Op deze website gebruiken we cookies om content en advertenties te personaliseren, om functies voor social media te bieden en om ons websiteverkeer te analyseren. Ook delen we informatie over uw gebruik van onze site met onze partners voor social media, adverteren en analyse. Deze partners kunnen deze gegevens combineren met andere informatie die u aan ze heeft verstrekt of die ze hebben verzameld op basis van uw gebruik van hun services. Meer informatie.

Akkoord

Vraag & Antwoord

Beveiliging & privacy

spyware.exe

None
4 antwoorden
  • Ik heb een irritante ad-ware of spyware op mijn systeem geeft iedere keer aan your computer is infected!. geeft na het schoonmaken met ad-aware/spybots/mcafee/ccleaner nog steeds aan…

    kan hem niet uit of weghalen hier is ook mijn logje:

    Logfile of HijackThis v1.99.1
    Scan saved at 22:16:40, on 27-12-2005
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\system32\CTsvcCDA.exe
    c:\program files\mcafee.com\agent\mcdetect.exe
    c:\PROGRA~1\mcafee.com\vso\mcshield.exe
    c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
    C:\PROGRA~1\McAfee.com\PERSON~1\MpfService.exe
    C:\WINDOWS\system32\MsPMSPSv.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\mssearchnet.exe
    C:\Program Files\McAfee.com\VSO\mcvsshld.exe
    C:\PROGRA~1\mcafee.com\agent\mcagent.exe
    c:\progra~1\mcafee.com\vso\mcvsescn.exe
    E:\multimedia\Creative\Surround Mixer\CTSysVol.exe
    E:\multimedia\Creative\DVDAudio\CTDVDDet.EXE
    E:\multimedia\pinnacle\pctv pro\Remote\Remoterm.exe
    C:\Program Files\Common Files\Real\Update_OB\realsched.exe
    C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
    C:\Program Files\McAfee.com\VSO\oasclnt.exe
    C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\PROGRA~1\McAfee.com\PERSON~1\MpfAgent.exe
    E:\multimedia\Creative\mediasource\Detector\CTDetect.exe
    E:\Util\FDF\FASTDE~1\FAST2.EXE
    C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
    C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
    C:\Program Files\Messenger\msmsgs.exe
    E:\multimedia\Creative\mediasource\Go\CTCMSGo.exe
    E:\Antivirus Program\Spybot - Search & Destroy\TeaTimer.exe
    c:\progra~1\mcafee.com\vso\mcvsftsn.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    E:\Antivirus Program\Hijack\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
    O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:\progra~1\mcafee.com\vso\mcvsshl.dll
    O3 - Toolbar: Google Web Accelerator - {DB87BFA2-A2E3-451E-8E5A-C89982D87CBF} - C:\Program Files\Google\Web Accelerator\GoogleWebAccToolbar.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
    O4 - HKLM\..\Run: [VSOCheckTask] "C:\PROGRA~1\McAfee.com\VSO\mcmnhdlr.exe" /checktask
    O4 - HKLM\..\Run: [VirusScan Online] C:\Program Files\McAfee.com\VSO\mcvsshld.exe
    O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe
    O4 - HKLM\..\Run: [MCUpdateExe] C:\PROGRA~1\mcafee.com\agent\mcupdate.exe
    O4 - HKLM\..\Run: [CTSysVol] E:\multimedia\Creative\Surround Mixer\CTSysVol.exe
    O4 - HKLM\..\Run: [CTDVDDet] E:\multimedia\Creative\DVDAudio\CTDVDDet.EXE
    O4 - HKLM\..\Run: [SBDrvDet] C:\Program Files\Creative\SB Drive Det\SBDrvDet.exe

    O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
    O4 - HKLM\..\Run: [PCTVRemote] E:\multimedia\pinnacle\pctv pro\Remote\Remoterm.exe
    O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
    O4 - HKLM\..\Run: [gcasServ] "E:\Antivirus Program\microsoft antispyware\gcasServ.exe"
    O4 - HKLM\..\Run: [PCLEPCI] E:\MULTIM~1\pinnacle\PPE\ppe.exe
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
    O4 - HKLM\..\Run: [OASClnt] C:\Program Files\McAfee.com\VSO\oasclnt.exe
    O4 - HKLM\..\Run: [MPFExe] C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [LDM] \Program\
    O4 - HKCU\..\Run: [Creative Detector] "E:\multimedia\Creative\mediasource\Detector\CTDetect.exe" /R
    O4 - HKCU\..\Run: [FAST Defrag] E:\Util\FDF\FASTDE~1\FAST2.EXE -tray
    O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
    O4 - HKCU\..\Run: [Creative MediaSource Go] "E:\multimedia\Creative\mediasource\Go\CTCMSGo.exe" /SCB
    O4 - HKCU\..\Run: [SpybotSD TeaTimer] E:\Antivirus Program\Spybot - Search & Destroy\TeaTimer.exe
    O4 - Startup: HDDlife.lnk = E:\Util\hddlife\HDDlifePro.exe
    O4 - Global Startup: Adobe Reader Snelle start.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    O4 - Global Startup: Logitech SetPoint.lnk = E:\Util\Logitech 518\SetPoint\SetPoint.exe
    O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
    O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
    O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
    O8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html
    O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
    O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
    O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
    O8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar2.dll/cmtrans.html
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - E:\Internet\java\bin
    pjpi150_04.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - E:\Internet\java\bin
    pjpi150_04.dll
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} (Creative Software AutoUpdate) - http://www.creative.com/su/ocx/15015/CTSUEng.cab
    O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
    O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) - http://download.mcafee.com/molbin/shared/mcinsctl/4,0,0,101/mcinsctl.cab
    O16 - DPF: {54B52E52-8000-4413-BD67-FC7FE24B59F2} (EARTPatchX Class) - http://files.ea.com/downloads
    tpatch/v2/EARTPX.cab
    O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (CwlscInstall Object) - https://scan.safety.live.com
    esource/download/scanner/en-us/wlscbase2213.cab
    O16 - DPF: {5F0C30E4-1E72-4DCC-85E5-57810F1CA97B} (McUpdatePortalFactory Class) - http://www.amiuptodate.com/vsc/bin/1,0,0,8/McUpdatePortal.cab
    O16 - DPF: {A8482EAF-A1F3-4934-AE3F-56EB195A50BF} (DeskUpdate - Activex Control) - http://support.fujitsu-siemens.de/DeskUpdate/isapi/activex.cab
    O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://zone.msn.com/binFramework/v10/ZIntro.cab34246.cab
    O16 - DPF: {BE833F39-1E0C-468C-BA70-25AAEE55775E} (System Requirements Lab) - http://www.systemrequirementslab.com/sysreqlab.cab
    O16 - DPF: {E5D419D6-A846-4514-9FAD-97E826C84822} (HeartbeatCtl Class) - http://fdl.msn.com/zone/datafiles/heartbeat.cab
    O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - http://download.mcafee.com/molbin/iss-loc/mcfscan/2,1,0,4630/mcfscan.cab
    O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://www.creative.com/su/ocx/15016/CTPID.cab
    O18 - Protocol: bw+0 - {02A5B628-C308-4F7E-B695-CA563D3C7F9F} - E:\Util\Logitech 518\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw+0s - {02A5B628-C308-4F7E-B695-CA563D3C7F9F} - E:\Util\Logitech 518\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw-0 - {02A5B628-C308-4F7E-B695-CA563D3C7F9F} - E:\Util\Logitech 518\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw-0s - {02A5B628-C308-4F7E-B695-CA563D3C7F9F} - E:\Util\Logitech 518\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw00 - {02A5B628-C308-4F7E-B695-CA563D3C7F9F} - E:\Util\Logitech 518\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw00s - {02A5B628-C308-4F7E-B695-CA563D3C7F9F} - E:\Util\Logitech 518\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw10 - {02A5B628-C308-4F7E-B695-CA563D3C7F9F} - E:\Util\Logitech 518\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw10s - {02A5B628-C308-4F7E-B695-CA563D3C7F9F} - E:\Util\Logitech 518\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw20 - {02A5B628-C308-4F7E-B695-CA563D3C7F9F} - E:\Util\Logitech 518\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw20s - {02A5B628-C308-4F7E-B695-CA563D3C7F9F} - E:\Util\Logitech 518\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw30 - {02A5B628-C308-4F7E-B695-CA563D3C7F9F} - E:\Util\Logitech 518\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw30s - {02A5B628-C308-4F7E-B695-CA563D3C7F9F} - E:\Util\Logitech 518\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw40 - {02A5B628-C308-4F7E-B695-CA563D3C7F9F} - E:\Util\Logitech 518\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw40s - {02A5B628-C308-4F7E-B695-CA563D3C7F9F} - E:\Util\Logitech 518\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw50 - {02A5B628-C308-4F7E-B695-CA563D3C7F9F} - E:\Util\Logitech 518\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw50s - {02A5B628-C308-4F7E-B695-CA563D3C7F9F} - E:\Util\Logitech 518\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw60 - {02A5B628-C308-4F7E-B695-CA563D3C7F9F} - E:\Util\Logitech 518\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw60s - {02A5B628-C308-4F7E-B695-CA563D3C7F9F} - E:\Util\Logitech 518\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw70 - {02A5B628-C308-4F7E-B695-CA563D3C7F9F} - E:\Util\Logitech 518\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw70s - {02A5B628-C308-4F7E-B695-CA563D3C7F9F} - E:\Util\Logitech 518\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw80 - {02A5B628-C308-4F7E-B695-CA563D3C7F9F} - E:\Util\Logitech 518\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw80s - {02A5B628-C308-4F7E-B695-CA563D3C7F9F} - E:\Util\Logitech 518\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw90 - {02A5B628-C308-4F7E-B695-CA563D3C7F9F} - E:\Util\Logitech 518\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw90s - {02A5B628-C308-4F7E-B695-CA563D3C7F9F} - E:\Util\Logitech 518\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwa0 - {02A5B628-C308-4F7E-B695-CA563D3C7F9F} - E:\Util\Logitech 518\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwa0s - {02A5B628-C308-4F7E-B695-CA563D3C7F9F} - E:\Util\Logitech 518\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwb0 - {02A5B628-C308-4F7E-B695-CA563D3C7F9F} - E:\Util\Logitech 518\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwb0s - {02A5B628-C308-4F7E-B695-CA563D3C7F9F} - E:\Util\Logitech 518\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwc0 - {02A5B628-C308-4F7E-B695-CA563D3C7F9F} - E:\Util\Logitech 518\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwc0s - {02A5B628-C308-4F7E-B695-CA563D3C7F9F} - E:\Util\Logitech 518\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwd0 - {02A5B628-C308-4F7E-B695-CA563D3C7F9F} - E:\Util\Logitech 518\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwd0s - {02A5B628-C308-4F7E-B695-CA563D3C7F9F} - E:\Util\Logitech 518\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwe0 - {02A5B628-C308-4F7E-B695-CA563D3C7F9F} - E:\Util\Logitech 518\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwe0s - {02A5B628-C308-4F7E-B695-CA563D3C7F9F} - E:\Util\Logitech 518\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwf0 - {02A5B628-C308-4F7E-B695-CA563D3C7F9F} - E:\Util\Logitech 518\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwf0s - {02A5B628-C308-4F7E-B695-CA563D3C7F9F} - E:\Util\Logitech 518\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - E:\Util\Logitech 518\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
    O18 - Protocol: bwg0 - {02A5B628-C308-4F7E-B695-CA563D3C7F9F} - E:\Util\Logitech 518\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwg0s - {02A5B628-C308-4F7E-B695-CA563D3C7F9F} - E:\Util\Logitech 518\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwh0 - {02A5B628-C308-4F7E-B695-CA563D3C7F9F} - E:\Util\Logitech 518\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwh0s - {02A5B628-C308-4F7E-B695-CA563D3C7F9F} - E:\Util\Logitech 518\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwi0 - {02A5B628-C308-4F7E-B695-CA563D3C7F9F} - E:\Util\Logitech 518\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwi0s - {02A5B628-C308-4F7E-B695-CA563D3C7F9F} - E:\Util\Logitech 518\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwj0 - {02A5B628-C308-4F7E-B695-CA563D3C7F9F} - E:\Util\Logitech 518\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwj0s - {02A5B628-C308-4F7E-B695-CA563D3C7F9F} - E:\Util\Logitech 518\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwk0 - {02A5B628-C308-4F7E-B695-CA563D3C7F9F} - E:\Util\Logitech 518\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwk0s - {02A5B628-C308-4F7E-B695-CA563D3C7F9F} - E:\Util\Logitech 518\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwl0 - {02A5B628-C308-4F7E-B695-CA563D3C7F9F} - E:\Util\Logitech 518\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwl0s - {02A5B628-C308-4F7E-B695-CA563D3C7F9F} - E:\Util\Logitech 518\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwm0 - {02A5B628-C308-4F7E-B695-CA563D3C7F9F} - E:\Util\Logitech 518\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwm0s - {02A5B628-C308-4F7E-B695-CA563D3C7F9F} - E:\Util\Logitech 518\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwn0 - {02A5B628-C308-4F7E-B695-CA563D3C7F9F} - E:\Util\Logitech 518\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwn0s - {02A5B628-C308-4F7E-B695-CA563D3C7F9F} - E:\Util\Logitech 518\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwo0 - {02A5B628-C308-4F7E-B695-CA563D3C7F9F} - E:\Util\Logitech 518\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwo0s - {02A5B628-C308-4F7E-B695-CA563D3C7F9F} - E:\Util\Logitech 518\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwp0 - {02A5B628-C308-4F7E-B695-CA563D3C7F9F} - E:\Util\Logitech 518\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwp0s - {02A5B628-C308-4F7E-B695-CA563D3C7F9F} - E:\Util\Logitech 518\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwq0 - {02A5B628-C308-4F7E-B695-CA563D3C7F9F} - E:\Util\Logitech 518\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwq0s - {02A5B628-C308-4F7E-B695-CA563D3C7F9F} - E:\Util\Logitech 518\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwr0 - {02A5B628-C308-4F7E-B695-CA563D3C7F9F} - E:\Util\Logitech 518\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwr0s - {02A5B628-C308-4F7E-B695-CA563D3C7F9F} - E:\Util\Logitech 518\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bws0 - {02A5B628-C308-4F7E-B695-CA563D3C7F9F} - E:\Util\Logitech 518\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bws0s - {02A5B628-C308-4F7E-B695-CA563D3C7F9F} - E:\Util\Logitech 518\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwt0 - {02A5B628-C308-4F7E-B695-CA563D3C7F9F} - E:\Util\Logitech 518\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwt0s - {02A5B628-C308-4F7E-B695-CA563D3C7F9F} - E:\Util\Logitech 518\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwu0 - {02A5B628-C308-4F7E-B695-CA563D3C7F9F} - E:\Util\Logitech 518\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwu0s - {02A5B628-C308-4F7E-B695-CA563D3C7F9F} - E:\Util\Logitech 518\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwv0 - {02A5B628-C308-4F7E-B695-CA563D3C7F9F} - E:\Util\Logitech 518\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwv0s - {02A5B628-C308-4F7E-B695-CA563D3C7F9F} - E:\Util\Logitech 518\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bww0 - {02A5B628-C308-4F7E-B695-CA563D3C7F9F} - E:\Util\Logitech 518\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bww0s - {02A5B628-C308-4F7E-B695-CA563D3C7F9F} - E:\Util\Logitech 518\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwx0 - {02A5B628-C308-4F7E-B695-CA563D3C7F9F} - E:\Util\Logitech 518\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwx0s - {02A5B628-C308-4F7E-B695-CA563D3C7F9F} - E:\Util\Logitech 518\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwy0 - {02A5B628-C308-4F7E-B695-CA563D3C7F9F} - E:\Util\Logitech 518\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwy0s - {02A5B628-C308-4F7E-B695-CA563D3C7F9F} - E:\Util\Logitech 518\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwz0 - {02A5B628-C308-4F7E-B695-CA563D3C7F9F} - E:\Util\Logitech 518\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwz0s - {02A5B628-C308-4F7E-B695-CA563D3C7F9F} - E:\Util\Logitech 518\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: offline-8876480 - {02A5B628-C308-4F7E-B695-CA563D3C7F9F} - E:\Util\Logitech 518\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
    O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: McAfee WSC Integration (McDetect.exe) - McAfee, Inc - c:\program files\mcafee.com\agent\mcdetect.exe
    O23 - Service: McAfee.com McShield (McShield) - McAfee Inc. - c:\PROGRA~1\mcafee.com\vso\mcshield.exe
    O23 - Service: McAfee Task Scheduler (McTskshd.exe) - McAfee, Inc - c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
    O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe
    O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee Corporation - C:\PROGRA~1\McAfee.com\PERSON~1\MpfService.exe

    wie oh wie kan my heloen ? van hieruit thanx




  • Print deze instructies uit of sla ze op in een kladblokbestand en plaatst dit op je bureaublad.

    1. Download [b:c822460566]smitRem.exe[/b:c822460566].
    Pak alle bestanden uit op je bureaublad.

    2. Start je computer op in [b:c822460566]veilige modus[/b:c822460566].

    3. Open de smitrem-map op je bureaublad, en dubbelklik op RunThis.bat. Volg de aanwijzigingen op het scherm.
    Je bureaublad en ikoontjes zullen even verdwijnen en daarna terug verschijnen, dit is normaal.
    Wacht tot het tooltje zijn werk heeft gedaan en Disk Cleanup afgelopen is. Dit kan enige tijd duren, dus wees geduldig.

    4. Ga naar Start - configuratiescherm - vormgeving en thema's (als dat er niet staat moet je even op "Categorieweergave" klikken) - bureaublad - bureaublad aanpassen - Website .
    Verwijder alles wat daar eventueel staat (behalve "Mijn huidige pagina").

    5. Herstart je computer in normale modus.

    6. Doe een online scan via [b:c822460566]Panda's online virus scan[/b:c822460566].
    Krijg je de mogelijkheid om een logje op te slaan dan doe je dit.

    7. Maak een nieuw HijackThis log en post deze.
    Post ook het rapport (logje) van de Panda online scan.
    Zoek naar c:\smitfiles.txt en post de inhoud van dit bestand ook.
    Vertel even hoe de situatie nu is.

    Groeten smeenk ;)
  • [quote:9d54c732b1="smeenk"]Print deze instructies uit of sla ze op in een kladblokbestand en plaatst dit op je bureaublad.

    1. Download [b:9d54c732b1]smitRem.exe[/b:9d54c732b1].
    Pak alle bestanden uit op je bureaublad.

    2. Start je computer op in [b:9d54c732b1]veilige modus[/b:9d54c732b1].

    3. Open de smitrem-map op je bureaublad, en dubbelklik op RunThis.bat. Volg de aanwijzigingen op het scherm.
    Je bureaublad en ikoontjes zullen even verdwijnen en daarna terug verschijnen, dit is normaal.
    Wacht tot het tooltje zijn werk heeft gedaan en Disk Cleanup afgelopen is. Dit kan enige tijd duren, dus wees geduldig.

    4. Ga naar Start - configuratiescherm - vormgeving en thema's (als dat er niet staat moet je even op "Categorieweergave" klikken) - bureaublad - bureaublad aanpassen - Website .
    Verwijder alles wat daar eventueel staat (behalve "Mijn huidige pagina").

    5. Herstart je computer in normale modus.

    6. Doe een online scan via [b:9d54c732b1]Panda's online virus scan[/b:9d54c732b1].
    Krijg je de mogelijkheid om een logje op te slaan dan doe je dit.

    7. Maak een nieuw HijackThis log en post deze.
    Post ook het rapport (logje) van de Panda online scan.
    Zoek naar c:\smitfiles.txt en post de inhoud van dit bestand ook.
    Vertel even hoe de situatie nu is.

    Groeten smeenk ;)[/quote:9d54c732b1]


    thanx voor de snelle antwoord hier mijn nieuwe logje van Hijack:
    Logfile of HijackThis v1.99.1
    Scan saved at 8:56:40, on 29-12-2005
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\system32\CTsvcCDA.exe
    c:\program files\mcafee.com\agent\mcdetect.exe
    c:\PROGRA~1\mcafee.com\vso\mcshield.exe
    c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
    C:\PROGRA~1\McAfee.com\PERSON~1\MpfService.exe
    E:\Antivirus Program\Spy Sweeper\WRSSSDK.exe
    C:\WINDOWS\system32\MsPMSPSv.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\McAfee.com\VSO\mcvsshld.exe
    C:\PROGRA~1\mcafee.com\agent\mcagent.exe
    c:\progra~1\mcafee.com\vso\mcvsescn.exe
    E:\multimedia\Creative\Surround Mixer\CTSysVol.exe
    E:\multimedia\Creative\DVDAudio\CTDVDDet.EXE
    E:\multimedia\pinnacle\pctv pro\Remote\Remoterm.exe
    C:\Program Files\Common Files\Real\Update_OB\realsched.exe
    C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
    C:\Program Files\McAfee.com\VSO\oasclnt.exe
    C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe
    E:\Antivirus Program\Spy Sweeper\SpySweeper.exe
    C:\WINDOWS\system32\ctfmon.exe
    E:\multimedia\Creative\mediasource\Detector\CTDetect.exe
    E:\Util\FDF\FASTDE~1\FAST2.EXE
    C:\Program Files\Messenger\msmsgs.exe
    E:\multimedia\Creative\mediasource\Go\CTCMSGo.exe
    E:\Util\Logitech 518\SetPoint\SetPoint.exe
    C:\PROGRA~1\McAfee.com\PERSON~1\MpfAgent.exe
    c:\progra~1\mcafee.com\vso\mcvsftsn.exe
    C:\Program Files\Common Files\Logitech\KHAL\KHALMNPR.EXE
    C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
    C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
    E:\MULTIM~1\pinnacle\SHARED~1\Filter\server.exe
    E:\multimedia\pinnacle\Shared Files\Programs\Scheduler\PCLEScheduler.exe
    E:\multimedia\pinnacle\pctv pro\Vision\Vision.exe
    E:\MULTIM~1\pinnacle\SHARED~1\Filter\VBI_SE~1.EXE
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Outlook Express\msimn.exe
    E:\Antivirus Program\Hijack\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
    O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:\progra~1\mcafee.com\vso\mcvsshl.dll
    O3 - Toolbar: Google Web Accelerator - {DB87BFA2-A2E3-451E-8E5A-C89982D87CBF} - C:\Program Files\Google\Web Accelerator\GoogleWebAccToolbar.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
    O4 - HKLM\..\Run: [VSOCheckTask] "C:\PROGRA~1\McAfee.com\VSO\mcmnhdlr.exe" /checktask
    O4 - HKLM\..\Run: [VirusScan Online] C:\Program Files\McAfee.com\VSO\mcvsshld.exe
    O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe
    O4 - HKLM\..\Run: [MCUpdateExe] c:\PROGRA~1\mcafee.com\agent\mcupdate.exe
    O4 - HKLM\..\Run: [CTSysVol] E:\multimedia\Creative\Surround Mixer\CTSysVol.exe
    O4 - HKLM\..\Run: [CTDVDDet] E:\multimedia\Creative\DVDAudio\CTDVDDet.EXE
    O4 - HKLM\..\Run: [SBDrvDet] C:\Program Files\Creative\SB Drive Det\SBDrvDet.exe

    O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
    O4 - HKLM\..\Run: [PCTVRemote] E:\multimedia\pinnacle\pctv pro\Remote\Remoterm.exe
    O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
    O4 - HKLM\..\Run: [PCLEPCI] E:\MULTIM~1\pinnacle\PPE\ppe.exe
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
    O4 - HKLM\..\Run: [OASClnt] C:\Program Files\McAfee.com\VSO\oasclnt.exe
    O4 - HKLM\..\Run: [MPFExe] C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe
    O4 - HKLM\..\Run: [SpySweeper] "E:\Antivirus Program\Spy Sweeper\SpySweeper.exe" /startintray
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [LDM] \Program\
    O4 - HKCU\..\Run: [Creative Detector] "E:\multimedia\Creative\mediasource\Detector\CTDetect.exe" /R
    O4 - HKCU\..\Run: [FAST Defrag] E:\Util\FDF\FASTDE~1\FAST2.EXE -tray
    O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
    O4 - HKCU\..\Run: [Creative MediaSource Go] "E:\multimedia\Creative\mediasource\Go\CTCMSGo.exe" /SCB
    O4 - Startup: HDDlife.lnk = E:\Util\hddlife\HDDlifePro.exe
    O4 - Global Startup: Adobe Reader Snelle start.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    O4 - Global Startup: Logitech SetPoint.lnk = E:\Util\Logitech 518\SetPoint\SetPoint.exe
    O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
    O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
    O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
    O8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html
    O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
    O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
    O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
    O8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar2.dll/cmtrans.html
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - E:\Internet\java\bin
    pjpi150_04.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - E:\Internet\java\bin
    pjpi150_04.dll
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} (Creative Software AutoUpdate) - http://www.creative.com/su/ocx/15015/CTSUEng.cab
    O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
    O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) - http://download.mcafee.com/molbin/shared/mcinsctl/4,0,0,101/mcinsctl.cab
    O16 - DPF: {54B52E52-8000-4413-BD67-FC7FE24B59F2} (EARTPatchX Class) - http://files.ea.com/downloads
    tpatch/v2/EARTPX.cab
    O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (CwlscInstall Object) - https://scan.safety.live.com
    esource/download/scanner/en-us/wlscbase2213.cab
    O16 - DPF: {5F0C30E4-1E72-4DCC-85E5-57810F1CA97B} (McUpdatePortalFactory Class) - http://www.amiuptodate.com/vsc/bin/1,0,0,8/McUpdatePortal.cab
    O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
    O16 - DPF: {A8482EAF-A1F3-4934-AE3F-56EB195A50BF} (DeskUpdate - Activex Control) - http://support.fujitsu-siemens.de/DeskUpdate/isapi/activex.cab
    O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://zone.msn.com/binFramework/v10/ZIntro.cab34246.cab
    O16 - DPF: {BE833F39-1E0C-468C-BA70-25AAEE55775E} (System Requirements Lab) - http://www.systemrequirementslab.com/sysreqlab.cab
    O16 - DPF: {E5D419D6-A846-4514-9FAD-97E826C84822} (HeartbeatCtl Class) - http://fdl.msn.com/zone/datafiles/heartbeat.cab
    O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - http://download.mcafee.com/molbin/iss-loc/mcfscan/2,1,0,4630/mcfscan.cab
    O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://www.creative.com/su/ocx/15016/CTPID.cab
    O18 - Protocol: bw+0 - {02A5B628-C308-4F7E-B695-CA563D3C7F9F} - E:\Util\Logitech 518\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw+0s - {02A5B628-C308-4F7E-B695-CA563D3C7F9F} - E:\Util\Logitech 518\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw-0 - {02A5B628-C308-4F7E-B695-CA563D3C7F9F} - E:\Util\Logitech 518\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw-0s - {02A5B628-C308-4F7E-B695-CA563D3C7F9F} - E:\Util\Logitech 518\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw00 - {02A5B628-C308-4F7E-B695-CA563D3C7F9F} - E:\Util\Logitech 518\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw00s - {02A5B628-C308-4F7E-B695-CA563D3C7F9F} - E:\Util\Logitech 518\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw10 - {02A5B628-C308-4F7E-B695-CA563D3C7F9F} - E:\Util\Logitech 518\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw10s - {02A5B628-C308-4F7E-B695-CA563D3C7F9F} - E:\Util\Logitech 518\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw20 - {02A5B628-C308-4F7E-B695-CA563D3C7F9F} - E:\Util\Logitech 518\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw20s - {02A5B628-C308-4F7E-B695-CA563D3C7F9F} - E:\Util\Logitech 518\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw30 - {02A5B628-C308-4F7E-B695-CA563D3C7F9F} - E:\Util\Logitech 518\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw30s - {02A5B628-C308-4F7E-B695-CA563D3C7F9F} - E:\Util\Logitech 518\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw40 - {02A5B628-C308-4F7E-B695-CA563D3C7F9F} - E:\Util\Logitech 518\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw40s - {02A5B628-C308-4F7E-B695-CA563D3C7F9F} - E:\Util\Logitech 518\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw50 - {02A5B628-C308-4F7E-B695-CA563D3C7F9F} - E:\Util\Logitech 518\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw50s - {02A5B628-C308-4F7E-B695-CA563D3C7F9F} - E:\Util\Logitech 518\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw60 - {02A5B628-C308-4F7E-B695-CA563D3C7F9F} - E:\Util\Logitech 518\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw60s - {02A5B628-C308-4F7E-B695-CA563D3C7F9F} - E:\Util\Logitech 518\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw70 - {02A5B628-C308-4F7E-B695-CA563D3C7F9F} - E:\Util\Logitech 518\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw70s - {02A5B628-C308-4F7E-B695-CA563D3C7F9F} - E:\Util\Logitech 518\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw80 - {02A5B628-C308-4F7E-B695-CA563D3C7F9F} - E:\Util\Logitech 518\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw80s - {02A5B628-C308-4F7E-B695-CA563D3C7F9F} - E:\Util\Logitech 518\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw90 - {02A5B628-C308-4F7E-B695-CA563D3C7F9F} - E:\Util\Logitech 518\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw90s - {02A5B628-C308-4F7E-B695-CA563D3C7F9F} - E:\Util\Logitech 518\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwa0 - {02A5B628-C308-4F7E-B695-CA563D3C7F9F} - E:\Util\Logitech 518\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwa0s - {02A5B628-C308-4F7E-B695-CA563D3C7F9F} - E:\Util\Logitech 518\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwb0 - {02A5B628-C308-4F7E-B695-CA563D3C7F9F} - E:\Util\Logitech 518\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwb0s - {02A5B628-C308-4F7E-B695-CA563D3C7F9F} - E:\Util\Logitech 518\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwc0 - {02A5B628-C308-4F7E-B695-CA563D3C7F9F} - E:\Util\Logitech 518\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwc0s - {02A5B628-C308-4F7E-B695-CA563D3C7F9F} - E:\Util\Logitech 518\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwd0 - {02A5B628-C308-4F7E-B695-CA563D3C7F9F} - E:\Util\Logitech 518\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwd0s - {02A5B628-C308-4F7E-B695-CA563D3C7F9F} - E:\Util\Logitech 518\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwe0 - {02A5B628-C308-4F7E-B695-CA563D3C7F9F} - E:\Util\Logitech 518\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwe0s - {02A5B628-C308-4F7E-B695-CA563D3C7F9F} - E:\Util\Logitech 518\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwf0 - {02A5B628-C308-4F7E-B695-CA563D3C7F9F} - E:\Util\Logitech 518\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwf0s - {02A5B628-C308-4F7E-B695-CA563D3C7F9F} - E:\Util\Logitech 518\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - E:\Util\Logitech 518\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
    O18 - Protocol: bwg0 - {02A5B628-C308-4F7E-B695-CA563D3C7F9F} - E:\Util\Logitech 518\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwg0s - {02A5B628-C308-4F7E-B695-CA563D3C7F9F} - E:\Util\Logitech 518\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwh0 - {02A5B628-C308-4F7E-B695-CA563D3C7F9F} - E:\Util\Logitech 518\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwh0s - {02A5B628-C308-4F7E-B695-CA563D3C7F9F} - E:\Util\Logitech 518\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwi0 - {02A5B628-C308-4F7E-B695-CA563D3C7F9F} - E:\Util\Logitech 518\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwi0s - {02A5B628-C308-4F7E-B695-CA563D3C7F9F} - E:\Util\Logitech 518\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwj0 - {02A5B628-C308-4F7E-B695-CA563D3C7F9F} - E:\Util\Logitech 518\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwj0s - {02A5B628-C308-4F7E-B695-CA563D3C7F9F} - E:\Util\Logitech 518\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwk0 - {02A5B628-C308-4F7E-B695-CA563D3C7F9F} - E:\Util\Logitech 518\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwk0s - {02A5B628-C308-4F7E-B695-CA563D3C7F9F} - E:\Util\Logitech 518\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwl0 - {02A5B628-C308-4F7E-B695-CA563D3C7F9F} - E:\Util\Logitech 518\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwl0s - {02A5B628-C308-4F7E-B695-CA563D3C7F9F} - E:\Util\Logitech 518\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwm0 - {02A5B628-C308-4F7E-B695-CA563D3C7F9F} - E:\Util\Logitech 518\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwm0s - {02A5B628-C308-4F7E-B695-CA563D3C7F9F} - E:\Util\Logitech 518\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwn0 - {02A5B628-C308-4F7E-B695-CA563D3C7F9F} - E:\Util\Logitech 518\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwn0s - {02A5B628-C308-4F7E-B695-CA563D3C7F9F} - E:\Util\Logitech 518\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwo0 - {02A5B628-C308-4F7E-B695-CA563D3C7F9F} - E:\Util\Logitech 518\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwo0s - {02A5B628-C308-4F7E-B695-CA563D3C7F9F} - E:\Util\Logitech 518\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwp0 - {02A5B628-C308-4F7E-B695-CA563D3C7F9F} - E:\Util\Logitech 518\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwp0s - {02A5B628-C308-4F7E-B695-CA563D3C7F9F} - E:\Util\Logitech 518\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwq0 - {02A5B628-C308-4F7E-B695-CA563D3C7F9F} - E:\Util\Logitech 518\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwq0s - {02A5B628-C308-4F7E-B695-CA563D3C7F9F} - E:\Util\Logitech 518\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwr0 - {02A5B628-C308-4F7E-B695-CA563D3C7F9F} - E:\Util\Logitech 518\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwr0s - {02A5B628-C308-4F7E-B695-CA563D3C7F9F} - E:\Util\Logitech 518\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bws0 - {02A5B628-C308-4F7E-B695-CA563D3C7F9F} - E:\Util\Logitech 518\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bws0s - {02A5B628-C308-4F7E-B695-CA563D3C7F9F} - E:\Util\Logitech 518\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwt0 - {02A5B628-C308-4F7E-B695-CA563D3C7F9F} - E:\Util\Logitech 518\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwt0s - {02A5B628-C308-4F7E-B695-CA563D3C7F9F} - E:\Util\Logitech 518\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwu0 - {02A5B628-C308-4F7E-B695-CA563D3C7F9F} - E:\Util\Logitech 518\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwu0s - {02A5B628-C308-4F7E-B695-CA563D3C7F9F} - E:\Util\Logitech 518\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwv0 - {02A5B628-C308-4F7E-B695-CA563D3C7F9F} - E:\Util\Logitech 518\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwv0s - {02A5B628-C308-4F7E-B695-CA563D3C7F9F} - E:\Util\Logitech 518\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bww0 - {02A5B628-C308-4F7E-B695-CA563D3C7F9F} - E:\Util\Logitech 518\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bww0s - {02A5B628-C308-4F7E-B695-CA563D3C7F9F} - E:\Util\Logitech 518\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwx0 - {02A5B628-C308-4F7E-B695-CA563D3C7F9F} - E:\Util\Logitech 518\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwx0s - {02A5B628-C308-4F7E-B695-CA563D3C7F9F} - E:\Util\Logitech 518\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwy0 - {02A5B628-C308-4F7E-B695-CA563D3C7F9F} - E:\Util\Logitech 518\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwy0s - {02A5B628-C308-4F7E-B695-CA563D3C7F9F} - E:\Util\Logitech 518\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwz0 - {02A5B628-C308-4F7E-B695-CA563D3C7F9F} - E:\Util\Logitech 518\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwz0s - {02A5B628-C308-4F7E-B695-CA563D3C7F9F} - E:\Util\Logitech 518\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: offline-8876480 - {02A5B628-C308-4F7E-B695-CA563D3C7F9F} - E:\Util\Logitech 518\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Filter: text/html - (no CLSID) - (no file)
    O18 - Filter: text/plain - (no CLSID) - (no file)
    O20 - Winlogon Notify: WRNotifier - C:\WINDOWS\SYSTEM32\WRLogonNTF.dll
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
    O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: McAfee WSC Integration (McDetect.exe) - McAfee, Inc - c:\program files\mcafee.com\agent\mcdetect.exe
    O23 - Service: McAfee.com McShield (McShield) - McAfee Inc. - c:\PROGRA~1\mcafee.com\vso\mcshield.exe
    O23 - Service: McAfee Task Scheduler (McTskshd.exe) - McAfee, Inc - c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
    O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe
    O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee Corporation - C:\PROGRA~1\McAfee.com\PERSON~1\MpfService.exe
    O23 - Service: Webroot Spy Sweeper Engine (svcWRSSSDK) - Webroot Software, Inc. - E:\Antivirus Program\Spy Sweeper\WRSSSDK.exe

    hier een logje van panda:


    Incident Status Location

    Adware:adware/wupd Not desinfected C:\WINDOWS\DOWNLOADED PROGRAM FILES\activex.inf
    Adware:adware/look2me Not desinfected C:\WINDOWS\DOWNLOADED PROGRAM FILES\activex.ocx
    Adware:adware/dollarrevenue Not desinfected C:\WINDOWS\drsmartload.dat
    Adware:adware/secure32 Not desinfected C:\WINDOWS\system32\drivers\etc\hosts
    hier logje van smitfiles:


    smitRem © log file
    version 2.8

    by noahdfear


    Microsoft Windows XP [versie 5.1.2600]

    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

    checking for ShudderLTD key

    ShudderLTD key not present!

    checking for PSGuard.com key


    PSGuard.com key not present!


    checking for WinHound.com key


    WinHound.com key not present!




    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

    SpyAxeFix © by noahdfear

    spyaxe directory present

    spyaxe uninstaller present

    Starting spyaxe uninstaller

    REGEDIT4

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
    "{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Preloader van browseui"
    "{8C7461EF-2B13-11d2-BE35-3078302C2030}"="Cache-daemon voor onderdeelcategorieën"
    "{A2C8F6B1-7C2A-3D1C-A3C6-A1FDA113B43F}"="Security Update"

    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


    Winhound uninstaller NOT present
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

    Existing Pre-run Files


    ~~~ Program Files ~~~



    ~~~ Shortcuts ~~~

    Online Security Guide.url
    Security Troubleshooting.url


    ~~~ Favorites ~~~



    ~~~ system32 folder ~~~

    wbeconm.dll
    1024 dir
    msvol.tlb
    ncompat.tlb
    nvctrl.exe
    mscornet.exe
    hp***.tmp


    ~~~ Icons in System32 ~~~

    ot.ico


    ~~~ Windows directory ~~~



    ~~~ Drive root ~~~


    ~~~ Miscellaneous Files/folders ~~~




    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~



    Command Line Process Viewer/Killer/Suspender for Windows NT/2000/XP V2.03
    Copyright(C) 2002-2003 Craig.Peacock@beyondlogic.org
    Killing PID 824 'explorer.exe'
    Killing PID 824 'explorer.exe'

    Starting registry repairs

    Deleting files


    Remaining Post-run Files


    ~~~ Program Files ~~~



    ~~~ Shortcuts ~~~

    Online Security Guide.url


    ~~~ Favorites ~~~



    ~~~ system32 folder ~~~



    ~~~ Icons in System32 ~~~



    ~~~ Windows directory ~~~



    ~~~ Drive root ~~~



    ~~~ Miscellaneous Files/folders ~~~




    ~~~ Wininet.dll ~~~

    CLEAN! :)

    voor de rest is het al verholpen alleen zal ik natuurlijk voor aankomende tijd ff windows en mijn harde schijven toch een grote herinstallatie en schoonmaak houden…schijven ff formateren en opnieuw herindelen.

    thanx en een prettige nieuwjaar toegewenst en ga door met deze digitale vrijwillige help forum.

    Ps, ik hou ff in de gaten of er nog mogelijke resten van spy-ad-phish-en andere gevaren nog zijn…

    grtjes wingman….




  • Graag gedaan hoor :)

    Deze regels mag je nog fixen met behulp van HijackThis:
    [b:9ea4b4869b]R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
    O4 - HKCU\..\Run: [LDM] \Program\
    O18 - Filter: text/html - (no CLSID) - (no file)
    O18 - Filter: text/plain - (no CLSID) - (no file)
    O16 - DPF: {54B52E52-8000-4413-BD67-FC7FE24B59F2} (EARTPatchX Class) - http://files.ea.com/downloads
    tpatch/v2/EARTPX.cab
    O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (CwlscInstall Object) - https://scan.safety.live.com
    esource/download/scanner/en-us/wlscbase2213.cab
    O16 - DPF: {5F0C30E4-1E72-4DCC-85E5-57810F1CA97B} (McUpdatePortalFactory Class) - http://www.amiuptodate.com/vsc/bin/1,0,0,8/McUpdatePortal.cab
    O16 - DPF: {BE833F39-1E0C-468C-BA70-25AAEE55775E} (System Requirements Lab) - http://www.systemrequirementslab.com/sysreqlab.cab [/b:9ea4b4869b]

    Deze snelkoppeling is nog aanwezig op je systeem, zoek deze op en verwijder deze: [b:9ea4b4869b]Online Security Guide.url [/b:9ea4b4869b]


    Download Killbox.
    Klik op killbox.exe.
    Kies de optie: "[b:9ea4b4869b]Delete on reboot[/b:9ea4b4869b]".

    [b:9ea4b4869b]Kopieer[/b:9ea4b4869b] het volgende vetgedrukt deel:

    [b:9ea4b4869b]C:\WINDOWS\DOWNLOADED PROGRAM FILES\activex.inf
    C:\WINDOWS\DOWNLOADED PROGRAM FILES\activex.ocx
    C:\WINDOWS\drsmartload.dat[/b:9ea4b4869b]

    Open [b:9ea4b4869b]'file'[/b:9ea4b4869b] in het killboxmenu bovenaan en kies: [b:9ea4b4869b]Paste from clipboard[/b:9ea4b4869b]

    Je zal zien, het bovenstaande vetgedrukte zal staan in het "Full Path of File to Delete"-veld.
    Er is een klein pijltje naast dat veld. Als je daarop klikt zal je al die bovenstaande lijntjes (indien bestanden aanwezig) die je gekopieerd hebt zien staan (dit is alvast de bedoeling)

    Klik op de knop: [b:9ea4b4869b]All files[/b:9ea4b4869b] (!Belangrijk!)

    Daarna, Klik op de rode cirkel met het wit kruisje erin.
    Killbox zal zeggen dat deze file zal verwijderd worden on reboot.. vraagt om nu te rebooten. Klik YES.

    Je pc moet nu rebooten.

    Daarna zijn die 3 bestanden verdwenen :wink: :)

Beantwoord deze vraag

Dit is een gearchiveerde pagina. Antwoorden is niet meer mogelijk.