cmtrans.html O9 - Extra button: (no name) - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - (no file) O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) - http://download.mcafee.com/molbin/shared/mcinsctl/nl/4,0,0,90/mcinsctl.cab O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} (DwnldGroupMgr Class) - http://download.mcafee.com/molbin/shared/mcgdmgr/nl/1,0,0,23/mcgdmgr.cab O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing) O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing) O20 - Winlogon Notify: WRNotifier - C:\WINDOWS\SYSTEM32\WRLogonNTF.dll O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - D:\ewido\ewido anti-spyware 4.0\guard.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: McAfee WSC Integration (McDetect.exe) - McAfee, Inc - c:\program files\mcafee.com\agent\mcdetect.exe O23 - Service: McAfee.com McShield (McShield) - McAfee Inc. - c:\PROGRA~1\mcafee.com\vso\mcshield.exe O23 - Service: McAfee Task Scheduler (McTskshd.exe) - McAfee, Inc - c:\PROGRA~1\mcafee.com\agent\mctskshd.exe O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: Webroot Spy Sweeper Engine (svcWRSSSDK) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe
  • wil je nogmaals Ewido laten scannen en laat nu verwijderen wat het vind. Plaats daarna aub een nieuw logje van HJT aub.

Beantwoord deze vraag

Weet jij het antwoord op deze vraag? Registreer of meld je aan met je account

Dit is een gearchiveerde pagina. Antwoorden is niet meer mogelijk.