De eerste regels van de scan laten al een dubieuze .dll zien.

Ik weet niet wat SpyFighter is, maar het staat wel in je startup.

Doe eens Spybot downloaden, die kan ook een hoop rommel weghalen.

En anders moet je eens denken aan een verse Windows installatie, dat
werkt vaak toch nog het beste.

-R.

Beste Gert,

Om geen vergissingen te maken lijkt het mij beter om eerst
Microsoft Anti-Spyware te laten lopen. Te downloaden op

http://www.microsoft.com/downloads/details.aspx?FamilyId=321CD7A2-6A57-4C57-A8BD-DBF62EDA9671&displaylang=en

Deze is volledig gratis, en werkt ook preventief.

Als daarmee het probleem nog niet opgelost is kan je de
spywarescanner van webroot nog eens proberen (14 dagen
proefversie)

http://www.webroot.com/consumer/downloads/

Als er daarna nog problemen zijn, dan kan je de logs nog
eens posten, maar deze zijn nog echt veel te lang.

Groetjes,

Stefan

Mocht dat niet helpen, dan moet je je pc opnieuw installeren en dan niet
meer op websites komen die voor mensen boven de 18 zijn.

haque.dll
iemand iets gevonden?
lijkt mij :(

Welke spyware is precies gevonden? Op internet heb je ook
verwijderingtools voor spyware, zoals Gain/Gator.

Verder heb ik gemerkt dat SpyFighter op de zwarte lijst staat. Het programma veroorzaakt valse positieve meldingen en probeert daardoor de gebruiker aan te zetten tot aankoop van SpyFighter. Bovendien veroorzaakt het Ads. Misschien is dat de oorzaak van het probleem?

Je vindt de lijst van foute antispywareprogramma's hieronder:

http://www.antispywareoffensief.nl/forum/showthread.php?t=60

Onderzoek naar deze "software" vind je hieronder met een complete lijst:

http://www.spywarewarrior.com/rogue_anti-spyware.htm


Ik raad je daarom aan om SpyFighter te de-installeren en Microsoft Anti Spyware Beta te gebruiken.

Ik zie genoeg "troep" in de logs staan. Eigenlijk zie ik door de bomen het bos niet meer... Wellicht is het verstandig als je eerst de volgende programma's download, update en start..

SpyBot S&D
Ad-Aware
Microsoft Anti-spyware

Het beste is om windows te starten in "Veilige modus" (Safe Mode) en dan te scannen.. Mocht er dan nog wat achterblijven kun je altijd nog HijackThis en/of ewido gebruiken..

Spyfighter is een SmitFraud-variant.
Dit is een groep zeer agressieve en moeilijk te verwijderen
nep-spywarescanners.

Download de SmitFraud-remover van noahdfear:
http://noahdfear.geekstogo.com/click%20counter/click.php?id=1
Pak het bestand uit in een eigen map (bv. C:SmitRem)

Download de trial-versie van Ewido Security Suite:
http://www.ewido.net/en/download/
Installeer het, open het en doe een update. Nog NIET scannen!

Start je computer in Veilige Modus.

Ga naar de SmitRem-folder en dubbelklik RunThis.bat om de
nepscanner te verwijderen.

Maakt nu de tempmap van Windows leeg en ook de map met
Tijdelijke Internetbestanden.

Doe een volledige systeemscan met Ewido en bewaar het logje

Herstart de computer in normale modus

Klik op Configuratiescherm > Beeldscherm > Bureaublad >
Bureaublad aanpassen > Website. Haal daar, indien aanwezig,
het vinkje weg voor "Security Info".

Plaats een nieuw HijackThis-logje samen met het logje van de
Ewido en de inhoud van C:smitfiles.txt en vertel er gelijk
bij hoe het nu met de problemen is gesteld.


Jahewi :-)

Allereerst bedankt voor dd reactie (s):

Hierbij als eerste mijn hijackthisrapport:

Logfile of HijackThis v1.99.1
Scan saved at 16:49:05, on 21-12-2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSsystem32spoolsv.exe
C:WINDOWSExplorer.EXE
C:WINDOWSAnvshell.exe
C:Program FilesCreativeShareDLLCtNotify.exe
C:Program FilesCreativeAudioPROGRAMCTMIX32.EXE
C:WINDOWSsystem32dlatfswctrl.exe
C:Program FilesCommon FilesSymantec SharedccEvtMgr.exe
C:Program FilesMUSICMATCHMUSICMATCH Jukeboxmm_tray.exe
C:Program FilesLogitechiTouchiTouch.exe
C:Program FilesCreativeShareDLLMediaDet.Exe
C:PROGRA~1LogitechMOUSEW~1SYSTEMEM_EXEC.EXE
C:Program FilesCommon FilesSymantec SharedccApp.exe
C:Program FilesCommon FilesLogitechQCDriver3LVCOMS.EXE
C:WINDOWSSystem32CTSvcCDA.exe
C:Program FilesQuickTimeqttask.exe
C:Program Filesewidosecurity suiteewidoctrl.exe
C:Program FilesCommon FilesRealUpdate_OBrealsched.exe
C:Program FilesMUSICMATCHMUSICMATCH Jukeboxmmtask.exe
C:Program Filesewidosecurity suiteewidoguard.exe
C:WINDOWSsystem32ctfmon.exe
C:WINDOWSsystem32RUNDLL32.EXE
C:Program FilesMessengermsmsgs.exe
C:Program FilesWebrootSpy SweeperSpySweeper.exe
C:Program FilesPinnacleShared
FilesProgramsSchedulerPCLEScheduler.exe
C:WINDOWStwain_32trust19200SCANER32.EXE
F:Norton AntiVirusnavapsvc.exe
F:Norton AntiVirusAdvToolsNPROTECT.EXE
C:WINDOWSSystem32nvsvc32.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSsystem32wscntfy.exe
C:WINDOWSSystem32svchost.exe
C:Program FilesSymantecLiveUpdateALUNOTIFY.EXE
C:WINDOWSsystem32wuauclt.exe
C:Program FilesInternet Exploreriexplore.exe
C:Program FileshighjacthisHijackThis.exe

R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page =
http://www.google.nl
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL =
about:blank
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Search Bar =
res://C:WINDOWSsystem32haqye.dll/sp.html#88449
R0 - HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page =
http://www.google.nl
R1 - HKCUSoftwareMicrosoftInternet ExplorerSearch,SearchAssistant =
res://C:WINDOWSsystem32haqye.dll/sp.html#88449
R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Startpagina =
file:///C:/Program%20Files/eMakeSV/Portal/portal.html
R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Local Page =
about:blank
R0 - HKLMSoftwareMicrosoftInternet ExplorerMain,Local Page =
about:blank
R1 - HKCUSoftwareMicrosoftWindowsCurrentVersionInternet
Settings,ProxyOverride = localhost
R0 - HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName
= Koppelingen
R3 - Default URLSearchHook is missing
O2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-
7695ECA05670} - C:Program FilesYahoo!
CompanionInstallscpnycomp5_5_7_0.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-
784B7D6BE0B3} - C:Program FilesAdobeAcrobat 5.0
ReaderActiveXAcroIEHelper.ocx
O2 - BHO: Class - {2AD24B66-877B-347B-4D3D-73A13C8BB2CB} - (no
file)
O2 - BHO: Class - {4D253403-A759-B41F-BFC5-5B569B8A80CA} - (no file)
O2 - BHO: REALBAR - {4E7BD74F-2B8D-469E-C0FF-FD60B590A87D} -
C:PROGRA~1COMMON~1RealToolbarrealbar.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-
001234567890} - C:WINDOWSsystem32dlatfswshx.dll
O2 - BHO: Class - {6AB2BF83-0631-B0B9-D124-C5122F05AC99} - (no file)
O2 - BHO: Class - {79288474-D0EF-F0FD-7337-BEF0B339B85C} - (no file)
O2 - BHO: Class - {797F33D0-1204-41CA-1A3E-630AC5EC5FB7} - (no file)
O2 - BHO: Class - {7FCAB6C6-3F6D-FD6C-EC10-B2B511B05C73} - (no
file)
O2 - BHO: Class - {820EE400-4068-7AC4-7934-F519A5AC7D69} - (no file)
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} -
C:Program FilesMSN AppsST1.03.0000.1005en-xustmain.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-
64B5B4FF55D0} - C:Program FilesMSN AppsMSN
Toolbar1.02.4000.1001nlmsntb.dll
O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-
FADC6B084872} - F:Norton AntiVirusNavShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-
7859DF00B1D6} - F:Norton AntiVirusNavShExt.dll
O3 - Toolbar: REALBAR - {4E7BD74F-2B8D-469E-C0FF-FD60B590A87D} -
C:PROGRA~1COMMON~1RealToolbarrealbar.dll
O3 - Toolbar: WebFerret - {A58686ED-FC46-44C3-95C6-4A812AB776F1} -
C:Program FilesFerretSoftWebFerretFerretBand.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} -
C:Program FilesMSN AppsMSN Toolbar1.02.4000.1001nlmsntb.dll
O3 - Toolbar: Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-
0090271D4F88} - C:Program FilesYahoo!
CompanionInstallscpnycomp5_5_7_0.dll
O4 - HKLM..Run: [Anvshell] C:WINDOWSAnvshell.exe
O4 - HKLM..Run: [NvCplDaemon] RUNDLL32.EXE
C:WINDOWSSystem32NvCpl.dll,NvStartup
O4 - HKLM..Run: [nwiz] nwiz.exe /install
O4 - HKLM..Run: [Disc Detector] C:Program
FilesCreativeShareDLLCtNotify.exe
O4 - HKLM..Run: [CreativeMixer] C:Program
FilesCreativeAudioPROGRAMCTMIX32.EXE /t
O4 - HKLM..Run: [StorageGuard] "C:Program FilesVERITAS
SoftwareUpdate Managersgtray.exe" /r
O4 - HKLM..Run: [dla] C:WINDOWSsystem32dlatfswctrl.exe
O4 - HKLM..Run: [MMTray] C:Program FilesMUSICMATCHMUSICMATCH
Jukeboxmm_tray.exe
O4 - HKLM..Run: [zBrowser Launcher] C:Program
FilesLogitechiTouchiTouch.exe
O4 - HKLM..Run: [EM_EXEC] C:PROGRA~1LogitechMOUSEW~1
SYSTEMEM_EXEC.EXE
O4 - HKLM..Run: [ccApp] "C:Program FilesCommon FilesSymantec
SharedccApp.exe"
O4 - HKLM..Run: [ccRegVfy] "C:Program FilesCommon FilesSymantec
SharedccRegVfy.exe"
O4 - HKLM..Run: [Advanced Tools Check] F:NORTON~1
AdvToolsADVCHK.EXE
O4 - HKLM..Run: [LVCOMS] C:Program FilesCommon
FilesLogitechQCDriver3LVCOMS.EXE
O4 - HKLM..Run: [LogitechGalleryRepair] C:Program
FilesLogitechImageStudioISStart.exe
O4 - HKLM..Run: [LogitechImageStudioTray] C:Program
FilesLogitechImageStudioLogiTray.exe
O4 - HKLM..Run: [QuickTime Task] "C:Program
FilesQuickTimeqttask.exe" -atboottime
O4 - HKLM..Run: [PCLEPCI] C:PROGRA~1PinnaclePPEppe.exe
O4 - HKLM..Run: [TkBellExe] "C:Program FilesCommon
FilesRealUpdate_OBrealsched.exe" -osboot
O4 - HKLM..Run: [mmtask] C:Program
FilesMUSICMATCHMUSICMATCH Jukeboxmmtask.exe
O4 - HKLM..Run: [PinnacleDriverCheck] C:WINDOWSsystem32
PSDrvCheck.exe -CheckReg
O4 - HKLM..Run: [SpyFighterMonitor] "C:Program
FilesSpyFighterSpyFighter.exe" monitor
O4 - HKLM..Run: [SpyFighterUpdate] "C:Program
FilesSpyFighterAutoUpdate.exe" silent
O4 - HKCU..Run: [CTFMON.EXE] C:WINDOWSsystem32ctfmon.exe
O4 - HKCU..Run: [NvMediaCenter] RUNDLL32.EXE
C:WINDOWSSystem32NVMCTRAY.DLL,NvTaskbarInit
O4 - HKCU..Run: [MSMSGS] "C:Program
FilesMessengermsmsgs.exe" /background
O4 - HKCU..Run: [LDM] C:Program FilesLogitechDesktop
Messenger8876480ProgramLogitechDesktopMessenger.exe
O4 - HKCU..Run: [SpySweeper] C:Program FilesWebrootSpy
SweeperSpySweeper.exe /0
O4 - Startup: Trust Scanner Utilities.lnk = C:WINDOWStwain_32
trust19200SCANER32.EXE
O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:Program
FilesCommon FilesAdobeCalibrationAdobe Gamma Loader.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:Program
FilesLogitechDesktop Messenger8876480ProgramLDMConf.exe
O4 - Global Startup: Pinnacle Scheduler.lnk = C:Program
FilesPinnacleShared FilesProgramsSchedulerPCLEScheduler.exe
O8 - Extra context menu item: E&xporteren naar Microsoft Excel -
res://F:MICROS~1Office10EXCEL.EXE/3000
O8 - Extra context menu item: Ontvang alle bestanden door Net Transport -
C:Program FilesXiNetTransport 2NTAddList.html
O8 - Extra context menu item: Ontvangst door Net Transport - C:Program
FilesXiNetTransport 2NTAddLink.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-
00401C608501} - C:Program FilesJavaj2re1.4.2binnpjpi142.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-
AAA5-00401C608501} - C:Program FilesJavaj2re1.4.2binnpjpi142.dll
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-
00C0F0318AFE} - (no file)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-
00C04F795683} - C:Program FilesMessengermsmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-
BB9E-00C04F795683} - C:Program FilesMessengermsmsgs.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows
Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?
linkid=39204
O16 - DPF: {2E28242B-A689-11D4-80F2-0040266CBB8D} (KX-HCM10
Control) - http://220.111.243.145:6505/kxhcm10.ocx
O16 - DPF: {F7DC2A2E-FC34-11D3-B1D9-00A0C99B41BB} (Zoom
Class) - http://www.zoomify.com/download/zoomify305.cab
O18 - Protocol: bw+0 - {DD8FCEB2-FFCB-45CB-A7DC-CB548527E645} -
C:Program FilesLogitechDesktop Messenger8876480
ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {DD8FCEB2-FFCB-45CB-A7DC-CB548527E645} -
C:Program FilesLogitechDesktop Messenger8876480
ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {DD8FCEB2-FFCB-45CB-A7DC-CB548527E645} -
C:Program FilesLogitechDesktop Messenger8876480
ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {DD8FCEB2-FFCB-45CB-A7DC-CB548527E645} -
C:Program FilesLogitechDesktop Messenger8876480
ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {DD8FCEB2-FFCB-45CB-A7DC-CB548527E645} -
C:Program FilesLogitechDesktop Messenger8876480
ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {DD8FCEB2-FFCB-45CB-A7DC-CB548527E645} -
C:Program FilesLogitechDesktop Messenger8876480
ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {DD8FCEB2-FFCB-45CB-A7DC-CB548527E645} -
C:Program FilesLogitechDesktop Messenger8876480
ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {DD8FCEB2-FFCB-45CB-A7DC-CB548527E645} -
C:Program FilesLogitechDesktop Messenger8876480
ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {DD8FCEB2-FFCB-45CB-A7DC-CB548527E645} -
C:Program FilesLogitechDesktop Messenger8876480
ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {DD8FCEB2-FFCB-45CB-A7DC-CB548527E645} -
C:Program FilesLogitechDesktop Messenger8876480
ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {DD8FCEB2-FFCB-45CB-A7DC-CB548527E645} -
C:Program FilesLogitechDesktop Messenger8876480
ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {DD8FCEB2-FFCB-45CB-A7DC-CB548527E645} -
C:Program FilesLogitechDesktop Messenger8876480
ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {DD8FCEB2-FFCB-45CB-A7DC-CB548527E645} -
C:Program FilesLogitechDesktop Messenger8876480
ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {DD8FCEB2-FFCB-45CB-A7DC-CB548527E645} -
C:Program FilesLogitechDesktop Messenger8876480
ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {DD8FCEB2-FFCB-45CB-A7DC-CB548527E645} -
C:Program FilesLogitechDesktop Messenger8876480
ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {DD8FCEB2-FFCB-45CB-A7DC-CB548527E645} -
C:Program FilesLogitechDesktop Messenger8876480
ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {DD8FCEB2-FFCB-45CB-A7DC-CB548527E645} -
C:Program FilesLogitechDesktop Messenger8876480
ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {DD8FCEB2-FFCB-45CB-A7DC-CB548527E645} -
C:Program FilesLogitechDesktop Messenger8876480
ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {DD8FCEB2-FFCB-45CB-A7DC-CB548527E645} -
C:Program FilesLogitechDesktop Messenger8876480
ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {DD8FCEB2-FFCB-45CB-A7DC-CB548527E645} -
C:Program FilesLogitechDesktop Messenger8876480
ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {DD8FCEB2-FFCB-45CB-A7DC-CB548527E645} -
C:Program FilesLogitechDesktop Messenger8876480
ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {DD8FCEB2-FFCB-45CB-A7DC-CB548527E645} -
C:Program FilesLogitechDesktop Messenger8876480
ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {DD8FCEB2-FFCB-45CB-A7DC-CB548527E645} -
C:Program FilesLogitechDesktop Messenger8876480
ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {DD8FCEB2-FFCB-45CB-A7DC-CB548527E645} -
C:Program FilesLogitechDesktop Messenger8876480
ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {DD8FCEB2-FFCB-45CB-A7DC-CB548527E645} -
C:Program FilesLogitechDesktop Messenger8876480
ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {DD8FCEB2-FFCB-45CB-A7DC-CB548527E645} -
C:Program FilesLogitechDesktop Messenger8876480
ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {DD8FCEB2-FFCB-45CB-A7DC-CB548527E645} -
C:Program FilesLogitechDesktop Messenger8876480
ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {DD8FCEB2-FFCB-45CB-A7DC-CB548527E645} -
C:Program FilesLogitechDesktop Messenger8876480
ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {DD8FCEB2-FFCB-45CB-A7DC-CB548527E645} -
C:Program FilesLogitechDesktop Messenger8876480
ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {DD8FCEB2-FFCB-45CB-A7DC-CB548527E645} -
C:Program FilesLogitechDesktop Messenger8876480
ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {DD8FCEB2-FFCB-45CB-A7DC-CB548527E645} -
C:Program FilesLogitechDesktop Messenger8876480
ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {DD8FCEB2-FFCB-45CB-A7DC-CB548527E645} -
C:Program FilesLogitechDesktop Messenger8876480
ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {DD8FCEB2-FFCB-45CB-A7DC-CB548527E645} -
C:Program FilesLogitechDesktop Messenger8876480
ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {DD8FCEB2-FFCB-45CB-A7DC-CB548527E645} -
C:Program FilesLogitechDesktop Messenger8876480
ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {DD8FCEB2-FFCB-45CB-A7DC-CB548527E645} -
C:Program FilesLogitechDesktop Messenger8876480
ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {DD8FCEB2-FFCB-45CB-A7DC-CB548527E645} -
C:Program FilesLogitechDesktop Messenger8876480
ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-
C34B9B80B32B} - C:Program FilesLogitechDesktop
Messenger8876480ProgramGAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {DD8FCEB2-FFCB-45CB-A7DC-CB548527E645} -
C:Program FilesLogitechDesktop Messenger8876480
ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {DD8FCEB2-FFCB-45CB-A7DC-CB548527E645} -
C:Program FilesLogitechDesktop Messenger8876480
ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {DD8FCEB2-FFCB-45CB-A7DC-CB548527E645} -
C:Program FilesLogitechDesktop Messenger8876480
ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {DD8FCEB2-FFCB-45CB-A7DC-CB548527E645} -
C:Program FilesLogitechDesktop Messenger8876480
ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {DD8FCEB2-FFCB-45CB-A7DC-CB548527E645} -
C:Program FilesLogitechDesktop Messenger8876480
ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {DD8FCEB2-FFCB-45CB-A7DC-CB548527E645} -
C:Program FilesLogitechDesktop Messenger8876480
ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {DD8FCEB2-FFCB-45CB-A7DC-CB548527E645} -
C:Program FilesLogitechDesktop Messenger8876480
ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {DD8FCEB2-FFCB-45CB-A7DC-CB548527E645} -
C:Program FilesLogitechDesktop Messenger8876480
ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {DD8FCEB2-FFCB-45CB-A7DC-CB548527E645} -
C:Program FilesLogitechDesktop Messenger8876480
ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {DD8FCEB2-FFCB-45CB-A7DC-CB548527E645} -
C:Program FilesLogitechDesktop Messenger8876480
ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {DD8FCEB2-FFCB-45CB-A7DC-CB548527E645} -
C:Program FilesLogitechDesktop Messenger8876480
ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {DD8FCEB2-FFCB-45CB-A7DC-CB548527E645} -
C:Program FilesLogitechDesktop Messenger8876480
ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {DD8FCEB2-FFCB-45CB-A7DC-CB548527E645} -
C:Program FilesLogitechDesktop Messenger8876480
ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {DD8FCEB2-FFCB-45CB-A7DC-
CB548527E645} - C:Program FilesLogitechDesktop Messenger8876480
ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {DD8FCEB2-FFCB-45CB-A7DC-CB548527E645} -
C:Program FilesLogitechDesktop Messenger8876480
ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {DD8FCEB2-FFCB-45CB-A7DC-CB548527E645} -
C:Program FilesLogitechDesktop Messenger8876480
ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {DD8FCEB2-FFCB-45CB-A7DC-CB548527E645} -
C:Program FilesLogitechDesktop Messenger8876480
ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {DD8FCEB2-FFCB-45CB-A7DC-CB548527E645} -
C:Program FilesLogitechDesktop Messenger8876480
ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {DD8FCEB2-FFCB-45CB-A7DC-CB548527E645} -
C:Program FilesLogitechDesktop Messenger8876480
ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {DD8FCEB2-FFCB-45CB-A7DC-CB548527E645} -
C:Program FilesLogitechDesktop Messenger8876480
ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {DD8FCEB2-FFCB-45CB-A7DC-CB548527E645} -
C:Program FilesLogitechDesktop Messenger8876480
ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {DD8FCEB2-FFCB-45CB-A7DC-CB548527E645} -
C:Program FilesLogitechDesktop Messenger8876480
ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {DD8FCEB2-FFCB-45CB-A7DC-CB548527E645} -
C:Program FilesLogitechDesktop Messenger8876480
ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {DD8FCEB2-FFCB-45CB-A7DC-CB548527E645} -
C:Program FilesLogitechDesktop Messenger8876480
ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {DD8FCEB2-FFCB-45CB-A7DC-CB548527E645} -
C:Program FilesLogitechDesktop Messenger8876480
ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {DD8FCEB2-FFCB-45CB-A7DC-CB548527E645} -
C:Program FilesLogitechDesktop Messenger8876480
ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {DD8FCEB2-FFCB-45CB-A7DC-CB548527E645} -
C:Program FilesLogitechDesktop Messenger8876480
ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {DD8FCEB2-FFCB-45CB-A7DC-CB548527E645} -
C:Program FilesLogitechDesktop Messenger8876480
ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {DD8FCEB2-FFCB-45CB-A7DC-CB548527E645} -
C:Program FilesLogitechDesktop Messenger8876480
ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {DD8FCEB2-FFCB-45CB-A7DC-CB548527E645} -
C:Program FilesLogitechDesktop Messenger8876480
ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {DD8FCEB2-FFCB-45CB-A7DC-CB548527E645} -
C:Program FilesLogitechDesktop Messenger8876480
ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {DD8FCEB2-FFCB-45CB-A7DC-CB548527E645} -
C:Program FilesLogitechDesktop Messenger8876480
ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {DD8FCEB2-FFCB-45CB-A7DC-CB548527E645} -
C:Program FilesLogitechDesktop Messenger8876480
ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {DD8FCEB2-FFCB-45CB-A7DC-CB548527E645} -
C:Program FilesLogitechDesktop Messenger8876480
ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {DD8FCEB2-FFCB-45CB-A7DC-CB548527E645} -
C:Program FilesLogitechDesktop Messenger8876480
ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {DD8FCEB2-FFCB-45CB-A7DC-CB548527E645} -
C:Program FilesLogitechDesktop Messenger8876480
ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {DD8FCEB2-FFCB-45CB-A7DC-CB548527E645} -
C:Program FilesLogitechDesktop Messenger8876480
ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {DD8FCEB2-FFCB-45CB-A7DC-CB548527E645} -
C:Program FilesLogitechDesktop Messenger8876480
ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {DD8FCEB2-FFCB-45CB-A7DC-CB548527E645} -
C:Program FilesLogitechDesktop Messenger8876480
ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {DD8FCEB2-FFCB-45CB-A7DC-CB548527E645} -
C:Program FilesLogitechDesktop Messenger8876480
ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {DD8FCEB2-FFCB-45CB-A7DC-
CB548527E645} - C:Program FilesLogitechDesktop Messenger8876480
ProgramBWPlugProtocol-8876480.dll
O23 - Service: Remote Procedure Call (RPC) Helper ( 11Fßä#·ºÄÖ`I) -
Unknown owner - C:WINDOWSappve.exe (file missing)
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec
Corporation - C:Program FilesCommon FilesSymantec
SharedccEvtMgr.exe
O23 - Service: Symantec Password Validation Service (ccPwdSvc) -
Symantec Corporation - C:Program FilesCommon FilesSymantec
SharedccPwdSvc.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology
Ltd - C:WINDOWSSystem32CTSvcCDA.exe
O23 - Service: ewido security suite control - ewido networks - C:Program
Filesewidosecurity suiteewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - C:Program
Filesewidosecurity suiteewidoguard.exe
O23 - Service: LicCtrl Service (LicCtrlService) - Unknown owner -
C:WINDOWSrunservice.exe
O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec
Corporation - F:Norton AntiVirusnavapsvc.exe
O23 - Service: Norton Unerase Protection (NProtectService) - Symantec
Corporation - F:Norton AntiVirusAdvToolsNPROTECT.EXE
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation -
C:WINDOWSSystem32nvsvc32.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation -
C:PROGRA~1COMMON~1SYMANT~1SCRIPT~1SBServ.exe
O23 - Service: TuneUp WinStyler Theme Service (TUWinStylerThemeSvc) -
TuneUp Software GmbH - C:Program FilesTuneUp Utilities 2004
WinStylerThemeSvc.exe


Hierbij Ewido logje:
---------------------------------------------------------
ewido anti-malware - Scan rapport
---------------------------------------------------------

+ Gemaakt op: 15:11:37, 21-12-2005
+ Rapport samenvatting: 77355727

+ Scan resultaten:

C:Documents and SettingsMarja DiksCookiesmarja
[email]diks@ads.poin[/email]troll[2].txt -> Spyware.Cookie.Pointroll : Schoongemaakt
zonder backup
C:Documents and SettingsMarja DiksCookiesmarja
[email]diks@as1.falk[/email]ag[2].txt -> Spyware.Cookie.Falkag : Schoongemaakt zonder
backup
C:Documents and SettingsMarja DiksCookiesmarja
diks@atdmt[1].txt -> Spyware.Cookie.Atdmt : Schoongemaakt zonder
backup
C:Documents and SettingsMarja DiksCookiesmarja
diks@doubleclick[1].txt -> Spyware.Cookie.Doubleclick : Schoongemaakt
zonder backup
C:RECYCLERNPROTECT0119917.TXT ->
Spyware.Cookie.Falkag : Schoongemaakt zonder backup
C:RECYCLERNPROTECT0119918.TXT ->
Spyware.Cookie.Falkag : Schoongemaakt zonder backup
C:RECYCLERNPROTECT0119919.TXT ->
Spyware.Cookie.Falkag : Schoongemaakt zonder backup
C:RECYCLERNPROTECT0119922.TXT ->
Spyware.Cookie.Doubleclick : Schoongemaakt zonder backup
C:RECYCLERNPROTECT0119923.TXT ->
Spyware.Cookie.Doubleclick : Schoongemaakt zonder backup
C:RECYCLERNPROTECT0119942.TXT ->
Spyware.Cookie.Pointroll : Schoongemaakt zonder backup
C:RECYCLERNPROTECT0119943.TXT ->
Spyware.Cookie.Pointroll : Schoongemaakt zonder backup
C:RECYCLERNPROTECT0119944.TXT ->
Spyware.Cookie.Pointroll : Schoongemaakt zonder backup
C:WINDOWSsystem32javaxt.dll -> Downloader.Agent.bc :
Schoongemaakt zonder backup


::Einde rapport

Hierbij inhoud C:/smitfiles.txt


smitRem © log file
version 2.8

by noahdfear


Microsoft Windows XP [versie 5.1.2600]

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

checking for ShudderLTD key

ShudderLTD key not present!

checking for PSGuard.com key


PSGuard.com key not present!

spyaxe uninstaller NOT present
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Existing Pre-run Files


~~~ Program Files ~~~


~~~ Shortcuts ~~~

Install.dat


~~~ Favorites ~~~


~~~ system32 folder ~~~

oleext.dll
logfiles


~~~ Icons in System32 ~~~


~~~ Windows directory ~~~


~~~ Drive root ~~~


~~~ Miscellaneous Files/folders ~~~


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


Command Line Process Viewer/Killer/Suspender for Windows
NT/2000/XP V2.03
Copyright(C) 2002-2003 [email]Craig.Peacock@beyondlogic.org[/email]
Killing PID 724 'explorer.exe'

Starting registry repairs

Deleting files


Remaining Post-run Files


~~~ Program Files ~~~


~~~ Shortcuts ~~~


~~~ Favorites ~~~


~~~ system32 folder ~~~


~~~ Icons in System32 ~~~


~~~ Windows directory ~~~


~~~ Drive root ~~~


~~~ Miscellaneous Files/folders ~~~


~~~ Wininet.dll ~~~

CLEAN! :)


Nadat ik smitrem run this bat had gedaan trof ewido nog maar een stuk of
15 spyware dingetjes aan..(de dagen hiervoor elke keer tussen 100 en
300)..

bureaublad kan ik nu ook weer aanpassen.
Heb ook nog in veilige modus na ewido adaware gedaan en die trof nog 1
spyware dingetje aan.

Hopelijk kun jij wat met de logs hierboven.

Gert

Jahewi,

ik heb alles gedaan wat jij hebt aanbevolen.
Hieronder de logs:

Hijackthislog:

Logfile of HijackThis v1.99.1
Scan saved at 16:49:05, on 21-12-2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSsystem32spoolsv.exe
C:WINDOWSExplorer.EXE
C:WINDOWSAnvshell.exe
C:Program FilesCreativeShareDLLCtNotify.exe
C:Program FilesCreativeAudioPROGRAMCTMIX32.EXE
C:WINDOWSsystem32dlatfswctrl.exe
C:Program FilesCommon FilesSymantec SharedccEvtMgr.exe
C:Program FilesMUSICMATCHMUSICMATCH Jukeboxmm_tray.exe
C:Program FilesLogitechiTouchiTouch.exe
C:Program FilesCreativeShareDLLMediaDet.Exe
C:PROGRA~1LogitechMOUSEW~1SYSTEMEM_EXEC.EXE
C:Program FilesCommon FilesSymantec SharedccApp.exe
C:Program FilesCommon FilesLogitechQCDriver3LVCOMS.EXE
C:WINDOWSSystem32CTSvcCDA.exe
C:Program FilesQuickTimeqttask.exe
C:Program Filesewidosecurity suiteewidoctrl.exe
C:Program FilesCommon FilesRealUpdate_OBrealsched.exe
C:Program FilesMUSICMATCHMUSICMATCH Jukeboxmmtask.exe
C:Program Filesewidosecurity suiteewidoguard.exe
C:WINDOWSsystem32ctfmon.exe
C:WINDOWSsystem32RUNDLL32.EXE
C:Program FilesMessengermsmsgs.exe
C:Program FilesWebrootSpy SweeperSpySweeper.exe
C:Program FilesPinnacleShared
FilesProgramsSchedulerPCLEScheduler.exe
C:WINDOWStwain_32trust19200SCANER32.EXE
F:Norton AntiVirusnavapsvc.exe
F:Norton AntiVirusAdvToolsNPROTECT.EXE
C:WINDOWSSystem32nvsvc32.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSsystem32wscntfy.exe
C:WINDOWSSystem32svchost.exe
C:Program FilesSymantecLiveUpdateALUNOTIFY.EXE
C:WINDOWSsystem32wuauclt.exe
C:Program FilesInternet Exploreriexplore.exe
C:Program FileshighjacthisHijackThis.exe

R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page =
http://www.google.nl
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL =
about:blank
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Search Bar =
res://C:WINDOWSsystem32haqye.dll/sp.html#88449
R0 - HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page =
http://www.google.nl
R1 - HKCUSoftwareMicrosoftInternet ExplorerSearch,SearchAssistant =
res://C:WINDOWSsystem32haqye.dll/sp.html#88449
R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Startpagina =
file:///C:/Program%20Files/eMakeSV/Portal/portal.html
R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Local Page =
about:blank
R0 - HKLMSoftwareMicrosoftInternet ExplorerMain,Local Page =
about:blank
R1 - HKCUSoftwareMicrosoftWindowsCurrentVersionInternet
Settings,ProxyOverride = localhost
R0 - HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName
= Koppelingen
R3 - Default URLSearchHook is missing
O2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-
7695ECA05670} - C:Program FilesYahoo!
CompanionInstallscpnycomp5_5_7_0.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-
784B7D6BE0B3} - C:Program FilesAdobeAcrobat 5.0
ReaderActiveXAcroIEHelper.ocx
O2 - BHO: Class - {2AD24B66-877B-347B-4D3D-73A13C8BB2CB} - (no
file)
O2 - BHO: Class - {4D253403-A759-B41F-BFC5-5B569B8A80CA} - (no file)
O2 - BHO: REALBAR - {4E7BD74F-2B8D-469E-C0FF-FD60B590A87D} -
C:PROGRA~1COMMON~1RealToolbarrealbar.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-
001234567890} - C:WINDOWSsystem32dlatfswshx.dll
O2 - BHO: Class - {6AB2BF83-0631-B0B9-D124-C5122F05AC99} - (no file)
O2 - BHO: Class - {79288474-D0EF-F0FD-7337-BEF0B339B85C} - (no file)
O2 - BHO: Class - {797F33D0-1204-41CA-1A3E-630AC5EC5FB7} - (no file)
O2 - BHO: Class - {7FCAB6C6-3F6D-FD6C-EC10-B2B511B05C73} - (no
file)
O2 - BHO: Class - {820EE400-4068-7AC4-7934-F519A5AC7D69} - (no file)
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} -
C:Program FilesMSN AppsST1.03.0000.1005en-xustmain.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-
64B5B4FF55D0} - C:Program FilesMSN AppsMSN
Toolbar1.02.4000.1001nlmsntb.dll
O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-
FADC6B084872} - F:Norton AntiVirusNavShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-
7859DF00B1D6} - F:Norton AntiVirusNavShExt.dll
O3 - Toolbar: REALBAR - {4E7BD74F-2B8D-469E-C0FF-FD60B590A87D} -
C:PROGRA~1COMMON~1RealToolbarrealbar.dll
O3 - Toolbar: WebFerret - {A58686ED-FC46-44C3-95C6-4A812AB776F1} -
C:Program FilesFerretSoftWebFerretFerretBand.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} -
C:Program FilesMSN AppsMSN Toolbar1.02.4000.1001nlmsntb.dll
O3 - Toolbar: Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-
0090271D4F88} - C:Program FilesYahoo!
CompanionInstallscpnycomp5_5_7_0.dll
O4 - HKLM..Run: [Anvshell] C:WINDOWSAnvshell.exe
O4 - HKLM..Run: [NvCplDaemon] RUNDLL32.EXE
C:WINDOWSSystem32NvCpl.dll,NvStartup
O4 - HKLM..Run: [nwiz] nwiz.exe /install
O4 - HKLM..Run: [Disc Detector] C:Program
FilesCreativeShareDLLCtNotify.exe
O4 - HKLM..Run: [CreativeMixer] C:Program
FilesCreativeAudioPROGRAMCTMIX32.EXE /t
O4 - HKLM..Run: [StorageGuard] "C:Program FilesVERITAS
SoftwareUpdate Managersgtray.exe" /r
O4 - HKLM..Run: [dla] C:WINDOWSsystem32dlatfswctrl.exe
O4 - HKLM..Run: [MMTray] C:Program FilesMUSICMATCHMUSICMATCH
Jukeboxmm_tray.exe
O4 - HKLM..Run: [zBrowser Launcher] C:Program
FilesLogitechiTouchiTouch.exe
O4 - HKLM..Run: [EM_EXEC] C:PROGRA~1LogitechMOUSEW~1
SYSTEMEM_EXEC.EXE
O4 - HKLM..Run: [ccApp] "C:Program FilesCommon FilesSymantec
SharedccApp.exe"
O4 - HKLM..Run: [ccRegVfy] "C:Program FilesCommon FilesSymantec
SharedccRegVfy.exe"
O4 - HKLM..Run: [Advanced Tools Check] F:NORTON~1
AdvToolsADVCHK.EXE
O4 - HKLM..Run: [LVCOMS] C:Program FilesCommon
FilesLogitechQCDriver3LVCOMS.EXE
O4 - HKLM..Run: [LogitechGalleryRepair] C:Program
FilesLogitechImageStudioISStart.exe
O4 - HKLM..Run: [LogitechImageStudioTray] C:Program
FilesLogitechImageStudioLogiTray.exe
O4 - HKLM..Run: [QuickTime Task] "C:Program
FilesQuickTimeqttask.exe" -atboottime
O4 - HKLM..Run: [PCLEPCI] C:PROGRA~1PinnaclePPEppe.exe
O4 - HKLM..Run: [TkBellExe] "C:Program FilesCommon
FilesRealUpdate_OBrealsched.exe" -osboot
O4 - HKLM..Run: [mmtask] C:Program
FilesMUSICMATCHMUSICMATCH Jukeboxmmtask.exe
O4 - HKLM..Run: [PinnacleDriverCheck] C:WINDOWSsystem32
PSDrvCheck.exe -CheckReg
O4 - HKLM..Run: [SpyFighterMonitor] "C:Program
FilesSpyFighterSpyFighter.exe" monitor
O4 - HKLM..Run: [SpyFighterUpdate] "C:Program
FilesSpyFighterAutoUpdate.exe" silent
O4 - HKCU..Run: [CTFMON.EXE] C:WINDOWSsystem32ctfmon.exe
O4 - HKCU..Run: [NvMediaCenter] RUNDLL32.EXE
C:WINDOWSSystem32NVMCTRAY.DLL,NvTaskbarInit
O4 - HKCU..Run: [MSMSGS] "C:Program
FilesMessengermsmsgs.exe" /background
O4 - HKCU..Run: [LDM] C:Program FilesLogitechDesktop
Messenger8876480ProgramLogitechDesktopMessenger.exe
O4 - HKCU..Run: [SpySweeper] C:Program FilesWebrootSpy
SweeperSpySweeper.exe /0
O4 - Startup: Trust Scanner Utilities.lnk = C:WINDOWStwain_32
trust19200SCANER32.EXE
O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:Program
FilesCommon FilesAdobeCalibrationAdobe Gamma Loader.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:Program
FilesLogitechDesktop Messenger8876480ProgramLDMConf.exe
O4 - Global Startup: Pinnacle Scheduler.lnk = C:Program
FilesPinnacleShared FilesProgramsSchedulerPCLEScheduler.exe
O8 - Extra context menu item: E&xporteren naar Microsoft Excel -
res://F:MICROS~1Office10EXCEL.EXE/3000
O8 - Extra context menu item: Ontvang alle bestanden door Net Transport -
C:Program FilesXiNetTransport 2NTAddList.html
O8 - Extra context menu item: Ontvangst door Net Transport - C:Program
FilesXiNetTransport 2NTAddLink.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-
00401C608501} - C:Program FilesJavaj2re1.4.2binnpjpi142.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-
AAA5-00401C608501} - C:Program FilesJavaj2re1.4.2binnpjpi142.dll
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-
00C0F0318AFE} - (no file)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-
00C04F795683} - C:Program FilesMessengermsmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-
BB9E-00C04F795683} - C:Program FilesMessengermsmsgs.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows
Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?
linkid=39204
O16 - DPF: {2E28242B-A689-11D4-80F2-0040266CBB8D} (KX-HCM10
Control) - http://220.111.243.145:6505/kxhcm10.ocx
O16 - DPF: {F7DC2A2E-FC34-11D3-B1D9-00A0C99B41BB} (Zoom
Class) - http://www.zoomify.com/download/zoomify305.cab
O18 - Protocol: bw+0 - {DD8FCEB2-FFCB-45CB-A7DC-CB548527E645} -
C:Program FilesLogitechDesktop Messenger8876480
ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {DD8FCEB2-FFCB-45CB-A7DC-CB548527E645} -
C:Program FilesLogitechDesktop Messenger8876480
ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {DD8FCEB2-FFCB-45CB-A7DC-CB548527E645} -
C:Program FilesLogitechDesktop Messenger8876480
ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {DD8FCEB2-FFCB-45CB-A7DC-CB548527E645} -
C:Program FilesLogitechDesktop Messenger8876480
ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {DD8FCEB2-FFCB-45CB-A7DC-CB548527E645} -
C:Program FilesLogitechDesktop Messenger8876480
ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {DD8FCEB2-FFCB-45CB-A7DC-CB548527E645} -
C:Program FilesLogitechDesktop Messenger8876480
ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {DD8FCEB2-FFCB-45CB-A7DC-CB548527E645} -
C:Program FilesLogitechDesktop Messenger8876480
ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {DD8FCEB2-FFCB-45CB-A7DC-CB548527E645} -
C:Program FilesLogitechDesktop Messenger8876480
ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {DD8FCEB2-FFCB-45CB-A7DC-CB548527E645} -
C:Program FilesLogitechDesktop Messenger8876480
ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {DD8FCEB2-FFCB-45CB-A7DC-CB548527E645} -
C:Program FilesLogitechDesktop Messenger8876480
ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {DD8FCEB2-FFCB-45CB-A7DC-CB548527E645} -
C:Program FilesLogitechDesktop Messenger8876480
ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {DD8FCEB2-FFCB-45CB-A7DC-CB548527E645} -
C:Program FilesLogitechDesktop Messenger8876480
ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {DD8FCEB2-FFCB-45CB-A7DC-CB548527E645} -
C:Program FilesLogitechDesktop Messenger8876480
ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {DD8FCEB2-FFCB-45CB-A7DC-CB548527E645} -
C:Program FilesLogitechDesktop Messenger8876480
ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {DD8FCEB2-FFCB-45CB-A7DC-CB548527E645} -
C:Program FilesLogitechDesktop Messenger8876480
ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {DD8FCEB2-FFCB-45CB-A7DC-CB548527E645} -
C:Program FilesLogitechDesktop Messenger8876480
ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {DD8FCEB2-FFCB-45CB-A7DC-CB548527E645} -
C:Program FilesLogitechDesktop Messenger8876480
ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {DD8FCEB2-FFCB-45CB-A7DC-CB548527E645} -
C:Program FilesLogitechDesktop Messenger8876480
ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {DD8FCEB2-FFCB-45CB-A7DC-CB548527E645} -
C:Program FilesLogitechDesktop Messenger8876480
ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {DD8FCEB2-FFCB-45CB-A7DC-CB548527E645} -
C:Program FilesLogitechDesktop Messenger8876480
ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {DD8FCEB2-FFCB-45CB-A7DC-CB548527E645} -
C:Program FilesLogitechDesktop Messenger8876480
ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {DD8FCEB2-FFCB-45CB-A7DC-CB548527E645} -
C:Program FilesLogitechDesktop Messenger8876480
ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {DD8FCEB2-FFCB-45CB-A7DC-CB548527E645} -
C:Program FilesLogitechDesktop Messenger8876480
ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {DD8FCEB2-FFCB-45CB-A7DC-CB548527E645} -
C:Program FilesLogitechDesktop Messenger8876480
ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {DD8FCEB2-FFCB-45CB-A7DC-CB548527E645} -
C:Program FilesLogitechDesktop Messenger8876480
ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {DD8FCEB2-FFCB-45CB-A7DC-CB548527E645} -
C:Program FilesLogitechDesktop Messenger8876480
ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {DD8FCEB2-FFCB-45CB-A7DC-CB548527E645} -
C:Program FilesLogitechDesktop Messenger8876480
ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {DD8FCEB2-FFCB-45CB-A7DC-CB548527E645} -
C:Program FilesLogitechDesktop Messenger8876480
ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {DD8FCEB2-FFCB-45CB-A7DC-CB548527E645} -
C:Program FilesLogitechDesktop Messenger8876480
ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {DD8FCEB2-FFCB-45CB-A7DC-CB548527E645} -
C:Program FilesLogitechDesktop Messenger8876480
ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {DD8FCEB2-FFCB-45CB-A7DC-CB548527E645} -
C:Program FilesLogitechDesktop Messenger8876480
ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {DD8FCEB2-FFCB-45CB-A7DC-CB548527E645} -
C:Program FilesLogitechDesktop Messenger8876480
ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {DD8FCEB2-FFCB-45CB-A7DC-CB548527E645} -
C:Program FilesLogitechDesktop Messenger8876480
ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {DD8FCEB2-FFCB-45CB-A7DC-CB548527E645} -
C:Program FilesLogitechDesktop Messenger8876480
ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {DD8FCEB2-FFCB-45CB-A7DC-CB548527E645} -
C:Program FilesLogitechDesktop Messenger8876480
ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {DD8FCEB2-FFCB-45CB-A7DC-CB548527E645} -
C:Program FilesLogitechDesktop Messenger8876480
ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-
C34B9B80B32B} - C:Program FilesLogitechDesktop
Messenger8876480ProgramGAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {DD8FCEB2-FFCB-45CB-A7DC-CB548527E645} -
C:Program FilesLogitechDesktop Messenger8876480
ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {DD8FCEB2-FFCB-45CB-A7DC-CB548527E645} -
C:Program FilesLogitechDesktop Messenger8876480
ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {DD8FCEB2-FFCB-45CB-A7DC-CB548527E645} -
C:Program FilesLogitechDesktop Messenger8876480
ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {DD8FCEB2-FFCB-45CB-A7DC-CB548527E645} -
C:Program FilesLogitechDesktop Messenger8876480
ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {DD8FCEB2-FFCB-45CB-A7DC-CB548527E645} -
C:Program FilesLogitechDesktop Messenger8876480
ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {DD8FCEB2-FFCB-45CB-A7DC-CB548527E645} -
C:Program FilesLogitechDesktop Messenger8876480
ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {DD8FCEB2-FFCB-45CB-A7DC-CB548527E645} -
C:Program FilesLogitechDesktop Messenger8876480
ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {DD8FCEB2-FFCB-45CB-A7DC-CB548527E645} -
C:Program FilesLogitechDesktop Messenger8876480
ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {DD8FCEB2-FFCB-45CB-A7DC-CB548527E645} -
C:Program FilesLogitechDesktop Messenger8876480
ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {DD8FCEB2-FFCB-45CB-A7DC-CB548527E645} -
C:Program FilesLogitechDesktop Messenger8876480
ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {DD8FCEB2-FFCB-45CB-A7DC-CB548527E645} -
C:Program FilesLogitechDesktop Messenger8876480
ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {DD8FCEB2-FFCB-45CB-A7DC-CB548527E645} -
C:Program FilesLogitechDesktop Messenger8876480
ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {DD8FCEB2-FFCB-45CB-A7DC-CB548527E645} -
C:Program FilesLogitechDesktop Messenger8876480
ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {DD8FCEB2-FFCB-45CB-A7DC-
CB548527E645} - C:Program FilesLogitechDesktop Messenger8876480
ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {DD8FCEB2-FFCB-45CB-A7DC-CB548527E645} -
C:Program FilesLogitechDesktop Messenger8876480
ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {DD8FCEB2-FFCB-45CB-A7DC-CB548527E645} -
C:Program FilesLogitechDesktop Messenger8876480
ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {DD8FCEB2-FFCB-45CB-A7DC-CB548527E645} -
C:Program FilesLogitechDesktop Messenger8876480
ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {DD8FCEB2-FFCB-45CB-A7DC-CB548527E645} -
C:Program FilesLogitechDesktop Messenger8876480
ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {DD8FCEB2-FFCB-45CB-A7DC-CB548527E645} -
C:Program FilesLogitechDesktop Messenger8876480
ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {DD8FCEB2-FFCB-45CB-A7DC-CB548527E645} -
C:Program FilesLogitechDesktop Messenger8876480
ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {DD8FCEB2-FFCB-45CB-A7DC-CB548527E645} -
C:Program FilesLogitechDesktop Messenger8876480
ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {DD8FCEB2-FFCB-45CB-A7DC-CB548527E645} -
C:Program FilesLogitechDesktop Messenger8876480
ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {DD8FCEB2-FFCB-45CB-A7DC-CB548527E645} -
C:Program FilesLogitechDesktop Messenger8876480
ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {DD8FCEB2-FFCB-45CB-A7DC-CB548527E645} -
C:Program FilesLogitechDesktop Messenger8876480
ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {DD8FCEB2-FFCB-45CB-A7DC-CB548527E645} -
C:Program FilesLogitechDesktop Messenger8876480
ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {DD8FCEB2-FFCB-45CB-A7DC-CB548527E645} -
C:Program FilesLogitechDesktop Messenger8876480
ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {DD8FCEB2-FFCB-45CB-A7DC-CB548527E645} -
C:Program FilesLogitechDesktop Messenger8876480
ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {DD8FCEB2-FFCB-45CB-A7DC-CB548527E645} -
C:Program FilesLogitechDesktop Messenger8876480
ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {DD8FCEB2-FFCB-45CB-A7DC-CB548527E645} -
C:Program FilesLogitechDesktop Messenger8876480
ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {DD8FCEB2-FFCB-45CB-A7DC-CB548527E645} -
C:Program FilesLogitechDesktop Messenger8876480
ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {DD8FCEB2-FFCB-45CB-A7DC-CB548527E645} -
C:Program FilesLogitechDesktop Messenger8876480
ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {DD8FCEB2-FFCB-45CB-A7DC-CB548527E645} -
C:Program FilesLogitechDesktop Messenger8876480
ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {DD8FCEB2-FFCB-45CB-A7DC-CB548527E645} -
C:Program FilesLogitechDesktop Messenger8876480
ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {DD8FCEB2-FFCB-45CB-A7DC-CB548527E645} -
C:Program FilesLogitechDesktop Messenger8876480
ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {DD8FCEB2-FFCB-45CB-A7DC-CB548527E645} -
C:Program FilesLogitechDesktop Messenger8876480
ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {DD8FCEB2-FFCB-45CB-A7DC-CB548527E645} -
C:Program FilesLogitechDesktop Messenger8876480
ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {DD8FCEB2-FFCB-45CB-A7DC-CB548527E645} -
C:Program FilesLogitechDesktop Messenger8876480
ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {DD8FCEB2-FFCB-45CB-A7DC-CB548527E645} -
C:Program FilesLogitechDesktop Messenger8876480
ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {DD8FCEB2-FFCB-45CB-A7DC-CB548527E645} -
C:Program FilesLogitechDesktop Messenger8876480
ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {DD8FCEB2-FFCB-45CB-A7DC-CB548527E645} -
C:Program FilesLogitechDesktop Messenger8876480
ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {DD8FCEB2-FFCB-45CB-A7DC-
CB548527E645} - C:Program FilesLogitechDesktop Messenger8876480
ProgramBWPlugProtocol-8876480.dll
O23 - Service: Remote Procedure Call (RPC) Helper ( 11Fßä#·ºÄÖ`I) -
Unknown owner - C:WINDOWSappve.exe (file missing)
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec
Corporation - C:Program FilesCommon FilesSymantec
SharedccEvtMgr.exe
O23 - Service: Symantec Password Validation Service (ccPwdSvc) -
Symantec Corporation - C:Program FilesCommon FilesSymantec
SharedccPwdSvc.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology
Ltd - C:WINDOWSSystem32CTSvcCDA.exe
O23 - Service: ewido security suite control - ewido networks - C:Program
Filesewidosecurity suiteewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - C:Program
Filesewidosecurity suiteewidoguard.exe
O23 - Service: LicCtrl Service (LicCtrlService) - Unknown owner -
C:WINDOWSrunservice.exe
O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec
Corporation - F:Norton AntiVirusnavapsvc.exe
O23 - Service: Norton Unerase Protection (NProtectService) - Symantec
Corporation - F:Norton AntiVirusAdvToolsNPROTECT.EXE
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation -
C:WINDOWSSystem32nvsvc32.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation -
C:PROGRA~1COMMON~1SYMANT~1SCRIPT~1SBServ.exe
O23 - Service: TuneUp WinStyler Theme Service (TUWinStylerThemeSvc) -
TuneUp Software GmbH - C:Program FilesTuneUp Utilities 2004
WinStylerThemeSvc.exe

smitfiles.txt


smitRem © log file
version 2.8

by noahdfear


Microsoft Windows XP [versie 5.1.2600]

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

checking for ShudderLTD key

ShudderLTD key not present!

checking for PSGuard.com key


PSGuard.com key not present!

spyaxe uninstaller NOT present
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Existing Pre-run Files


~~~ Program Files ~~~


~~~ Shortcuts ~~~

Install.dat


~~~ Favorites ~~~


~~~ system32 folder ~~~

oleext.dll
logfiles


~~~ Icons in System32 ~~~


~~~ Windows directory ~~~


~~~ Drive root ~~~


~~~ Miscellaneous Files/folders ~~~


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


Command Line Process Viewer/Killer/Suspender for Windows
NT/2000/XP V2.03
Copyright(C) 2002-2003 [email]Craig.Peacock@beyondlogic.org[/email]
Killing PID 724 'explorer.exe'

Starting registry repairs

Deleting files


Remaining Post-run Files


~~~ Program Files ~~~


~~~ Shortcuts ~~~


~~~ Favorites ~~~


~~~ system32 folder ~~~


~~~ Icons in System32 ~~~


~~~ Windows directory ~~~


~~~ Drive root ~~~


~~~ Miscellaneous Files/folders ~~~


~~~ Wininet.dll ~~~

CLEAN! :)


ewidolog

---------------------------------------------------------
ewido anti-malware - Scan rapport
---------------------------------------------------------

+ Gemaakt op: 19:04:13, 21-12-2005
+ Rapport samenvatting: E715B70

+ Scan resultaten:

C:Documents and SettingsG.J. ScherpenzeelCookiesg.j.
[email]scherpenzeel@ads.poin[/email]troll[1].txt -> Spyware.Cookie.Pointroll :
Schoongemaakt zonder backup
C:Documents and SettingsG.J. ScherpenzeelCookiesg.j.
scherpenzeel@atdmt[2].txt -> Spyware.Cookie.Atdmt : Schoongemaakt
zonder backup
C:Documents and SettingsG.J. ScherpenzeelCookiesg.j.
scherpenzeel@centrport[1].txt -> Spyware.Cookie.Centrport :
Schoongemaakt zonder backup
C:Documents and SettingsG.J. ScherpenzeelCookiesg.j.
scherpenzeel@doubleclick[2].txt -> Spyware.Cookie.Doubleclick :
Schoongemaakt zonder backup
C:Documents and SettingsG.J. ScherpenzeelCookiesg.j.
[email]scherpenzeel@e-2dj6wfkiogdzifo.stats.esom[/email]niture[1].txt ->
Spyware.Cookie.Esomniture : Schoongemaakt zonder backup
C:Documents and SettingsG.J. ScherpenzeelCookiesg.j.
[email]scherpenzeel@e-2dj6wflicodpieo.stats.esom[/email]niture[2].txt ->
Spyware.Cookie.Esomniture : Schoongemaakt zonder backup
C:Documents and SettingsG.J. ScherpenzeelCookiesg.j.
[email]scherpenzeel@e-2dj6wgkiaoazalq.stats.esom[/email]niture[1].txt ->
Spyware.Cookie.Esomniture : Schoongemaakt zonder backup
C:Documents and SettingsG.J. ScherpenzeelCookiesg.j.
[email]scherpenzeel@e-2dj6wgkyejc5afp.stats.esom[/email]niture[2].txt ->
Spyware.Cookie.Esomniture : Schoongemaakt zonder backup
C:Documents and SettingsG.J. ScherpenzeelCookiesg.j.
[email]scherpenzeel@e-2dj6wjliepcjebp.stats.esom[/email]niture[2].txt ->
Spyware.Cookie.Esomniture : Schoongemaakt zonder backup
C:Documents and SettingsG.J. ScherpenzeelCookiesg.j.
[email]scherpenzeel@e-2dj6wjmywhczscp.stats.esom[/email]niture[2].txt ->
Spyware.Cookie.Esomniture : Schoongemaakt zonder backup
C:Documents and SettingsG.J. ScherpenzeelCookiesg.j.
scherpenzeel@mediaplex[1].txt -> Spyware.Cookie.Mediaplex :
Schoongemaakt zonder backup
C:Documents and SettingsG.J. ScherpenzeelCookiesg.j.
scherpenzeel@questionmarket[1].txt -> Spyware.Cookie.Questionmarket :
Schoongemaakt zonder backup
C:Documents and SettingsG.J. ScherpenzeelCookiesg.j.
[email]scherpenzeel@statse.webt[/email]rendslive[2].txt ->
Spyware.Cookie.Webtrendslive : Schoongemaakt zonder backup
C:Documents and SettingsG.J. ScherpenzeelCookiesg.j.
scherpenzeel@tpgpost.122.2o7[1].txt -> Spyware.Cookie.2o7 :
Schoongemaakt zonder backup
C:Documents and SettingsG.J. ScherpenzeelCookiesg.j.
scherpenzeel@tribalfusion[1].txt -> Spyware.Cookie.Tribalfusion :
Schoongemaakt zonder backup


::Einde rapport

elke keer als ik nu ewido laat scannen, vindt hij elke keer een aantal
malware (spyware) in mijn cookies..

Verder is buraublad succesvol hersteld en lijkt pc weer wat sneller..

Ik hoop dat je wat hebt aan de info in de logs hierboven..

dank,

Sharpius

Ga naar start-->instellingen-->configuratie
scherm-->Software-->Deinstalleer ''Switch''.
Verwijder (indien aanwezig) deze map:
portal en/of eMakeSV

Download ewido (als je die niet hebt)
http://www.ewido.net/en/download/
-->Run een system scan. Post een logje van ewido
-->Ook run je hijackthis, en daarvan post je wederom een logje.

greetz chrizz

Hallo mensen, lees toch eens een keer wat er gepost wordt!
Er is al tig keer geroepen dat meneer ewido en hijackthis
moet downloaden.. Meestal direct na een post met een
hijackthis en ewido log. Hoe zou die meneer die logs toch
gemaakt hebben?!?!? .. Duh!

Het volgende is uit de hijackthis logs die er m.i. niet in
thuis horen:
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Search Bar =res://C:WINDOWSsystem32haqye.dll/sp.html#88449
R1 - HKCUSoftwareMicrosoftInternet ExplorerSearch,SearchAssistant =
res://C:WINDOWSsystem32haqye.dll/sp.html#88449
R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Startpagina =
file:///C:/Program%20Files/eMakeSV/Portal/portal.html
R1 - HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,ProxyOverride = localhost
R3 - Default URLSearchHook is missing
O2 - BHO: Class - {2AD24B66-877B-347B-4D3D-73A13C8BB2CB} - (no
file)
O2 - BHO: Class - {4D253403-A759-B41F-BFC5-5B569B8A80CA} - (no file)
O2 - BHO: Class - {6AB2BF83-0631-B0B9-D124-C5122F05AC99} - (no file)
O2 - BHO: Class - {79288474-D0EF-F0FD-7337-BEF0B339B85C} - (no file)
O2 - BHO: Class - {797F33D0-1204-41CA-1A3E-630AC5EC5FB7} - (no file)
O2 - BHO: Class - {7FCAB6C6-3F6D-FD6C-EC10-B2B511B05C73} - (no
file)
O2 - BHO: Class - {820EE400-4068-7AC4-7934-F519A5AC7D69} - (no file)
O3 - Toolbar: WebFerret - {A58686ED-FC46-44C3-95C6-4A812AB776F1} -
C:Program FilesFerretSoftWebFerretFerretBand.dll
O4 - HKLM..Run: [MMTray] C:Program FilesMUSICMATCHMUSICMATCH
Jukeboxmm_tray.exe
O4 - HKLM..Run: [mmtask] C:Program FilesMUSICMATCHMUSICMATCH Jukeboxmmtask.exe
O4 - HKLM..Run: [SpyFighterMonitor] "C:Program FilesSpyFighterSpyFighter.exe" monitor
O4 - HKLM..Run: [SpyFighterUpdate] "C:Program FilesSpyFighterAutoUpdate.exe" silent
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O16 - DPF: {2E28242B-A689-11D4-80F2-0040266CBB8D} (KX-HCM10
Control) - http://220.111.243.145:6505/kxhcm10.ocx
O16 - DPF: {F7DC2A2E-FC34-11D3-B1D9-00A0C99B41BB} (Zoom
Class) - http://www.zoomify.com/download/zoomify305.cab
O23 - Service: Remote Procedure Call (RPC) Helper (11Fßä#·ºÄÖ`I) -
Unknown owner - C:WINDOWSappve.exe (file missing)
O23 - Service: LicCtrl Service (LicCtrlService) - Unknown owner -
C:WINDOWSrunservice.exe
O23 - Service: TuneUp WinStyler Theme Service (TUWinStylerThemeSvc) -
TuneUp Software GmbH - C:Program FilesTuneUp Utilities 2004
WinStylerThemeSvc.exe

Beste Sharpius,

Kennelijk ziet het er naar uit dat je uit de brand bent.

Houwen zo.

AntiSpyware software die te vertrouwen is staat hieronder:

Ad Aware Se
SpyBot Search & Destroy
Microsoft Anti Spyware Beta
Spyware Blaster

De laatste naam (Spyware Blaster) komt ook voor als spyware veroorzaker. De echte Spyware Blaster kun je downloaden via de onderstaande link.

http://www.javacoolsoftware.com/

webroot spysweeper ow spyware doctor vind ook best veel
probeer is een gratis trail te downloaden als je die nog
niet had.

Had hetzelfde probleem maar dankzij Ad-Aware is alles weer oke.