PDA

Volledige versie bekijken : Log Pyro


Pyro
20 February 2007, 20:54
Hoi

Mijn pc valt ook steeds uit...ik weet ni meer aan wat het allemaal kan schelen. ik heb windows herinstalleert dus ligt de fout niet aan het register..
ik denk een virus of/en trojan horse
zie hier mijn hijack log

Logfile of HijackThis v1.99.1
Scan saved at 19:52:48, on 20-2-2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0011)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
E:\Program Files\Avast\aswUpdSv.exe
E:\Program Files\Avast\ashServ.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\svchost.exe
E:\Program Files\Avast\ashMaiSv.exe
E:\Program Files\Avast\ashWebSv.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Pinnacle\Shared Files\Programs\Remote\Remoterm.exe
C:\Program Files\Logitech\MediaLife\MediaLifeService.exe
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe
E:\PROGRA~1\Avast\ashDisp.exe
C:\Program Files\Musicmatch\Musicmatch Jukebox\mmtask.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\Mindjet\MindManager 6\MMReminderService.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\LVComS.exe
C:\Program Files\BlazeVideo\BlazeDVD 5 Professional\MediaDetector.exe
C:\Program Files\Tracker Software\PDF-XChange 3\pdfSaver\pdfSaver3.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\G oogleToolbarNotifier.exe
C:\DOCUME~1\Sammy\LOCALS~1\Temp\bwgo00014466.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\ZyDAS Technology Corporation\ZyDAS_802.11g_Utility\ZDWlan.exe
C:\Program Files\Common Files\Logitech\KHAL\KHALMNPR.EXE
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Pinnacle\Shared Files\Programs\PclePvr\VideoControl.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\svchost.exe
C:\Documents and Settings\Sammy\Bureaublad\HijackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O2 - BHO: Mouse Gestures - {A6A49249-57AE-4295-8D4D-18A9502C7D8E} - C:\Program Files\Internet Explorer\Plugins\Drowse\MouseGestures.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: CmjBrowserHelperObject Object - {AC41D38F-B56D-40AD-94E0-B493D130C959} - C:\Program Files\Mindjet\MindManager 6\Mm6InternetExplorer.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [PMCRemote] C:\Program Files\Pinnacle\Shared Files\Programs\Remote\Remoterm.exe
O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\system32\PSDrvCheck.exe -CheckReg
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [AVG7_EMC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O4 - HKLM\..\Run: [MediaLifeService] "C:\Program Files\Logitech\MediaLife\MediaLifeService.exe"
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [iTunesHelper] "E:\Program Files\iTunesHelper.exe"
O4 - HKLM\..\Run: [avast!] E:\PROGRA~1\Avast\ashDisp.exe
O4 - HKLM\..\Run: [mmtask] "C:\Program Files\Musicmatch\Musicmatch Jukebox\mmtask.exe"
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [PMCS] "C:\Program Files\Pinnacle\Shared Files\Programs\MediaCenterService\PMC.Service.Main .exe" -host -clearDebug
O4 - HKLM\..\Run: [CTDrive] rundll32.exe C:\WINDOWS\system32\drvsew.dll,startup
O4 - HKLM\..\Run: [IpWins] C:\Program Files\ipwins\ipwins.exe
O4 - HKLM\..\Run: [MMReminderService] C:\Program Files\Mindjet\MindManager 6\MMReminderService.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger .exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [Steam] E:\Program Files\Steam.exe -silent
O4 - HKCU\..\Run: [BlazeServoTool] "C:\Program Files\BlazeVideo\BlazeDVD 5 Professional\MediaDetector.exe"
O4 - HKCU\..\Run: [pdfSaver3] "C:\Program Files\Tracker Software\PDF-XChange 3\pdfSaver\pdfSaver3.exe"
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\G oogleToolbarNotifier.exe
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Logitech Desktop Messenger Agent.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O4 - Global Startup: ZDWLan Utility.lnk = C:\Program Files\ZyDAS Technology Corporation\ZyDAS_802.11g_Utility\ZDWlan.exe
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Ontvang alles met FlashGet - C:\PROGRA~1\FlashGet\jc_all.htm
O8 - Extra context menu item: Ontvang met FlashGet - C:\PROGRA~1\FlashGet\jc_link.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - E:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll
O9 - Extra button: (no name) - {4E660F19-E91E-41e1-88EF-D1DFAB118F67} - C:\Program Files\Internet Explorer\Plugins\Drowse\MouseGestures.dll
O9 - Extra 'Tools' menuitem: Mouse Gestures... - {4E660F19-E91E-41e1-88EF-D1DFAB118F67} - C:\Program Files\Internet Explorer\Plugins\Drowse\MouseGestures.dll
O9 - Extra button: Send to Mindjet MindManager - {531B9DC0-D8EE-4c76-A6EE-6C1E50569655} - C:\Program Files\Mindjet\MindManager 6\Mm6InternetExplorer.dll
O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe
O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {131EB16C-BD58-443F-8151-6DFBB0DA1778} (Anark Client 3.0 ActiveX Control) - http://install.anark.com/client/version3/windows-ie/en/AMClient.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://parmentiersammy.spaces.live.com//PhotoUpload/MsnPUpld.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1171932093359
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O18 - Protocol: bw+0 - {9779A5A7-9BB8-4CC1-B817-52CC4C193152} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {9779A5A7-9BB8-4CC1-B817-52CC4C193152} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {9779A5A7-9BB8-4CC1-B817-52CC4C193152} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {9779A5A7-9BB8-4CC1-B817-52CC4C193152} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {9779A5A7-9BB8-4CC1-B817-52CC4C193152} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {9779A5A7-9BB8-4CC1-B817-52CC4C193152} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {9779A5A7-9BB8-4CC1-B817-52CC4C193152} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {9779A5A7-9BB8-4CC1-B817-52CC4C193152} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {9779A5A7-9BB8-4CC1-B817-52CC4C193152} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {9779A5A7-9BB8-4CC1-B817-52CC4C193152} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {9779A5A7-9BB8-4CC1-B817-52CC4C193152} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {9779A5A7-9BB8-4CC1-B817-52CC4C193152} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {9779A5A7-9BB8-4CC1-B817-52CC4C193152} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {9779A5A7-9BB8-4CC1-B817-52CC4C193152} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {9779A5A7-9BB8-4CC1-B817-52CC4C193152} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {9779A5A7-9BB8-4CC1-B817-52CC4C193152} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {9779A5A7-9BB8-4CC1-B817-52CC4C193152} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {9779A5A7-9BB8-4CC1-B817-52CC4C193152} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {9779A5A7-9BB8-4CC1-B817-52CC4C193152} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {9779A5A7-9BB8-4CC1-B817-52CC4C193152} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {9779A5A7-9BB8-4CC1-B817-52CC4C193152} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {9779A5A7-9BB8-4CC1-B817-52CC4C193152} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {9779A5A7-9BB8-4CC1-B817-52CC4C193152} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {9779A5A7-9BB8-4CC1-B817-52CC4C193152} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {9779A5A7-9BB8-4CC1-B817-52CC4C193152} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {9779A5A7-9BB8-4CC1-B817-52CC4C193152} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {9779A5A7-9BB8-4CC1-B817-52CC4C193152} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {9779A5A7-9BB8-4CC1-B817-52CC4C193152} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {9779A5A7-9BB8-4CC1-B817-52CC4C193152} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {9779A5A7-9BB8-4CC1-B817-52CC4C193152} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {9779A5A7-9BB8-4CC1-B817-52CC4C193152} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {9779A5A7-9BB8-4CC1-B817-52CC4C193152} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {9779A5A7-9BB8-4CC1-B817-52CC4C193152} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {9779A5A7-9BB8-4CC1-B817-52CC4C193152} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {9779A5A7-9BB8-4CC1-B817-52CC4C193152} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {9779A5A7-9BB8-4CC1-B817-52CC4C193152} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {9779A5A7-9BB8-4CC1-B817-52CC4C193152} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {9779A5A7-9BB8-4CC1-B817-52CC4C193152} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {9779A5A7-9BB8-4CC1-B817-52CC4C193152} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {9779A5A7-9BB8-4CC1-B817-52CC4C193152} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {9779A5A7-9BB8-4CC1-B817-52CC4C193152} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {9779A5A7-9BB8-4CC1-B817-52CC4C193152} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {9779A5A7-9BB8-4CC1-B817-52CC4C193152} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {9779A5A7-9BB8-4CC1-B817-52CC4C193152} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {9779A5A7-9BB8-4CC1-B817-52CC4C193152} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {9779A5A7-9BB8-4CC1-B817-52CC4C193152} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {9779A5A7-9BB8-4CC1-B817-52CC4C193152} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {9779A5A7-9BB8-4CC1-B817-52CC4C193152} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {9779A5A7-9BB8-4CC1-B817-52CC4C193152} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {9779A5A7-9BB8-4CC1-B817-52CC4C193152} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {9779A5A7-9BB8-4CC1-B817-52CC4C193152} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {9779A5A7-9BB8-4CC1-B817-52CC4C193152} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {9779A5A7-9BB8-4CC1-B817-52CC4C193152} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {9779A5A7-9BB8-4CC1-B817-52CC4C193152} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {9779A5A7-9BB8-4CC1-B817-52CC4C193152} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {9779A5A7-9BB8-4CC1-B817-52CC4C193152} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {9779A5A7-9BB8-4CC1-B817-52CC4C193152} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {9779A5A7-9BB8-4CC1-B817-52CC4C193152} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {9779A5A7-9BB8-4CC1-B817-52CC4C193152} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {9779A5A7-9BB8-4CC1-B817-52CC4C193152} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {9779A5A7-9BB8-4CC1-B817-52CC4C193152} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {9779A5A7-9BB8-4CC1-B817-52CC4C193152} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {9779A5A7-9BB8-4CC1-B817-52CC4C193152} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {9779A5A7-9BB8-4CC1-B817-52CC4C193152} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {9779A5A7-9BB8-4CC1-B817-52CC4C193152} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {9779A5A7-9BB8-4CC1-B817-52CC4C193152} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {9779A5A7-9BB8-4CC1-B817-52CC4C193152} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {9779A5A7-9BB8-4CC1-B817-52CC4C193152} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {9779A5A7-9BB8-4CC1-B817-52CC4C193152} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {9779A5A7-9BB8-4CC1-B817-52CC4C193152} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {9779A5A7-9BB8-4CC1-B817-52CC4C193152} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {9779A5A7-9BB8-4CC1-B817-52CC4C193152} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {9779A5A7-9BB8-4CC1-B817-52CC4C193152} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {9779A5A7-9BB8-4CC1-B817-52CC4C193152} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {9779A5A7-9BB8-4CC1-B817-52CC4C193152} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {9779A5A7-9BB8-4CC1-B817-52CC4C193152} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: offline-8876480 - {9779A5A7-9BB8-4CC1-B817-52CC4C193152} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - Winlogon Notify: ddcca - C:\WINDOWS\system32\ddcca.dll (file missing)
O20 - Winlogon Notify: winbfi32 - winbfi32.dll (file missing)
O20 - Winlogon Notify: winhld32 - winhld32.dll (file missing)
O20 - Winlogon Notify: WRNotifier - C:\WINDOWS\SYSTEM32\WRLogonNTF.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - E:\Program Files\Avast\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - Unknown owner - E:\Program Files\Avast\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - E:\Program Files\Avast\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - E:\Program Files\Avast\ashWebSv.exe" /service (file missing)
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: PC Tools Spyware Doctor (SDhelper) - PC Tools Research Pty Ltd - E:\Program Files\Spyware Doctor\sdhelp.exe
O23 - Service: Webroot Spy Sweeper Engine (svcWRSSSDK) - Webroot Software, Inc. - E:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe

Kan iemand me helpen?
vriendelijke groeten..
jurgenv
20 February 2007, 22:36
Pas herinstalleert en toch malware in je log? Zou me niet verbazen dat het allemaal illegale progs zijn maar goed:


* Als je logitech desktop messenger niet echt gebruikt, dan raad ik je aan die te de-installeren omdat dit onnodig je systeem vertraagd, het zoekt namelijk naar updates voor je logitech producten terwijl dit perfect handmatig kan zonder zo te vertragen.

* Download en installeer AVG Anti-Spyware (http://www.ewido.net/en/download/).
Na de installatie, open AVG Anti-Spyware:
* onder "Status", klik op Change state naast "Resident shield". (wijzig van active naar inactive!)
* onder "Update", klik op de Start update knop.
* onder "Scanner", tab "Settings":- onder "How to act?", klik op "Recommended actions" en selecteer Quarantine. (ZEER BELANGRIJK!)
* onder "Reports", selecteer Automatically generate report after every scan en verwijder het vinkje bij Only if threats were found
Sluit AVG Anti-Spyware. Laat het nog niet scannen.

* Als je Adaware SE nog niet geïnstalleerd hebt, download, installeer en update het dan volgens de richtlijnen
die je kan vinden op: http://users.pandora.be/marcvn/spyware/1414188.htm
Download link van Ad-aware: http://www.lavasoftusa.com/products/ad-aware_se_personal.php

* Start je computer op in VEILIGE MODUS (http://users.pandora.be/marcvn/spyware/1378056.htm)

* Voer een volledige scan uit met Adaware en verwijder alles wat gevonden wordt.

* Start AVG Anti-Spyware.* Klik op Scan en kies Complete System Scan.
Na de scan; volg onderstaande instructies :
BELANGRIJK : Klik niet op de "Save Scan Report" knop vooraleer je de "Apply all Actions" knop hebt aangeklikt !
* Draag er zorg voor dat Set all elements to: op Quarantine staat (1),
zoniet klik op de link en kies Quarantine in de popup menu. (2)
(Dit geldt niet voor cookies, deze worden onveranderlijk gedelete !)
* Onderaan het venster klik op de Apply all Actions knop. (3)
http://home.scarlet.be/~topalex/ewidoscan.jpg
* Wanneer je de melding krijgt 'All actions have been applied', klik je onderaan op de knop Save Report.

* Herstart je computer in normale modus.

* Download ATF cleaner (http://www.atribune.org/ccount/click.php?id=1) (by Atribune)

Dubbelklik op ATF cleaner om het programma te starten.
Op het tabblad "Main", plaats je een vinkje bij Select All.
Klik op de knop Empty Selected.

Gebruik je ook Firefox als browser:
Klik op tabblad "Firefox", plaats een vinkje bij Select All.
Wil je de door Firefox opgeslagen wachtwoorden behouden, dan klik je in het venster dat verschijnt op "No".
(dit verwijdert het vinkje bij "Firefox saved passwords")
Klik op de knop Empty Selected.

Gebruik je ook Opera als browser:
Klik op tabblad "Opera", plaats een vinkje bij Select All.
Wil je de door Opera opgeslagen wachtwoorden behouden, dan klik je in het venster dat verschijnt op "No".
Klik op de knop Empty Selected.
Ga naar het tabblad "Main" en klik op de knop Exit om het programma af te sluiten.

* Post dan een nieuw hijackthis logje hier met het rapport van AVG antispyware.