Op deze website gebruiken we cookies om content en advertenties te personaliseren, om functies voor social media te bieden en om ons websiteverkeer te analyseren. Ook delen we informatie over uw gebruik van onze site met onze partners voor social media, adverteren en analyse. Deze partners kunnen deze gegevens combineren met andere informatie die u aan ze heeft verstrekt of die ze hebben verzameld op basis van uw gebruik van hun services. Meer informatie.

Akkoord

Vraag & Antwoord

Beveiliging & privacy

Nog een Hijack file

Anoniem
smeenk
23 antwoorden
  • De PC van m'n puber dochters ( met Kazaa) …….

    Wie helpt ?



    Logfile of HijackThis v1.99.1
    Scan saved at 21:04:25, on 21-2-2006
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
    C:\WINDOWS\System32\brsvc01a.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\System32\brss01a.exe
    F:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsFileAgent.exe
    C:\WINDOWS\system32\cisvc.exe
    C:\Program Files\ewido anti-malware\ewidoctrl.exe
    C:\Program Files\ewido anti-malware\ewidoguard.exe
    F:\Program Files\Norton AntiVirus
    avapsvc.exe
    F:\Program Files\Norton AntiVirus\AdvTools\NPROTECT.EXE
    C:\WINDOWS\system32
    vsvc32.exe
    F:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsDeviceConnect.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\SYSTEM32\ZoneLabs\vsmon.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\LVCOMSX.EXE
    F:\Program Files\Logitech\Video\LogiTray.exe
    F:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
    C:\Program Files\Common Files\Symantec Shared\ccApp.exe
    C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
    F:\Program Files\Logitech\Video\FxSvr2.exe
    C:\Program Files\WinZip\WZQKPICK.EXE
    C:\Program Files\Common Files\Real\Update_OB\realsched.exe
    C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Documents and Settings\Cees Gijsbers\Bureaublad\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.euro.dell.com/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = about:blank
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
    O2 - BHO: NavErrRedir Class - {00D6A7E7-4A97-456f-848A-3B75BF7554D7} - (no file)
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - F:\program files\Spybot - Search & Destroy\SDHelper.dll
    O2 - BHO: (no name) - {5E2B3C89-9B16-4105-9580-A4470D42FBDF} - C:\Documents and Settings\Frida Gijsbers\Local Settings\Application Data\microsoft\internet explorer\5inav.dat
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
    O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - F:\Program Files\Norton AntiVirus\NavShExt.dll
    O3 - Toolbar: (no name) - {0494D0D9-F8E0-41ad-92A3-14154ECE70AC} - (no file)
    O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - F:\Program Files\Norton AntiVirus\NavShExt.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
    O4 - HKLM\..\Run: [WorksFUD] C:\Program Files\Microsoft Works\wkfud.exe
    O4 - HKLM\..\Run: [Microsoft Works Portfolio] C:\Program Files\Microsoft Works\WksSb.exe /AllUsers
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [P2P Networking2] C:\WINDOWS\System32\P2P Networking\P2P Networking2.exe /AUTOSTART
    O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
    O4 - HKLM\..\Run: [LogitechVideoRepair] F:\Program Files\Logitech\Video\ISStart.exe
    O4 - HKLM\..\Run: [LogitechVideoTray] F:\Program Files\Logitech\Video\LogiTray.exe
    O4 - HKLM\..\Run: [Zone Labs Client] "F:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
    O4 - HKLM\..\Run: [lYUQE1WaîžaaîžaaøY§C:\Program Files\ISTsvc\istsvc.exe] C:\WINDOWS\qtfkpsr.exe
    O4 - HKLM\..\Run: [lYUQE1WaîžaaîžaîžigÝC:\Program Files\ISTsvc\istsvc.exe] C:\WINDOWS\qtfkpsr.exe
    O4 - HKLM\..\Run: [Á³#  L"h'þ9Óœð3rÅWC:\Program Files\ISTsvc\istsvc.exe] C:\WINDOWS\qtfkpsr.exe
    O4 - HKLM\..\Run: [SurfAccuracy] C:\Program Files\SurfAccuracy\SAcc.exe
    O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
    O4 - HKLM\..\Run: [ccRegVfy] "C:\Program Files\Common Files\Symantec Shared\ccRegVfy.exe"
    O4 - HKLM\..\Run: [Advanced Tools Check] F:\PROGRA~1\NORTON~1\AdvTools\ADVCHK.EXE
    O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\system32\\PSDrvCheck.exe
    O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
    O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "F:\Program Files\Logitech\Video\ManifestEngine.exe" boot
    O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
    O4 - Startup: CleanTemp.lnk = F:\program files\CleanTemp.exe
    O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
    O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
    O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://F:\PROGRA~1\MICROS~1\OFFICE11\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
    O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - F:\PROGRA~1\MICROS~1\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {1D6711C8-7154-40BB-8380-3DEA45B69CBF} (Web P2P Installer) -
    O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
    O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by108fd.bay108.hotmail.msn.com
    esources/MsnPUpld.cab
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1135681009578
    O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
    O18 - Protocol: bw+0 - {71B71682-0CC9-498E-9BCC-49585934F50F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw+0s - {71B71682-0CC9-498E-9BCC-49585934F50F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw-0 - {71B71682-0CC9-498E-9BCC-49585934F50F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw-0s - {71B71682-0CC9-498E-9BCC-49585934F50F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw00 - {71B71682-0CC9-498E-9BCC-49585934F50F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw00s - {71B71682-0CC9-498E-9BCC-49585934F50F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw10 - {71B71682-0CC9-498E-9BCC-49585934F50F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw10s - {71B71682-0CC9-498E-9BCC-49585934F50F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw20 - {71B71682-0CC9-498E-9BCC-49585934F50F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw20s - {71B71682-0CC9-498E-9BCC-49585934F50F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw30 - {71B71682-0CC9-498E-9BCC-49585934F50F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw30s - {71B71682-0CC9-498E-9BCC-49585934F50F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw40 - {71B71682-0CC9-498E-9BCC-49585934F50F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw40s - {71B71682-0CC9-498E-9BCC-49585934F50F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw50 - {71B71682-0CC9-498E-9BCC-49585934F50F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw50s - {71B71682-0CC9-498E-9BCC-49585934F50F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw60 - {71B71682-0CC9-498E-9BCC-49585934F50F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw60s - {71B71682-0CC9-498E-9BCC-49585934F50F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw70 - {71B71682-0CC9-498E-9BCC-49585934F50F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw70s - {71B71682-0CC9-498E-9BCC-49585934F50F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw80 - {71B71682-0CC9-498E-9BCC-49585934F50F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw80s - {71B71682-0CC9-498E-9BCC-49585934F50F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw90 - {71B71682-0CC9-498E-9BCC-49585934F50F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw90s - {71B71682-0CC9-498E-9BCC-49585934F50F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwa0 - {71B71682-0CC9-498E-9BCC-49585934F50F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwa0s - {71B71682-0CC9-498E-9BCC-49585934F50F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwb0 - {71B71682-0CC9-498E-9BCC-49585934F50F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwb0s - {71B71682-0CC9-498E-9BCC-49585934F50F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwc0 - {71B71682-0CC9-498E-9BCC-49585934F50F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwc0s - {71B71682-0CC9-498E-9BCC-49585934F50F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwd0 - {71B71682-0CC9-498E-9BCC-49585934F50F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwd0s - {71B71682-0CC9-498E-9BCC-49585934F50F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwe0 - {71B71682-0CC9-498E-9BCC-49585934F50F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwe0s - {71B71682-0CC9-498E-9BCC-49585934F50F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwf0 - {71B71682-0CC9-498E-9BCC-49585934F50F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwf0s - {71B71682-0CC9-498E-9BCC-49585934F50F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
    O18 - Protocol: bwg0 - {71B71682-0CC9-498E-9BCC-49585934F50F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwg0s - {71B71682-0CC9-498E-9BCC-49585934F50F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwh0 - {71B71682-0CC9-498E-9BCC-49585934F50F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwh0s - {71B71682-0CC9-498E-9BCC-49585934F50F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwi0 - {71B71682-0CC9-498E-9BCC-49585934F50F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwi0s - {71B71682-0CC9-498E-9BCC-49585934F50F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwj0 - {71B71682-0CC9-498E-9BCC-49585934F50F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwj0s - {71B71682-0CC9-498E-9BCC-49585934F50F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwk0 - {71B71682-0CC9-498E-9BCC-49585934F50F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwk0s - {71B71682-0CC9-498E-9BCC-49585934F50F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwl0 - {71B71682-0CC9-498E-9BCC-49585934F50F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwl0s - {71B71682-0CC9-498E-9BCC-49585934F50F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwm0 - {71B71682-0CC9-498E-9BCC-49585934F50F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwm0s - {71B71682-0CC9-498E-9BCC-49585934F50F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwn0 - {71B71682-0CC9-498E-9BCC-49585934F50F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwn0s - {71B71682-0CC9-498E-9BCC-49585934F50F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwo0 - {71B71682-0CC9-498E-9BCC-49585934F50F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwo0s - {71B71682-0CC9-498E-9BCC-49585934F50F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwp0 - {71B71682-0CC9-498E-9BCC-49585934F50F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwp0s - {71B71682-0CC9-498E-9BCC-49585934F50F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwq0 - {71B71682-0CC9-498E-9BCC-49585934F50F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwq0s - {71B71682-0CC9-498E-9BCC-49585934F50F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwr0 - {71B71682-0CC9-498E-9BCC-49585934F50F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwr0s - {71B71682-0CC9-498E-9BCC-49585934F50F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bws0 - {71B71682-0CC9-498E-9BCC-49585934F50F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bws0s - {71B71682-0CC9-498E-9BCC-49585934F50F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwt0 - {71B71682-0CC9-498E-9BCC-49585934F50F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwt0s - {71B71682-0CC9-498E-9BCC-49585934F50F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwu0 - {71B71682-0CC9-498E-9BCC-49585934F50F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwu0s - {71B71682-0CC9-498E-9BCC-49585934F50F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwv0 - {71B71682-0CC9-498E-9BCC-49585934F50F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwv0s - {71B71682-0CC9-498E-9BCC-49585934F50F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bww0 - {71B71682-0CC9-498E-9BCC-49585934F50F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bww0s - {71B71682-0CC9-498E-9BCC-49585934F50F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwx0 - {71B71682-0CC9-498E-9BCC-49585934F50F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwx0s - {71B71682-0CC9-498E-9BCC-49585934F50F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwy0 - {71B71682-0CC9-498E-9BCC-49585934F50F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwy0s - {71B71682-0CC9-498E-9BCC-49585934F50F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwz0 - {71B71682-0CC9-498E-9BCC-49585934F50F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwz0s - {71B71682-0CC9-498E-9BCC-49585934F50F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
    O18 - Protocol: offline-8876480 - {71B71682-0CC9-498E-9BCC-49585934F50F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O23 - Service: Adobe Active File Monitor (AdobeActiveFileMonitor) - Unknown owner - F:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsFileAgent.exe
    O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\WINDOWS\System32\brsvc01a.exe
    O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
    O23 - Service: Symantec Password Validation Service (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
    O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
    O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido anti-malware\ewidoguard.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - F:\Program Files\Norton AntiVirus
    avapsvc.exe
    O23 - Service: Intel(R) NMS (NMSSvc) - Intel Corporation - C:\WINDOWS\System32\NMSSvc.exe
    O23 - Service: Norton Unerase Protection (NProtectService) - Symantec Corporation - F:\Program Files\Norton AntiVirus\AdvTools\NPROTECT.EXE
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32
    vsvc32.exe
    O23 - Service: Photoshop Elements Device Connect (PhotoshopElementsDeviceConnect) - Unknown owner - F:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsDeviceConnect.exe
    O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
    O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
    O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs Inc. - C:\WINDOWS\SYSTEM32\ZoneLabs\vsmon.exe




  • Ga naar Configuratiescherm – Software en probeer de volgende programma's te deïnstalleren:
    [b:575ec6abf2]SurfAccuracy
    ISTsvc
    ISTbar
    P2P Networking[/b:575ec6abf2]

    Herstart je computer en plaats een nieuw log van HijackThis :wink:
  • ISTsvc
    ISTbar staan niet in de lijst.



    Logfile of HijackThis v1.99.1
    Scan saved at 20:27:25, on 22-2-2006
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
    C:\WINDOWS\System32\brsvc01a.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\System32\brss01a.exe
    F:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsFileAgent.exe
    C:\WINDOWS\system32\cisvc.exe
    C:\Program Files\ewido anti-malware\ewidoctrl.exe
    C:\Program Files\ewido anti-malware\ewidoguard.exe
    F:\Program Files\Norton AntiVirus
    avapsvc.exe
    F:\Program Files\Norton AntiVirus\AdvTools\NPROTECT.EXE
    C:\WINDOWS\system32
    vsvc32.exe
    F:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsDeviceConnect.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\SYSTEM32\ZoneLabs\vsmon.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\LVCOMSX.EXE
    F:\Program Files\Logitech\Video\LogiTray.exe
    F:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
    C:\Program Files\Common Files\Symantec Shared\ccApp.exe
    C:\Program Files\Common Files\Real\Update_OB\realsched.exe
    F:\Program Files\Logitech\Video\FxSvr2.exe
    C:\Program Files\Messenger\msmsgs.exe
    C:\Program Files\WinZip\WZQKPICK.EXE
    C:\WINDOWS\system32\wuauclt.exe
    C:\Documents and Settings\Cees Gijsbers\Bureaublad\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.euro.dell.com/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = about:blank
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
    O2 - BHO: NavErrRedir Class - {00D6A7E7-4A97-456f-848A-3B75BF7554D7} - (no file)
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - F:\program files\Spybot - Search & Destroy\SDHelper.dll
    O2 - BHO: (no name) - {5E2B3C89-9B16-4105-9580-A4470D42FBDF} - C:\Documents and Settings\Frida Gijsbers\Local Settings\Application Data\microsoft\internet explorer\5inav.dat
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
    O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - F:\Program Files\Norton AntiVirus\NavShExt.dll
    O3 - Toolbar: (no name) - {0494D0D9-F8E0-41ad-92A3-14154ECE70AC} - (no file)
    O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - F:\Program Files\Norton AntiVirus\NavShExt.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
    O4 - HKLM\..\Run: [WorksFUD] C:\Program Files\Microsoft Works\wkfud.exe
    O4 - HKLM\..\Run: [Microsoft Works Portfolio] C:\Program Files\Microsoft Works\WksSb.exe /AllUsers
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
    O4 - HKLM\..\Run: [LogitechVideoRepair] F:\Program Files\Logitech\Video\ISStart.exe
    O4 - HKLM\..\Run: [LogitechVideoTray] F:\Program Files\Logitech\Video\LogiTray.exe
    O4 - HKLM\..\Run: [Zone Labs Client] "F:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
    O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
    O4 - HKLM\..\Run: [ccRegVfy] "C:\Program Files\Common Files\Symantec Shared\ccRegVfy.exe"
    O4 - HKLM\..\Run: [Advanced Tools Check] F:\PROGRA~1\NORTON~1\AdvTools\ADVCHK.EXE
    O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\system32\\PSDrvCheck.exe
    O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "F:\Program Files\Logitech\Video\ManifestEngine.exe" boot
    O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
    O4 - Startup: CleanTemp.lnk = F:\program files\CleanTemp.exe
    O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
    O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
    O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://F:\PROGRA~1\MICROS~1\OFFICE11\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
    O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - F:\PROGRA~1\MICROS~1\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {1D6711C8-7154-40BB-8380-3DEA45B69CBF} (Web P2P Installer) -
    O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
    O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by108fd.bay108.hotmail.msn.com
    esources/MsnPUpld.cab
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1135681009578
    O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
    O18 - Protocol: bw+0 - {71B71682-0CC9-498E-9BCC-49585934F50F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw+0s - {71B71682-0CC9-498E-9BCC-49585934F50F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw-0 - {71B71682-0CC9-498E-9BCC-49585934F50F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw-0s - {71B71682-0CC9-498E-9BCC-49585934F50F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw00 - {71B71682-0CC9-498E-9BCC-49585934F50F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw00s - {71B71682-0CC9-498E-9BCC-49585934F50F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw10 - {71B71682-0CC9-498E-9BCC-49585934F50F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw10s - {71B71682-0CC9-498E-9BCC-49585934F50F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw20 - {71B71682-0CC9-498E-9BCC-49585934F50F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw20s - {71B71682-0CC9-498E-9BCC-49585934F50F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw30 - {71B71682-0CC9-498E-9BCC-49585934F50F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw30s - {71B71682-0CC9-498E-9BCC-49585934F50F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw40 - {71B71682-0CC9-498E-9BCC-49585934F50F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw40s - {71B71682-0CC9-498E-9BCC-49585934F50F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw50 - {71B71682-0CC9-498E-9BCC-49585934F50F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw50s - {71B71682-0CC9-498E-9BCC-49585934F50F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw60 - {71B71682-0CC9-498E-9BCC-49585934F50F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw60s - {71B71682-0CC9-498E-9BCC-49585934F50F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw70 - {71B71682-0CC9-498E-9BCC-49585934F50F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw70s - {71B71682-0CC9-498E-9BCC-49585934F50F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw80 - {71B71682-0CC9-498E-9BCC-49585934F50F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw80s - {71B71682-0CC9-498E-9BCC-49585934F50F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw90 - {71B71682-0CC9-498E-9BCC-49585934F50F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw90s - {71B71682-0CC9-498E-9BCC-49585934F50F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwa0 - {71B71682-0CC9-498E-9BCC-49585934F50F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwa0s - {71B71682-0CC9-498E-9BCC-49585934F50F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwb0 - {71B71682-0CC9-498E-9BCC-49585934F50F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwb0s - {71B71682-0CC9-498E-9BCC-49585934F50F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwc0 - {71B71682-0CC9-498E-9BCC-49585934F50F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwc0s - {71B71682-0CC9-498E-9BCC-49585934F50F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwd0 - {71B71682-0CC9-498E-9BCC-49585934F50F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwd0s - {71B71682-0CC9-498E-9BCC-49585934F50F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwe0 - {71B71682-0CC9-498E-9BCC-49585934F50F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwe0s - {71B71682-0CC9-498E-9BCC-49585934F50F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwf0 - {71B71682-0CC9-498E-9BCC-49585934F50F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwf0s - {71B71682-0CC9-498E-9BCC-49585934F50F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
    O18 - Protocol: bwg0 - {71B71682-0CC9-498E-9BCC-49585934F50F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwg0s - {71B71682-0CC9-498E-9BCC-49585934F50F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwh0 - {71B71682-0CC9-498E-9BCC-49585934F50F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwh0s - {71B71682-0CC9-498E-9BCC-49585934F50F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwi0 - {71B71682-0CC9-498E-9BCC-49585934F50F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwi0s - {71B71682-0CC9-498E-9BCC-49585934F50F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwj0 - {71B71682-0CC9-498E-9BCC-49585934F50F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwj0s - {71B71682-0CC9-498E-9BCC-49585934F50F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwk0 - {71B71682-0CC9-498E-9BCC-49585934F50F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwk0s - {71B71682-0CC9-498E-9BCC-49585934F50F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwl0 - {71B71682-0CC9-498E-9BCC-49585934F50F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwl0s - {71B71682-0CC9-498E-9BCC-49585934F50F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwm0 - {71B71682-0CC9-498E-9BCC-49585934F50F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwm0s - {71B71682-0CC9-498E-9BCC-49585934F50F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwn0 - {71B71682-0CC9-498E-9BCC-49585934F50F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwn0s - {71B71682-0CC9-498E-9BCC-49585934F50F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwo0 - {71B71682-0CC9-498E-9BCC-49585934F50F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwo0s - {71B71682-0CC9-498E-9BCC-49585934F50F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwp0 - {71B71682-0CC9-498E-9BCC-49585934F50F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwp0s - {71B71682-0CC9-498E-9BCC-49585934F50F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwq0 - {71B71682-0CC9-498E-9BCC-49585934F50F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwq0s - {71B71682-0CC9-498E-9BCC-49585934F50F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwr0 - {71B71682-0CC9-498E-9BCC-49585934F50F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwr0s - {71B71682-0CC9-498E-9BCC-49585934F50F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bws0 - {71B71682-0CC9-498E-9BCC-49585934F50F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bws0s - {71B71682-0CC9-498E-9BCC-49585934F50F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwt0 - {71B71682-0CC9-498E-9BCC-49585934F50F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwt0s - {71B71682-0CC9-498E-9BCC-49585934F50F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwu0 - {71B71682-0CC9-498E-9BCC-49585934F50F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwu0s - {71B71682-0CC9-498E-9BCC-49585934F50F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwv0 - {71B71682-0CC9-498E-9BCC-49585934F50F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwv0s - {71B71682-0CC9-498E-9BCC-49585934F50F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bww0 - {71B71682-0CC9-498E-9BCC-49585934F50F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bww0s - {71B71682-0CC9-498E-9BCC-49585934F50F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwx0 - {71B71682-0CC9-498E-9BCC-49585934F50F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwx0s - {71B71682-0CC9-498E-9BCC-49585934F50F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwy0 - {71B71682-0CC9-498E-9BCC-49585934F50F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwy0s - {71B71682-0CC9-498E-9BCC-49585934F50F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwz0 - {71B71682-0CC9-498E-9BCC-49585934F50F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwz0s - {71B71682-0CC9-498E-9BCC-49585934F50F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
    O18 - Protocol: offline-8876480 - {71B71682-0CC9-498E-9BCC-49585934F50F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O23 - Service: Adobe Active File Monitor (AdobeActiveFileMonitor) - Unknown owner - F:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsFileAgent.exe
    O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\WINDOWS\System32\brsvc01a.exe
    O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
    O23 - Service: Symantec Password Validation Service (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
    O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
    O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido anti-malware\ewidoguard.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - F:\Program Files\Norton AntiVirus
    avapsvc.exe
    O23 - Service: Intel(R) NMS (NMSSvc) - Intel Corporation - C:\WINDOWS\System32\NMSSvc.exe
    O23 - Service: Norton Unerase Protection (NProtectService) - Symantec Corporation - F:\Program Files\Norton AntiVirus\AdvTools\NPROTECT.EXE
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32
    vsvc32.exe
    O23 - Service: Photoshop Elements Device Connect (PhotoshopElementsDeviceConnect) - Unknown owner - F:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsDeviceConnect.exe
    O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
    O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
    O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs Inc. - C:\WINDOWS\SYSTEM32\ZoneLabs\vsmon.exe




  • [quote:8a10131042="charrie"]ISTsvc
    ISTbar staan niet in de lijst.



    Logfile of HijackThis v1.99.1
    Scan saved at 20:27:25, on 22-2-2006
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

    [/quote:8a10131042]

    dit is heel gevaarlijk
  • 1. Download ATF cleaner (gemaakt door Atribune)

    2. Start HijackThis nog een keer kies voor "Do a system scan only" en plaats alleen een vinkje voor de volgende regels:
    [b:15666249e1]
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = about:blank
    O2 - BHO: NavErrRedir Class - {00D6A7E7-4A97-456f-848A-3B75BF7554D7} - (no file)
    O2 - BHO: (no name) - {5E2B3C89-9B16-4105-9580-A4470D42FBDF} - C:\Documents and Settings\Frida Gijsbers\Local Settings\Application Data\microsoft\internet explorer\5inav.dat
    O3 - Toolbar: (no name) - {0494D0D9-F8E0-41ad-92A3-14154ECE70AC} - (no file)
    O16 - DPF: {1D6711C8-7154-40BB-8380-3DEA45B69CBF} (Web P2P Installer) -
    [/b:15666249e1]
    Sluit alle open vensters(behalve HijackThis), klik daarna op "Fix checked" en sluit HijackThis af.

    3. Dubbelklik op ATF cleaner om het programma te starten.
    Op het tabblad "Main", plaats je een vinkje bij [b:15666249e1]Select All[/b:15666249e1].
    Klik op de knop [b:15666249e1]Empty Selected[/b:15666249e1].

    Gebruik je ook Firefox als browser:
    Klik op tabblad "Firefox", plaats een vinkje bij [b:15666249e1]Select All[/b:15666249e1].
    Wil je de door Firefox opgeslagen wachtwoorden behouden, dan klik je in het venster dat verschijnt op "No".
    (dit haalt het vinkje weer weg bij "Firefox saved passwords")
    Klik op de knop [b:15666249e1]Empty Selected[/b:15666249e1].

    Gebruik je ook Opera als browser:
    Klik op tabblad "Opera", plaats een vinkje bij [b:15666249e1]Select All[/b:15666249e1].
    Wil je de door Opera opgeslagen wachtwoorden behouden, dan klik je in het venster dat verschijnt op "No".
    Klik op de knop [b:15666249e1]Empty Selected[/b:15666249e1].
    Ga naar het tabblad "Main" en klik op de knop [b:15666249e1]Exit[/b:15666249e1] om het programma af te sluiten.

    4. Herstart de computer.

    5. Start HijackThis opnieuw, maak een nieuwe log en post deze ter controle.

    Groeten smeenk :)
  • Ik heb met ATF cleaner niet alle cookies verwijderd, want dan moeten alle wachtwoorden toch weer opnieuw ingevoerd worden ?
    Of moet dat toch ?


    Logfile of HijackThis v1.99.1
    Scan saved at 17:22:08, on 23-2-2006
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
    C:\WINDOWS\System32\brsvc01a.exe
    C:\WINDOWS\System32\brss01a.exe
    C:\WINDOWS\system32\spoolsv.exe
    F:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsFileAgent.exe
    C:\WINDOWS\system32\cisvc.exe
    C:\Program Files\ewido anti-malware\ewidoctrl.exe
    C:\Program Files\ewido anti-malware\ewidoguard.exe
    F:\Program Files\Norton AntiVirus
    avapsvc.exe
    F:\Program Files\Norton AntiVirus\AdvTools\NPROTECT.EXE
    C:\WINDOWS\system32
    vsvc32.exe
    F:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsDeviceConnect.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\SYSTEM32\ZoneLabs\vsmon.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\LVCOMSX.EXE
    F:\Program Files\Logitech\Video\LogiTray.exe
    F:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
    C:\Program Files\Common Files\Symantec Shared\ccApp.exe
    C:\Program Files\Common Files\Real\Update_OB\realsched.exe
    F:\Program Files\Logitech\Video\FxSvr2.exe
    C:\Program Files\WinZip\WZQKPICK.EXE
    C:\WINDOWS\system32\wuauclt.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Messenger\msmsgs.exe
    C:\Documents and Settings\Cees Gijsbers\Bureaublad\Nieuwe map\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.euro.dell.com/
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - F:\program files\Spybot - Search & Destroy\SDHelper.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
    O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - F:\Program Files\Norton AntiVirus\NavShExt.dll
    O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - F:\Program Files\Norton AntiVirus\NavShExt.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
    O4 - HKLM\..\Run: [WorksFUD] C:\Program Files\Microsoft Works\wkfud.exe
    O4 - HKLM\..\Run: [Microsoft Works Portfolio] C:\Program Files\Microsoft Works\WksSb.exe /AllUsers
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
    O4 - HKLM\..\Run: [LogitechVideoRepair] F:\Program Files\Logitech\Video\ISStart.exe
    O4 - HKLM\..\Run: [LogitechVideoTray] F:\Program Files\Logitech\Video\LogiTray.exe
    O4 - HKLM\..\Run: [Zone Labs Client] "F:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
    O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
    O4 - HKLM\..\Run: [ccRegVfy] "C:\Program Files\Common Files\Symantec Shared\ccRegVfy.exe"
    O4 - HKLM\..\Run: [Advanced Tools Check] F:\PROGRA~1\NORTON~1\AdvTools\ADVCHK.EXE
    O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\system32\\PSDrvCheck.exe
    O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "F:\Program Files\Logitech\Video\ManifestEngine.exe" boot
    O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
    O4 - Startup: CleanTemp.lnk = F:\program files\CleanTemp.exe
    O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
    O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
    O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://F:\PROGRA~1\MICROS~1\OFFICE11\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
    O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - F:\PROGRA~1\MICROS~1\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
    O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by108fd.bay108.hotmail.msn.com
    esources/MsnPUpld.cab
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1135681009578
    O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
    O18 - Protocol: bw+0 - {71B71682-0CC9-498E-9BCC-49585934F50F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw+0s - {71B71682-0CC9-498E-9BCC-49585934F50F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw-0 - {71B71682-0CC9-498E-9BCC-49585934F50F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw-0s - {71B71682-0CC9-498E-9BCC-49585934F50F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw00 - {71B71682-0CC9-498E-9BCC-49585934F50F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw00s - {71B71682-0CC9-498E-9BCC-49585934F50F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw10 - {71B71682-0CC9-498E-9BCC-49585934F50F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw10s - {71B71682-0CC9-498E-9BCC-49585934F50F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw20 - {71B71682-0CC9-498E-9BCC-49585934F50F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw20s - {71B71682-0CC9-498E-9BCC-49585934F50F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw30 - {71B71682-0CC9-498E-9BCC-49585934F50F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw30s - {71B71682-0CC9-498E-9BCC-49585934F50F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw40 - {71B71682-0CC9-498E-9BCC-49585934F50F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw40s - {71B71682-0CC9-498E-9BCC-49585934F50F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw50 - {71B71682-0CC9-498E-9BCC-49585934F50F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw50s - {71B71682-0CC9-498E-9BCC-49585934F50F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw60 - {71B71682-0CC9-498E-9BCC-49585934F50F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw60s - {71B71682-0CC9-498E-9BCC-49585934F50F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw70 - {71B71682-0CC9-498E-9BCC-49585934F50F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw70s - {71B71682-0CC9-498E-9BCC-49585934F50F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw80 - {71B71682-0CC9-498E-9BCC-49585934F50F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw80s - {71B71682-0CC9-498E-9BCC-49585934F50F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw90 - {71B71682-0CC9-498E-9BCC-49585934F50F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw90s - {71B71682-0CC9-498E-9BCC-49585934F50F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwa0 - {71B71682-0CC9-498E-9BCC-49585934F50F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwa0s - {71B71682-0CC9-498E-9BCC-49585934F50F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwb0 - {71B71682-0CC9-498E-9BCC-49585934F50F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwb0s - {71B71682-0CC9-498E-9BCC-49585934F50F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwc0 - {71B71682-0CC9-498E-9BCC-49585934F50F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwc0s - {71B71682-0CC9-498E-9BCC-49585934F50F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwd0 - {71B71682-0CC9-498E-9BCC-49585934F50F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwd0s - {71B71682-0CC9-498E-9BCC-49585934F50F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwe0 - {71B71682-0CC9-498E-9BCC-49585934F50F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwe0s - {71B71682-0CC9-498E-9BCC-49585934F50F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwf0 - {71B71682-0CC9-498E-9BCC-49585934F50F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwf0s - {71B71682-0CC9-498E-9BCC-49585934F50F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
    O18 - Protocol: bwg0 - {71B71682-0CC9-498E-9BCC-49585934F50F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwg0s - {71B71682-0CC9-498E-9BCC-49585934F50F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwh0 - {71B71682-0CC9-498E-9BCC-49585934F50F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwh0s - {71B71682-0CC9-498E-9BCC-49585934F50F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwi0 - {71B71682-0CC9-498E-9BCC-49585934F50F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwi0s - {71B71682-0CC9-498E-9BCC-49585934F50F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwj0 - {71B71682-0CC9-498E-9BCC-49585934F50F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwj0s - {71B71682-0CC9-498E-9BCC-49585934F50F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwk0 - {71B71682-0CC9-498E-9BCC-49585934F50F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwk0s - {71B71682-0CC9-498E-9BCC-49585934F50F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwl0 - {71B71682-0CC9-498E-9BCC-49585934F50F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwl0s - {71B71682-0CC9-498E-9BCC-49585934F50F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwm0 - {71B71682-0CC9-498E-9BCC-49585934F50F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwm0s - {71B71682-0CC9-498E-9BCC-49585934F50F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwn0 - {71B71682-0CC9-498E-9BCC-49585934F50F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwn0s - {71B71682-0CC9-498E-9BCC-49585934F50F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwo0 - {71B71682-0CC9-498E-9BCC-49585934F50F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwo0s - {71B71682-0CC9-498E-9BCC-49585934F50F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwp0 - {71B71682-0CC9-498E-9BCC-49585934F50F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwp0s - {71B71682-0CC9-498E-9BCC-49585934F50F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwq0 - {71B71682-0CC9-498E-9BCC-49585934F50F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwq0s - {71B71682-0CC9-498E-9BCC-49585934F50F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwr0 - {71B71682-0CC9-498E-9BCC-49585934F50F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwr0s - {71B71682-0CC9-498E-9BCC-49585934F50F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bws0 - {71B71682-0CC9-498E-9BCC-49585934F50F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bws0s - {71B71682-0CC9-498E-9BCC-49585934F50F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwt0 - {71B71682-0CC9-498E-9BCC-49585934F50F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwt0s - {71B71682-0CC9-498E-9BCC-49585934F50F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwu0 - {71B71682-0CC9-498E-9BCC-49585934F50F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwu0s - {71B71682-0CC9-498E-9BCC-49585934F50F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwv0 - {71B71682-0CC9-498E-9BCC-49585934F50F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwv0s - {71B71682-0CC9-498E-9BCC-49585934F50F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bww0 - {71B71682-0CC9-498E-9BCC-49585934F50F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bww0s - {71B71682-0CC9-498E-9BCC-49585934F50F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwx0 - {71B71682-0CC9-498E-9BCC-49585934F50F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwx0s - {71B71682-0CC9-498E-9BCC-49585934F50F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwy0 - {71B71682-0CC9-498E-9BCC-49585934F50F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwy0s - {71B71682-0CC9-498E-9BCC-49585934F50F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwz0 - {71B71682-0CC9-498E-9BCC-49585934F50F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwz0s - {71B71682-0CC9-498E-9BCC-49585934F50F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
    O18 - Protocol: offline-8876480 - {71B71682-0CC9-498E-9BCC-49585934F50F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O23 - Service: Adobe Active File Monitor (AdobeActiveFileMonitor) - Unknown owner - F:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsFileAgent.exe
    O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\WINDOWS\System32\brsvc01a.exe
    O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
    O23 - Service: Symantec Password Validation Service (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
    O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
    O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido anti-malware\ewidoguard.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - F:\Program Files\Norton AntiVirus
    avapsvc.exe
    O23 - Service: Intel(R) NMS (NMSSvc) - Intel Corporation - C:\WINDOWS\System32\NMSSvc.exe
    O23 - Service: Norton Unerase Protection (NProtectService) - Symantec Corporation - F:\Program Files\Norton AntiVirus\AdvTools\NPROTECT.EXE
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32
    vsvc32.exe
    O23 - Service: Photoshop Elements Device Connect (PhotoshopElementsDeviceConnect) - Unknown owner - F:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsDeviceConnect.exe
    O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
    O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
    O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs Inc. - C:\WINDOWS\SYSTEM32\ZoneLabs\vsmon.exe




  • Je HijackThis logje ziet er weer goed uit :)[quote:277d7f0ea5="charrie"]ISTsvc
    ISTbar staan niet in de lijst.[/quote:277d7f0ea5]Toch zag ik deze niet meer in je logje staan.
    Blijkbaar heb je deze toch gedeïnstalleerd?

    Zorg ervoor dat alle verborgen bestanden en mappen weergegeven worden. Hoe verborgen bestanden en mappen weergeven.
    Haal ook het vinkje weg bij: "Bestandsextensies verbergen voor bekende bestandstypes". Dit bevestigen met "OK".

    Zoek met je verkenner de volgende mappen en/of bestanden(vetgedrukt) en verwijder deze indien ze aanwezig zijn:
    C:\WINDOWS\System32\[b:277d7f0ea5]P2P Networking[/b:277d7f0ea5]\ <= deze map
    C:\WINDOWS\[b:277d7f0ea5]qtfkpsr.exe[/b:277d7f0ea5]
    C:\Program Files\[b:277d7f0ea5]SurfAccuracy[/b:277d7f0ea5]\ <= deze map

    Maak daarna je prullenbak leeg.

    Wat betreft die Cookies, als er veel websites zijn waar je regelmatig inloggen moet kun je deze beter niet verwijderen met ATF Cleaner omdat je dan inderdaad alle wachtwoorden opnieuw invullen moet.

    Je zou ook Ccleaner kunnen gebruiken, deze heeft bij "Geavanceerd" een optie om in te stellen van welke websites de cookies behouden moeten blijven.
    Er zijn veel cookies die erg nutteloos zijn, af en toe opschonen is geen verkeerde zaak :wink:

    Doe een online scan via Panda's online virus scan.
    Krijg je de mogelijkheid om een logje op te slaan dan doe je dit.
    Post ook het logje van Panda.

    Groeten smeenk
  • Ik heb na de active scan nog via zoeken enkele p2p bestanden verwijderd.



    Incident Status Location

    Adware:adware/p2pnetworking Not disinfected C:\WINDOWS\SYSTEM32\P2P Networking v126.cpl
    Dialer:dialer.b Not disinfected C:\WINDOWS\DOWNLOADED PROGRAM FILES\EGAUTH.inf
    Adware:adware/savenow Not disinfected C:\WINDOWS\DOWNLOADED PROGRAM FILES\WUInst.inf
    Adware:adware/keenvalue Not disinfected C:\WINDOWS\SYSTEM32\DRIVERS\ETC\hosts.bho
    Adware:adware/downloadware Not disinfected C:\WINDOWS\Digital Signature 20031001.htm
    Dialer:dialer.su Not disinfected C:\WINDOWS\run.cxq
    Spyware:application/bestoffer Not disinfected C:\WINDOWS\smdat32a.sys
    Adware:adware/delfinmedia Not disinfected C:\PROGRAM FILES\DelFin
    Adware:adware/ist.istbar Not disinfected C:\PROGRAM FILES\gmsoft
    Potentially unwanted tool:application/myway Not disinfected C:\PROGRAM FILES\MyWay
    Adware:adware/cydoor Not disinfected C:\WINDOWS\cdmxtras
    Adware:adware/searchexe Not disinfected Windows Registry
    Potentially unwanted tool:application/mywebsearch Not disinfected HKEY_CLASSES_ROOT\CLSID\{147A976F-EEE1-4377-8EA7-4716E4CDD239}
    Adware:adware/brilliantdigital Not disinfected Windows Registry
    Adware:Adware/P2PNetworking Not disinfected C:\Documents and Settings\Cees Gijsbers\Bureaublad\Nieuwe map\backups\backup-20060223-171136-706.dll
    Spyware:Cookie/Belnk Not disinfected C:\Documents and Settings\Charlotte Gijsbers\Cookies\charlotte gijsbers@ath.belnk[1].txt
    Spyware:Cookie/Belnk Not disinfected C:\Documents and Settings\Charlotte Gijsbers\Cookies\charlotte gijsbers@belnk[2].txt
    Spyware:Cookie/Kazaa Networks Not disinfected C:\Documents and Settings\Charlotte Gijsbers\Cookies\charlotte gijsbers@desktop.kazaa[1].txt
    Spyware:Cookie/Belnk Not disinfected C:\Documents and Settings\Charlotte Gijsbers\Cookies\charlotte gijsbers@dist.belnk[1].txt
    Spyware:Cookie/WinFixer Not disinfected C:\Documents and Settings\Charlotte Gijsbers\Cookies\charlotte gijsbers@winfixer[2].txt
    Spyware:Cookie/Advnt Not disinfected C:\Documents and Settings\Charlotte Gijsbers\Cookies\charlotte gijsbers@www.advnt01[1].txt
    Spyware:Cookie/Hbmediapro Not disinfected C:\Documents and Settings\Frida Gijsbers\Cookies\frida gijsbers@adopt.hbmediapro[1].txt
    Spyware:Cookie/Banner Not disinfected C:\Documents and Settings\Frida Gijsbers\Cookies\frida gijsbers@banner[1].txt
    Spyware:Cookie/Belnk Not disinfected C:\Documents and Settings\Frida Gijsbers\Cookies\frida gijsbers@belnk[1].txt
    Spyware:Cookie/GoStats Not disinfected C:\Documents and Settings\Frida Gijsbers\Cookies\frida gijsbers@c2.gostats[2].txt
    Spyware:Cookie/Kazaa Networks Not disinfected C:\Documents and Settings\Frida Gijsbers\Cookies\frida gijsbers@desktop.kazaa[1].txt
    Spyware:Cookie/Belnk Not disinfected C:\Documents and Settings\Frida Gijsbers\Cookies\frida gijsbers@dist.belnk[2].txt
    Spyware:Cookie/OfferOptimizer Not disinfected C:\Documents and Settings\Frida Gijsbers\Cookies\frida gijsbers@offeroptimizer[1].txt
    Spyware:Cookie/Searchportal Not disinfected C:\Documents and Settings\Frida Gijsbers\Cookies\frida gijsbers@searchportal.information[2].txt
    Spyware:Cookie/WinFixer Not disinfected C:\Documents and Settings\Frida Gijsbers\Cookies\frida gijsbers@winfixer[2].txt
    Spyware:Cookie/Advnt Not disinfected C:\Documents and Settings\Frida Gijsbers\Cookies\frida gijsbers@www.advnt01[1].txt
    Spyware:Cookie/Kazaa Networks Not disinfected C:\Documents and Settings\Gast\Cookies\gast@desktop.kazaa[1].txt
    Spyware:Cookie/MediaTickets Not disinfected C:\Documents and Settings\Gast\Cookies\gast@kinghost[1].txt
    Spyware:Cookie/Rn11 Not disinfected C:\Documents and Settings\Gast\Cookies\gast@rn11[1].txt
    Dialer:Dialer.ENO Not disinfected C:\Documents and Settings\Julie Gijsbers\Bureaublad\onzin bestanden\Mijn Playarkanoid.exe
    Spyware:Cookie/Hbmediapro Not disinfected C:\Documents and Settings\Julie Gijsbers\Cookies\julie gijsbers@adopt.hbmediapro[1].txt
    Spyware:Cookie/Azjmp Not disinfected C:\Documents and Settings\Julie Gijsbers\Cookies\julie gijsbers@azjmp[2].txt
    Spyware:Cookie/Belnk Not disinfected C:\Documents and Settings\Julie Gijsbers\Cookies\julie gijsbers@belnk[1].txt
    Spyware:Cookie/GoStats Not disinfected C:\Documents and Settings\Julie Gijsbers\Cookies\julie gijsbers@c2.gostats[2].txt
    Spyware:Cookie/Kazaa Networks Not disinfected C:\Documents and Settings\Julie Gijsbers\Cookies\julie gijsbers@desktop.kazaa[1].txt
    Spyware:Cookie/Belnk Not disinfected C:\Documents and Settings\Julie Gijsbers\Cookies\julie gijsbers@dist.belnk[2].txt
    Spyware:Cookie/OfferOptimizer Not disinfected C:\Documents and Settings\Julie Gijsbers\Cookies\julie gijsbers@offeroptimizer[1].txt
    Spyware:Cookie/WinFixer Not disinfected C:\Documents and Settings\Julie Gijsbers\Cookies\julie gijsbers@winfixer[2].txt
    Spyware:Cookie/Xiti Not disinfected C:\Documents and Settings\Julie Gijsbers\Cookies\julie gijsbers@xiti[1].txt
    Adware:Adware/P2PNetworking Not disinfected C:\Documents and Settings\Julie Gijsbers\Local Settings\Temp\p2psetup.exe
    Spyware:Cookie/3 Not disinfected C:\Documents and Settings\steefje\Cookies\steefje@3[2].txt
    Spyware:Cookie/Apmebf Not disinfected C:\Documents and Settings\steefje\Cookies\steefje@apmebf[2].txt
    Spyware:Cookie/Belnk Not disinfected C:\Documents and Settings\steefje\Cookies\steefje@belnk[1].txt
    Spyware:Cookie/GoStats Not disinfected C:\Documents and Settings\steefje\Cookies\steefje@c2.gostats[2].txt
    Spyware:Cookie/Kazaa Networks Not disinfected C:\Documents and Settings\steefje\Cookies\steefje@desktop.kazaa[2].txt
    Spyware:Cookie/Belnk Not disinfected C:\Documents and Settings\steefje\Cookies\steefje@dist.belnk[2].txt
    Spyware:Cookie/Mircx Not disinfected C:\Documents and Settings\steefje\Cookies\steefje@pop.mircx[1].txt
    Spyware:Cookie/Rightmedia Not disinfected C:\Documents and Settings\steefje\Cookies\steefje@rightmedia[2].txt
    Spyware:Cookie/MyWay Not disinfected C:\Documents and Settings\steefje\Cookies\steefje@www.xzoomy[1].txt
    Spyware:Cookie/Xiti Not disinfected C:\Documents and Settings\steefje\Cookies\steefje@xiti[1].txt
    Potentially unwanted tool:Application/MyWay Not disinfected C:\Program Files\MyWay\myBar\2.bin\MY2NS.EXE
    Potentially unwanted tool:Application/MyWay Not disinfected C:\Program Files\MyWay\myBar\2.bin\MYBAR.DLL
    Spyware:Cookie/Kazaa Networks Not disinfected C:\RECYCLER\S-1-5-21-643571872-3685698554-67682326-1012\Dc195\Cookies\charlotte gijsbers@desktop.kazaa[2].txt
    Spyware:Cookie/go Not disinfected C:\RECYCLER\S-1-5-21-643571872-3685698554-67682326-1012\Dc195\Cookies\charlotte gijsbers@go[1].txt
    Spyware:Cookie/Mircx Not disinfected C:\RECYCLER\S-1-5-21-643571872-3685698554-67682326-1012\Dc195\Cookies\charlotte gijsbers@pop.mircx[2].txt
    Spyware:Cookie/Santa Monica networks inc Not disinfected C:\RECYCLER\S-1-5-21-643571872-3685698554-67682326-1012\Dc195\Cookies\charlotte gijsbers@smni[1].txt
    Spyware:Cookie/Advnt Not disinfected C:\RECYCLER\S-1-5-21-643571872-3685698554-67682326-1012\Dc195\Cookies\charlotte gijsbers@www.advnt01[1].txt
    Dialer:Dialer.AWI Not disinfected C:\RECYCLER\S-1-5-21-643571872-3685698554-67682326-1012\Dc195\Local Settings\Temp\$QuickPage\sed.exe
    Dialer:Dialer.SU Not disinfected C:\WINDOWS\run.cxq
    Dialer:Dialer.AWI Not disinfected C:\WINDOWS\SYSTEM32\cp.exe
    Adware:Adware/P2PNetworking Not disinfected C:\WINDOWS\SYSTEM32\P2P Networking v126.cpl
    Dialer:Dialer.AWI Not disinfected C:\WINDOWS\SYSTEM32\sed.exe
    Potentially unwanted tool:Application/MyWay Not disinfected K:\Hijack\backup-20040626-161141-157.dll
    Potentially unwanted tool:Application/FunWeb Not disinfected K:\Hijack\backup-20040626-161141-169.inf
    Adware:Adware/P2PNetworking Not disinfected K:\Hijack\backup-20040626-161141-659.dll
  • Hoi smeenk..

    Ook is het handig om even dit te doen :wink:

    Ga naar Start–>Instellingen–>Config.Scherm–>Software–> En déinstalleer [b:d5191ffa57]LogiTech Desktop manager[/b:d5191ffa57]

    Plaats Vervolgens een nieuw Hijackthislogje.

    Greetz ChRizz..
  • @ChRizz: Je bedoelt het goed, maar je zult bij een dergelijk advies uit moeten leggen waarom die Logitech Desktop Messenger gedeïnstalleerd mag worden.
    Iemand die hardware van Logitech gebruikt zal deze namelijk niet graag verwijderen omdat ze bang zijn dat bijvoorbeeld hun muis het nadien niet meer zal doen.

    De Logitech Desktop Messenger dient alleen om te controleren of er updates zijn voor Logitech producten en geeft daar dan meldingen van.
    Aangezien je natuurlijk ook zelf kan controleren of er updates beschikbaar zijn is dit een onnodig programma dat de prestaties van je PC naar beneden haalt en daarom best wel gedeïnstalleerd mag worden :wink:

    @charrie: geef even aan welke bestanden van het Panda logje je al gevonden en verwijderd hebt :wink:
  • Ik weet niet meer precies welke p2p bestanden ik verwijderd heb, het was geloof ik een mapje in mijn documenten en een aantal dll files.

    Logitech desktop manager verwijderd.

    Ik maak een nieuw Panda log maar dat duurt wel een paar uur.
  • Wacht dan maar met het verwijderen van bepaalde zaken die gevonden worden, ik baseer mijn adviezen altijd op de logjes die geplaatst worden, als daar al dingen gewijzigd zijn kloppen mijn tips eigenijk niet meer :wink:
  • Incident Status Location

    Dialer:dialer.b Not disinfected C:\WINDOWS\DOWNLOADED PROGRAM FILES\EGAUTH.inf
    Adware:adware/savenow Not disinfected C:\WINDOWS\DOWNLOADED PROGRAM FILES\WUInst.inf
    Adware:adware/keenvalue Not disinfected C:\WINDOWS\SYSTEM32\DRIVERS\ETC\hosts.bho
    Adware:adware/downloadware Not disinfected C:\WINDOWS\Digital Signature 20031001.htm
    Dialer:dialer.su Not disinfected C:\WINDOWS\run.cxq
    Spyware:application/bestoffer Not disinfected C:\WINDOWS\smdat32a.sys
    Adware:adware/delfinmedia Not disinfected C:\PROGRAM FILES\DelFin
    Adware:adware/ist.istbar Not disinfected C:\PROGRAM FILES\gmsoft
    Potentially unwanted tool:application/myway Not disinfected C:\PROGRAM FILES\MyWay
    Adware:adware/cydoor Not disinfected C:\WINDOWS\cdmxtras
    Adware:adware/searchexe Not disinfected Windows Registry
    Potentially unwanted tool:application/mywebsearch Not disinfected HKEY_CLASSES_ROOT\CLSID\{147A976F-EEE1-4377-8EA7-4716E4CDD239}
    Adware:adware/brilliantdigital Not disinfected Windows Registry
    Adware:Adware/P2PNetworking Not disinfected C:\Documents and Settings\Cees Gijsbers\Bureaublad\Nieuwe map\backups\backup-20060223-171136-706.dll
    Spyware:Cookie/Belnk Not disinfected C:\Documents and Settings\Charlotte Gijsbers\Cookies\charlotte gijsbers@ath.belnk[1].txt
    Spyware:Cookie/Belnk Not disinfected C:\Documents and Settings\Charlotte Gijsbers\Cookies\charlotte gijsbers@belnk[2].txt
    Spyware:Cookie/Kazaa Networks Not disinfected C:\Documents and Settings\Charlotte Gijsbers\Cookies\charlotte gijsbers@desktop.kazaa[1].txt
    Spyware:Cookie/Belnk Not disinfected C:\Documents and Settings\Charlotte Gijsbers\Cookies\charlotte gijsbers@dist.belnk[1].txt
    Spyware:Cookie/WinFixer Not disinfected C:\Documents and Settings\Charlotte Gijsbers\Cookies\charlotte gijsbers@winfixer[2].txt
    Spyware:Cookie/Advnt Not disinfected C:\Documents and Settings\Charlotte Gijsbers\Cookies\charlotte gijsbers@www.advnt01[1].txt
    Spyware:Cookie/Hbmediapro Not disinfected C:\Documents and Settings\Frida Gijsbers\Cookies\frida gijsbers@adopt.hbmediapro[1].txt
    Spyware:Cookie/Banner Not disinfected C:\Documents and Settings\Frida Gijsbers\Cookies\frida gijsbers@banner[1].txt
    Spyware:Cookie/Belnk Not disinfected C:\Documents and Settings\Frida Gijsbers\Cookies\frida gijsbers@belnk[1].txt
    Spyware:Cookie/GoStats Not disinfected C:\Documents and Settings\Frida Gijsbers\Cookies\frida gijsbers@c2.gostats[2].txt
    Spyware:Cookie/Kazaa Networks Not disinfected C:\Documents and Settings\Frida Gijsbers\Cookies\frida gijsbers@desktop.kazaa[1].txt
    Spyware:Cookie/Belnk Not disinfected C:\Documents and Settings\Frida Gijsbers\Cookies\frida gijsbers@dist.belnk[2].txt
    Spyware:Cookie/OfferOptimizer Not disinfected C:\Documents and Settings\Frida Gijsbers\Cookies\frida gijsbers@offeroptimizer[1].txt
    Spyware:Cookie/Searchportal Not disinfected C:\Documents and Settings\Frida Gijsbers\Cookies\frida gijsbers@searchportal.information[2].txt
    Spyware:Cookie/WinFixer Not disinfected C:\Documents and Settings\Frida Gijsbers\Cookies\frida gijsbers@winfixer[2].txt
    Spyware:Cookie/Advnt Not disinfected C:\Documents and Settings\Frida Gijsbers\Cookies\frida gijsbers@www.advnt01[1].txt
    Spyware:Cookie/Kazaa Networks Not disinfected C:\Documents and Settings\Gast\Cookies\gast@desktop.kazaa[1].txt
    Spyware:Cookie/MediaTickets Not disinfected C:\Documents and Settings\Gast\Cookies\gast@kinghost[1].txt
    Spyware:Cookie/Rn11 Not disinfected C:\Documents and Settings\Gast\Cookies\gast@rn11[1].txt
    Dialer:Dialer.ENO Not disinfected C:\Documents and Settings\Julie Gijsbers\Bureaublad\onzin bestanden\Mijn Playarkanoid.exe
    Spyware:Cookie/Hbmediapro Not disinfected C:\Documents and Settings\Julie Gijsbers\Cookies\julie gijsbers@adopt.hbmediapro[1].txt
    Spyware:Cookie/Azjmp Not disinfected C:\Documents and Settings\Julie Gijsbers\Cookies\julie gijsbers@azjmp[2].txt
    Spyware:Cookie/Belnk Not disinfected C:\Documents and Settings\Julie Gijsbers\Cookies\julie gijsbers@belnk[1].txt
    Spyware:Cookie/GoStats Not disinfected C:\Documents and Settings\Julie Gijsbers\Cookies\julie gijsbers@c2.gostats[2].txt
    Spyware:Cookie/Kazaa Networks Not disinfected C:\Documents and Settings\Julie Gijsbers\Cookies\julie gijsbers@desktop.kazaa[1].txt
    Spyware:Cookie/Belnk Not disinfected C:\Documents and Settings\Julie Gijsbers\Cookies\julie gijsbers@dist.belnk[2].txt
    Spyware:Cookie/OfferOptimizer Not disinfected C:\Documents and Settings\Julie Gijsbers\Cookies\julie gijsbers@offeroptimizer[1].txt
    Spyware:Cookie/WinFixer Not disinfected C:\Documents and Settings\Julie Gijsbers\Cookies\julie gijsbers@winfixer[2].txt
    Spyware:Cookie/Xiti Not disinfected C:\Documents and Settings\Julie Gijsbers\Cookies\julie gijsbers@xiti[1].txt
    Adware:Adware/P2PNetworking Not disinfected C:\Documents and Settings\Julie Gijsbers\Local Settings\Temp\p2psetup.exe
    Spyware:Cookie/3 Not disinfected C:\Documents and Settings\steefje\Cookies\steefje@3[2].txt
    Spyware:Cookie/Apmebf Not disinfected C:\Documents and Settings\steefje\Cookies\steefje@apmebf[2].txt
    Spyware:Cookie/Belnk Not disinfected C:\Documents and Settings\steefje\Cookies\steefje@belnk[1].txt
    Spyware:Cookie/GoStats Not disinfected C:\Documents and Settings\steefje\Cookies\steefje@c2.gostats[2].txt
    Spyware:Cookie/Kazaa Networks Not disinfected C:\Documents and Settings\steefje\Cookies\steefje@desktop.kazaa[2].txt
    Spyware:Cookie/Belnk Not disinfected C:\Documents and Settings\steefje\Cookies\steefje@dist.belnk[2].txt
    Spyware:Cookie/Mircx Not disinfected C:\Documents and Settings\steefje\Cookies\steefje@pop.mircx[1].txt
    Spyware:Cookie/Rightmedia Not disinfected C:\Documents and Settings\steefje\Cookies\steefje@rightmedia[2].txt
    Spyware:Cookie/MyWay Not disinfected C:\Documents and Settings\steefje\Cookies\steefje@www.xzoomy[1].txt
    Spyware:Cookie/Xiti Not disinfected C:\Documents and Settings\steefje\Cookies\steefje@xiti[1].txt
    Potentially unwanted tool:Application/MyWay Not disinfected C:\Program Files\MyWay\myBar\2.bin\MY2NS.EXE
    Potentially unwanted tool:Application/MyWay Not disinfected C:\Program Files\MyWay\myBar\2.bin\MYBAR.DLL
    Spyware:Cookie/Kazaa Networks Not disinfected C:\RECYCLER\S-1-5-21-643571872-3685698554-67682326-1012\Dc195\Cookies\charlotte gijsbers@desktop.kazaa[2].txt
    Spyware:Cookie/go Not disinfected C:\RECYCLER\S-1-5-21-643571872-3685698554-67682326-1012\Dc195\Cookies\charlotte gijsbers@go[1].txt
    Spyware:Cookie/Mircx Not disinfected C:\RECYCLER\S-1-5-21-643571872-3685698554-67682326-1012\Dc195\Cookies\charlotte gijsbers@pop.mircx[2].txt
    Spyware:Cookie/Santa Monica networks inc Not disinfected C:\RECYCLER\S-1-5-21-643571872-3685698554-67682326-1012\Dc195\Cookies\charlotte gijsbers@smni[1].txt
    Spyware:Cookie/Advnt Not disinfected C:\RECYCLER\S-1-5-21-643571872-3685698554-67682326-1012\Dc195\Cookies\charlotte gijsbers@www.advnt01[1].txt
    Dialer:Dialer.AWI Not disinfected C:\RECYCLER\S-1-5-21-643571872-3685698554-67682326-1012\Dc195\Local Settings\Temp\$QuickPage\sed.exe
    Dialer:Dialer.SU Not disinfected C:\WINDOWS\run.cxq
    Dialer:Dialer.AWI Not disinfected C:\WINDOWS\SYSTEM32\cp.exe
    Dialer:Dialer.AWI Not disinfected C:\WINDOWS\SYSTEM32\sed.exe
    Potentially unwanted tool:Application/MyWay Not disinfected K:\Hijack\backup-20040626-161141-157.dll
    Potentially unwanted tool:Application/FunWeb Not disinfected K:\Hijack\backup-20040626-161141-169.inf
    Adware:Adware/P2PNetworking Not disinfected K:\Hijack\backup-20040626-161141-659.dll
  • Download Killbox.
    Klik op killbox.exe.
    Kies de optie: "[b:1531e96f76]Delete on reboot[/b:1531e96f76]".

    [b:1531e96f76]Kopieer[/b:1531e96f76] het volgende vetgedrukt deel:

    [b:1531e96f76]C:\WINDOWS\DOWNLOADED PROGRAM FILES\EGAUTH.inf
    C:\WINDOWS\DOWNLOADED PROGRAM FILES\WUInst.inf
    C:\WINDOWS\SYSTEM32\DRIVERS\ETC\hosts.bho
    C:\WINDOWS\Digital Signature 20031001.htm
    C:\WINDOWS\run.cxq
    C:\WINDOWS\smdat32a.sys
    C:\Documents and Settings\Cees Gijsbers\Bureaublad\Nieuwe map\backups\backup-20060223-171136-706.dll
    C:\Documents and Settings\Julie Gijsbers\Bureaublad\onzin bestanden\Mijn Playarkanoid.exe
    C:\Documents and Settings\Julie Gijsbers\Local Settings\Temp\p2psetup.exe
    C:\RECYCLER\S-1-5-21-643571872-3685698554-67682326-1012\Dc195\Local Settings\Temp\$QuickPage\sed.exe
    C:\WINDOWS\SYSTEM32\cp.exe
    C:\WINDOWS\SYSTEM32\sed.exe
    K:\Hijack\backup-20040626-161141-157.dll
    K:\Hijack\backup-20040626-161141-169.inf
    K:\Hijack\backup-20040626-161141-659.dll[/b:1531e96f76]

    Open [b:1531e96f76]'file'[/b:1531e96f76] in het killboxmenu bovenaan en kies: [b:1531e96f76]Paste from clipboard[/b:1531e96f76]

    Je zal zien, het bovenstaande vetgedrukte zal staan in het "Full Path of File to Delete"-veld.
    Er is een klein pijltje naast dat veld. Als je daarop klikt zal je al die bovenstaande lijntjes (indien bestanden aanwezig) die je gekopieerd hebt zien staan (dit is alvast de bedoeling)

    Klik op de knop: [b:1531e96f76]All files[/b:1531e96f76] (!Belangrijk!)

    Daarna, Klik op de rode cirkel met het wit kruisje erin.
    Killbox zal zeggen dat deze file zal verwijderd worden on reboot.. vraagt om nu te rebooten. Klik YES.

    Je pc moet nu rebooten.


    Zorg ervoor dat alle verborgen bestanden en mappen weergegeven worden. Hoe verborgen bestanden en mappen weergeven.

    Na de herstart verwijder je de volgende mappen:
    C:[b:1531e96f76]!Killbox[/b:1531e96f76]\ <= dit zijn de backups van Killbox en die mogen wel weg
    C:\PROGRAM FILES\[b:1531e96f76]DelFin[/b:1531e96f76]\
    C:\PROGRAM FILES\[b:1531e96f76]gmsoft[/b:1531e96f76]\
    C:\PROGRAM FILES\[b:1531e96f76]MyWay[/b:1531e96f76]\
    C:\WINDOWS\[b:1531e96f76]cdmxtras[/b:1531e96f76]\

    Maak daarna je prullenbak leeg.
  • Nog een nieuw panda log ?
    Ik zal het vannacht maken.
  • Mag je doen, er zullen waarschijnlijk vooral cookies gevonden worden en wat vermeldingen in het register.
    Misschien kunnen we daar ook iets tegen doen :wink:
  • Incident Status Location

    Adware:adware/savenow Not disinfected C:\WINDOWS\DOWNLOADED PROGRAM FILES\WUInst.inf
    Adware:adware/keenvalue Not disinfected C:\WINDOWS\SYSTEM32\DRIVERS\ETC\hosts.bho
    Adware:adware/downloadware Not disinfected C:\WINDOWS\Digital Signature 20031001.htm
    Dialer:dialer.su Not disinfected C:\WINDOWS\run.cxq
    Spyware:application/bestoffer Not disinfected C:\WINDOWS\smdat32a.sys
    Adware:adware/searchexe Not disinfected Windows Registry
    Potentially unwanted tool:application/myway Not disinfected HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\MY WAY SPEEDBAR UNINSTALL
    Adware:adware/p2pnetworking Not disinfected Windows Registry
    Potentially unwanted tool:application/mywebsearch Not disinfected HKEY_CLASSES_ROOT\CLSID\{147A976F-EEE1-4377-8EA7-4716E4CDD239}
    Adware:adware/ist.istbar Not disinfected Windows Registry
    Dialer:dialer.b Not disinfected HKEY_CLASSES_ROOT\Interface\{8F0A06F6-DF4D-4D54-B8CA-E8EEDBAE6DDB}
    Adware:Adware/P2PNetworking Not disinfected C:\Documents and Settings\Cees Gijsbers\Bureaublad\Nieuwe map\backups\backup-20060223-171136-706.dll
    Spyware:Cookie/Belnk Not disinfected C:\Documents and Settings\Charlotte Gijsbers\Cookies\charlotte gijsbers@ath.belnk[1].txt
    Spyware:Cookie/Belnk Not disinfected C:\Documents and Settings\Charlotte Gijsbers\Cookies\charlotte gijsbers@belnk[2].txt
    Spyware:Cookie/Kazaa Networks Not disinfected C:\Documents and Settings\Charlotte Gijsbers\Cookies\charlotte gijsbers@desktop.kazaa[1].txt
    Spyware:Cookie/Belnk Not disinfected C:\Documents and Settings\Charlotte Gijsbers\Cookies\charlotte gijsbers@dist.belnk[1].txt
    Spyware:Cookie/WinFixer Not disinfected C:\Documents and Settings\Charlotte Gijsbers\Cookies\charlotte gijsbers@winfixer[2].txt
    Spyware:Cookie/Advnt Not disinfected C:\Documents and Settings\Charlotte Gijsbers\Cookies\charlotte gijsbers@www.advnt01[1].txt
    Spyware:Cookie/Hbmediapro Not disinfected C:\Documents and Settings\Frida Gijsbers\Cookies\frida gijsbers@adopt.hbmediapro[1].txt
    Spyware:Cookie/Banner Not disinfected C:\Documents and Settings\Frida Gijsbers\Cookies\frida gijsbers@banner[1].txt
    Spyware:Cookie/Belnk Not disinfected C:\Documents and Settings\Frida Gijsbers\Cookies\frida gijsbers@belnk[1].txt
    Spyware:Cookie/GoStats Not disinfected C:\Documents and Settings\Frida Gijsbers\Cookies\frida gijsbers@c2.gostats[2].txt
    Spyware:Cookie/Kazaa Networks Not disinfected C:\Documents and Settings\Frida Gijsbers\Cookies\frida gijsbers@desktop.kazaa[1].txt
    Spyware:Cookie/Belnk Not disinfected C:\Documents and Settings\Frida Gijsbers\Cookies\frida gijsbers@dist.belnk[2].txt
    Spyware:Cookie/OfferOptimizer Not disinfected C:\Documents and Settings\Frida Gijsbers\Cookies\frida gijsbers@offeroptimizer[1].txt
    Spyware:Cookie/Searchportal Not disinfected C:\Documents and Settings\Frida Gijsbers\Cookies\frida gijsbers@searchportal.information[2].txt
    Spyware:Cookie/WinFixer Not disinfected C:\Documents and Settings\Frida Gijsbers\Cookies\frida gijsbers@winfixer[2].txt
    Spyware:Cookie/Advnt Not disinfected C:\Documents and Settings\Frida Gijsbers\Cookies\frida gijsbers@www.advnt01[1].txt
    Spyware:Cookie/Kazaa Networks Not disinfected C:\Documents and Settings\Gast\Cookies\gast@desktop.kazaa[1].txt
    Spyware:Cookie/MediaTickets Not disinfected C:\Documents and Settings\Gast\Cookies\gast@kinghost[1].txt
    Spyware:Cookie/Rn11 Not disinfected C:\Documents and Settings\Gast\Cookies\gast@rn11[1].txt
    Dialer:Dialer.ENO Not disinfected C:\Documents and Settings\Julie Gijsbers\Bureaublad\onzin bestanden\Mijn Playarkanoid.exe
    Spyware:Cookie/Hbmediapro Not disinfected C:\Documents and Settings\Julie Gijsbers\Cookies\julie gijsbers@adopt.hbmediapro[1].txt
    Spyware:Cookie/Azjmp Not disinfected C:\Documents and Settings\Julie Gijsbers\Cookies\julie gijsbers@azjmp[2].txt
    Spyware:Cookie/Belnk Not disinfected C:\Documents and Settings\Julie Gijsbers\Cookies\julie gijsbers@belnk[1].txt
    Spyware:Cookie/GoStats Not disinfected C:\Documents and Settings\Julie Gijsbers\Cookies\julie gijsbers@c2.gostats[2].txt
    Spyware:Cookie/Kazaa Networks Not disinfected C:\Documents and Settings\Julie Gijsbers\Cookies\julie gijsbers@desktop.kazaa[1].txt
    Spyware:Cookie/Belnk Not disinfected C:\Documents and Settings\Julie Gijsbers\Cookies\julie gijsbers@dist.belnk[2].txt
    Spyware:Cookie/OfferOptimizer Not disinfected C:\Documents and Settings\Julie Gijsbers\Cookies\julie gijsbers@offeroptimizer[1].txt
    Spyware:Cookie/WinFixer Not disinfected C:\Documents and Settings\Julie Gijsbers\Cookies\julie gijsbers@winfixer[2].txt
    Spyware:Cookie/Xiti Not disinfected C:\Documents and Settings\Julie Gijsbers\Cookies\julie gijsbers@xiti[1].txt
    Adware:Adware/P2PNetworking Not disinfected C:\Documents and Settings\Julie Gijsbers\Local Settings\Temp\p2psetup.exe
    Spyware:Cookie/3 Not disinfected C:\Documents and Settings\steefje\Cookies\steefje@3[2].txt
    Spyware:Cookie/Apmebf Not disinfected C:\Documents and Settings\steefje\Cookies\steefje@apmebf[2].txt
    Spyware:Cookie/Belnk Not disinfected C:\Documents and Settings\steefje\Cookies\steefje@belnk[1].txt
    Spyware:Cookie/GoStats Not disinfected C:\Documents and Settings\steefje\Cookies\steefje@c2.gostats[2].txt
    Spyware:Cookie/Kazaa Networks Not disinfected C:\Documents and Settings\steefje\Cookies\steefje@desktop.kazaa[2].txt
    Spyware:Cookie/Belnk Not disinfected C:\Documents and Settings\steefje\Cookies\steefje@dist.belnk[2].txt
    Spyware:Cookie/Mircx Not disinfected C:\Documents and Settings\steefje\Cookies\steefje@pop.mircx[1].txt
    Spyware:Cookie/Rightmedia Not disinfected C:\Documents and Settings\steefje\Cookies\steefje@rightmedia[2].txt
    Spyware:Cookie/MyWay Not disinfected C:\Documents and Settings\steefje\Cookies\steefje@www.xzoomy[1].txt
    Spyware:Cookie/Xiti Not disinfected C:\Documents and Settings\steefje\Cookies\steefje@xiti[1].txt
    Spyware:Cookie/Kazaa Networks Not disinfected C:\RECYCLER\S-1-5-21-643571872-3685698554-67682326-1012\Dc195\Cookies\charlotte gijsbers@desktop.kazaa[2].txt
    Spyware:Cookie/go Not disinfected C:\RECYCLER\S-1-5-21-643571872-3685698554-67682326-1012\Dc195\Cookies\charlotte gijsbers@go[1].txt
    Spyware:Cookie/Mircx Not disinfected C:\RECYCLER\S-1-5-21-643571872-3685698554-67682326-1012\Dc195\Cookies\charlotte gijsbers@pop.mircx[2].txt
    Spyware:Cookie/Santa Monica networks inc Not disinfected C:\RECYCLER\S-1-5-21-643571872-3685698554-67682326-1012\Dc195\Cookies\charlotte gijsbers@smni[1].txt
    Spyware:Cookie/Advnt Not disinfected C:\RECYCLER\S-1-5-21-643571872-3685698554-67682326-1012\Dc195\Cookies\charlotte gijsbers@www.advnt01[1].txt
    Dialer:Dialer.AWI Not disinfected C:\RECYCLER\S-1-5-21-643571872-3685698554-67682326-1012\Dc195\Local Settings\Temp\$QuickPage\sed.exe
    Dialer:Dialer.SU Not disinfected C:\WINDOWS\run.cxq
    Dialer:Dialer.AWI Not disinfected C:\WINDOWS\SYSTEM32\cp.exe
    Dialer:Dialer.AWI Not disinfected C:\WINDOWS\SYSTEM32\sed.exe
    Potentially unwanted tool:Application/MyWay Not disinfected K:\Hijack\backup-20040626-161141-157.dll
    Potentially unwanted tool:Application/FunWeb Not disinfected K:\Hijack\backup-20040626-161141-169.inf
    Adware:Adware/P2PNetworking Not disinfected K:\Hijack\backup-20040626-161141-659.dll
  • Open een kladblokbestand.
    Kopieer onderstaande code in dat bestand
    Sla het bestand op je bureaublad op als delfiles.bat
    Kies voor opslaan als bestandtype: Alle bestanden(*.*)[code:1:ce3d829c08]%systemdrive%
    cd C:\WINDOWS\DOWNLOADED PROGRAM FILES
    del WUInst.inf
    cd C:\WINDOWS\SYSTEM32\DRIVERS\ETC
    del hosts.bho
    cd C:\WINDOWS
    del Digita~1.htm
    del run.cxq
    del smdat32a.sys
    cd C:\Documents and Settings\Cees Gijsbers\Bureaublad\Nieuwe map\backups
    del backup-20060223-171136-706.dll
    cd C:\Documents and Settings\Gast\Cookies
    del gast@desktop.kazaa[1].txt
    del gast@kinghost[1].txt
    del gast@rn11[1].txt
    cd C:\Documents and Settings\Julie Gijsbers\Bureaublad\onzin bestanden
    del MijnPl~1.exe
    cd C:\Documents and Settings\Julie Gijsbers\Local Settings\Temp
    del p2psetup.exe
    cd C:\Documents and Settings\steefje\Cookies
    del steefje@3[2].txt
    del steefje@apmebf[2].txt
    del steefje@belnk[1].txt
    del steefje@c2.gostats[2].txt
    del steefje@desktop.kazaa[2].txt
    del steefje@dist.belnk[2].txt
    del steefje@pop.mircx[1].txt
    del steefje@rightmedia[2].txt
    del steefje@www.xzoomy[1].txt
    del steefje@xiti[1].txt
    del C:\RECYCLER\S-1-5-21-643571872-3685698554-67682326-1012\Dc195\Local Settings\Temp\$QuickPage/sed.exe
    del C:\WINDOWS\SYSTEM32\cp.exe
    del C:\WINDOWS\SYSTEM32\sed.exe
    del K:\Hijack\backup-20040626-161141-157.dll
    del K:\Hijack\backup-20040626-161141-169.inf
    del K:\Hijack\backup-20040626-161141-659.dll[/code:1:ce3d829c08]Dubbelklik daarna op delfiles.bat


    1) Open een kladblokbestand.
    2) Kopieer onderstaande code in dit kladblokbestand.
    3) Ga naar Bestand - Opslaan als.
    -Bij "Opslaan in" kies je: Bureaublad
    -Bij "Bestandsnaam" zet je: fix.reg
    -Bij "Opslaan als type" selecteer je: Alle bestanden (*.*).
    -Klik op de knop Opslaan.[code:1:ce3d829c08]REGEDIT4

    [-HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\MY WAY SPEEDBAR UNINSTALL]
    [-HKEY_CLASSES_ROOT\CLSID\{147A976F-EEE1-4377-8EA7-4716E4CDD239}]
    [-HKEY_CLASSES_ROOT\Interface\{8F0A06F6-DF4D-4D54-B8CA-E8EEDBAE6DDB}]
    [-HKEY_CLASSES_ROOT\CLSID\{C91E8926-D4BE-4685-99F4-0D996B96BAC0}]
    [-HKEY_CLASSES_ROOT\CLSID\{1D6711C8-7154-40BB-8380-3DEA45B69CBF}]
    [-HKEY_CURRENT_USER\Software\P2P Networking]
    [-HKEY_LOCAL_MACHINE\Sofware\P2P Networking]
    [-HKEY_CLASSES_ROOT\clsid\{00041a26-7033-432c-94c7-6371de343822}]
    [-HKEY_CLASSES_ROOT\clsid\{002f4e27-b273-4fa5-adfc-1fb9ed210b37}]
    [-HKEY_CLASSES_ROOT\clsid\{49de8655-4d15-4536-b67c-2aa6c1106740}]
    [-HKEY_CLASSES_ROOT\clsid\{9368d063-44be-49b9-bd14-bb9663fd38fc}]
    [-HKEY_CLASSES_ROOT\interface\{1eb48aa7-d3fe-4e4c-ac8e-b01594496ac0}]
    [-HKEY_CLASSES_ROOT\interface\{42bd9965-303d-4cfb-aae0-dcadcb791a55}]
    [-HKEY_CLASSES_ROOT\interface\{83a13e87-fa20-4b6a-aae8-c1226b5e1573}]
    [-HKEY_CLASSES_ROOT\interface\{f5f0a448-2bcd-459e-8743-c39154ee1ca8}]
    [-HKEY_CLASSES_ROOT\typelib\{a8f92c35-530b-4907-922c-ce31d4b6b14a}]
    [-HKEY_CLASSES_ROOT\webcom.webbar]
    [-HKEY_CLASSES_ROOT\webcom.webbar.1]
    [-HKEY_CLASSES_ROOT\webcom.webbho]
    [-HKEY_CLASSES_ROOT\webcom.webbho.1]
    [-HKEY_CLASSES_ROOT\webcom.webcommand]
    [-HKEY_CLASSES_ROOT\webcom.webcommand.1]
    [-HKEY_CLASSES_ROOT\webcom.websearch]
    [-HKEY_CLASSES_ROOT\webcom.websearch.1]
    [-HKEY_LOCAL_MACHINE\software\search-exe]
    [-HKEY_LOCAL_MACHINE\software\search-exe\prefs]
    [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ISTsvc]
    [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ISTbarISTbar]
    [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5F1ABCDB-A875-46c1-8345-B72A4567E486}]
    [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{5F1ABCDB-A875-46c1-8345-B72A4567E486}]
    [-HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser\{5F1ABCDB-A875-46c1-8345-B72A4567E486}][/code:1:ce3d829c08]4) Dubbelklik op de fix.reg file en laat de wijzigingen aan het register toevoegen.

    Je zou hierna opnieuw een online scan met Panda kunnen doen om te kijken of alles weg is ;)
  • Bedankt !
    Ik maak nu een nieuwe Panda scan en post het resultaat morgen.
  • Incident Status Location

    Spyware:application/bestoffer Not disinfected C:\WINDOWS\smdat32m.sys
    Adware:adware/downloadware Not disinfected C:\PROGRAM FILES\MediaLoads
    Dialer:dialer.su Not disinfected HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\MODULEUSAGE\C:/WINDOWS/RUN.CXQ
    Adware:adware/searchexe Not disinfected Windows Registry
    Potentially unwanted tool:application/myway Not disinfected HKEY_LOCAL_MACHINE\SOFTWARE\MYWAY
    Adware:adware/surfaccuracy Not disinfected Windows Registry
    Dialer:dialer.b Not disinfected HKEY_CLASSES_ROOT\Interface\{2E30AC01-99D7-4E9C-B13E-94E1701B0AC9}
    Spyware:Cookie/Belnk Not disinfected C:\Documents and Settings\Charlotte Gijsbers\Cookies\charlotte gijsbers@ath.belnk[1].txt
    Spyware:Cookie/Belnk Not disinfected C:\Documents and Settings\Charlotte Gijsbers\Cookies\charlotte gijsbers@belnk[2].txt
    Spyware:Cookie/Kazaa Networks Not disinfected C:\Documents and Settings\Charlotte Gijsbers\Cookies\charlotte gijsbers@desktop.kazaa[1].txt
    Spyware:Cookie/Belnk Not disinfected C:\Documents and Settings\Charlotte Gijsbers\Cookies\charlotte gijsbers@dist.belnk[1].txt
    Spyware:Cookie/WinFixer Not disinfected C:\Documents and Settings\Charlotte Gijsbers\Cookies\charlotte gijsbers@winfixer[2].txt
    Spyware:Cookie/Advnt Not disinfected C:\Documents and Settings\Charlotte Gijsbers\Cookies\charlotte gijsbers@www.advnt01[1].txt
    Spyware:Cookie/Hbmediapro Not disinfected C:\Documents and Settings\Frida Gijsbers\Cookies\frida gijsbers@adopt.hbmediapro[1].txt
    Spyware:Cookie/Banner Not disinfected C:\Documents and Settings\Frida Gijsbers\Cookies\frida gijsbers@banner[1].txt
    Spyware:Cookie/Belnk Not disinfected C:\Documents and Settings\Frida Gijsbers\Cookies\frida gijsbers@belnk[1].txt
    Spyware:Cookie/GoStats Not disinfected C:\Documents and Settings\Frida Gijsbers\Cookies\frida gijsbers@c2.gostats[2].txt
    Spyware:Cookie/Kazaa Networks Not disinfected C:\Documents and Settings\Frida Gijsbers\Cookies\frida gijsbers@desktop.kazaa[1].txt
    Spyware:Cookie/Belnk Not disinfected C:\Documents and Settings\Frida Gijsbers\Cookies\frida gijsbers@dist.belnk[2].txt
    Spyware:Cookie/OfferOptimizer Not disinfected C:\Documents and Settings\Frida Gijsbers\Cookies\frida gijsbers@offeroptimizer[1].txt
    Spyware:Cookie/Searchportal Not disinfected C:\Documents and Settings\Frida Gijsbers\Cookies\frida gijsbers@searchportal.information[2].txt
    Spyware:Cookie/WinFixer Not disinfected C:\Documents and Settings\Frida Gijsbers\Cookies\frida gijsbers@winfixer[2].txt
    Spyware:Cookie/Advnt Not disinfected C:\Documents and Settings\Frida Gijsbers\Cookies\frida gijsbers@www.advnt01[1].txt
    Adware:Adware/Gator Not disinfected C:\Documents and Settings\Frida Gijsbers\Local Settings\Temp\FSG.exe
    Spyware:Spyware/Altnet Not disinfected C:\Documents and Settings\Frida Gijsbers\Local Settings\Temp\TopSearch.dll
    Spyware:Cookie/Hbmediapro Not disinfected C:\Documents and Settings\Julie Gijsbers\Cookies\julie gijsbers@adopt.hbmediapro[1].txt
    Spyware:Cookie/Azjmp Not disinfected C:\Documents and Settings\Julie Gijsbers\Cookies\julie gijsbers@azjmp[2].txt
    Spyware:Cookie/Belnk Not disinfected C:\Documents and Settings\Julie Gijsbers\Cookies\julie gijsbers@belnk[1].txt
    Spyware:Cookie/GoStats Not disinfected C:\Documents and Settings\Julie Gijsbers\Cookies\julie gijsbers@c2.gostats[2].txt
    Spyware:Cookie/Kazaa Networks Not disinfected C:\Documents and Settings\Julie Gijsbers\Cookies\julie gijsbers@desktop.kazaa[1].txt
    Spyware:Cookie/Belnk Not disinfected C:\Documents and Settings\Julie Gijsbers\Cookies\julie gijsbers@dist.belnk[2].txt
    Spyware:Cookie/OfferOptimizer Not disinfected C:\Documents and Settings\Julie Gijsbers\Cookies\julie gijsbers@offeroptimizer[1].txt
    Spyware:Cookie/WinFixer Not disinfected C:\Documents and Settings\Julie Gijsbers\Cookies\julie gijsbers@winfixer[2].txt
    Spyware:Cookie/Xiti Not disinfected C:\Documents and Settings\Julie Gijsbers\Cookies\julie gijsbers@xiti[1].txt
    Spyware:Cookie/Kazaa Networks Not disinfected C:\RECYCLER\S-1-5-21-643571872-3685698554-67682326-1012\Dc195\Cookies\charlotte gijsbers@desktop.kazaa[2].txt
    Spyware:Cookie/go Not disinfected C:\RECYCLER\S-1-5-21-643571872-3685698554-67682326-1012\Dc195\Cookies\charlotte gijsbers@go[1].txt
    Spyware:Cookie/Mircx Not disinfected C:\RECYCLER\S-1-5-21-643571872-3685698554-67682326-1012\Dc195\Cookies\charlotte gijsbers@pop.mircx[2].txt
    Spyware:Cookie/Santa Monica networks inc Not disinfected C:\RECYCLER\S-1-5-21-643571872-3685698554-67682326-1012\Dc195\Cookies\charlotte gijsbers@smni[1].txt
    Spyware:Cookie/Advnt Not disinfected C:\RECYCLER\S-1-5-21-643571872-3685698554-67682326-1012\Dc195\Cookies\charlotte gijsbers@www.advnt01[1].txt
    Dialer:Dialer.AWI Not disinfected C:\RECYCLER\S-1-5-21-643571872-3685698554-67682326-1012\Dc195\Local Settings\Temp\$QuickPage\sed.exe

Beantwoord deze vraag

Dit is een gearchiveerde pagina. Antwoorden is niet meer mogelijk.