Vraag & Antwoord

Beveiliging & privacy

probleem: asappsrv.dll (hijackthis log)

Anoniem
None
8 antwoorden
 • Hello,

  Ik heb sinds vanochtend zeer traag internet en bureaublad weergeven is ook bijzonder traag. Even na het opstarten van de pc gaf mcaffee een melding van "asappsrv.dll" en hij kan dit niet verwijderen.

  Heb al verschillende programma's laten lopen maar geen die dit verwijderd. Weet er iemand hoe ik het (asappsrv.dll) kan verwijderen of fixen?

  Ik ben ondertussen ook bezig met het zoeken achter een oplossing voor "command service" dat spybot altijd blijft geven en maar niet kan verwijderen, mss dat jullie in dit logje ook een oplossing hiervoor kunnen vinden?

  Dank bij voorbaat


  Logfile of HijackThis v1.99.1
  Scan saved at 14:32:55, on 22/06/2006
  Platform: Windows XP SP2 (WinNT 5.01.2600)
  MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

  Running processes:
  C:\WINDOWS\System32\smss.exe
  C:\WINDOWS\system32\csrss.exe
  C:\WINDOWS\system32\winlogon.exe
  C:\WINDOWS\system32\services.exe
  C:\WINDOWS\system32\lsass.exe
  C:\WINDOWS\system32\Ati2evxx.exe
  C:\WINDOWS\system32\svchost.exe
  C:\WINDOWS\system32\svchost.exe
  C:\WINDOWS\System32\svchost.exe
  C:\WINDOWS\System32\svchost.exe
  C:\WINDOWS\System32\svchost.exe
  C:\WINDOWS\system32\spoolsv.exe
  c:\program files\mcafee.com\agent\mcdetect.exe
  c:\PROGRA~1\mcafee.com\vso\mcshield.exe
  c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
  c:\PROGRA~1\mcafee.com\vso\OasClnt.exe
  C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
  C:\Program Files\Eset\nod32krn.exe
  C:\WINDOWS\System32\svchost.exe
  C:\WINDOWS\system32\Ati2evxx.exe
  C:\WINDOWS\system32\wdfmgr.exe
  C:\WINDOWS\Explorer.EXE
  c:\program files\mcafee.com\vso\mcvsshld.exe
  c:\progra~1\mcafee.com\vso\mcvsescn.exe
  C:\WINDOWS\System32\alg.exe
  C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
  C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
  C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe
  D:\logitech\iTouch\iTouch.exe
  D:\daemon\daemon.exe
  D:\logitech\MouseWare\system\em_exec.exe
  D:\quicktime\qttask.exe
  C:\Program Files\Common Files\Real\Update_OB\realsched.exe
  D:\d-link\AirGCFG.exe
  C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe
  C:\Program Files\MSN Messenger\MsnMsgr.Exe
  C:\Program Files\Skype\Phone\Skype.exe
  D:\HP\Digital Imaging\bin\hpohmr08.exe
  D:\HP\Digital Imaging\bin\hpotdd01.exe
  C:\Program Files\VIA\RAID\raid_tool.exe
  D:\HP\Digital Imaging\bin\hpoevm08.exe
  D:\HP\Digital Imaging\Bin\hpoSTS08.exe
  c:\progra~1\mcafee.com\vso\mcvsftsn.exe
  C:\WINDOWS\system32\svchost.exe
  D:\counterspy\sunThreatEngine.exe
  D:\counterspy\SunProtectionServer.exe
  C:\Program Files\Mozilla Firefox\firefox.exe
  C:\Program Files\McAfee.com\Agent\mcagent.exe
  D:\Hijackthis\HijackThis.exe

  R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
  R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = about:blank
  R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
  R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.be/
  R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
  R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
  R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://windowsupdate.microsoft.com/
  R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
  O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
  O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - D:\spybot\SPYBOT~1\SDHelper.dll
  O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
  O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:\progra~1\mcafee.com\vso\mcvsshl.dll
  O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
  O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
  O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
  O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
  O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
  O4 - HKLM\..\Run: [VSOCheckTask] "C:\PROGRA~1\McAfee.com\VSO\mcmnhdlr.exe" /checktask
  O4 - HKLM\..\Run: [VirusScan Online] C:\Program Files\McAfee.com\VSO\mcvsshld.exe
  O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe
  O4 - HKLM\..\Run: [MCUpdateExe] C:\PROGRA~1\McAfee.com\Agent\McUpdate.exe
  O4 - HKLM\..\Run: [Snelkoppeling naar eigenschappenvenster voor High Definition Audio] HDAudPropShortcut.exe
  O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe
  O4 - HKLM\..\Run: [zBrowser Launcher] D:\logitech\iTouch\iTouch.exe
  O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
  O4 - HKLM\..\Run: [D-Link AirPlus G] D:\d-link\AirGCFG.exe
  O4 - HKLM\..\Run: [OASClnt] C:\Program Files\McAfee.com\VSO\oasclnt.exe
  O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
  O4 - HKLM\..\Run: [eTrustPPAP] "C:\Program Files\CA\eTrust Internet Security Suite\eTrust PestPatrol Anti-Spyware\PPActiveDetection.exe"
  O4 - HKLM\..\Run: [SunServer] D:\counterspy\sunserver.exe
  O4 - HKLM\..\RunOnce: [eISS_cleanup] "C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\cacu_001.exe" /cleanup
  O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
  O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
  O4 - HKCU\..\Run: [SpyBrowser] "C:\Program Files\SpyBro\SpyBro.exe" /autostart
  O4 - Global Startup: hp psc 1000 series.lnk = ?
  O4 - Global Startup: hpoddt01.exe.lnk = ?
  O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
  O4 - Global Startup: VIA RAID TOOL.lnk = C:\Program Files\VIA\RAID\raid_tool.exe
  O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
  O8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html
  O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
  O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
  O8 - Extra context menu item: E&xport to Microsoft Excel - res://E:\DOWNLO~1\OFFICE12\EXCEL.EXE/3000
  O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
  O8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar2.dll/cmtrans.html
  O9 - Extra button: (no name) - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - (no file)
  O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) - http://download.mcafee.com/molbin/shared/mcinsctl/nl/4,0,0,90/mcinsctl.cab
  O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} (DwnldGroupMgr Class) - http://download.mcafee.com/molbin/shared/mcgdmgr/nl/1,0,0,23/mcgdmgr.cab
  O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
  O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
  O20 - Winlogon Notify: Run - C:\WINDOWS\system32\cLbview.dll
  O20 - Winlogon Notify: WRNotifier - C:\WINDOWS\SYSTEM32\WRLogonNTF.dll
  O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
  O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
  O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
  O23 - Service: McAfee WSC Integration (McDetect.exe) - McAfee, Inc - c:\program files\mcafee.com\agent\mcdetect.exe
  O23 - Service: McAfee.com McShield (McShield) - McAfee Inc. - c:\PROGRA~1\mcafee.com\vso\mcshield.exe
  O23 - Service: McAfee Task Scheduler (McTskshd.exe) - McAfee, Inc - c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
  O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe
  O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
  O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
  O23 - Service: Webroot Spy Sweeper Engine (svcWRSSSDK) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe
 • Start HJT en doe een systemscan only en vink onderstaande regels aan en klik op fix checked.

  [b:bd02fd5745]R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
  R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = about:blank
  R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
  R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
  R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
  O4 - HKCU\..\Run: [SpyBrowser] "C:\Program Files\SpyBro\SpyBro.exe" /autostart[/b:bd02fd5745]

  Verwijder via verkenner onderstaand bestand.(dikgedrukt)

  C:\Program Files\[b:bd02fd5745]SpyBro\SpyBro.exe" /autostart[/b:bd02fd5745]  Wil je onderstaand bestand uploaden bij jotti aub. http://virusscan.jotti.org/

  C:\WINDOWS\system32\[b:bd02fd5745]cLbview.dll[/b:bd02fd5745]  Voer eens een online virusscan uit bij [b:bd02fd5745]Panda[/b:bd02fd5745].

  Klik op[b:bd02fd5745]"scan your PC"[/b:bd02fd5745]

  Er opent een nieuw venster

  Klik op [b:bd02fd5745]"check now"[/b:bd02fd5745]

  Er opent een nieuw venster. Vul daar je land in en een geldig e-mail adres.

  Klik dan op [b:bd02fd5745]"scan now"[/b:bd02fd5745]

  [i:bd02fd5745]Als je Panda nog nooit hebt gebruikt, wordt er een [b:bd02fd5745]Active X[/b:bd02fd5745] element gedownload, geef hier toestemming voor door op [b:bd02fd5745]"install"[/b:bd02fd5745] te drukken.[/i:bd02fd5745]

  Je ziet dan in beeld [b:bd02fd5745]"Select a device to scan…" [/b:bd02fd5745]

  kies voor [b:bd02fd5745]"My Computer"[/b:bd02fd5745]

  De computer wordt nu gescand (dit duurt wel even).

  Als de scan klaar is

  Klik op [b:bd02fd5745]"See report" [/b:bd02fd5745]en dan op [b:bd02fd5745]"save report"[/b:bd02fd5745]


  Open het tekstbestand en selecteer de gehele tekst. Kies [b:bd02fd5745]"kopieren"[/b:bd02fd5745] en post het hier in je antwoord.

  Dus in volgende post.
  1 : Het jotti antwoord
  2 : Het panda logje
  3 : een nieuw HJT logje ter controle.

  Succes
 • oke, Ik heb ongeveer gedaan wat je me hebt gezegd.

  dit is ten eerste de log van de panda scan:

  Incident Status Location

  Adware:Adware/Look2Me Not disinfected C:\WINDOWS\system32\cLbview.dll
  Adware:adware/dollarrevenue Not disinfected c:\windows\keyboard121.dat
  Adware:adware/look2me Not disinfected Windows Registry
  Adware:adware/commad Not disinfected Windows Registry
  Spyware:Cookie/onestat.com Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\asdlf3vv.default\cookies.txt[.stat.onestat.com/]
  Spyware:Cookie/onestat.com Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\asdlf3vv.default\cookies.txt[stat.onestat.com/]
  Spyware:Cookie/onestat.com Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\asdlf3vv.default\cookies.txt[.stat.onestat.com/]
  Spyware:Cookie/Doubleclick Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\asdlf3vv.default\cookies.txt[.doubleclick.net/]
  Spyware:Cookie/Falkag Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\asdlf3vv.default\cookies.txt[.as-eu.falkag.net/]
  Spyware:Cookie/MetriWeb Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\asdlf3vv.default\cookies.txt[.metriweb.be/]
  Spyware:Cookie/Mediaplex Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\asdlf3vv.default\cookies.txt[.mediaplex.com/]
  Spyware:Cookie/Hitbox Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\asdlf3vv.default\cookies.txt[.hitbox.com/]
  Spyware:Cookie/Atlas DMT Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\asdlf3vv.default\cookies.txt[.atdmt.com/]
  Spyware:Cookie/Bluestreak Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\asdlf3vv.default\cookies.txt[.bluestreak.com/]
  Spyware:Cookie/Bfast Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\asdlf3vv.default\cookies.txt[.bfast.com/]
  Spyware:Cookie/Statcounter Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\asdlf3vv.default\cookies.txt[.statcounter.com/]
  Spyware:Cookie/Advertising Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\asdlf3vv.default\cookies.txt[.advertising.com/]
  Spyware:Cookie/Adtech Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\asdlf3vv.default\cookies.txt[.adtech.de/]
  Spyware:Cookie/Clickbank Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\asdlf3vv.default\cookies.txt[.clickbank.net/]
  Spyware:Cookie/MetriWeb Not disinfected C:\Documents and Settings\Administrator\Cookies\administrator@metriweb[1].txt
  Spyware:Cookie/onestat.com Not disinfected C:\Documents and Settings\Administrator\Cookies\administrator@stat.onestat[2].txt
  Adware:Adware/SaveNow Not disinfected C:\Program Files\BSplayer_WhenUSave_Installer\BSplayer_WhenUSave_Installer.exe
  Adware:Adware/Yazzle Not disinfected C:\SnowballWarsInstaller.exe
  Dialer:Dialer.Gen Not disinfected D:\scansoft\ScanSoft PaperPort Pro Office 9.0\Other\PagisConverter\ENGLISH\data1.cab[convproc.exe]
  Adware:Adware/Bitamobar Not disinfected E:\games\COD II\cod2 uitgepakt\xtape[1].net.ru_Call_Of_Duty2.rar[call.of.duty.2.multiplayer.private.server.1.0.patch-icu.zip][crack-inf.exe][autoupdatev2.exe]
  Adware:Adware/Bitamobar Not disinfected E:\games\COD II\cod2 uitgepakt\xtape[1].net.ru_Call_Of_Duty2.rar[Call_of_Duty_PLUS_2_TRAINER-PiZZADOX.ZIP][crack-inf.exe][autoupdatev2.exe]
  Spyware:Cookie/Atlas DMT Not disinfected F:\Backup\Documents and Settings\gebruiker\Cookies\gebruiker@atdmt[2].txt
  Spyware:Cookie/Doubleclick Not disinfected F:\Backup\Documents and Settings\gebruiker\Cookies\gebruiker@doubleclick[1].txt
  Spyware:Cookie/MetriWeb Not disinfected F:\Backup\Documents and Settings\gebruiker\Cookies\gebruiker@metriweb[1].txt
  Spyware:Cookie/YieldManager Not disinfected F:\backup 30-08-2005\20053008_173552_PC\C\Documents and Settings\PC\Cookies\pc@ad.yieldmanager[2].txt.nco[20053008_173552_PC\C\DOCUME~1\PC\Cookies\PC@ADY~2.TXT]
  Spyware:Cookie/Belnk Not disinfected F:\backup 30-08-2005\20053008_173552_PC\C\Documents and Settings\PC\Cookies\pc@belnk[1].txt.nco[20053008_173552_PC\C\DOCUME~1\PC\Cookies\PC@BEL~1.TXT]
  Spyware:Cookie/Belnk Not disinfected F:\backup 30-08-2005\20053008_173552_PC\C\Documents and Settings\PC\Cookies\pc@dist.belnk[2].txt.nco[20053008_173552_PC\C\DOCUME~1\PC\Cookies\PC@DIS~2.TXT]
  Spyware:Cookie/Doubleclick Not disinfected F:\backup 30-08-2005\20053008_173552_PC\C\Documents and Settings\PC\Cookies\pc@doubleclick[1].txt.nco[20053008_173552_PC\C\DOCUME~1\PC\Cookies\PC@DOU~1.TXT]
  Spyware:Cookie/MetriWeb Not disinfected F:\backup 30-08-2005\20053008_173552_PC\C\Documents and Settings\PC\Cookies\pc@metriweb[1].txt.nco[20053008_173552_PC\C\DOCUME~1\PC\Cookies\PC@MET~1.TXT]

  als 2de heb is dit de lijst van jotti: eerste kader


  AntiVir
  Found Adware-Spyware/Look2Me.ab adware
  ArcaVir
  Found Adware.Looktome.Ab
  Avast
  Found Win32:Adware-gen.
  AVG Antivirus
  Found Generic.FWR
  BitDefender
  Found Trojan.Candebe.CZ
  ClamAV
  Found Adware.Lookme-26
  Dr.Web
  Found Adware.Look2me
  F-Prot Antivirus
  Found security risk or a "backdoor" program
  Fortinet
  Found Adware/Look2me
  Kaspersky Anti-Virus
  Found not-a-virus:AdWare.Win32.Look2Me.ab
  NOD32
  Found Win32/Adware.Look2Me application
  Norman Virus Control
  Found W32/Look2Me.DE
  UNA
  Found nothing
  VirusBuster
  Found Trojan.PolyAgent.A
  VBA32
  Found AdWare.Look2Me.ab

  2de kader:

  AntiVir Trojan/PSW.LdPinch.jm1
  ArcaVir X
  Avast X
  AVG Antivirus Dropper.Small.27.AC
  BitDefender Trojan.Dropper.Joiner.AJ
  ClamAV X
  Dr.Web Trojan.MulDrop.1161 F-Prot
  Antivirus X
  Fortinet W32/Joiner.AJ!tr
  Kaspersky Anti-Virus Constructor.Win32.MicroJoiner.17
  NOD32 X
  Norman Virus Control X
  UNA X
  VirusBuster X
  VBA32 TrojanDropper.Win32.Joiner.aj

  en dan tenslotte het nieuwe hjt logje:

  Logfile of HijackThis v1.99.1
  Scan saved at 19:50:38, on 23/06/2006
  Platform: Windows XP SP2 (WinNT 5.01.2600)
  MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

  Running processes:
  C:\WINDOWS\System32\smss.exe
  C:\WINDOWS\system32\winlogon.exe
  C:\WINDOWS\system32\services.exe
  C:\WINDOWS\system32\lsass.exe
  C:\WINDOWS\system32\Ati2evxx.exe
  C:\WINDOWS\system32\svchost.exe
  C:\WINDOWS\System32\svchost.exe
  C:\WINDOWS\system32\spoolsv.exe
  c:\program files\mcafee.com\agent\mcdetect.exe
  c:\PROGRA~1\mcafee.com\vso\mcshield.exe
  c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
  c:\PROGRA~1\mcafee.com\vso\OasClnt.exe
  C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
  C:\Program Files\Eset\nod32krn.exe
  C:\WINDOWS\System32\svchost.exe
  C:\WINDOWS\system32\Ati2evxx.exe
  C:\WINDOWS\Explorer.EXE
  c:\program files\mcafee.com\vso\mcvsshld.exe
  C:\PROGRA~1\mcafee.com\vso\mcvsescn.exe
  C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
  C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
  C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe
  D:\logitech\iTouch\iTouch.exe
  D:\d-link\AirGCFG.exe
  D:\logitech\MouseWare\system\em_exec.exe
  C:\Program Files\MSN Messenger\MsnMsgr.Exe
  D:\HP\Digital Imaging\bin\hpohmr08.exe
  D:\HP\Digital Imaging\bin\hpotdd01.exe
  C:\Program Files\VIA\RAID\raid_tool.exe
  D:\HP\Digital Imaging\bin\hpoevm08.exe
  D:\HP\Digital Imaging\Bin\hpoSTS08.exe
  c:\progra~1\mcafee.com\vso\mcvsftsn.exe
  C:\WINDOWS\system32\svchost.exe
  C:\Program Files\McAfee.com\Agent\mcagent.exe
  E:\games\hl2\Steam.exe
  C:\Program Files\Windows Media Player\wmplayer.exe
  C:\Program Files\Mozilla Firefox\firefox.exe
  C:\WINDOWS\system32\NOTEPAD.EXE
  c:\program files\mcafee.com\vso\mcmnhdlr.exe
  c:\program files\mcafee.com\shared\mghtml.exe
  C:\Program Files\Internet Explorer\iexplore.exe
  C:\Program Files\Microsoft Office\Office\WINWORD.EXE
  C:\WINDOWS\msagent\AgentSvr.exe
  D:\Hijackthis\HijackThis.exe

  R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.be/
  R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://windowsupdate.microsoft.com/
  R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
  O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
  O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - D:\spybot\SPYBOT~1\SDHelper.dll
  O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
  O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:\progra~1\mcafee.com\vso\mcvsshl.dll
  O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
  O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
  O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
  O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
  O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
  O4 - HKLM\..\Run: [VSOCheckTask] "C:\PROGRA~1\McAfee.com\VSO\mcmnhdlr.exe" /checktask
  O4 - HKLM\..\Run: [VirusScan Online] C:\Program Files\McAfee.com\VSO\mcvsshld.exe
  O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe
  O4 - HKLM\..\Run: [MCUpdateExe] C:\PROGRA~1\McAfee.com\Agent\McUpdate.exe
  O4 - HKLM\..\Run: [Snelkoppeling naar eigenschappenvenster voor High Definition Audio] HDAudPropShortcut.exe
  O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe
  O4 - HKLM\..\Run: [zBrowser Launcher] D:\logitech\iTouch\iTouch.exe
  O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
  O4 - HKLM\..\Run: [D-Link AirPlus G] D:\d-link\AirGCFG.exe
  O4 - HKLM\..\Run: [OASClnt] C:\Program Files\McAfee.com\VSO\oasclnt.exe
  O4 - HKLM\..\Run: [eTrustPPAP] "C:\Program Files\CA\eTrust Internet Security Suite\eTrust PestPatrol Anti-Spyware\PPActiveDetection.exe"
  O4 - HKLM\..\Run: [SunServer] D:\counterspy\sunserver.exe
  O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
  O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
  O4 - Global Startup: hp psc 1000 series.lnk = ?
  O4 - Global Startup: hpoddt01.exe.lnk = ?
  O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
  O4 - Global Startup: VIA RAID TOOL.lnk = C:\Program Files\VIA\RAID\raid_tool.exe
  O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
  O8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html
  O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
  O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
  O8 - Extra context menu item: E&xport to Microsoft Excel - res://E:\DOWNLO~1\OFFICE12\EXCEL.EXE/3000
  O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
  O8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar2.dll/cmtrans.html
  O9 - Extra button: (no name) - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - (no file)
  O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) - http://download.mcafee.com/molbin/shared/mcinsctl/nl/4,0,0,90/mcinsctl.cab
  O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
  O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} (DwnldGroupMgr Class) - http://download.mcafee.com/molbin/shared/mcgdmgr/nl/1,0,0,23/mcgdmgr.cab
  O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
  O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
  O20 - Winlogon Notify: Run - C:\WINDOWS\system32\cLbview.dll
  O20 - Winlogon Notify: WRNotifier - C:\WINDOWS\SYSTEM32\WRLogonNTF.dll
  O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
  O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
  O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
  O23 - Service: McAfee WSC Integration (McDetect.exe) - McAfee, Inc - c:\program files\mcafee.com\agent\mcdetect.exe
  O23 - Service: McAfee.com McShield (McShield) - McAfee Inc. - c:\PROGRA~1\mcafee.com\vso\mcshield.exe
  O23 - Service: McAfee Task Scheduler (McTskshd.exe) - McAfee, Inc - c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
  O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe
  O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
  O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
  O23 - Service: Webroot Spy Sweeper Engine (svcWRSSSDK) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe


 • Heel wat wijzer nu.


  * [u:e5c1fac68f]Clean de Cache and Cookies in
 • heb gedaan wat je hebt gezegd

  Look2Me-Destroyer logje:


  Look2Me-Destroyer V1.0.12

  Scanning for infected files…..
  Scan started at 24/06/2006 0:30:06

  Infected! C:\WINDOWS\system32\cLbview.dll
  Infected! C:\WINDOWS\system32\cLbview.dll

  Attempting to delete infected files…

  Attempting to delete: C:\WINDOWS\system32\cLbview.dll
  C:\WINDOWS\system32\cLbview.dll Deleted successfully!

  Attempting to delete: C:\WINDOWS\system32\cLbview.dll
  C:\WINDOWS\system32\cLbview.dll Deleted successfully!

  Making registry repairs.

  Removing: HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\Run

  Restoring Windows certificates.

  Replaced hosts file with default windows hosts file


  Restoring SeDebugPrivilege for Administrators - Succeeded

  nieuw hjt logje:

  Logfile of HijackThis v1.99.1
  Scan saved at 0:38:44, on 24/06/2006
  Platform: Windows XP SP2 (WinNT 5.01.2600)
  MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

  Running processes:
  C:\WINDOWS\System32\smss.exe
  C:\WINDOWS\system32\winlogon.exe
  C:\WINDOWS\system32\services.exe
  C:\WINDOWS\system32\lsass.exe
  C:\WINDOWS\system32\Ati2evxx.exe
  C:\WINDOWS\system32\svchost.exe
  C:\WINDOWS\System32\svchost.exe
  C:\WINDOWS\system32\spoolsv.exe
  c:\program files\mcafee.com\agent\mcdetect.exe
  c:\PROGRA~1\mcafee.com\vso\mcshield.exe
  c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
  c:\PROGRA~1\mcafee.com\vso\OasClnt.exe
  C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
  C:\Program Files\Eset\nod32krn.exe
  C:\WINDOWS\System32\svchost.exe
  C:\WINDOWS\system32\Ati2evxx.exe
  c:\program files\mcafee.com\vso\mcvsshld.exe
  C:\WINDOWS\Explorer.EXE
  C:\PROGRA~1\mcafee.com\vso\mcvsescn.exe
  C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
  C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
  C:\PROGRA~1\mcafee.com\agent\mcagent.exe
  C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe
  D:\logitech\iTouch\iTouch.exe
  D:\d-link\AirGCFG.exe
  D:\logitech\MouseWare\system\em_exec.exe
  C:\Program Files\MSN Messenger\MsnMsgr.Exe
  C:\Program Files\Skype\Phone\Skype.exe
  D:\HP\Digital Imaging\bin\hpohmr08.exe
  D:\HP\Digital Imaging\bin\hpotdd01.exe
  C:\Program Files\VIA\RAID\raid_tool.exe
  D:\HP\Digital Imaging\bin\hpoevm08.exe
  c:\progra~1\mcafee.com\vso\mcvsftsn.exe
  D:\HP\Digital Imaging\Bin\hpoSTS08.exe
  C:\WINDOWS\system32\svchost.exe
  C:\WINDOWS\system32\wuauclt.exe
  C:\Program Files\Mozilla Firefox\firefox.exe
  D:\Hijackthis\HijackThis.exe

  R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.be/
  R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://windowsupdate.microsoft.com/
  R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
  O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
  O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - D:\spybot\SPYBOT~1\SDHelper.dll
  O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
  O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:\progra~1\mcafee.com\vso\mcvsshl.dll
  O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
  O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
  O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
  O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
  O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
  O4 - HKLM\..\Run: [VSOCheckTask] "C:\PROGRA~1\McAfee.com\VSO\mcmnhdlr.exe" /checktask
  O4 - HKLM\..\Run: [VirusScan Online] C:\Program Files\McAfee.com\VSO\mcvsshld.exe
  O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe
  O4 - HKLM\..\Run: [MCUpdateExe] C:\PROGRA~1\mcafee.com\agent\McUpdate.exe
  O4 - HKLM\..\Run: [Snelkoppeling naar eigenschappenvenster voor High Definition Audio] HDAudPropShortcut.exe
  O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe
  O4 - HKLM\..\Run: [zBrowser Launcher] D:\logitech\iTouch\iTouch.exe
  O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
  O4 - HKLM\..\Run: [D-Link AirPlus G] D:\d-link\AirGCFG.exe
  O4 - HKLM\..\Run: [OASClnt] C:\Program Files\McAfee.com\VSO\oasclnt.exe
  O4 - HKLM\..\Run: [eTrustPPAP] "C:\Program Files\CA\eTrust Internet Security Suite\eTrust PestPatrol Anti-Spyware\PPActiveDetection.exe"
  O4 - HKLM\..\Run: [SunServer] D:\counterspy\sunserver.exe
  O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
  O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
  O4 - Global Startup: hp psc 1000 series.lnk = ?
  O4 - Global Startup: hpoddt01.exe.lnk = ?
  O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
  O4 - Global Startup: VIA RAID TOOL.lnk = C:\Program Files\VIA\RAID\raid_tool.exe
  O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
  O8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html
  O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
  O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
  O8 - Extra context menu item: E&xport to Microsoft Excel - res://E:\DOWNLO~1\OFFICE12\EXCEL.EXE/3000
  O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
  O8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar2.dll/cmtrans.html
  O9 - Extra button: (no name) - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - (no file)
  O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) - http://download.mcafee.com/molbin/shared/mcinsctl/nl/4,0,0,90/mcinsctl.cab
  O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
  O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} (DwnldGroupMgr Class) - http://download.mcafee.com/molbin/shared/mcgdmgr/nl/1,0,0,23/mcgdmgr.cab
  O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
  O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
  O20 - Winlogon Notify: WRNotifier - C:\WINDOWS\SYSTEM32\WRLogonNTF.dll
  O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
  O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
  O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
  O23 - Service: McAfee WSC Integration (McDetect.exe) - McAfee, Inc - c:\program files\mcafee.com\agent\mcdetect.exe
  O23 - Service: McAfee.com McShield (McShield) - McAfee Inc. - c:\PROGRA~1\mcafee.com\vso\mcshield.exe
  O23 - Service: McAfee Task Scheduler (McTskshd.exe) - McAfee, Inc - c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
  O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe
  O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
  O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
  O23 - Service: Webroot Spy Sweeper Engine (svcWRSSSDK) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe
 • Hoeveel virusscanners heb je nu draaien, volgens mij zie ik macfee en NOD32 klopt dat. Als NOD32 onderdeel is van HITman :cry: zou ik die IIG uitzetten of liever helemaal verwijderen(samen met HMP maar dat is persoonlijk)

  Ik zie op dit moment geen rare dingen meer in je logje maar ik wil je toch nog even onderstaande aanbieden.
  * [u:c487205c05]Clean de Cache and Cookies in
 • heb wat weinig tijd gehad gisteren maar hier is het rapport van Hjt en ewido

  ewido

  C:\Program Files\BSplayer_WhenUSave_Installer\BSplayer_WhenUSave_Installer.exe -> Adware.SaveNow : Cleaned with backup (quarantined).
  E:\games\COD II\cod2 uitgepakt\xtape[1].net.ru_Call_Of_Duty2.rar/Call_of_Duty_PLUS_2_TRAINER-PiZZADOX.ZIP/crack-inf.exe -> Dropper.Agent.aao : Error during cleaning.
  E:\games\COD II\cod2 uitgepakt\xtape[1].net.ru_Call_Of_Duty2.rar/call.of.duty.2.multiplayer.private.server.1.0.patch-icu.zip/crack-inf.exe -> Dropper.Agent.aao : Error during cleaning.
  :mozilla.29:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\asdlf3vv.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
  :mozilla.30:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\asdlf3vv.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
  :mozilla.32:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\asdlf3vv.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
  :mozilla.102:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\asdlf3vv.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned with backup (quarantined).
  :mozilla.103:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\asdlf3vv.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned with backup (quarantined).
  :mozilla.172:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\asdlf3vv.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned with backup (quarantined).
  :mozilla.152:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\asdlf3vv.default\cookies.txt -> TrackingCookie.Adjuggler : Cleaned with backup (quarantined).
  :mozilla.155:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\asdlf3vv.default\cookies.txt -> TrackingCookie.Adjuggler : Cleaned with backup (quarantined).
  :mozilla.156:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\asdlf3vv.default\cookies.txt -> TrackingCookie.Adjuggler : Cleaned with backup (quarantined).
  :mozilla.27:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\asdlf3vv.default\cookies.txt -> TrackingCookie.Adtech : Cleaned with backup (quarantined).
  :mozilla.28:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\asdlf3vv.default\cookies.txt -> TrackingCookie.Adtech : Cleaned with backup (quarantined).
  :mozilla.86:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\asdlf3vv.default\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup (quarantined).
  :mozilla.87:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\asdlf3vv.default\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup (quarantined).
  :mozilla.88:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\asdlf3vv.default\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup (quarantined).
  :mozilla.89:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\asdlf3vv.default\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup (quarantined).
  :mozilla.33:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\asdlf3vv.default\cookies.txt -> TrackingCookie.Atdmt : Cleaned with backup (quarantined).
  F:\Backup\Documents and Settings\gebruiker\Cookies\gebruiker@atdmt[2].txt -> TrackingCookie.Atdmt : Cleaned with backup (quarantined).
  :mozilla.145:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\asdlf3vv.default\cookies.txt -> TrackingCookie.Bluestreak : Cleaned with backup (quarantined).
  :mozilla.171:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\asdlf3vv.default\cookies.txt -> TrackingCookie.Burstnet : Cleaned with backup (quarantined).
  :mozilla.75:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\asdlf3vv.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup (quarantined).
  :mozilla.77:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\asdlf3vv.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup (quarantined).
  :mozilla.78:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\asdlf3vv.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup (quarantined).
  :mozilla.79:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\asdlf3vv.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup (quarantined).
  :mozilla.80:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\asdlf3vv.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup (quarantined).
  :mozilla.81:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\asdlf3vv.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup (quarantined).
  :mozilla.82:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\asdlf3vv.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup (quarantined).
  F:\nieuwe backup\20043108_165635_PC1\C\Documents and Settings\PC\Cookies\pc@cz8.clickzs[1].txt.nco/20043108_165635_PC1\C\DOCUME~1\PC\Cookies\PC@CZ8~1.TXT -> TrackingCookie.Clickzs : Error during cleaning.
  :mozilla.43:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\asdlf3vv.default\cookies.txt -> TrackingCookie.Doubleclick : Cleaned with backup (quarantined).
  F:\Backup\Documents and Settings\gebruiker\Cookies\gebruiker@doubleclick[1].txt -> TrackingCookie.Doubleclick : Cleaned with backup (quarantined).
  F:\backup 30-08-2005\20053008_173552_PC\C\Documents and Settings\PC\Cookies\pc@doubleclick[1].txt.nco/20053008_173552_PC\C\DOCUME~1\PC\Cookies\PC@DOU~1.TXT -> TrackingCookie.Doubleclick : Error during cleaning.
  :mozilla.13:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\asdlf3vv.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup (quarantined).
  :mozilla.34:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\asdlf3vv.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup (quarantined).
  :mozilla.35:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\asdlf3vv.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup (quarantined).
  :mozilla.36:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\asdlf3vv.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup (quarantined).
  :mozilla.37:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\asdlf3vv.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup (quarantined).
  :mozilla.38:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\asdlf3vv.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup (quarantined).
  :mozilla.39:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\asdlf3vv.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup (quarantined).
  :mozilla.40:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\asdlf3vv.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup (quarantined).
  :mozilla.90:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\asdlf3vv.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned with backup (quarantined).
  :mozilla.91:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\asdlf3vv.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned with backup (quarantined).
  :mozilla.92:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\asdlf3vv.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned with backup (quarantined).
  :mozilla.93:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\asdlf3vv.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned with backup (quarantined).
  :mozilla.94:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\asdlf3vv.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned with backup (quarantined).
  :mozilla.95:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\asdlf3vv.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned with backup (quarantined).
  :mozilla.26:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\asdlf3vv.default\cookies.txt -> TrackingCookie.Mediaplex : Cleaned with backup (quarantined).
  :mozilla.105:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\asdlf3vv.default\cookies.txt -> TrackingCookie.Onestat : Cleaned with backup (quarantined).
  :mozilla.106:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\asdlf3vv.default\cookies.txt -> TrackingCookie.Onestat : Cleaned with backup (quarantined).
  :mozilla.107:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\asdlf3vv.default\cookies.txt -> TrackingCookie.Onestat : Cleaned with backup (quarantined).
  :mozilla.108:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\asdlf3vv.default\cookies.txt -> TrackingCookie.Onestat : Cleaned with backup (quarantined).
  :mozilla.210:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\asdlf3vv.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned with backup (quarantined).
  :mozilla.211:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\asdlf3vv.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned with backup (quarantined).
  :mozilla.212:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\asdlf3vv.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned with backup (quarantined).
  :mozilla.213:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\asdlf3vv.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned with backup (quarantined).
  :mozilla.214:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\asdlf3vv.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned with backup (quarantined).
  :mozilla.178:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\asdlf3vv.default\cookies.txt -> TrackingCookie.Sitestat : Cleaned with backup (quarantined).
  :mozilla.194:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\asdlf3vv.default\cookies.txt -> TrackingCookie.Sitestat : Cleaned with backup (quarantined).
  :mozilla.12:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\asdlf3vv.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup (quarantined).
  :mozilla.8:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\asdlf3vv.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned with backup (quarantined).
  :mozilla.9:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\asdlf3vv.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned with backup (quarantined).
  :mozilla.151:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\asdlf3vv.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned with backup (quarantined).
  :mozilla.73:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\asdlf3vv.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup (quarantined).
  :mozilla.74:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\asdlf3vv.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup (quarantined).
  F:\backup 30-08-2005\20053008_173552_PC\C\Documents and Settings\PC\Cookies\pc@ad.yieldmanager[2].txt.nco/20053008_173552_PC\C\DOCUME~1\PC\Cookies\PC@ADY~2.TXT -> TrackingCookie.Yieldmanager : Error during cleaning.
  :mozilla.112:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\asdlf3vv.default\cookies.txt -> TrackingCookie.Zedo : Cleaned with backup (quarantined).
  :mozilla.113:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\asdlf3vv.default\cookies.txt -> TrackingCookie.Zedo : Cleaned with backup (quarantined).
  :mozilla.114:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\asdlf3vv.default\cookies.txt -> TrackingCookie.Zedo : Cleaned with backup (quarantined).
  :mozilla.115:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\asdlf3vv.default\cookies.txt -> TrackingCookie.Zedo : Cleaned with backup (quarantined).
  :mozilla.116:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\asdlf3vv.default\cookies.txt -> TrackingCookie.Zedo : Cleaned with backup (quarantined).


  ::Report end

  HJt log

  Logfile of HijackThis v1.99.1
  Scan saved at 14:00:28, on 26/06/2006
  Platform: Windows XP SP2 (WinNT 5.01.2600)
  MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

  Running processes:
  C:\WINDOWS\System32\smss.exe
  C:\WINDOWS\system32\winlogon.exe
  C:\WINDOWS\system32\services.exe
  C:\WINDOWS\system32\lsass.exe
  C:\WINDOWS\system32\Ati2evxx.exe
  C:\WINDOWS\system32\svchost.exe
  C:\WINDOWS\System32\svchost.exe
  C:\WINDOWS\system32\spoolsv.exe
  D:\ewido\ewido anti-spyware 4.0\guard.exe
  c:\program files\mcafee.com\agent\mcdetect.exe
  c:\PROGRA~1\mcafee.com\vso\mcshield.exe
  c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
  C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
  C:\WINDOWS\System32\svchost.exe
  C:\WINDOWS\system32\Ati2evxx.exe
  C:\WINDOWS\Explorer.EXE
  C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
  C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
  C:\Program Files\McAfee.com\VSO\mcvsshld.exe
  C:\PROGRA~1\mcafee.com\agent\mcagent.exe
  C:\PROGRA~1\mcafee.com\vso\mcvsescn.exe
  C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe
  D:\logitech\iTouch\iTouch.exe
  D:\d-link\AirGCFG.exe
  D:\logitech\MouseWare\system\em_exec.exe
  C:\Program Files\McAfee.com\VSO\oasclnt.exe
  C:\Program Files\MSN Messenger\MsnMsgr.Exe
  C:\Program Files\Skype\Phone\Skype.exe
  D:\HP\Digital Imaging\bin\hpohmr08.exe
  D:\HP\Digital Imaging\bin\hpotdd01.exe
  C:\Program Files\VIA\RAID\raid_tool.exe
  E:\games\hl2\Steam.exe
  D:\HP\Digital Imaging\bin\hpoevm08.exe
  D:\HP\Digital Imaging\Bin\hpoSTS08.exe
  c:\progra~1\mcafee.com\vso\mcvsftsn.exe
  D:\counterspy\sunThreatEngine.exe
  C:\WINDOWS\system32\svchost.exe
  C:\Program Files\Mozilla Firefox\firefox.exe
  C:\Program Files\Windows Media Player\wmplayer.exe
  D:\Hijackthis\HijackThis.exe

  R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.be/
  R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://windowsupdate.microsoft.com/
  R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
  O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
  O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - D:\spybot\SPYBOT~1\SDHelper.dll
  O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
  O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:\progra~1\mcafee.com\vso\mcvsshl.dll
  O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
  O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
  O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
  O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
  O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
  O4 - HKLM\..\Run: [VSOCheckTask] "C:\PROGRA~1\McAfee.com\VSO\mcmnhdlr.exe" /checktask
  O4 - HKLM\..\Run: [VirusScan Online] C:\Program Files\McAfee.com\VSO\mcvsshld.exe
  O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe
  O4 - HKLM\..\Run: [MCUpdateExe] c:\PROGRA~1\mcafee.com\agent\mcupdate.exe
  O4 - HKLM\..\Run: [Snelkoppeling naar eigenschappenvenster voor High Definition Audio] HDAudPropShortcut.exe
  O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe
  O4 - HKLM\..\Run: [zBrowser Launcher] D:\logitech\iTouch\iTouch.exe
  O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
  O4 - HKLM\..\Run: [D-Link AirPlus G] D:\d-link\AirGCFG.exe
  O4 - HKLM\..\Run: [OASClnt] C:\Program Files\McAfee.com\VSO\oasclnt.exe
  O4 - HKLM\..\Run: [eTrustPPAP] "C:\Program Files\CA\eTrust Internet Security Suite\eTrust PestPatrol Anti-Spyware\PPActiveDetection.exe"
  O4 - HKLM\..\Run: [SunServer] D:\counterspy\sunserver.exe
  O4 - HKLM\..\Run: [!ewido] "D:\ewido\ewido anti-spyware 4.0\ewido.exe" /minimized
  O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
  O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
  O4 - Global Startup: hp psc 1000 series.lnk = ?
  O4 - Global Startup: hpoddt01.exe.lnk = ?
  O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
  O4 - Global Startup: VIA RAID TOOL.lnk = C:\Program Files\VIA\RAID\raid_tool.exe
  O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
  O8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html
  O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
  O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
  O8 - Extra context menu item: E&xport to Microsoft Excel - res://E:\DOWNLO~1\OFFICE12\EXCEL.EXE/3000
  O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
  O8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar2.dll/cmtrans.html
  O9 - Extra button: (no name) - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - (no file)
  O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) - http://download.mcafee.com/molbin/shared/mcinsctl/nl/4,0,0,90/mcinsctl.cab
  O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
  O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} (DwnldGroupMgr Class) - http://download.mcafee.com/molbin/shared/mcgdmgr/nl/1,0,0,23/mcgdmgr.cab
  O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
  O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
  O20 - Winlogon Notify: WRNotifier - C:\WINDOWS\SYSTEM32\WRLogonNTF.dll
  O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
  O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
  O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - D:\ewido\ewido anti-spyware 4.0\guard.exe
  O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
  O23 - Service: McAfee WSC Integration (McDetect.exe) - McAfee, Inc - c:\program files\mcafee.com\agent\mcdetect.exe
  O23 - Service: McAfee.com McShield (McShield) - McAfee Inc. - c:\PROGRA~1\mcafee.com\vso\mcshield.exe
  O23 - Service: McAfee Task Scheduler (McTskshd.exe) - McAfee, Inc - c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
  O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe
  O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
  O23 - Service: Webroot Spy Sweeper Engine (svcWRSSSDK) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe
 • wil je nogmaals Ewido laten scannen en laat nu verwijderen wat het vind.

  Plaats daarna aub een nieuw logje van HJT aub.

Beantwoord deze vraag

Dit is een gearchiveerde pagina. Antwoorden is niet meer mogelijk.