Mededeling

Collapse
No announcement yet.

xydzyh.exe wil zich nestelen tijdens startup

Collapse
X
  •  
  • Tijd
  • Show
Clear All
new posts

  • xydzyh.exe wil zich nestelen tijdens startup

    Een week lang heb ik problemen gehad tijdens het opstarten van mijn Laptop. (XP prof). Startup Monitor gaf steeds aan dat xydzyh.exe zich wilde nestelen in de startup. Steeds ontkennend geantwoord, maar kreeg wel veel pop-ups en zelfs spontaan geluidsadvertenties (en/of radio ?). Ook 6 of meer simultane versies van Explorer waargenomen, nadat ik op de desktop geen explorer meer had staan.

    CCleaner, Spybot S&D, Adaware gedraaid zonder resultaten. Ook Avast hele harddisk laten scannen. Daarna (na Googlelen) removevideoactivexobject.exe uitgevoerd waarna xydzyh.exe niet meer opkwam na restart. Toch zie ik (process explorer) nog erg hoog cmd.exe in CPU en memory gebruik.
    Kunnen jullie mijn HijackThis log eens goed doorkijken svp ?
    Bij voorbaat heel hartelijk dank.

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 7:38:58 PM, on 22-12-2007
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16574)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Ahead\InCD\InCDsrv.exe
    C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    C:\Program Files\Alwil Software\Avast4\ashServ.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\spoolsv.exe
    C:\program files\internet explorer\iexplore.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\program files\internet explorer\iexplore.exe
    C:\WINDOWS\system32\cmd.exe
    D:\Websites\xampp\apache\bin\apache.exe
    C:\WINDOWS\system32\ASWLSVC.exe
    C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    C:\WINDOWS\system32\bmwebcfg.exe
    C:\Program Files\BUFFALO\Client Manager3\bwsvc\bwsvc.exe
    C:\WINDOWS\system32\cisvc.exe
    C:\Program Files\Comodo\Firewall\cmdagent.exe
    C:\WINDOWS\eHome\ehRecvr.exe
    C:\WINDOWS\eHome\ehSched.exe
    C:\Program Files\Alexion Software\Relation Manager\data\firebird\bin\fbserver.exe
    C:\Program Files\IDrive\IDriveE Service.exe
    C:\Program Files\Common Files\LightScribe\LSSrvc.exe
    C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
    C:\WINDOWS\system32\MNSFramework.exe
    C:\WINDOWS\system32\nvsvc32.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Viewpoint\Common\ViewpointService.exe
    C:\Program Files\Xdrive\Xdrive Desktop\XdriveService.exe
    C:\WINDOWS\system32\mqsvc.exe
    C:\WINDOWS\system32\mqtgsvc.exe
    D:\Websites\xampp\apache\bin\apache.exe
    C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    C:\WINDOWS\system32\dllhost.exe
    C:\WINDOWS\sm56hlpr.exe
    C:\WINDOWS\RTHDCPL.EXE
    C:\Program Files\Wireless Console 2\wcourier.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe
    C:\Program Files\ASUS\WLAN Card Utilities\Center.exe
    C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    C:\Program Files\Ahead\InCD\InCD.exe
    C:\WINDOWS\StartupMonitor.exe
    C:\WINDOWS\ATK0100\HControl.exe
    C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
    C:\Program Files\Google\Google Talk\googletalk.exe
    C:\Program Files\FlashGet\flashget.exe
    C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
    C:\PROGRA~1\HEWLET~1\HPSHAR~1\hpgs2wnf.exe
    C:\WINDOWS\ATK0100\ATKOSD.exe
    C:\Program Files\Comodo\Firewall\cfp.exe
    C:\Program Files\MSN Messenger\msnmsgr.exe
    C:\Program Files\ASUS\Asus ChkMail\ChkMail.exe
    C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng1.exe
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
    C:\WINDOWS\system32\cidaemon.exe
    C:\PROGRAM INSTALLATIONS\PROCESSEXPLORER\PROCEXP.EXE
    C:\Program Files\Mozilla Thunderbird\thunderbird.exe
    C:\WINDOWS\system32\javaw.exe
    C:\Program Files\FreePOPs\freepopsd.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 127.0.0.1:81
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local
    R3 - URLSearchHook: VidzSeek Toolbar - {7d24e3e5-c350-4f9f-a5ce-bda28932d5e4} - C:\Program Files\VidzSeek\tbVid1.dll
    F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,rundll32.exe C:\WINDOWS\system32\winsys16_061230.dll start
    O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: (no name) - {1A1DAC8C-074D-440F-8707-7009A672D7D1} - (no file)
    O2 - BHO: BHO_BlockHTTP Class - {1F023FFF-B052-489C-A6B4-3D8DECBFCAD6} - C:\Program Files\TELUS Mobility\Connection Manager\BlockHTTP.dll
    O2 - BHO: SkypeIEHelper - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\PROGRA~1\Skype\toolbars\SKYPEF~1\SKYPE_~1.DLL
    O2 - BHO: flashget urlcatch - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\Program Files\FlashGet\jccatch.dll
    O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.7.4.dll
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
    O2 - BHO: (no name) - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files\AI RoboForm\RoboForm.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O2 - BHO: TBSB07235 - {7ACBC613-4EE3-417E-899E-185065A22907} - C:\PROGRA~1\QUICKN~1\MYSPAC~1.DLL (file missing)
    O2 - BHO: VidzSeek Toolbar - {7d24e3e5-c350-4f9f-a5ce-bda28932d5e4} - C:\Program Files\VidzSeek\tbVid1.dll
    O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll
    O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
    O2 - BHO: &Google Notebook - {CCCCCCD3-666F-4F81-8B69-745DE9F6D897} - C:\Program Files\Google\Google Notebook\gnotes1.0.2.19-242469674.dll
    O2 - BHO: FlashGet GetFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\Program Files\FlashGet\getflash.dll
    O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
    O3 - Toolbar: Skype Toolbar for Internet Explorer - {B13721C7-F507-4982-B2E5-502A71474FED} - C:\Program Files\Skype\toolbars\Skype for Internet Explorer\skype_toolbar.dll
    O3 - Toolbar: &RoboForm - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files\AI RoboForm\RoboForm.dll
    O3 - Toolbar: Google Notebook - {CCCCCCDB-4DDB-4703-95D4-DD2C526397BF} - C:\Program Files\Google\Google Notebook\gnotes1.0.2.19-242469674.dll
    O3 - Toolbar: VidzSeek Toolbar - {7d24e3e5-c350-4f9f-a5ce-bda28932d5e4} - C:\Program Files\VidzSeek\tbVid1.dll
    O3 - Toolbar: Veoh Browser Plug-in - {D0943516-5076-4020-A3B5-AEFAF26AB263} - C:\Program Files\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
    O3 - Toolbar: Copernic Agent - {F2E259E8-0FC8-438C-A6E0-342DD80FA53E} - C:\Program Files\Copernic Agent\CopernicAgentExt.dll
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [SMSERIAL] sm56hlpr.exe
    O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
    O4 - HKLM\..\Run: [Wireless Console 2] C:\Program Files\Wireless Console 2\wcourier.exe
    O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    O4 - HKLM\..\Run: [Power_Gear] C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe 1
    O4 - HKLM\..\Run: [Control Center] C:\Program Files\ASUS\WLAN Card Utilities\Center.exe
    O4 - HKLM\..\Run: [MsmqIntCert] regsvr32 /s mqrt.dll
    O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
    O4 - HKLM\..\Run: [Run StartupMonitor] StartupMonitor.exe
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [HControl] C:\WINDOWS\ATK0100\HControl.exe
    O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe
    O4 - HKLM\..\Run: [Share-to-Web Namespace Daemon] C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
    O4 - HKLM\..\Run: [googletalk] C:\Program Files\Google\Google Talk\googletalk.exe /autostart
    O4 - HKLM\..\Run: [Flashget] C:\Program Files\FlashGet\flashget.exe /min
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
    O4 - HKLM\..\Run: [COMODO Firewall Pro] "C:\Program Files\Comodo\Firewall\cfp.exe" -s
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O4 - Global Startup: ASUS ChkMail.lnk = C:\Program Files\ASUS\Asus ChkMail\ChkMail.exe
    O4 - Global Startup: Bluetooth Manager.lnk = ?
    O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    O4 - Global Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
    O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
    O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
    O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
    O8 - Extra context menu item: &Download All with FlashGet - C:\Program Files\FlashGet\jc_all.htm
    O8 - Extra context menu item: &Download with FlashGet - C:\Program Files\FlashGet\jc_link.htm
    O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
    O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
    O8 - Extra context menu item: Note this (Google Notebook) - res://C:\Program Files\Google\Google Notebook\gnotes1.0.2.19-242469674.dll/gn_menu1.html
    O8 - Extra context menu item: Note this item (Google Notebook) - res://C:\Program Files\Google\Google Notebook\gnotes1.0.2.19-242469674.dll/gn_menu2.html
    O8 - Extra context menu item: Save to &Xdrive - res://C:\Program Files\Xdrive\Xdrive Desktop\xdrive.exe/std.html
    O8 - Extra context menu item: Search Using Copernic Agent - res://C:\Program Files\Copernic Agent\CopernicAgentExt.dll/INTEGRATION_MENU_SEARCHEXT
    O9 - Extra button: Trace - {04849C74-016E-4a43-8AA5-1F01DE57F4A1} - C:\Program Files\VisualRoute Lite Edition\vrie.dll
    O9 - Extra 'Tools' menuitem: VisualRoute Trace - {04849C74-016E-4a43-8AA5-1F01DE57F4A1} - C:\Program Files\VisualRoute Lite Edition\vrie.dll
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra button: (no name) - {193B17B0-7C9F-4D5B-AEAB-8D3605EFC084} - C:\PROGRA~1\COPERN~1\COPERN~1.EXE
    O9 - Extra 'Tools' menuitem: Launch Copernic Agent - {193B17B0-7C9F-4D5B-AEAB-8D3605EFC084} - C:\PROGRA~1\COPERN~1\COPERN~1.EXE
    O9 - Extra button: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files\AI RoboForm\RoboForm.dll
    O9 - Extra 'Tools' menuitem: &7 Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files\AI RoboForm\RoboForm.dll
    O9 - Extra button: Save Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files\AI RoboForm\RoboForm.dll
    O9 - Extra 'Tools' menuitem: &8 Save Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files\AI RoboForm\RoboForm.dll
    O9 - Extra button: Run WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll
    O9 - Extra 'Tools' menuitem: Launch WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll
    O9 - Extra button: BitComet Search - {461CC20B-FB6E-4f16-8FE8-C29359DB100E} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.7.4.dll
    O9 - Extra button: Copernic Agent - {688DC797-DC11-46A7-9F1B-445F4F58CE6E} - C:\PROGRA~1\COPERN~1\COPERN~1.EXE
    O9 - Extra button: RF toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files\AI RoboForm\RoboForm.dll
    O9 - Extra 'Tools' menuitem: &9 Robo Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files\AI RoboForm\RoboForm.dll
    O9 - Extra button: Skype Toolbar for Internet Explorer - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\PROGRA~1\Skype\toolbars\SKYPEF~1\SKYPE_~1.DLL
    O9 - Extra 'Tools' menuitem: Skype Toolbar for Internet Explorer - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\PROGRA~1\Skype\toolbars\SKYPEF~1\SKYPE_~1.DLL
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: Movies Extractor Scout LITE - {D1EF084D-C97F-49C2-BFFB-D77A61A27761} - C:\Program Files\Movies Extractor Scout LITE\flashextract.exe
    O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe
    O9 - Extra 'Tools' menuitem: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: (no name) - {f748b308-972c-4f94-9246-be2e1985c6f6} - C:\Documents and Settings\Cees\Local Settings\Apps\2.0\ZL3C94VO.1E1\HQK8MWZ3.A9Q\keep..tion_6c174d367efa5404_0001.0000_528ceab7e52da640\K eepV.exe
    O9 - Extra 'Tools' menuitem: KeepV - Video Detector - {f748b308-972c-4f94-9246-be2e1985c6f6} - C:\Documents and Settings\Cees\Local Settings\Apps\2.0\ZL3C94VO.1E1\HQK8MWZ3.A9Q\keep..tion_6c174d367efa5404_0001.0000_528ceab7e52da640\K eepV.exe
    O9 - Extra button: (no name) - {f748b308-972c-4f94-9246-be2e1985c6f7} - C:\Documents and Settings\Cees\Local Settings\Apps\2.0\ZL3C94VO.1E1\HQK8MWZ3.A9Q\keep..tion_6c174d367efa5404_0001.0000_528ceab7e52da640\K eepV.exe1 (file missing)
    O9 - Extra 'Tools' menuitem: KeepV - Send Video - {f748b308-972c-4f94-9246-be2e1985c6f7} - C:\Documents and Settings\Cees\Local Settings\Apps\2.0\ZL3C94VO.1E1\HQK8MWZ3.A9Q\keep..tion_6c174d367efa5404_0001.0000_528ceab7e52da640\K eepV.exe1 (file missing)
    O9 - Extra button: LanWhoIs - {F96A9D15-8486-414D-9ACE-312197E3364F} - C:\PROGRA~1\LANTRI~1\LanWhoIs\lanwhois.htm
    O9 - Extra 'Tools' menuitem: LanWhoIs - {F96A9D15-8486-414D-9ACE-312197E3364F} - C:\PROGRA~1\LANTRI~1\LanWhoIs\lanwhois.htm
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O10 - Unknown file in Winsock LSP: bmnet.dll
    O10 - Unknown file in Winsock LSP: bmnet.dll
    O10 - Unknown file in Winsock LSP: bmnet.dll
    O14 - IERESET.INF: START_PAGE_URL=http://www.asus.com
    O16 - DPF: {493ACF15-5CD9-4474-82A6-91670C3DD66E} (LinkedIn ContactFinderControl) - http://www.linkedin.com/cab/LinkedInContactFinderControl.cab
    O16 - DPF: {4CCA4E80-9259-11D9-AC6E-444553544200} (FixController Control) - http://h30155.www3.hp.com/ediags/dd/install/HPInstallMgr_v01_5.cab
    O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} (Image Uploader Control) - http://cache.hyves.nl/statics/Aurigma/ImageUploader4.cab
    O16 - DPF: {745395C8-D0E1-4227-8586-624CA9A10A8D} (AxisMediaControl Class) - http://81.205.150.70:10000/activex/AMC.cab
    O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://javadl-esd.sun.com/update/1.6.0/jinstall-6u3-windows-i586-jc.cab
    O16 - DPF: {A8F2B9BD-A6A0-486A-9744-18920D898429} (ScorchPlugin Class) - http://www.sibelius.com/download/software/win/ActiveXPlugin.cab
    O16 - DPF: {DE591B16-A452-11D6-AED1-0001030A4E46} (PBGNX Control) - https://gto.postbank.nl/GTO/PBGNX.cab
    O16 - DPF: {DE625294-70E6-45ED-B895-CFFA13AEB044} (AxisMediaControlEmb Class) - http://82.92.176.201:9995/activex/AMC.cab
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Skype\toolbars\Shared\Skype4ComAPI.dll
    O20 - AppInit_DLLs: C:\WINDOWS\system32\guard32.dll
    O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL
    O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
    O23 - Service: Apache2.2 - Apache Software Foundation - D:\Websites\xampp\apache\bin\apache.exe
    O23 - Service: ASWLSVC - Unknown owner - C:\WINDOWS\system32\ASWLSVC.exe
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    O23 - Service: Bytemobile Web Configurator (bmwebcfg) - Bytemobile, Inc. - C:\WINDOWS\system32\bmwebcfg.exe
    O23 - Service: Bwsvc - BUFFALO INC. - C:\Program Files\BUFFALO\Client Manager3\bwsvc\bwsvc.exe
    O23 - Service: COMODO Firewall Pro Helper Service (cmdAgent) - COMODO - C:\Program Files\Comodo\Firewall\cmdagent.exe
    O23 - Service: Firebird Server - DefaultInstance (FirebirdServerDefaultInstance) - The Firebird Project - C:\Program Files\Alexion Software\Relation Manager\data\firebird\bin\fbserver.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: IDriveE Service - Pro Softnet Corporation - C:\Program Files\IDrive\IDriveE Service.exe
    O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
    O23 - Service: InCD Helper (read only) (InCDsrvR) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
    O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
    O23 - Service: MNS Framework (MNSFramework) - Unknown owner - C:\WINDOWS\system32\MNSFramework.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
    O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - C:\Program Files\WinPcap\rpcapd.exe
    O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe
    O23 - Service: wampapache - Apache Software Foundation - c:\wamp\apache2\bin\httpd.exe
    O23 - Service: wampmysqld - Unknown owner - c:\wamp\mysql\bin\mysqld-nt.exe
    O23 - Service: Xdrive Service - Xdrive LLC - C:\Program Files\Xdrive\Xdrive Desktop\XdriveService.exe

    --
    End of file - 19901 bytes
    Last edited by ashley; 22-12-07, 19:00.

  • #2
    Dag Ashley,


    Sluit alle open vensters.
    Start HijackThis nog een keer en plaats een vinkje bij de volgende items:

    F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,rundll32.exe C:\WINDOWS\system32\winsys16_061230.dll start
    O2 - BHO: (no name) - {1A1DAC8C-074D-440F-8707-7009A672D7D1} - (no file)


    Klik daarna op "Fix checked" en sluit HijackThis af.

    Herstart de computer.
    Start HijackThis opnieuw, maak een nieuwe log en post deze.

    Comment


    • #3
      nieuwe log

      OK Marckie, Raad opgevolgd. Hier is de nieuwe log:

      Logfile of Trend Micro HijackThis v2.0.2
      Scan saved at 11:50:32 PM, on 26-12-2007
      Platform: Windows XP SP2 (WinNT 5.01.2600)
      MSIE: Internet Explorer v7.00 (7.00.6000.16574)
      Boot mode: Normal

      Running processes:
      C:\WINDOWS\System32\smss.exe
      C:\WINDOWS\system32\winlogon.exe
      C:\WINDOWS\system32\services.exe
      C:\WINDOWS\system32\lsass.exe
      C:\WINDOWS\system32\svchost.exe
      C:\WINDOWS\System32\svchost.exe
      C:\Program Files\Ahead\InCD\InCDsrv.exe
      C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
      C:\Program Files\Alwil Software\Avast4\ashServ.exe
      C:\WINDOWS\Explorer.EXE
      C:\WINDOWS\system32\spoolsv.exe
      C:\WINDOWS\sm56hlpr.exe
      C:\WINDOWS\RTHDCPL.EXE
      C:\Program Files\Wireless Console 2\wcourier.exe
      C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
      C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe
      C:\Program Files\ASUS\WLAN Card Utilities\Center.exe
      C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
      C:\Program Files\Ahead\InCD\InCD.exe
      C:\WINDOWS\StartupMonitor.exe
      C:\WINDOWS\ATK0100\HControl.exe
      C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
      C:\Program Files\FlashGet\flashget.exe
      C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
      D:\Websites\xampp\apache\bin\apache.exe
      C:\PROGRA~1\HEWLET~1\HPSHAR~1\hpgs2wnf.exe
      C:\WINDOWS\system32\ctfmon.exe
      C:\Program Files\ASUS\Asus ChkMail\ChkMail.exe
      C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng1.exe
      C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
      C:\WINDOWS\system32\ASWLSVC.exe
      C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
      C:\WINDOWS\system32\bmwebcfg.exe
      C:\Program Files\BUFFALO\Client Manager3\bwsvc\bwsvc.exe
      C:\WINDOWS\system32\cisvc.exe
      C:\Program Files\Comodo\Firewall\cmdagent.exe
      C:\WINDOWS\eHome\ehRecvr.exe
      C:\WINDOWS\eHome\ehSched.exe
      C:\Program Files\Alexion Software\Relation Manager\data\firebird\bin\fbserver.exe
      C:\Program Files\IDrive\IDriveE Service.exe
      C:\Program Files\Common Files\LightScribe\LSSrvc.exe
      C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
      C:\WINDOWS\system32\MNSFramework.exe
      C:\WINDOWS\system32\nvsvc32.exe
      C:\WINDOWS\system32\svchost.exe
      C:\Program Files\Viewpoint\Common\ViewpointService.exe
      C:\Program Files\Xdrive\Xdrive Desktop\XdriveService.exe
      C:\WINDOWS\system32\mqsvc.exe
      C:\WINDOWS\system32\mqtgsvc.exe
      D:\Websites\xampp\apache\bin\apache.exe
      C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
      C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
      C:\WINDOWS\system32\dllhost.exe
      C:\WINDOWS\ATK0100\ATKOSD.exe
      C:\WINDOWS\system32\wuauclt.exe
      C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
      R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
      R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 127.0.0.1:81
      R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local
      R3 - URLSearchHook: VidzSeek Toolbar - {7d24e3e5-c350-4f9f-a5ce-bda28932d5e4} - C:\Program Files\VidzSeek\tbVid1.dll
      O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
      O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
      O2 - BHO: BHO_BlockHTTP Class - {1F023FFF-B052-489C-A6B4-3D8DECBFCAD6} - C:\Program Files\TELUS Mobility\Connection Manager\BlockHTTP.dll
      O2 - BHO: SkypeIEHelper - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\PROGRA~1\Skype\toolbars\SKYPEF~1\SKYPE_~1.DLL
      O2 - BHO: flashget urlcatch - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\Program Files\FlashGet\jccatch.dll
      O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.7.4.dll
      O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
      O2 - BHO: (no name) - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files\AI RoboForm\RoboForm.dll
      O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
      O2 - BHO: TBSB07235 - {7ACBC613-4EE3-417E-899E-185065A22907} - C:\PROGRA~1\QUICKN~1\MYSPAC~1.DLL (file missing)
      O2 - BHO: VidzSeek Toolbar - {7d24e3e5-c350-4f9f-a5ce-bda28932d5e4} - C:\Program Files\VidzSeek\tbVid1.dll
      O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
      O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
      O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll
      O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
      O2 - BHO: &Google Notebook - {CCCCCCD3-666F-4F81-8B69-745DE9F6D897} - C:\Program Files\Google\Google Notebook\gnotes1.0.2.19-242469674.dll
      O2 - BHO: FlashGet GetFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\Program Files\FlashGet\getflash.dll
      O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
      O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
      O3 - Toolbar: Skype Toolbar for Internet Explorer - {B13721C7-F507-4982-B2E5-502A71474FED} - C:\Program Files\Skype\toolbars\Skype for Internet Explorer\skype_toolbar.dll
      O3 - Toolbar: &RoboForm - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files\AI RoboForm\RoboForm.dll
      O3 - Toolbar: Google Notebook - {CCCCCCDB-4DDB-4703-95D4-DD2C526397BF} - C:\Program Files\Google\Google Notebook\gnotes1.0.2.19-242469674.dll
      O3 - Toolbar: VidzSeek Toolbar - {7d24e3e5-c350-4f9f-a5ce-bda28932d5e4} - C:\Program Files\VidzSeek\tbVid1.dll
      O3 - Toolbar: Veoh Browser Plug-in - {D0943516-5076-4020-A3B5-AEFAF26AB263} - C:\Program Files\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll
      O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
      O3 - Toolbar: Copernic Agent - {F2E259E8-0FC8-438C-A6E0-342DD80FA53E} - C:\Program Files\Copernic Agent\CopernicAgentExt.dll
      O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
      O4 - HKLM\..\Run: [SMSERIAL] sm56hlpr.exe
      O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
      O4 - HKLM\..\Run: [Wireless Console 2] C:\Program Files\Wireless Console 2\wcourier.exe
      O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
      O4 - HKLM\..\Run: [Power_Gear] C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe 1
      O4 - HKLM\..\Run: [Control Center] C:\Program Files\ASUS\WLAN Card Utilities\Center.exe
      O4 - HKLM\..\Run: [MsmqIntCert] regsvr32 /s mqrt.dll
      O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
      O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
      O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
      O4 - HKLM\..\Run: [Run StartupMonitor] StartupMonitor.exe
      O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
      O4 - HKLM\..\Run: [HControl] C:\WINDOWS\ATK0100\HControl.exe
      O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe
      O4 - HKLM\..\Run: [Share-to-Web Namespace Daemon] C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
      O4 - HKLM\..\Run: [googletalk] C:\Program Files\Google\Google Talk\googletalk.exe /autostart
      O4 - HKLM\..\Run: [Flashget] C:\Program Files\FlashGet\flashget.exe /min
      O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
      O4 - HKLM\..\Run: [COMODO Firewall Pro] "C:\Program Files\Comodo\Firewall\cfp.exe" -s
      O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
      O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
      O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
      O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
      O4 - Global Startup: ASUS ChkMail.lnk = C:\Program Files\ASUS\Asus ChkMail\ChkMail.exe
      O4 - Global Startup: Bluetooth Manager.lnk = ?
      O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
      O4 - Global Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
      O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
      O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
      O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
      O8 - Extra context menu item: &Download All with FlashGet - C:\Program Files\FlashGet\jc_all.htm
      O8 - Extra context menu item: &Download with FlashGet - C:\Program Files\FlashGet\jc_link.htm
      O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
      O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
      O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
      O8 - Extra context menu item: Note this (Google Notebook) - res://C:\Program Files\Google\Google Notebook\gnotes1.0.2.19-242469674.dll/gn_menu1.html
      O8 - Extra context menu item: Note this item (Google Notebook) - res://C:\Program Files\Google\Google Notebook\gnotes1.0.2.19-242469674.dll/gn_menu2.html
      O8 - Extra context menu item: Save to &Xdrive - res://C:\Program Files\Xdrive\Xdrive Desktop\xdrive.exe/std.html
      O8 - Extra context menu item: Search Using Copernic Agent - res://C:\Program Files\Copernic Agent\CopernicAgentExt.dll/INTEGRATION_MENU_SEARCHEXT
      O9 - Extra button: Trace - {04849C74-016E-4a43-8AA5-1F01DE57F4A1} - C:\Program Files\VisualRoute Lite Edition\vrie.dll
      O9 - Extra 'Tools' menuitem: VisualRoute Trace - {04849C74-016E-4a43-8AA5-1F01DE57F4A1} - C:\Program Files\VisualRoute Lite Edition\vrie.dll
      O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
      O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
      O9 - Extra button: (no name) - {193B17B0-7C9F-4D5B-AEAB-8D3605EFC084} - C:\PROGRA~1\COPERN~1\COPERN~1.EXE
      O9 - Extra 'Tools' menuitem: Launch Copernic Agent - {193B17B0-7C9F-4D5B-AEAB-8D3605EFC084} - C:\PROGRA~1\COPERN~1\COPERN~1.EXE
      O9 - Extra button: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files\AI RoboForm\RoboForm.dll
      O9 - Extra 'Tools' menuitem: &7 Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files\AI RoboForm\RoboForm.dll
      O9 - Extra button: Save Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files\AI RoboForm\RoboForm.dll
      O9 - Extra 'Tools' menuitem: &8 Save Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files\AI RoboForm\RoboForm.dll
      O9 - Extra button: Run WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll
      O9 - Extra 'Tools' menuitem: Launch WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll
      O9 - Extra button: BitComet Search - {461CC20B-FB6E-4f16-8FE8-C29359DB100E} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.7.4.dll
      O9 - Extra button: Copernic Agent - {688DC797-DC11-46A7-9F1B-445F4F58CE6E} - C:\PROGRA~1\COPERN~1\COPERN~1.EXE
      O9 - Extra button: RF toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files\AI RoboForm\RoboForm.dll
      O9 - Extra 'Tools' menuitem: &9 Robo Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files\AI RoboForm\RoboForm.dll
      O9 - Extra button: Skype Toolbar for Internet Explorer - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\PROGRA~1\Skype\toolbars\SKYPEF~1\SKYPE_~1.DLL
      O9 - Extra 'Tools' menuitem: Skype Toolbar for Internet Explorer - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\PROGRA~1\Skype\toolbars\SKYPEF~1\SKYPE_~1.DLL
      O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
      O9 - Extra button: Movies Extractor Scout LITE - {D1EF084D-C97F-49C2-BFFB-D77A61A27761} - C:\Program Files\Movies Extractor Scout LITE\flashextract.exe
      O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe
      O9 - Extra 'Tools' menuitem: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe
      O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
      O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
      O9 - Extra button: (no name) - {f748b308-972c-4f94-9246-be2e1985c6f6} - C:\Documents and Settings\Cees\Local Settings\Apps\2.0\ZL3C94VO.1E1\HQK8MWZ3.A9Q\keep..tion_6c174d367efa5404_0001.0000_528ceab7e52da640\K eepV.exe
      O9 - Extra 'Tools' menuitem: KeepV - Video Detector - {f748b308-972c-4f94-9246-be2e1985c6f6} - C:\Documents and Settings\Cees\Local Settings\Apps\2.0\ZL3C94VO.1E1\HQK8MWZ3.A9Q\keep..tion_6c174d367efa5404_0001.0000_528ceab7e52da640\K eepV.exe
      O9 - Extra button: (no name) - {f748b308-972c-4f94-9246-be2e1985c6f7} - C:\Documents and Settings\Cees\Local Settings\Apps\2.0\ZL3C94VO.1E1\HQK8MWZ3.A9Q\keep..tion_6c174d367efa5404_0001.0000_528ceab7e52da640\K eepV.exe1 (file missing)
      O9 - Extra 'Tools' menuitem: KeepV - Send Video - {f748b308-972c-4f94-9246-be2e1985c6f7} - C:\Documents and Settings\Cees\Local Settings\Apps\2.0\ZL3C94VO.1E1\HQK8MWZ3.A9Q\keep..tion_6c174d367efa5404_0001.0000_528ceab7e52da640\K eepV.exe1 (file missing)
      O9 - Extra button: LanWhoIs - {F96A9D15-8486-414D-9ACE-312197E3364F} - C:\PROGRA~1\LANTRI~1\LanWhoIs\lanwhois.htm
      O9 - Extra 'Tools' menuitem: LanWhoIs - {F96A9D15-8486-414D-9ACE-312197E3364F} - C:\PROGRA~1\LANTRI~1\LanWhoIs\lanwhois.htm
      O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
      O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
      O10 - Unknown file in Winsock LSP: bmnet.dll
      O10 - Unknown file in Winsock LSP: bmnet.dll
      O10 - Unknown file in Winsock LSP: bmnet.dll
      O14 - IERESET.INF: START_PAGE_URL=http://www.asus.com
      O16 - DPF: {493ACF15-5CD9-4474-82A6-91670C3DD66E} (LinkedIn ContactFinderControl) - http://www.linkedin.com/cab/LinkedInContactFinderControl.cab
      O16 - DPF: {4CCA4E80-9259-11D9-AC6E-444553544200} (FixController Control) - http://h30155.www3.hp.com/ediags/dd/install/HPInstallMgr_v01_5.cab
      O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} (Image Uploader Control) - http://cache.hyves.nl/statics/Aurigma/ImageUploader4.cab
      O16 - DPF: {745395C8-D0E1-4227-8586-624CA9A10A8D} (AxisMediaControl Class) - http://81.205.150.70:10000/activex/AMC.cab
      O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://javadl-esd.sun.com/update/1.6.0/jinstall-6u3-windows-i586-jc.cab
      O16 - DPF: {A8F2B9BD-A6A0-486A-9744-18920D898429} (ScorchPlugin Class) - http://www.sibelius.com/download/software/win/ActiveXPlugin.cab
      O16 - DPF: {DE591B16-A452-11D6-AED1-0001030A4E46} (PBGNX Control) - https://gto.postbank.nl/GTO/PBGNX.cab
      O16 - DPF: {DE625294-70E6-45ED-B895-CFFA13AEB044} (AxisMediaControlEmb Class) - http://82.92.176.201:9995/activex/AMC.cab
      O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Skype\toolbars\Shared\Skype4ComAPI.dll
      O20 - AppInit_DLLs: C:\WINDOWS\system32\guard32.dll
      O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL
      O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
      O23 - Service: Apache2.2 - Apache Software Foundation - D:\Websites\xampp\apache\bin\apache.exe
      O23 - Service: ASWLSVC - Unknown owner - C:\WINDOWS\system32\ASWLSVC.exe
      O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
      O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
      O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
      O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
      O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
      O23 - Service: Bytemobile Web Configurator (bmwebcfg) - Bytemobile, Inc. - C:\WINDOWS\system32\bmwebcfg.exe
      O23 - Service: Bwsvc - BUFFALO INC. - C:\Program Files\BUFFALO\Client Manager3\bwsvc\bwsvc.exe
      O23 - Service: COMODO Firewall Pro Helper Service (cmdAgent) - COMODO - C:\Program Files\Comodo\Firewall\cmdagent.exe
      O23 - Service: Firebird Server - DefaultInstance (FirebirdServerDefaultInstance) - The Firebird Project - C:\Program Files\Alexion Software\Relation Manager\data\firebird\bin\fbserver.exe
      O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
      O23 - Service: IDriveE Service - Pro Softnet Corporation - C:\Program Files\IDrive\IDriveE Service.exe
      O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
      O23 - Service: InCD Helper (read only) (InCDsrvR) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
      O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
      O23 - Service: MNS Framework (MNSFramework) - Unknown owner - C:\WINDOWS\system32\MNSFramework.exe
      O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
      O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - C:\Program Files\WinPcap\rpcapd.exe
      O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe
      O23 - Service: wampapache - Apache Software Foundation - c:\wamp\apache2\bin\httpd.exe
      O23 - Service: wampmysqld - Unknown owner - c:\wamp\mysql\bin\mysqld-nt.exe
      O23 - Service: Xdrive Service - Xdrive LLC - C:\Program Files\Xdrive\Xdrive Desktop\XdriveService.exe

      --
      End of file - 19132 bytes

      Comment


      • #4
        Zijn er nog problemen?

        Comment


        • #5
          nog klein probleem

          Ten eerste krijg ik nu een Microsoft waarschuwing dat jullie een "Suspicious Website" zijn : This might be a phishing website . waarop ik ontkennend heb geadviseerd; maar dit terzijde.

          Mijn cpu usage en memory gebruik lijken genormaliseerd. Geen hoge waarden meer tijdens rust.
          Wel heb ik nog een klein probleem tijdens opstarten.
          Ik krijg telkens 2 errors:

          cfpres
          Error 0x0 failed fo c:\Documents and Settings\...\Application Data\Comodo\Firewall Pro\Data\ResFiles\activity.ico

          cfp
          Error: Error while extracting resources from C:\Program Files\Comodo\Firewall\cfpres.dll aborting application.

          Daarna start Comodo niet automatisch op.

          Nadat herstart volledig is uitgerateld kan ik Comodo zonder problemen opnieuw opstarten.

          Vorige week Comodo al eens opnieuw geinstalleerd, toen zonder resultaat....

          Bij voorbaat weer dank voor meedenken en advisering

          Comment


          • #6
            Gebruik je de laatste versie van Comodo.

            Deïnstalleer Comodo, herstart de computer en verwijder alle resterende bestanden en mappen die op Comodo betrekking hebben.

            Daarna installeer je de laatste versie van Comodo.

            Comment


            • #7
              Comodo opnieuw geinstalleerd. Nog Steeds problemen. IE loopt zo nu en dan vast of zelfs BSOD.

              Comment


              • #8
                Download combofix.exe: http://download.bleepingcomputer.com/sUBs/ComboFix.exe
                Plaats het op je bureaublad.
                Dubbelklik er op om het programma te starten.
                In het scherm dat verschijnt tik je een 1 in om het cleaning- en analysesproces te laten uitvoeren.
                Volg de instructies op het scherm.
                Als het tooltje klaar is, opent er een logfile (combofix.txt).
                Post de inhoud van dit bestandje samen met een nieuwe hijackthislog.

                Meldt ook de exacte inhoud van het BSOD.

                Comment


                • #9
                  Vervolg

                  Beste Marckie,

                  de tekst van BSOD kan ik niet geven. Het is ook niet het vertrouwde (sic) W98 BSOD .
                  Wat gebeurt is dat mijn Asus XP laptop lijkt vast te lopen. Geeft dan een blauw scherm waar vaag allerlei stukjes Hard disk directory informatie verspreid over het scherm zichtbaar zijn. Na enkele seconden valt de PC helemaal uit.

                  Soms loopt ook alleen IE vast, met wisselende errors. De laatste was :
                  _______________
                  Explore.exe - Application error.
                  The instruction on 0x032bff9c referenced memory at "0x00000000" The memory could not be "written".
                  click on OK to terminate the program. click on cancel to debug the program

                  Het is overigens ook niet zo dat ik niet met de PC kan werken. Soms gaat het een paar dagen geheel goed.........
                  Soms 1 a 3 crashes op 1 dag.

                  Alvast bedankt weer voor de aandacht ! Waardeer dit echt !!

                  _______________

                  De combofix log :

                  ComboFix 08-01-04.1 - Cees 2007-12-30 13:40:09.1 - FAT32x86
                  Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.1075 [GMT 1:00]
                  Running from: C:\Downloads\ComboFix.exe
                  * Created a new restore point
                  .
                  The following files were disabled during the run:
                  C:\WINDOWS\system32\guard32.dll
                  C:\WINDOWS\system32\guard32.dll


                  ((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
                  .

                  C:\Documents and Settings\Cees\Application Data\rbap450.dll
                  C:\dup2.exe
                  C:\mydelm.bat
                  C:\WINDOWS\mywinsys.ini
                  C:\WINDOWS\system\svchest.reg
                  C:\WINDOWS\system32\a.exe
                  C:\WINDOWS\system32\AlxRes061230.exe
                  C:\WINDOWS\system32\cfx32.ocx
                  C:\WINDOWS\system32\drivers\npf.sys
                  C:\WINDOWS\system32\packet.dll
                  C:\WINDOWS\system32\pthreadVC.dll
                  C:\WINDOWS\system32\scrsys061230.scr
                  C:\WINDOWS\system32\scrsys16_061230.scr
                  C:\WINDOWS\system32\winsys16_061230.dll
                  C:\WINDOWS\system32\winsys32_061230.dll
                  C:\WINDOWS\system32\wpcap.dll
                  D:\Autorun.inf

                  .
                  ((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))

                  .
                  -------\NPF


                  ((((((((((((((((((((((((( Files Created from 2007-12-04 to 2008-01-04 )))))))))))))))))))))))))))))))
                  .

                  2008-01-03 00:59 . 2008-01-03 00:59 <DIR> d-------- C:\Program Files\Aveo
                  2008-01-03 00:59 . 2008-01-03 01:29 660 --a------ C:\WINDOWS\reg.prm
                  2008-01-03 00:58 . 2000-12-13 16:44 102,456 --a------ C:\WINDOWS\system32\hpzlnt01.dll
                  2008-01-01 23:42 . 2008-01-01 23:42 <DIR> d-------- C:\Program Files\COMODO
                  2008-01-01 23:42 . 2008-01-01 23:42 <DIR> d-------- C:\Documents and Settings\Cees\Application Data\Comodo
                  2008-01-01 23:42 . 2008-01-01 23:42 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\comodo
                  2008-01-01 23:42 . 2008-01-01 23:42 139,008 --a------ C:\WINDOWS\system32\guard32.dll.vir
                  2008-01-01 23:42 . 2008-01-01 23:42 81,272 --a------ C:\WINDOWS\system32\drivers\cmdGuard.sys
                  2008-01-01 23:42 . 2008-01-01 23:42 23,672 --a------ C:\WINDOWS\system32\drivers\cmdhlp.sys
                  2007-12-30 13:38 . 2000-08-31 08:00 51,200 --a------ C:\WINDOWS\NirCmd.exe
                  2007-12-28 17:25 . 2007-12-28 17:25 54,156 --ah----- C:\WINDOWS\QTFont.qfn
                  2007-12-28 17:25 . 2007-12-28 17:25 1,409 --a------ C:\WINDOWS\QTFont.for
                  2007-12-22 19:38 . 2007-12-22 19:38 <DIR> d-------- C:\Program Files\Trend Micro
                  2007-12-22 19:03 . 2007-12-22 19:03 <DIR> d-------- C:\RVAXO
                  2007-12-22 19:01 . 2007-12-19 10:10 548,827 --a------ C:\WINDOWS\system32\RVAXO.bat
                  2007-12-22 19:01 . 2001-10-01 14:51 69,632 --a------ C:\WINDOWS\system32\remove.exe
                  2007-12-13 20:35 . 2007-12-13 20:35 <DIR> d-------- C:\Program Files\LinkedIn
                  2007-12-07 01:31 . 2007-12-07 01:31 <DIR> d-------- C:\Documents and Settings\Cees\Stellarium
                  2007-12-06 13:21 . 2007-12-06 13:21 <DIR> d-------- C:\Program Files\jv16 PowerTools 2007
                  2007-12-06 13:21 . 2007-12-06 13:21 23 --a------ C:\WINDOWS\system32\fcaaedcead_r.ocx
                  2007-12-06 13:21 . 2007-12-06 13:21 23 --ahs---- C:\WINDOWS\system32\ecdcdde_r.dll
                  2007-12-05 08:14 . 2007-12-05 08:14 <DIR> d-------- C:\Documents and Settings\Cees\Application Data\Uniblue
                  2007-12-04 01:29 . 2007-12-04 01:29 <DIR> d-------- C:\Program Files\ToniArts

                  .
                  (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
                  .
                  2007-12-04 14:56 93,264 ----a-w C:\WINDOWS\system32\drivers\aswmon.sys
                  2007-12-04 14:55 94,544 ----a-w C:\WINDOWS\system32\drivers\aswmon2.sys
                  2007-12-04 14:53 23,152 ----a-w C:\WINDOWS\system32\drivers\aswRdr.sys
                  2007-12-04 14:51 42,912 ----a-w C:\WINDOWS\system32\drivers\aswTdi.sys
                  2007-12-04 14:49 26,624 ----a-w C:\WINDOWS\system32\drivers\aavmker4.sys
                  2007-12-04 13:04 837,496 ----a-w C:\WINDOWS\system32\aswBoot.exe
                  2007-12-04 12:54 95,608 ----a-w C:\WINDOWS\system32\AVASTSS.scr
                  2007-12-03 16:16 --------- d-----w C:\Program Files\Startup Manager
                  2007-12-03 16:16 --------- d-----w C:\Documents and Settings\All Users\Application Data\Startup Manager
                  2007-12-03 15:27 --------- d-----w C:\Program Files\Xecutor
                  2007-12-03 15:06 --------- d-----w C:\Program Files\Ss-Tools
                  2007-12-03 13:53 --------- d-----w C:\Program Files\Common Files\Symantec Shared
                  2007-12-02 23:04 --------- d-----w C:\Program Files\IDrive
                  2007-11-30 15:44 --------- d-----w C:\Program Files\Windows Live Favorites
                  2007-11-30 14:46 737,280 ----a-w C:\WINDOWS\system32\IDriveEService.dll
                  2007-11-28 18:17 --------- d-----w C:\Program Files\JAlbum
                  2007-11-28 18:13 --------- d-----w C:\Program Files\Common Files\Java
                  2007-11-21 09:13 --------- d-----w C:\Program Files\PCSleek
                  2007-11-13 10:25 20,480 ----a-w C:\WINDOWS\system32\drivers\secdrv.sys
                  2007-11-05 13:22 --------- d-----w C:\Program Files\Scriptocean
                  2007-11-05 12:49 --------- d-----w C:\Program Files\AnfyTeam
                  2007-10-30 23:42 3,590,656 ----a-w C:\WINDOWS\system32\dllcache\mshtml.dll
                  2007-10-29 22:35 1,287,680 ----a-w C:\WINDOWS\system32\quartz.dll
                  2007-10-29 22:35 1,287,680 ----a-w C:\WINDOWS\system32\dllcache\quartz.dll
                  2007-10-27 16:40 222,720 ----a-w C:\WINDOWS\system32\wmasf.dll
                  2007-10-27 16:40 222,720 ----a-w C:\WINDOWS\system32\dllcache\wmasf.dll
                  2007-10-26 03:34 8,460,288 ----a-w C:\WINDOWS\system32\dllcache\shell32.dll
                  2007-10-10 23:56 824,832 ----a-w C:\WINDOWS\system32\dllcache\wininet.dll
                  2007-10-10 23:56 671,232 ----a-w C:\WINDOWS\system32\dllcache\mstime.dll
                  2007-10-10 23:56 232,960 ----a-w C:\WINDOWS\system32\dllcache\webcheck.dll
                  2007-10-10 23:56 105,984 ----a-w C:\WINDOWS\system32\dllcache\url.dll
                  2007-10-10 23:56 102,400 ----a-w C:\WINDOWS\system32\dllcache\occache.dll
                  2007-10-10 23:56 1,159,680 ----a-w C:\WINDOWS\system32\dllcache\urlmon.dll
                  2007-10-10 23:55 63,488 ------w C:\WINDOWS\system32\dllcache\icardie.dll
                  2007-10-10 23:55 6,065,664 ------w C:\WINDOWS\system32\dllcache\ieframe.dll
                  2007-10-10 23:55 52,224 ------w C:\WINDOWS\system32\dllcache\msfeedsbs.dll
                  2007-10-10 23:55 478,208 ----a-w C:\WINDOWS\system32\dllcache\mshtmled.dll
                  2007-10-10 23:55 459,264 ------w C:\WINDOWS\system32\dllcache\msfeeds.dll
                  2007-10-10 23:55 44,544 ----a-w C:\WINDOWS\system32\dllcache\iernonce.dll
                  2007-10-10 23:55 384,512 ----a-w C:\WINDOWS\system32\dllcache\iedkcs32.dll
                  2007-10-10 23:55 383,488 ------w C:\WINDOWS\system32\dllcache\ieapfltr.dll
                  2007-10-10 23:55 27,648 ----a-w C:\WINDOWS\system32\dllcache\jsproxy.dll
                  2007-10-10 23:55 267,776 ------w C:\WINDOWS\system32\dllcache\iertutil.dll
                  2007-10-10 23:55 230,400 ----a-w C:\WINDOWS\system32\dllcache\ieaksie.dll
                  2007-10-10 23:55 214,528 ----a-w C:\WINDOWS\system32\dllcache\dxtrans.dll
                  2007-10-10 23:55 193,024 ----a-w C:\WINDOWS\system32\dllcache\msrating.dll
                  2007-10-10 23:55 153,088 ----a-w C:\WINDOWS\system32\dllcache\ieakeng.dll
                  2007-10-10 23:55 132,608 ----a-w C:\WINDOWS\system32\dllcache\extmgr.dll
                  2007-10-10 23:55 124,928 ----a-w C:\WINDOWS\system32\dllcache\advpack.dll
                  2007-10-10 10:59 70,656 ----a-w C:\WINDOWS\system32\dllcache\ie4uinit.exe
                  2007-10-10 10:59 625,152 ----a-w C:\WINDOWS\system32\dllcache\iexplore.exe
                  2007-10-10 10:59 13,824 ------w C:\WINDOWS\system32\dllcache\ieudinit.exe
                  2007-10-10 05:46 161,792 ----a-w C:\WINDOWS\system32\dllcache\ieakui.dll
                  2007-06-14 01:10 115 ----a-w C:\Documents and Settings\Cees\runThunderbird.bat
                  2007-03-11 21:42 262 ----a-w C:\Documents and Settings\Cees\todolist.bak1
                  2006-05-30 15:36 21,376 ----a-w C:\WINDOWS\inf\hopperp.sys
                  2001-05-24 11:59 162,304 ----a-w C:\Program Files\UNWISE.EXE
                  2004-08-10 03:00 94,784 --sh--w C:\WINDOWS\twain.dll
                  2004-08-10 03:00 50,688 --sh--w C:\WINDOWS\twain_32.dll
                  2004-08-10 03:00 343,040 --sh--w C:\WINDOWS\system32\msvcrt.dll
                  2004-08-10 03:00 413,696 --sh--w C:\WINDOWS\system32\msvcp60.dll
                  2004-08-10 03:00 11,776 --sh--w C:\WINDOWS\system32\regsvr32.exe
                  2004-08-10 03:00 1,028,096 --sh--w C:\WINDOWS\system32\mfc42.dll
                  2004-08-10 03:00 54,784 --sh--w C:\WINDOWS\system32\msvcirt.dll
                  2004-08-10 03:00 83,456 --sh--w C:\WINDOWS\system32\olepro32.dll
                  2006-05-03 10:06 163,328 --sh--r C:\WINDOWS\system32\flvDX.dll
                  2007-03-08 14:45 3,140 --sha-w C:\WINDOWS\system32\KGyGaAvL.sys
                  2007-03-08 14:43 8 --sh--r C:\WINDOWS\system32\716009E1A3.sys
                  2007-05-17 12:28 549,376 --sh--w C:\WINDOWS\system32\oleaut32.dll
                  .

                  ((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
                  .
                  .
                  *Note* empty entries & legit default entries are not shown
                  REGEDIT4

                  [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{7ACBC613-4EE3-417E-899E-185065A22907}]
                  C:\PROGRA~1\QUICKN~1\MYSPAC~1.DLL

                  [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{7d24e3e5-c350-4f9f-a5ce-bda28932d5e4}]
                  2007-12-18 16:11 1502232 --a------ C:\Program Files\VidzSeek\tbVid1.dll

                  [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
                  {EF99BD32-C1FB-11D2-892F-0090271D4F88}
                  {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0}
                  {B13721C7-F507-4982-B2E5-502A71474FED}
                  {724D43A0-0D85-11D4-9908-00400523E39A}
                  {CCCCCCDB-4DDB-4703-95D4-DD2C526397BF}
                  {7D24E3E5-C350-4F9F-A5CE-BDA28932D5E4}
                  {D0943516-5076-4020-A3B5-AEFAF26AB263}
                  {2318C2B1-4965-11D4-9B18-009027A5CD4F}
                  {F2E259E8-0FC8-438C-A6E0-342DD80FA53E}

                  [HKEY_CLASSES_ROOT\clsid\{7d24e3e5-c350-4f9f-a5ce-bda28932d5e4}]

                  [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]
                  "{7D24E3E5-C350-4F9F-A5CE-BDA28932D5E4}"= C:\Program Files\VidzSeek\tbVid1.dll [2007-12-18 16:11 1502232]

                  [HKEY_CLASSES_ROOT\clsid\{7d24e3e5-c350-4f9f-a5ce-bda28932d5e4}]

                  [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\xd rive.LinkedFolder]
                  @={5D64CBA3-BDEC-427C-8A7F-8CB7C9EA7C74}

                  [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\xd rive.LinkedSharedFolder]
                  @={7C541B8D-BD5A-4687-9010-50E2B5D4A8E4}

                  [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\xd rive.SharedFolder]
                  @={39C2972F-3338-471B-8D67-FA82E46E3AC2}

                  [HKEY_CLASSES_ROOT\CLSID\{5D64CBA3-BDEC-427C-8A7F-8CB7C9EA7C74}]
                  2007-09-10 16:28 77824 --a------ C:\Program Files\Xdrive\Xdrive Desktop\Overlay.dll

                  [HKEY_CLASSES_ROOT\CLSID\{7C541B8D-BD5A-4687-9010-50E2B5D4A8E4}]
                  2007-09-10 16:28 77824 --a------ C:\Program Files\Xdrive\Xdrive Desktop\Overlay.dll

                  [HKEY_CLASSES_ROOT\CLSID\{39C2972F-3338-471B-8D67-FA82E46E3AC2}]
                  2007-09-10 16:28 77824 --a------ C:\Program Files\Xdrive\Xdrive Desktop\Overlay.dll

                  [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
                  "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-10 04:00 15360]
                  "msnmsgr"="C:\Program Files\MSN Messenger\msnmsgr.exe" [2007-01-19 12:54 5674352]

                  [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
                  "NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2006-04-26 19:48 7561216]
                  "SMSERIAL"="sm56hlpr.exe" [2006-01-19 21:34 544768 C:\WINDOWS\sm56hlpr.exe]
                  "RTHDCPL"="RTHDCPL.EXE" [2005-12-18 23:52 15797248 C:\WINDOWS\RTHDCPL.exe]
                  "Wireless Console 2"="C:\Program Files\Wireless Console 2\wcourier.exe" [2005-10-17 17:09 987136]
                  "SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [2005-10-20 23:26 761945]
                  "Power_Gear"="C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe" [2006-03-06 17:13 86016]
                  "Control Center"="C:\Program Files\ASUS\WLAN Card Utilities\Center.exe" [2005-06-15 15:50 1623040]
                  "MsmqIntCert"="regsvr32 /s mqrt.dll"
                  "avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2007-12-04 14:00 79224]
                  "NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2006-01-12 16:40 155648]
                  "InCD"="C:\Program Files\Ahead\InCD\InCD.exe" [2006-04-06 16:54 1398272]
                  "Run StartupMonitor"="StartupMonitor.exe" [2000-05-20 17:23 86016 C:\WINDOWS\StartupMonitor.exe]
                  "NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2006-04-26 19:48 86016]
                  "HControl"="C:\WINDOWS\ATK0100\HControl.exe" [2006-04-17 02:24 110592]
                  "Share-to-Web Namespace Daemon"="C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe" [2001-07-03 09:11 57344]
                  "googletalk"="C:\Program Files\Google\Google Talk\googletalk.exe" [2007-01-01 23:22 3739648]
                  "Flashget"="C:\Program Files\FlashGet\flashget.exe" [2007-06-29 13:44 1990704]
                  "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 01:11 132496]
                  "COMODO Firewall Pro"="C:\Program Files\COMODO\Firewall\cfp.exe" [2008-01-01 23:42 1481472]

                  [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
                  "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-10 04:00 15360]

                  C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
                  ASUS ChkMail.lnk - C:\Program Files\ASUS\Asus ChkMail\ChkMail.exe [2007-01-06 21:54:47]
                  Bluetooth Manager.lnk - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng1.exe [2005-06-16 11:11:42]
                  Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-09-23 22:05:26]
                  Adobe Gamma.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2005-03-16 19:16:50]

                  [hkey_local_machine\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
                  "{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2006-12-20 12:55 77824]

                  [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
                  C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL 2007-04-28 18:27 294912 C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL

                  [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
                  "AppInit_DLLs"= C:\WINDOWS\system32\guard32.dll

                  [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Aim6]

                  [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Cingular Communication Manager]
                  C:\Program Files\Cingular\Communication Manager\CingularCCM.exe -a

                  [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HostManager]
                  2006-04-20 18:10 50792 --a------ C:\Program Files\Common Files\AOL\1169232947\ee\AOLSoftware.exe

                  [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PhotoShow Deluxe Media Manager]
                  2005-02-26 01:28 212992 --a------ C:\PROGRA~1\Ahead\NEROPH~2\data\Xtras\mssysmgr.exe

                  [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
                  C:\Program Files\QuickTime\qttask.exe -atboottime

                  [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\XdriveTrayIcon]
                  2007-09-10 16:29 253952 --a------ C:\Program Files\Xdrive\Xdrive Desktop\XdriveTray.exe

                  R0 AmdAcpi;AmdAcpi Bus Filter Driver;C:\WINDOWS\system32\DRIVERS\AmdAcpi.sys [2005-02-14 11:54]
                  R1 amdtools;AMD Special Tools Driver;C:\WINDOWS\system32\DRIVERS\amdtools.sys [2005-05-06 10:12]
                  R1 atm;NettGain 1200 ATM;C:\WINDOWS\system32\drivers\atm.sys [2006-01-04 00:15]
                  R1 BUFADPT;BUFADPT;C:\WINDOWS\system32\BUFADPT.SYS [2005-07-06 13:52]
                  R1 cmdGuard;COMODO Firewall Pro Sandbox Driver;C:\WINDOWS\system32\DRIVERS\cmdguard.sys [2008-01-01 23:42]
                  R1 cmdHlp;COMODO Firewall Pro Helper Driver;C:\WINDOWS\system32\DRIVERS\cmdhlp.sys [2008-01-01 23:42]
                  R1 myWIFIzone;myWIFIzone Driver;C:\WINDOWS\system32\DRIVERS\myWIFIzone.sys [2005-12-22 22:45]
                  R1 tcpipBM;Bytemobile Kernel Network Provider;C:\WINDOWS\system32\drivers\tcpipBM.sys [2006-07-25 14:54]
                  R1 TSKNF700.SYS;TSKNF700.SYS;C:\WINDOWS\system32\Drivers\TSKNF700.SYS [2006-10-24 15:29]
                  R1 TSM;TSM Driver - Layered Version;C:\WINDOWS\system32\drivers\tsm.sys [2006-01-04 00:15]
                  R2 Apache2.2;Apache2.2;"D:\Websites\xampp\apache\bin\apache.exe" [2007-03-05 11:23]
                  R2 FirebirdServerDefaultInstance;Firebird Server - DefaultInstance;C:\Program Files\Alexion Software\Relation Manager\data\firebird\bin\fbserver.exe [2007-07-05 11:56]
                  R2 IDriveE Service;IDriveE Service;"C:\Program Files\IDrive\IDriveE Service.exe" [2007-11-30 15:49]
                  R2 NDISProtILN;Interlink Networks Wireless IO Driver;C:\WINDOWS\system32\DRIVERS\ndisprotiln.sys [2007-04-24 17:25]
                  R2 StudioPro;StudioPro webcam;C:\WINDOWS\system32\DRIVERS\StudioPro.sys [2006-12-03 22:09]
                  R3 ASNDIS5;ASNDIS5 Protocol Driver;C:\WINDOWS\system32\ASNDIS5.SYS [2002-09-09 19:54]
                  R3 ManyCam;ManyCam Virtual Webcam, WDM Video Capture Driver;C:\WINDOWS\system32\DRIVERS\ManyCam.sys [2007-03-22 14:17]
                  R3 msloop;Microsoft Loopback Adapter Driver;C:\WINDOWS\system32\DRIVERS\loop.sys [2001-08-17 13:53]
                  R3 nvsmu;nvsmu;C:\WINDOWS\system32\DRIVERS\nvsmu.sys [2006-03-06 14:49]
                  R3 RimSerPort;RIM Virtual Serial Port;C:\WINDOWS\system32\DRIVERS\RimSerial.sys [2005-08-16 13:02]
                  R3 swivsp;AC8xx Virtual Serial Port;C:\WINDOWS\system32\DRIVERS\swivspnt.sys [2006-10-12 10:49]
                  R3 SynMini;USB2.0 1.3M Web Cam;C:\WINDOWS\system32\Drivers\SynMini.sys [2005-10-03 10:26]
                  R3 SynScan;USB2.0 1.3M Web Cam Still Image;C:\WINDOWS\system32\Drivers\SynScan.sys [2005-10-03 10:26]
                  S3 cpuz126;cpuz126;C:\Program Files\PC Wizard 2007\pcwiz32.sys [2006-12-14 14:00]
                  S3 NSNDIS5;NSNDIS5 NDIS Protocol Driver;C:\WINDOWS\system32\NSNDIS5.SYS [2004-03-24 03:12]
                  S3 PCTINDIS5;PCTINDIS5 NDIS Protocol Driver;C:\WINDOWS\system32\PCTINDIS5.SYS [2006-10-30 15:47]
                  S3 TSClient;Tatara Protocol Driver;C:\WINDOWS\system32\drivers\tsclient.sys [2006-05-05 14:35]
                  S3 usbprint;Microsoft USB PRINTER Class;C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-03 23:01]
                  S3 wampapache;wampapache;"c:\wamp\apache2\bin\httpd.exe" [2007-01-09 23:17]
                  S3 wampmysqld;wampmysqld;c:\wamp\mysql\bin\mysqld-nt.exe [2006-10-22 04:30]

                  .
                  Contents of the 'Scheduled Tasks' folder
                  "2007-11-03 09:55:02 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
                  - C:\Program Files\Apple Software Update\SoftwareUpdate.exe
                  "2007-12-29 23:27:02 C:\WINDOWS\Tasks\Controleren op updates voor Windows Live Toolbar.job"
                  - C:\Program Files\Windows Live Toolbar\MSNTBUP.EXE
                  "2007-12-05 07:14:06 C:\WINDOWS\Tasks\Uniblue SpeedUpMyPC.job"
                  - C:\Program Files\Uniblue\SpeedUpMyPC 3\SpeedUpMyPC.exe
                  "2007-12-05 07:14:08 C:\WINDOWS\Tasks\Uniblue SpeedUpMyPC Nag.job"
                  - C:\Program Files\Uniblue\SpeedUpMyPC 3\SpeedUpMyPC.exe
                  "2008-01-04 12:50:02 C:\WINDOWS\Tasks\User_Feed_Synchronization-{C8680EC1-65D4-4350-B99A-8A6954CDCC68}.job"
                  - C:\WINDOWS\system32\msfeedssync.exe
                  .
                  **************************************************************************

                  catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
                  Rootkit scan 2008-01-04 13:46:03
                  Windows 5.1.2600 Service Pack 2 FAT NTAPI

                  scanning hidden processes ...

                  scanning hidden autostart entries ...

                  scanning hidden files ...

                  scan completed successfully
                  hidden files: 0

                  **************************************************************************
                  .
                  --------------------- DLLs Loaded Under Running Processes ---------------------

                  PROCESS: C:\WINDOWS\system32\winlogon.exe
                  -> C:\WINDOWS\system32\guard32.dll

                  PROCESS: C:\WINDOWS\system32\lsass.exe [5.01.2600.2180]
                  -> C:\WINDOWS\system32\guard32.dll

                  PROCESS: C:\WINDOWS\Explorer.EXE [6.00.2900.3156]
                  -> C:\WINDOWS\system32\guard32.dll
                  .
                  Completion time: 2008-01-04 13:50:29 - machine was rebooted
                  ComboFix-quarantined-files.txt 2008-01-04 12:50:26
                  .
                  2007-12-13 13:36:38 --- E O F ---


                  ___________________________________________________________


                  De HijackThis log :

                  Logfile of Trend Micro HijackThis v2.0.2
                  Scan saved at 2:54:11 PM, on 04-01-2008
                  Platform: Windows XP SP2 (WinNT 5.01.2600)
                  MSIE: Internet Explorer v7.00 (7.00.6000.16574)
                  Boot mode: Normal

                  Running processes:
                  C:\WINDOWS\System32\smss.exe
                  C:\WINDOWS\system32\winlogon.exe
                  C:\WINDOWS\system32\services.exe
                  C:\WINDOWS\system32\lsass.exe
                  C:\WINDOWS\system32\svchost.exe
                  C:\WINDOWS\System32\svchost.exe
                  C:\Program Files\Ahead\InCD\InCDsrv.exe
                  C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
                  C:\Program Files\Alwil Software\Avast4\ashServ.exe
                  C:\WINDOWS\Explorer.EXE
                  C:\WINDOWS\system32\spoolsv.exe
                  D:\Websites\xampp\apache\bin\apache.exe
                  C:\WINDOWS\system32\ASWLSVC.exe
                  C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
                  C:\WINDOWS\system32\bmwebcfg.exe
                  C:\Program Files\BUFFALO\Client Manager3\bwsvc\bwsvc.exe
                  C:\WINDOWS\sm56hlpr.exe
                  C:\WINDOWS\RTHDCPL.EXE
                  C:\Program Files\COMODO\Firewall\cmdagent.exe
                  C:\Program Files\Wireless Console 2\wcourier.exe
                  C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
                  C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe
                  C:\Program Files\ASUS\WLAN Card Utilities\Center.exe
                  C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
                  C:\Program Files\Ahead\InCD\InCD.exe
                  C:\WINDOWS\StartupMonitor.exe
                  C:\WINDOWS\ATK0100\HControl.exe
                  C:\WINDOWS\eHome\ehRecvr.exe
                  C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
                  C:\Program Files\Google\Google Talk\googletalk.exe
                  C:\Program Files\FlashGet\flashget.exe
                  C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
                  C:\PROGRA~1\HEWLET~1\HPSHAR~1\hpgs2wnf.exe
                  C:\Program Files\COMODO\Firewall\cfp.exe
                  C:\WINDOWS\system32\ctfmon.exe
                  C:\Program Files\MSN Messenger\msnmsgr.exe
                  C:\WINDOWS\eHome\ehSched.exe
                  C:\Program Files\ASUS\Asus ChkMail\ChkMail.exe
                  C:\Program Files\Alexion Software\Relation Manager\data\firebird\bin\fbserver.exe
                  C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng1.exe
                  C:\Program Files\IDrive\IDriveE Service.exe
                  C:\Program Files\Common Files\LightScribe\LSSrvc.exe
                  C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
                  C:\WINDOWS\system32\MNSFramework.exe
                  C:\WINDOWS\system32\nvsvc32.exe
                  C:\WINDOWS\system32\svchost.exe
                  C:\Program Files\Viewpoint\Common\ViewpointService.exe
                  C:\Program Files\Xdrive\Xdrive Desktop\XdriveService.exe
                  D:\Websites\xampp\apache\bin\apache.exe
                  C:\WINDOWS\system32\mqsvc.exe
                  C:\WINDOWS\system32\mqtgsvc.exe
                  C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
                  C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
                  C:\WINDOWS\system32\dllhost.exe
                  C:\WINDOWS\ATK0100\ATKOSD.exe
                  C:\WINDOWS\system32\notepad.exe
                  C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

                  R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
                  R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
                  R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
                  R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
                  R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 127.0.0.1:81
                  R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local
                  R3 - URLSearchHook: VidzSeek Toolbar - {7d24e3e5-c350-4f9f-a5ce-bda28932d5e4} - C:\Program Files\VidzSeek\tbVid1.dll
                  O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
                  O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
                  O2 - BHO: BHO_BlockHTTP Class - {1F023FFF-B052-489C-A6B4-3D8DECBFCAD6} - C:\Program Files\TELUS Mobility\Connection Manager\BlockHTTP.dll
                  O2 - BHO: SkypeIEHelper - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\PROGRA~1\Skype\toolbars\SKYPEF~1\SKYPE_~1.DLL
                  O2 - BHO: flashget urlcatch - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\Program Files\FlashGet\jccatch.dll
                  O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.7.4.dll
                  O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
                  O2 - BHO: (no name) - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files\AI RoboForm\RoboForm.dll
                  O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
                  O2 - BHO: TBSB07235 - {7ACBC613-4EE3-417E-899E-185065A22907} - C:\PROGRA~1\QUICKN~1\MYSPAC~1.DLL (file missing)
                  O2 - BHO: VidzSeek Toolbar - {7d24e3e5-c350-4f9f-a5ce-bda28932d5e4} - C:\Program Files\VidzSeek\tbVid1.dll
                  O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
                  O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
                  O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll
                  O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
                  O2 - BHO: &Google Notebook - {CCCCCCD3-666F-4F81-8B69-745DE9F6D897} - C:\Program Files\Google\Google Notebook\gnotes1.0.2.19-242469674.dll
                  O2 - BHO: FlashGet GetFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\Program Files\FlashGet\getflash.dll
                  O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
                  O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
                  O3 - Toolbar: Skype Toolbar for Internet Explorer - {B13721C7-F507-4982-B2E5-502A71474FED} - C:\Program Files\Skype\toolbars\Skype for Internet Explorer\skype_toolbar.dll
                  O3 - Toolbar: &RoboForm - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files\AI RoboForm\RoboForm.dll
                  O3 - Toolbar: Google Notebook - {CCCCCCDB-4DDB-4703-95D4-DD2C526397BF} - C:\Program Files\Google\Google Notebook\gnotes1.0.2.19-242469674.dll
                  O3 - Toolbar: VidzSeek Toolbar - {7d24e3e5-c350-4f9f-a5ce-bda28932d5e4} - C:\Program Files\VidzSeek\tbVid1.dll
                  O3 - Toolbar: Veoh Browser Plug-in - {D0943516-5076-4020-A3B5-AEFAF26AB263} - C:\Program Files\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll
                  O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
                  O3 - Toolbar: Copernic Agent - {F2E259E8-0FC8-438C-A6E0-342DD80FA53E} - C:\Program Files\Copernic Agent\CopernicAgentExt.dll
                  O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
                  O4 - HKLM\..\Run: [SMSERIAL] sm56hlpr.exe
                  O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
                  O4 - HKLM\..\Run: [Wireless Console 2] C:\Program Files\Wireless Console 2\wcourier.exe
                  O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
                  O4 - HKLM\..\Run: [Power_Gear] C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe 1
                  O4 - HKLM\..\Run: [Control Center] C:\Program Files\ASUS\WLAN Card Utilities\Center.exe
                  O4 - HKLM\..\Run: [MsmqIntCert] regsvr32 /s mqrt.dll
                  O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
                  O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
                  O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
                  O4 - HKLM\..\Run: [Run StartupMonitor] StartupMonitor.exe
                  O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
                  O4 - HKLM\..\Run: [HControl] C:\WINDOWS\ATK0100\HControl.exe
                  O4 - HKLM\..\Run: [Share-to-Web Namespace Daemon] C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
                  O4 - HKLM\..\Run: [googletalk] C:\Program Files\Google\Google Talk\googletalk.exe /autostart
                  O4 - HKLM\..\Run: [Flashget] C:\Program Files\FlashGet\flashget.exe /min
                  O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
                  O4 - HKLM\..\Run: [COMODO Firewall Pro] "C:\Program Files\COMODO\Firewall\cfp.exe" -s
                  O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
                  O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
                  O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
                  O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
                  O4 - Global Startup: ASUS ChkMail.lnk = C:\Program Files\ASUS\Asus ChkMail\ChkMail.exe
                  O4 - Global Startup: Bluetooth Manager.lnk = ?
                  O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
                  O4 - Global Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
                  O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
                  O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
                  O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
                  O8 - Extra context menu item: &Download All with FlashGet - C:\Program Files\FlashGet\jc_all.htm
                  O8 - Extra context menu item: &Download with FlashGet - C:\Program Files\FlashGet\jc_link.htm
                  O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
                  O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
                  O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
                  O8 - Extra context menu item: Note this (Google Notebook) - res://C:\Program Files\Google\Google Notebook\gnotes1.0.2.19-242469674.dll/gn_menu1.html
                  O8 - Extra context menu item: Note this item (Google Notebook) - res://C:\Program Files\Google\Google Notebook\gnotes1.0.2.19-242469674.dll/gn_menu2.html
                  O8 - Extra context menu item: Save to &Xdrive - res://C:\Program Files\Xdrive\Xdrive Desktop\xdrive.exe/std.html
                  O8 - Extra context menu item: Search Using Copernic Agent - res://C:\Program Files\Copernic Agent\CopernicAgentExt.dll/INTEGRATION_MENU_SEARCHEXT
                  O9 - Extra button: Trace - {04849C74-016E-4a43-8AA5-1F01DE57F4A1} - C:\Program Files\VisualRoute Lite Edition\vrie.dll
                  O9 - Extra 'Tools' menuitem: VisualRoute Trace - {04849C74-016E-4a43-8AA5-1F01DE57F4A1} - C:\Program Files\VisualRoute Lite Edition\vrie.dll
                  O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
                  O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
                  O9 - Extra button: (no name) - {193B17B0-7C9F-4D5B-AEAB-8D3605EFC084} - C:\PROGRA~1\COPERN~1\COPERN~1.EXE
                  O9 - Extra 'Tools' menuitem: Launch Copernic Agent - {193B17B0-7C9F-4D5B-AEAB-8D3605EFC084} - C:\PROGRA~1\COPERN~1\COPERN~1.EXE
                  O9 - Extra button: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files\AI RoboForm\RoboForm.dll
                  O9 - Extra 'Tools' menuitem: &7 Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files\AI RoboForm\RoboForm.dll
                  O9 - Extra button: Save Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files\AI RoboForm\RoboForm.dll
                  O9 - Extra 'Tools' menuitem: &8 Save Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files\AI RoboForm\RoboForm.dll
                  O9 - Extra button: Run WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll
                  O9 - Extra 'Tools' menuitem: Launch WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll
                  O9 - Extra button: BitComet Search - {461CC20B-FB6E-4f16-8FE8-C29359DB100E} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.7.4.dll
                  O9 - Extra button: Copernic Agent - {688DC797-DC11-46A7-9F1B-445F4F58CE6E} - C:\PROGRA~1\COPERN~1\COPERN~1.EXE
                  O9 - Extra button: RF toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files\AI RoboForm\RoboForm.dll
                  O9 - Extra 'Tools' menuitem: &9 Robo Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files\AI RoboForm\RoboForm.dll
                  O9 - Extra button: Skype Toolbar for Internet Explorer - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\PROGRA~1\Skype\toolbars\SKYPEF~1\SKYPE_~1.DLL
                  O9 - Extra 'Tools' menuitem: Skype Toolbar for Internet Explorer - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\PROGRA~1\Skype\toolbars\SKYPEF~1\SKYPE_~1.DLL
                  O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
                  O9 - Extra button: Movies Extractor Scout LITE - {D1EF084D-C97F-49C2-BFFB-D77A61A27761} - C:\Program Files\Movies Extractor Scout LITE\flashextract.exe
                  O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe
                  O9 - Extra 'Tools' menuitem: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe
                  O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
                  O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
                  O9 - Extra button: (no name) - {f748b308-972c-4f94-9246-be2e1985c6f6} - C:\Documents and Settings\Cees\Local Settings\Apps\2.0\ZL3C94VO.1E1\HQK8MWZ3.A9Q\keep..tion_6c174d367efa5404_0001.0000_528ceab7e52da640\K eepV.exe
                  O9 - Extra 'Tools' menuitem: KeepV - Video Detector - {f748b308-972c-4f94-9246-be2e1985c6f6} - C:\Documents and Settings\Cees\Local Settings\Apps\2.0\ZL3C94VO.1E1\HQK8MWZ3.A9Q\keep..tion_6c174d367efa5404_0001.0000_528ceab7e52da640\K eepV.exe
                  O9 - Extra button: (no name) - {f748b308-972c-4f94-9246-be2e1985c6f7} - C:\Documents and Settings\Cees\Local Settings\Apps\2.0\ZL3C94VO.1E1\HQK8MWZ3.A9Q\keep..tion_6c174d367efa5404_0001.0000_528ceab7e52da640\K eepV.exe1 (file missing)
                  O9 - Extra 'Tools' menuitem: KeepV - Send Video - {f748b308-972c-4f94-9246-be2e1985c6f7} - C:\Documents and Settings\Cees\Local Settings\Apps\2.0\ZL3C94VO.1E1\HQK8MWZ3.A9Q\keep..tion_6c174d367efa5404_0001.0000_528ceab7e52da640\K eepV.exe1 (file missing)
                  O9 - Extra button: LanWhoIs - {F96A9D15-8486-414D-9ACE-312197E3364F} - C:\PROGRA~1\LANTRI~1\LanWhoIs\lanwhois.htm
                  O9 - Extra 'Tools' menuitem: LanWhoIs - {F96A9D15-8486-414D-9ACE-312197E3364F} - C:\PROGRA~1\LANTRI~1\LanWhoIs\lanwhois.htm
                  O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
                  O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
                  O10 - Unknown file in Winsock LSP: bmnet.dll
                  O10 - Unknown file in Winsock LSP: bmnet.dll
                  O10 - Unknown file in Winsock LSP: bmnet.dll
                  O14 - IERESET.INF: START_PAGE_URL=http://www.asus.com
                  O16 - DPF: {493ACF15-5CD9-4474-82A6-91670C3DD66E} (LinkedIn ContactFinderControl) - http://www.linkedin.com/cab/LinkedInContactFinderControl.cab
                  O16 - DPF: {4CCA4E80-9259-11D9-AC6E-444553544200} (FixController Control) - http://h30155.www3.hp.com/ediags/dd/install/HPInstallMgr_v01_5.cab
                  O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} (Image Uploader Control) - http://cache.hyves.nl/statics/Aurigma/ImageUploader4.cab
                  O16 - DPF: {745395C8-D0E1-4227-8586-624CA9A10A8D} (AxisMediaControl Class) - http://81.205.150.70:10000/activex/AMC.cab
                  O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://javadl-esd.sun.com/update/1.6.0/jinstall-6u3-windows-i586-jc.cab
                  O16 - DPF: {A8F2B9BD-A6A0-486A-9744-18920D898429} (ScorchPlugin Class) - http://www.sibelius.com/download/software/win/ActiveXPlugin.cab
                  O16 - DPF: {DE591B16-A452-11D6-AED1-0001030A4E46} (PBGNX Control) - https://gto.postbank.nl/GTO/PBGNX.cab
                  O16 - DPF: {DE625294-70E6-45ED-B895-CFFA13AEB044} (AxisMediaControlEmb Class) - http://82.92.176.201:9995/activex/AMC.cab
                  O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Skype\toolbars\Shared\Skype4ComAPI.dll
                  O20 - AppInit_DLLs: C:\WINDOWS\system32\guard32.dll
                  O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL
                  O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
                  O23 - Service: Apache2.2 - Apache Software Foundation - D:\Websites\xampp\apache\bin\apache.exe
                  O23 - Service: ASWLSVC - Unknown owner - C:\WINDOWS\system32\ASWLSVC.exe
                  O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
                  O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
                  O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
                  O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
                  O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
                  O23 - Service: Bytemobile Web Configurator (bmwebcfg) - Bytemobile, Inc. - C:\WINDOWS\system32\bmwebcfg.exe
                  O23 - Service: Bwsvc - BUFFALO INC. - C:\Program Files\BUFFALO\Client Manager3\bwsvc\bwsvc.exe
                  O23 - Service: COMODO Firewall Pro Helper Service (cmdAgent) - COMODO - C:\Program Files\COMODO\Firewall\cmdagent.exe
                  O23 - Service: Firebird Server - DefaultInstance (FirebirdServerDefaultInstance) - The Firebird Project - C:\Program Files\Alexion Software\Relation Manager\data\firebird\bin\fbserver.exe
                  O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
                  O23 - Service: IDriveE Service - Pro Softnet Corporation - C:\Program Files\IDrive\IDriveE Service.exe
                  O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
                  O23 - Service: InCD Helper (read only) (InCDsrvR) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
                  O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
                  O23 - Service: MNS Framework (MNSFramework) - Unknown owner - C:\WINDOWS\system32\MNSFramework.exe
                  O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
                  O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - C:\Program Files\WinPcap\rpcapd.exe
                  O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe
                  O23 - Service: wampapache - Apache Software Foundation - c:\wamp\apache2\bin\httpd.exe
                  O23 - Service: wampmysqld - Unknown owner - c:\wamp\mysql\bin\mysqld-nt.exe
                  O23 - Service: Xdrive Service - Xdrive LLC - C:\Program Files\Xdrive\Xdrive Desktop\XdriveService.exe

                  --
                  End of file - 19085 bytes
                  Last edited by ashley; 06-01-08, 14:47.

                  Comment


                  • #10
                    Ga naar Start - Uitvoeren en tik in: ComboFix /u
                    Druk op Enter.

                    Verwijder alle bestanden in de map c:\windows\prefetch
                    Opruiming van cookies en tijdelijke internetbestanden:
                    Sluit alle open vensters van Internet Explorer.
                    Ga naar Start en klik op "Configuratiescherm" en dubbelklik op "Internet-opties".
                    Het venster "Eigenschappen voor Internet" zal openen.
                    Ga naar het tabblad "Algemeen".
                    Bij "Browsergeschiedenis" klik je op de knop "Verwijderen".
                    Een nieuw venster zal open: Browsergeschiedenis verwijderen.
                    Klik onderaan op de knop "Alles verwijderen". In het venster dat nu opent plaats je een vinkje bij "Ook bestanden en instellingen die door invoegtoepassingen zijn opgeslagen, verwijderen".
                    Klik op Ja.
                    Dit verwijdert de tijdelijke internetbestanden, de cookies, de surfgeschiedenis, de opgeslagen informatie die je in formulieren hebt opgegeven en de opgeslagen wachtwoorden die automatisch worden ingevuld als je je aanmeldt bij een website die je eerder hebt bezocht.
                    Indien je deze laatste 2 (formuliergegevens en wachtwoorden) liever niet verwijderd, dan klik je niet op alles verwijderen maar enkel op deze:
                    - bij Tijdelijke internetbestanden op Bestanden verwijderen.
                    - bij Cookies op Cookies verwijderen.
                    - bij Geschiedenis op Geschiedenis verwijderen.

                    Blokkeer ook nog de indirecte of third party cookies:
                    Op het tabblad Privacy klik je op de knop geavanceerd.
                    Plaats een vinkje bij "Automatische cookie-verwerking opheffen".
                    Bij Directe cookies zorg je dat "Accepteren" aangeduid is.
                    Bij Indirecte cookies kies je voor "Blokkeren".
                    Klik op OK.
                    Wanneer dit gebeurd is, sluit je het venster "Eigenschappen voor Internet".

                    Opruiming van andere tijdelijke mappen en de prullenbak leegmaken:
                    Sluit alle open vensters.
                    Ga naar Start, kies Uitvoeren en tik in: cleanmgr
                    Druk daarna op OK en Schijfopruiming zal gestart worden.
                    Indien je meerdere partities hebt kies je de partitie waarop Windows geïnstalleerd is.
                    Laat nu je systeem scannen op bestanden die verwijderd kunnen worden.
                    Wanneer het overzicht verschijnt zorg je dat enkel de volgende items aangevinkt zijn:
                    - Tijdelijke internetbestanden (indien je dit nog niet via bovengenoemde procedure gedaan hebt)
                    - Prullenbak
                    - Tijdelijke bestanden
                    Klik daarna op OK.

                    Download Dr.Web CureIt en plaats het op je bureaublad: cureit.exe.

                    Dubbelklik op cureit.exe, en klik daarna op Start om het programma een snelle scan te laten uitvoeren.
                    Deze snelle scan zal de bestanden scannen die momenteel in het geheugen geladen zijn.
                    Wordt er wat gevonden, dan laat je CureIt dit repareren.
                    - Verschijnt er een venster met een aanbieding tot kopen met 50% korting, dan klik je deze weg met het kruisje.
                    Daarna zal het hoofdvenster zichtbaar worden.
                    - Kies bovenaan in het menu Optie voor Taal en wijzig deze naar Dutch (Nederlands), indien deze anders ingesteld staat.
                    - In het menu Opties kies je voor Instellingen veranderen (F9).
                    Op het tabblad "Scan" haal je het vinkje weg bij Heuristic Analyse.
                    Druk op Toepassen.
                    Op het tabblad "Bestandstypen" moet bij Scan mode geselecteerd zijn: Alle bestanden.
                    Op het tabblad "Acties" stel je het volgende in bij Malware:
                    -Adware: Verplaats
                    -Dialers: Verplaats
                    -Jokes: Rapportage
                    -Riskware: Rapportage
                    -Hacktools: Verplaats
                    Nog steeds op het tabblad "Acties" stel je het volgende in bij Objecten:
                    - Geïnfecteerde objecten: Repareer
                    - Onrepareerbare: Verplaats
                    - Verdachte objecten: Rapportage
                    Haal dan het vinkje weg bij: Prompt bij actie.
                    Druk op Toepassen.
                    Druk daarna op OK.
                    Terug in het hoofdvenster kan je selecteren welke scan je wil uitvoeren.
                    - Selecteer Volledige scan
                    Klik op de groene pijl aan de rechterkant om de scan te starten.
                    Indien de geïnfecteerde bestanden niet kunnen gedesinfecteerd worden, zullen deze verplaatst worden naar de map %userprofile%\DoctorWeb\Quarantine.
                    - Als de scan klaar is kies je in het menu voor Bestand voor Rapportagelijst opslaan en sla je de log op op je bureaublad.
                    - Sluit daarna Dr.Web Cureit.

                    Herstart je computer.
                    Dit moet je zeker uitvoeren, want het kan zijn dat Dr.Web Cureit bestanden zal verplaatsen of verwijderen na een herstart.

                    Als de computer opnieuw gestart is, kopieer en plak je de inhoud van de log die je eerder hebt opgeslagen op je bureaublad, in je volgende post.
                    Post ook een nieuwe hijackthislog.

                    Comment


                    • #11
                      Duurde even. Geen van de originele cureit download sites werken momenteel. iets oudere versie gevonden en gebruikt. Wel versie 4.4 maar met database 59 dagen oud.

                      Dr Web CureIt log :

                      RemoveWGA.exe;C:\Documents and Settings\Cees\Desktop\win\windows leg\win2;Tool.RemoveWGA;Verplaatst.;
                      winvnc4.exe;C:\Program Files\RealVNC\VNC4;Program.RemoteAdmin;;
                      vncconfig.exe;C:\Program Files\RealVNC\VNC4;Program.RemoteAdmin;;
                      wm_hooks.dll;C:\Program Files\RealVNC\VNC4;Program.RemoteAdmin;;
                      vncviewer.exe;C:\Program Files\RealVNC\VNC4;Program.RemoteAdmin;;
                      Process.exe;C:\Program Files\InterlinkNetworks\LucidLinkClient\Bin;Tool.Prockill;Verplaatst.;
                      A0137254.exe;C:\System Volume Information\_restore{30D91EA6-2B27-4B6E-9FAE-AD18480FAE8B}\RP335;Tool.RemoveWGA;Verplaatst.;
                      A0137255.exe;C:\System Volume Information\_restore{30D91EA6-2B27-4B6E-9FAE-AD18480FAE8B}\RP335;Tool.Prockill;Verplaatst.;
                      RVAXO3;C:\Downloads\RVAXO;Tool.ShutDown.11;Verplaatst.;
                      pv.exe;D:\Websites\JSAS\http_root\home\admin\program;Program.PrcView.3725;;
                      pv.exe;D:\Websites\xampp\apache\bin;Program.PrcView.3725;;


                      -------------------------------------------------------
                      HijackThis log :

                      Logfile of Trend Micro HijackThis v2.0.2
                      Scan saved at 10:35:15 PM, on 05-01-2008
                      Platform: Windows XP SP2 (WinNT 5.01.2600)
                      MSIE: Internet Explorer v7.00 (7.00.6000.16574)
                      Boot mode: Normal

                      Running processes:
                      C:\WINDOWS\System32\smss.exe
                      C:\WINDOWS\system32\winlogon.exe
                      C:\WINDOWS\system32\services.exe
                      C:\WINDOWS\system32\lsass.exe
                      C:\WINDOWS\system32\svchost.exe
                      C:\WINDOWS\System32\svchost.exe
                      C:\Program Files\Ahead\InCD\InCDsrv.exe
                      C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
                      C:\Program Files\Alwil Software\Avast4\ashServ.exe
                      C:\WINDOWS\Explorer.EXE
                      C:\WINDOWS\system32\spoolsv.exe
                      C:\WINDOWS\sm56hlpr.exe
                      D:\Websites\xampp\apache\bin\apache.exe
                      C:\WINDOWS\RTHDCPL.EXE
                      C:\Program Files\Wireless Console 2\wcourier.exe
                      C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
                      C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe
                      C:\WINDOWS\system32\ASWLSVC.exe
                      C:\Program Files\ASUS\WLAN Card Utilities\Center.exe
                      C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
                      C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
                      C:\Program Files\Ahead\InCD\InCD.exe
                      C:\WINDOWS\StartupMonitor.exe
                      C:\WINDOWS\ATK0100\HControl.exe
                      C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
                      C:\WINDOWS\system32\bmwebcfg.exe
                      C:\PROGRA~1\HEWLET~1\HPSHAR~1\hpgs2wnf.exe
                      C:\Program Files\BUFFALO\Client Manager3\bwsvc\bwsvc.exe
                      C:\Program Files\COMODO\Firewall\cmdagent.exe
                      C:\WINDOWS\eHome\ehRecvr.exe
                      C:\Program Files\Google\Google Talk\googletalk.exe
                      C:\WINDOWS\eHome\ehSched.exe
                      C:\Program Files\FlashGet\flashget.exe
                      C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
                      C:\Program Files\Alexion Software\Relation Manager\data\firebird\bin\fbserver.exe
                      C:\Program Files\IDrive\IDriveE Service.exe
                      C:\Program Files\Common Files\LightScribe\LSSrvc.exe
                      C:\Program Files\COMODO\Firewall\cfp.exe
                      C:\WINDOWS\system32\ctfmon.exe
                      C:\Program Files\MSN Messenger\msnmsgr.exe
                      C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
                      C:\WINDOWS\system32\MNSFramework.exe
                      C:\Program Files\ASUS\Asus ChkMail\ChkMail.exe
                      C:\WINDOWS\system32\nvsvc32.exe
                      C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng1.exe
                      C:\WINDOWS\system32\svchost.exe
                      C:\Program Files\Viewpoint\Common\ViewpointService.exe
                      C:\Program Files\Xdrive\Xdrive Desktop\XdriveService.exe
                      C:\WINDOWS\system32\mqsvc.exe
                      C:\WINDOWS\system32\mqtgsvc.exe
                      D:\Websites\xampp\apache\bin\apache.exe
                      C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
                      C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
                      C:\WINDOWS\system32\dllhost.exe
                      C:\WINDOWS\ATK0100\ATKOSD.exe
                      C:\Program Files\Mozilla Thunderbird\thunderbird.exe
                      C:\WINDOWS\system32\javaw.exe
                      C:\Program Files\FreePOPs\freepopsd.exe
                      C:\Program Files\Internet Explorer\IEXPLORE.EXE
                      C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
                      C:\PROGRA~1\WINIDA~1\WinIDAMS.exe
                      C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

                      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
                      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
                      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
                      R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
                      R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 127.0.0.1:81
                      R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local
                      R3 - URLSearchHook: VidzSeek Toolbar - {7d24e3e5-c350-4f9f-a5ce-bda28932d5e4} - C:\Program Files\VidzSeek\tbVid1.dll
                      O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
                      O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
                      O2 - BHO: BHO_BlockHTTP Class - {1F023FFF-B052-489C-A6B4-3D8DECBFCAD6} - C:\Program Files\TELUS Mobility\Connection Manager\BlockHTTP.dll
                      O2 - BHO: SkypeIEHelper - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\PROGRA~1\Skype\toolbars\SKYPEF~1\SKYPE_~1.DLL
                      O2 - BHO: flashget urlcatch - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\Program Files\FlashGet\jccatch.dll
                      O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.7.4.dll
                      O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
                      O2 - BHO: (no name) - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files\AI RoboForm\RoboForm.dll
                      O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
                      O2 - BHO: TBSB07235 - {7ACBC613-4EE3-417E-899E-185065A22907} - C:\PROGRA~1\QUICKN~1\MYSPAC~1.DLL (file missing)
                      O2 - BHO: VidzSeek Toolbar - {7d24e3e5-c350-4f9f-a5ce-bda28932d5e4} - C:\Program Files\VidzSeek\tbVid1.dll
                      O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
                      O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
                      O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll
                      O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
                      O2 - BHO: &Google Notebook - {CCCCCCD3-666F-4F81-8B69-745DE9F6D897} - C:\Program Files\Google\Google Notebook\gnotes1.0.2.19-242469674.dll
                      O2 - BHO: FlashGet GetFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\Program Files\FlashGet\getflash.dll
                      O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
                      O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
                      O3 - Toolbar: Skype Toolbar for Internet Explorer - {B13721C7-F507-4982-B2E5-502A71474FED} - C:\Program Files\Skype\toolbars\Skype for Internet Explorer\skype_toolbar.dll
                      O3 - Toolbar: &RoboForm - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files\AI RoboForm\RoboForm.dll
                      O3 - Toolbar: Google Notebook - {CCCCCCDB-4DDB-4703-95D4-DD2C526397BF} - C:\Program Files\Google\Google Notebook\gnotes1.0.2.19-242469674.dll
                      O3 - Toolbar: VidzSeek Toolbar - {7d24e3e5-c350-4f9f-a5ce-bda28932d5e4} - C:\Program Files\VidzSeek\tbVid1.dll
                      O3 - Toolbar: Veoh Browser Plug-in - {D0943516-5076-4020-A3B5-AEFAF26AB263} - C:\Program Files\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll
                      O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
                      O3 - Toolbar: Copernic Agent - {F2E259E8-0FC8-438C-A6E0-342DD80FA53E} - C:\Program Files\Copernic Agent\CopernicAgentExt.dll
                      O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
                      O4 - HKLM\..\Run: [SMSERIAL] sm56hlpr.exe
                      O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
                      O4 - HKLM\..\Run: [Wireless Console 2] C:\Program Files\Wireless Console 2\wcourier.exe
                      O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
                      O4 - HKLM\..\Run: [Power_Gear] C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe 1
                      O4 - HKLM\..\Run: [Control Center] C:\Program Files\ASUS\WLAN Card Utilities\Center.exe
                      O4 - HKLM\..\Run: [MsmqIntCert] regsvr32 /s mqrt.dll
                      O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
                      O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
                      O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
                      O4 - HKLM\..\Run: [Run StartupMonitor] StartupMonitor.exe
                      O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
                      O4 - HKLM\..\Run: [HControl] C:\WINDOWS\ATK0100\HControl.exe
                      O4 - HKLM\..\Run: [Share-to-Web Namespace Daemon] C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
                      O4 - HKLM\..\Run: [googletalk] C:\Program Files\Google\Google Talk\googletalk.exe /autostart
                      O4 - HKLM\..\Run: [Flashget] C:\Program Files\FlashGet\flashget.exe /min
                      O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
                      O4 - HKLM\..\Run: [COMODO Firewall Pro] "C:\Program Files\COMODO\Firewall\cfp.exe" -s
                      O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
                      O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
                      O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
                      O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
                      O4 - Global Startup: ASUS ChkMail.lnk = C:\Program Files\ASUS\Asus ChkMail\ChkMail.exe
                      O4 - Global Startup: Bluetooth Manager.lnk = ?
                      O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
                      O4 - Global Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
                      O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
                      O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
                      O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
                      O8 - Extra context menu item: &Download All with FlashGet - C:\Program Files\FlashGet\jc_all.htm
                      O8 - Extra context menu item: &Download with FlashGet - C:\Program Files\FlashGet\jc_link.htm
                      O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
                      O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
                      O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
                      O8 - Extra context menu item: Note this (Google Notebook) - res://C:\Program Files\Google\Google Notebook\gnotes1.0.2.19-242469674.dll/gn_menu1.html
                      O8 - Extra context menu item: Note this item (Google Notebook) - res://C:\Program Files\Google\Google Notebook\gnotes1.0.2.19-242469674.dll/gn_menu2.html
                      O8 - Extra context menu item: Save to &Xdrive - res://C:\Program Files\Xdrive\Xdrive Desktop\xdrive.exe/std.html
                      O8 - Extra context menu item: Search Using Copernic Agent - res://C:\Program Files\Copernic Agent\CopernicAgentExt.dll/INTEGRATION_MENU_SEARCHEXT
                      O9 - Extra button: Trace - {04849C74-016E-4a43-8AA5-1F01DE57F4A1} - C:\Program Files\VisualRoute Lite Edition\vrie.dll
                      O9 - Extra 'Tools' menuitem: VisualRoute Trace - {04849C74-016E-4a43-8AA5-1F01DE57F4A1} - C:\Program Files\VisualRoute Lite Edition\vrie.dll
                      O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
                      O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
                      O9 - Extra button: (no name) - {193B17B0-7C9F-4D5B-AEAB-8D3605EFC084} - C:\PROGRA~1\COPERN~1\COPERN~1.EXE
                      O9 - Extra 'Tools' menuitem: Launch Copernic Agent - {193B17B0-7C9F-4D5B-AEAB-8D3605EFC084} - C:\PROGRA~1\COPERN~1\COPERN~1.EXE
                      O9 - Extra button: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files\AI RoboForm\RoboForm.dll
                      O9 - Extra 'Tools' menuitem: &7 Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files\AI RoboForm\RoboForm.dll
                      O9 - Extra button: Save Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files\AI RoboForm\RoboForm.dll
                      O9 - Extra 'Tools' menuitem: &8 Save Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files\AI RoboForm\RoboForm.dll
                      O9 - Extra button: Run WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll
                      O9 - Extra 'Tools' menuitem: Launch WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll
                      O9 - Extra button: BitComet Search - {461CC20B-FB6E-4f16-8FE8-C29359DB100E} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.7.4.dll
                      O9 - Extra button: Copernic Agent - {688DC797-DC11-46A7-9F1B-445F4F58CE6E} - C:\PROGRA~1\COPERN~1\COPERN~1.EXE
                      O9 - Extra button: RF toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files\AI RoboForm\RoboForm.dll
                      O9 - Extra 'Tools' menuitem: &9 Robo Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files\AI RoboForm\RoboForm.dll
                      O9 - Extra button: Skype Toolbar for Internet Explorer - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\PROGRA~1\Skype\toolbars\SKYPEF~1\SKYPE_~1.DLL
                      O9 - Extra 'Tools' menuitem: Skype Toolbar for Internet Explorer - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\PROGRA~1\Skype\toolbars\SKYPEF~1\SKYPE_~1.DLL
                      O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
                      O9 - Extra button: Movies Extractor Scout LITE - {D1EF084D-C97F-49C2-BFFB-D77A61A27761} - C:\Program Files\Movies Extractor Scout LITE\flashextract.exe
                      O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe
                      O9 - Extra 'Tools' menuitem: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe
                      O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
                      O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
                      O9 - Extra button: (no name) - {f748b308-972c-4f94-9246-be2e1985c6f6} - C:\Documents and Settings\Cees\Local Settings\Apps\2.0\ZL3C94VO.1E1\HQK8MWZ3.A9Q\keep..tion_6c174d367efa5404_0001.0000_528ceab7e52da640\K eepV.exe
                      O9 - Extra 'Tools' menuitem: KeepV - Video Detector - {f748b308-972c-4f94-9246-be2e1985c6f6} - C:\Documents and Settings\Cees\Local Settings\Apps\2.0\ZL3C94VO.1E1\HQK8MWZ3.A9Q\keep..tion_6c174d367efa5404_0001.0000_528ceab7e52da640\K eepV.exe
                      O9 - Extra button: (no name) - {f748b308-972c-4f94-9246-be2e1985c6f7} - C:\Documents and Settings\Cees\Local Settings\Apps\2.0\ZL3C94VO.1E1\HQK8MWZ3.A9Q\keep..tion_6c174d367efa5404_0001.0000_528ceab7e52da640\K eepV.exe1 (file missing)
                      O9 - Extra 'Tools' menuitem: KeepV - Send Video - {f748b308-972c-4f94-9246-be2e1985c6f7} - C:\Documents and Settings\Cees\Local Settings\Apps\2.0\ZL3C94VO.1E1\HQK8MWZ3.A9Q\keep..tion_6c174d367efa5404_0001.0000_528ceab7e52da640\K eepV.exe1 (file missing)
                      O9 - Extra button: LanWhoIs - {F96A9D15-8486-414D-9ACE-312197E3364F} - C:\PROGRA~1\LANTRI~1\LanWhoIs\lanwhois.htm
                      O9 - Extra 'Tools' menuitem: LanWhoIs - {F96A9D15-8486-414D-9ACE-312197E3364F} - C:\PROGRA~1\LANTRI~1\LanWhoIs\lanwhois.htm
                      O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
                      O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
                      O10 - Unknown file in Winsock LSP: bmnet.dll
                      O10 - Unknown file in Winsock LSP: bmnet.dll
                      O10 - Unknown file in Winsock LSP: bmnet.dll
                      O14 - IERESET.INF: START_PAGE_URL=http://www.asus.com
                      O16 - DPF: {493ACF15-5CD9-4474-82A6-91670C3DD66E} (LinkedIn ContactFinderControl) - http://www.linkedin.com/cab/LinkedInContactFinderControl.cab
                      O16 - DPF: {4CCA4E80-9259-11D9-AC6E-444553544200} (FixController Control) - http://h30155.www3.hp.com/ediags/dd/install/HPInstallMgr_v01_5.cab
                      O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} (Image Uploader Control) - http://cache.hyves.nl/statics/Aurigma/ImageUploader4.cab
                      O16 - DPF: {745395C8-D0E1-4227-8586-624CA9A10A8D} (AxisMediaControl Class) - http://81.205.150.70:10000/activex/AMC.cab
                      O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://javadl-esd.sun.com/update/1.6.0/jinstall-6u3-windows-i586-jc.cab
                      O16 - DPF: {A8F2B9BD-A6A0-486A-9744-18920D898429} (ScorchPlugin Class) - http://www.sibelius.com/download/software/win/ActiveXPlugin.cab
                      O16 - DPF: {DE591B16-A452-11D6-AED1-0001030A4E46} (PBGNX Control) - https://gto.postbank.nl/GTO/PBGNX.cab
                      O16 - DPF: {DE625294-70E6-45ED-B895-CFFA13AEB044} (AxisMediaControlEmb Class) - http://82.92.176.201:9995/activex/AMC.cab
                      O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Skype\toolbars\Shared\Skype4ComAPI.dll
                      O20 - AppInit_DLLs: C:\WINDOWS\system32\guard32.dll
                      O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL
                      O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
                      O23 - Service: Apache2.2 - Apache Software Foundation - D:\Websites\xampp\apache\bin\apache.exe
                      O23 - Service: ASWLSVC - Unknown owner - C:\WINDOWS\system32\ASWLSVC.exe
                      O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
                      O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
                      O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
                      O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
                      O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
                      O23 - Service: Bytemobile Web Configurator (bmwebcfg) - Bytemobile, Inc. - C:\WINDOWS\system32\bmwebcfg.exe
                      O23 - Service: Bwsvc - BUFFALO INC. - C:\Program Files\BUFFALO\Client Manager3\bwsvc\bwsvc.exe
                      O23 - Service: COMODO Firewall Pro Helper Service (cmdAgent) - COMODO - C:\Program Files\COMODO\Firewall\cmdagent.exe
                      O23 - Service: Firebird Server - DefaultInstance (FirebirdServerDefaultInstance) - The Firebird Project - C:\Program Files\Alexion Software\Relation Manager\data\firebird\bin\fbserver.exe
                      O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
                      O23 - Service: IDriveE Service - Pro Softnet Corporation - C:\Program Files\IDrive\IDriveE Service.exe
                      O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
                      O23 - Service: InCD Helper (read only) (InCDsrvR) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
                      O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
                      O23 - Service: MNS Framework (MNSFramework) - Unknown owner - C:\WINDOWS\system32\MNSFramework.exe
                      O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
                      O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - C:\Program Files\WinPcap\rpcapd.exe
                      O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe
                      O23 - Service: wampapache - Apache Software Foundation - c:\wamp\apache2\bin\httpd.exe
                      O23 - Service: wampmysqld - Unknown owner - c:\wamp\mysql\bin\mysqld-nt.exe
                      O23 - Service: Xdrive Service - Xdrive LLC - C:\Program Files\Xdrive\Xdrive Desktop\XdriveService.exe

                      --
                      End of file - 19341 bytes

                      Comment


                      • #12
                        Best dat je toch de nieuwe versie gebruikt van CureIt.
                        Downloadlink werkt (weer).

                        Comment


                        • #13
                          Download werkt inderdaad weer !

                          Gehele procedure zoals in #10 aanbevolen nogmaals doorlopen.
                          Zie hier de resultaten :

                          ------------------------

                          log CureIt :

                          stream_file.exe;C:\Program Files\leplayer;Trojan.DownLoader.origin;Niet repareerbaar.Verplaatst.;
                          FindVideo.exe;C:\Program Files\leplayer;Trojan.DownLoader.origin;Niet repareerbaar.Verplaatst.;
                          CheckVideo.exe;C:\Program Files\leplayer;Trojan.DownLoader.origin;Niet repareerbaar.Verplaatst.;
                          winvnc4.exe;C:\Program Files\RealVNC\VNC4;Program.RemoteAdmin;;
                          vncconfig.exe;C:\Program Files\RealVNC\VNC4;Program.RemoteAdmin;;
                          wm_hooks.dll;C:\Program Files\RealVNC\VNC4;Program.RemoteAdmin;;
                          vncviewer.exe;C:\Program Files\RealVNC\VNC4;Program.RemoteAdmin;;
                          A0137586.exe;C:\System Volume Information\_restore{30D91EA6-2B27-4B6E-9FAE-AD18480FAE8B}\RP335;Trojan.DownLoader.origin;Niet repareerbaar.Verplaatst.;
                          A0137587.exe;C:\System Volume Information\_restore{30D91EA6-2B27-4B6E-9FAE-AD18480FAE8B}\RP335;Trojan.DownLoader.origin;Niet repareerbaar.Verplaatst.;
                          A0137588.exe;C:\System Volume Information\_restore{30D91EA6-2B27-4B6E-9FAE-AD18480FAE8B}\RP335;Trojan.DownLoader.origin;Niet repareerbaar.Verplaatst.;
                          pv.exe;D:\Websites\JSAS\http_root\home\admin\program;Program.PrcView.3725;;
                          pv.exe;D:\Websites\xampp\apache\bin;Program.PrcView.3725;;


                          __________________________________________________________

                          Log HijackThis :

                          Logfile of Trend Micro HijackThis v2.0.2
                          Scan saved at 12:34:47 PM, on 06-01-2008
                          Platform: Windows XP SP2 (WinNT 5.01.2600)
                          MSIE: Internet Explorer v7.00 (7.00.6000.16574)
                          Boot mode: Normal

                          Running processes:
                          C:\WINDOWS\System32\smss.exe
                          C:\WINDOWS\system32\winlogon.exe
                          C:\WINDOWS\system32\services.exe
                          C:\WINDOWS\system32\lsass.exe
                          C:\WINDOWS\system32\svchost.exe
                          C:\WINDOWS\System32\svchost.exe
                          C:\Program Files\Ahead\InCD\InCDsrv.exe
                          C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
                          C:\Program Files\Alwil Software\Avast4\ashServ.exe
                          C:\WINDOWS\Explorer.EXE
                          C:\WINDOWS\system32\spoolsv.exe
                          D:\Websites\xampp\apache\bin\apache.exe
                          C:\WINDOWS\sm56hlpr.exe
                          C:\WINDOWS\RTHDCPL.EXE
                          C:\Program Files\Wireless Console 2\wcourier.exe
                          C:\WINDOWS\system32\ASWLSVC.exe
                          C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
                          C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe
                          C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
                          C:\Program Files\ASUS\WLAN Card Utilities\Center.exe
                          C:\WINDOWS\system32\bmwebcfg.exe
                          C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
                          C:\Program Files\BUFFALO\Client Manager3\bwsvc\bwsvc.exe
                          C:\Program Files\Ahead\InCD\InCD.exe
                          C:\WINDOWS\StartupMonitor.exe
                          C:\Program Files\COMODO\Firewall\cmdagent.exe
                          C:\WINDOWS\ATK0100\HControl.exe
                          C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
                          C:\PROGRA~1\HEWLET~1\HPSHAR~1\hpgs2wnf.exe
                          C:\WINDOWS\eHome\ehRecvr.exe
                          C:\WINDOWS\eHome\ehSched.exe
                          C:\Program Files\Alexion Software\Relation Manager\data\firebird\bin\fbserver.exe
                          C:\Program Files\Google\Google Talk\googletalk.exe
                          C:\Program Files\FlashGet\flashget.exe
                          C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
                          C:\Program Files\IDrive\IDriveE Service.exe
                          C:\Program Files\Common Files\LightScribe\LSSrvc.exe
                          C:\Program Files\COMODO\Firewall\cfp.exe
                          C:\WINDOWS\system32\ctfmon.exe
                          C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
                          C:\Program Files\MSN Messenger\msnmsgr.exe
                          C:\WINDOWS\system32\MNSFramework.exe
                          C:\Program Files\ASUS\Asus ChkMail\ChkMail.exe
                          C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng1.exe
                          C:\WINDOWS\system32\svchost.exe
                          C:\Program Files\Viewpoint\Common\ViewpointService.exe
                          C:\Program Files\Xdrive\Xdrive Desktop\XdriveService.exe
                          C:\WINDOWS\system32\mqsvc.exe
                          C:\WINDOWS\system32\mqtgsvc.exe
                          D:\Websites\xampp\apache\bin\apache.exe
                          C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
                          C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
                          C:\WINDOWS\system32\dllhost.exe
                          C:\WINDOWS\ATK0100\ATKOSD.exe
                          C:\Program Files\Mozilla Thunderbird\thunderbird.exe
                          C:\Program Files\FreePOPs\freepopsd.exe
                          C:\WINDOWS\system32\javaw.exe
                          C:\Program Files\Internet Explorer\IEXPLORE.EXE
                          C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
                          C:\PROGRA~1\WINIDA~1\WinIDAMS.exe
                          C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

                          R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
                          R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
                          R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
                          R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
                          R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 127.0.0.1:81
                          R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local
                          R3 - URLSearchHook: VidzSeek Toolbar - {7d24e3e5-c350-4f9f-a5ce-bda28932d5e4} - C:\Program Files\VidzSeek\tbVid1.dll
                          O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
                          O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
                          O2 - BHO: IEToolbarBHO Class - {1A1DAC8C-074D-440F-8707-7009A672D7D1} - C:\Program Files\LinkedIn\IE Toolbar\3.0.3.1100\LinkedinIEToolbar.dll
                          O2 - BHO: BHO_BlockHTTP Class - {1F023FFF-B052-489C-A6B4-3D8DECBFCAD6} - C:\Program Files\TELUS Mobility\Connection Manager\BlockHTTP.dll
                          O2 - BHO: SkypeIEHelper - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\PROGRA~1\Skype\toolbars\SKYPEF~1\SKYPE_~1.DLL
                          O2 - BHO: flashget urlcatch - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\Program Files\FlashGet\jccatch.dll
                          O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.7.4.dll
                          O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
                          O2 - BHO: (no name) - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files\AI RoboForm\RoboForm.dll
                          O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
                          O2 - BHO: TBSB07235 - {7ACBC613-4EE3-417E-899E-185065A22907} - C:\PROGRA~1\QUICKN~1\MYSPAC~1.DLL (file missing)
                          O2 - BHO: VidzSeek Toolbar - {7d24e3e5-c350-4f9f-a5ce-bda28932d5e4} - C:\Program Files\VidzSeek\tbVid1.dll
                          O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
                          O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
                          O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll
                          O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
                          O2 - BHO: &Google Notebook - {CCCCCCD3-666F-4F81-8B69-745DE9F6D897} - C:\Program Files\Google\Google Notebook\gnotes1.0.2.19-242469674.dll
                          O2 - BHO: FlashGet GetFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\Program Files\FlashGet\getflash.dll
                          O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
                          O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
                          O3 - Toolbar: Skype Toolbar for Internet Explorer - {B13721C7-F507-4982-B2E5-502A71474FED} - C:\Program Files\Skype\toolbars\Skype for Internet Explorer\skype_toolbar.dll
                          O3 - Toolbar: &RoboForm - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files\AI RoboForm\RoboForm.dll
                          O3 - Toolbar: Google Notebook - {CCCCCCDB-4DDB-4703-95D4-DD2C526397BF} - C:\Program Files\Google\Google Notebook\gnotes1.0.2.19-242469674.dll
                          O3 - Toolbar: VidzSeek Toolbar - {7d24e3e5-c350-4f9f-a5ce-bda28932d5e4} - C:\Program Files\VidzSeek\tbVid1.dll
                          O3 - Toolbar: Veoh Browser Plug-in - {D0943516-5076-4020-A3B5-AEFAF26AB263} - C:\Program Files\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll
                          O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
                          O3 - Toolbar: Copernic Agent - {F2E259E8-0FC8-438C-A6E0-342DD80FA53E} - C:\Program Files\Copernic Agent\CopernicAgentExt.dll
                          O3 - Toolbar: LinkedIn Toolbar - {BB670D0B-5C46-40C7-B38B-40DD26987723} - C:\Program Files\LinkedIn\IE Toolbar\3.0.3.1100\LinkedinIEToolbar.dll
                          O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
                          O4 - HKLM\..\Run: [SMSERIAL] sm56hlpr.exe
                          O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
                          O4 - HKLM\..\Run: [Wireless Console 2] C:\Program Files\Wireless Console 2\wcourier.exe
                          O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
                          O4 - HKLM\..\Run: [Power_Gear] C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe 1
                          O4 - HKLM\..\Run: [Control Center] C:\Program Files\ASUS\WLAN Card Utilities\Center.exe
                          O4 - HKLM\..\Run: [MsmqIntCert] regsvr32 /s mqrt.dll
                          O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
                          O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
                          O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
                          O4 - HKLM\..\Run: [Run StartupMonitor] StartupMonitor.exe
                          O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
                          O4 - HKLM\..\Run: [HControl] C:\WINDOWS\ATK0100\HControl.exe
                          O4 - HKLM\..\Run: [Share-to-Web Namespace Daemon] C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
                          O4 - HKLM\..\Run: [googletalk] C:\Program Files\Google\Google Talk\googletalk.exe /autostart
                          O4 - HKLM\..\Run: [Flashget] C:\Program Files\FlashGet\flashget.exe /min
                          O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
                          O4 - HKLM\..\Run: [COMODO Firewall Pro] "C:\Program Files\COMODO\Firewall\cfp.exe" -s
                          O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
                          O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
                          O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
                          O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
                          O4 - Global Startup: ASUS ChkMail.lnk = C:\Program Files\ASUS\Asus ChkMail\ChkMail.exe
                          O4 - Global Startup: Bluetooth Manager.lnk = ?
                          O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
                          O4 - Global Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
                          O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
                          O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
                          O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
                          O8 - Extra context menu item: &Download All with FlashGet - C:\Program Files\FlashGet\jc_all.htm
                          O8 - Extra context menu item: &Download with FlashGet - C:\Program Files\FlashGet\jc_link.htm
                          O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
                          O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
                          O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
                          O8 - Extra context menu item: Linked&In Search - res://C:\Program Files\LinkedIn\IE Toolbar\3.0.3.1100\LinkedinIEToolbar.dll/ContextMenu.htm
                          O8 - Extra context menu item: Note this (Google Notebook) - res://C:\Program Files\Google\Google Notebook\gnotes1.0.2.19-242469674.dll/gn_menu1.html
                          O8 - Extra context menu item: Note this item (Google Notebook) - res://C:\Program Files\Google\Google Notebook\gnotes1.0.2.19-242469674.dll/gn_menu2.html
                          O8 - Extra context menu item: Save to &Xdrive - res://C:\Program Files\Xdrive\Xdrive Desktop\xdrive.exe/std.html
                          O8 - Extra context menu item: Search Using Copernic Agent - res://C:\Program Files\Copernic Agent\CopernicAgentExt.dll/INTEGRATION_MENU_SEARCHEXT
                          O9 - Extra button: Trace - {04849C74-016E-4a43-8AA5-1F01DE57F4A1} - C:\Program Files\VisualRoute Lite Edition\vrie.dll
                          O9 - Extra 'Tools' menuitem: VisualRoute Trace - {04849C74-016E-4a43-8AA5-1F01DE57F4A1} - C:\Program Files\VisualRoute Lite Edition\vrie.dll
                          O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
                          O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
                          O9 - Extra button: (no name) - {193B17B0-7C9F-4D5B-AEAB-8D3605EFC084} - C:\PROGRA~1\COPERN~1\COPERN~1.EXE
                          O9 - Extra 'Tools' menuitem: Launch Copernic Agent - {193B17B0-7C9F-4D5B-AEAB-8D3605EFC084} - C:\PROGRA~1\COPERN~1\COPERN~1.EXE
                          O9 - Extra button: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files\AI RoboForm\RoboForm.dll
                          O9 - Extra 'Tools' menuitem: &7 Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files\AI RoboForm\RoboForm.dll
                          O9 - Extra button: Save Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files\AI RoboForm\RoboForm.dll
                          O9 - Extra 'Tools' menuitem: &8 Save Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files\AI RoboForm\RoboForm.dll
                          O9 - Extra button: Run WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll
                          O9 - Extra 'Tools' menuitem: Launch WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll
                          O9 - Extra button: BitComet Search - {461CC20B-FB6E-4f16-8FE8-C29359DB100E} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.7.4.dll
                          O9 - Extra button: Copernic Agent - {688DC797-DC11-46A7-9F1B-445F4F58CE6E} - C:\PROGRA~1\COPERN~1\COPERN~1.EXE
                          O9 - Extra button: RF toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files\AI RoboForm\RoboForm.dll
                          O9 - Extra 'Tools' menuitem: &9 Robo Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files\AI RoboForm\RoboForm.dll
                          O9 - Extra button: Skype Toolbar for Internet Explorer - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\PROGRA~1\Skype\toolbars\SKYPEF~1\SKYPE_~1.DLL
                          O9 - Extra 'Tools' menuitem: Skype Toolbar for Internet Explorer - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\PROGRA~1\Skype\toolbars\SKYPEF~1\SKYPE_~1.DLL
                          O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
                          O9 - Extra button: Movies Extractor Scout LITE - {D1EF084D-C97F-49C2-BFFB-D77A61A27761} - C:\Program Files\Movies Extractor Scout LITE\flashextract.exe
                          O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe
                          O9 - Extra 'Tools' menuitem: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe
                          O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
                          O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
                          O9 - Extra button: (no name) - {f748b308-972c-4f94-9246-be2e1985c6f6} - C:\Documents and Settings\Cees\Local Settings\Apps\2.0\ZL3C94VO.1E1\HQK8MWZ3.A9Q\keep..tion_6c174d367efa5404_0001.0000_528ceab7e52da640\K eepV.exe
                          O9 - Extra 'Tools' menuitem: KeepV - Video Detector - {f748b308-972c-4f94-9246-be2e1985c6f6} - C:\Documents and Settings\Cees\Local Settings\Apps\2.0\ZL3C94VO.1E1\HQK8MWZ3.A9Q\keep..tion_6c174d367efa5404_0001.0000_528ceab7e52da640\K eepV.exe
                          O9 - Extra button: (no name) - {f748b308-972c-4f94-9246-be2e1985c6f7} - C:\Documents and Settings\Cees\Local Settings\Apps\2.0\ZL3C94VO.1E1\HQK8MWZ3.A9Q\keep..tion_6c174d367efa5404_0001.0000_528ceab7e52da640\K eepV.exe1 (file missing)
                          O9 - Extra 'Tools' menuitem: KeepV - Send Video - {f748b308-972c-4f94-9246-be2e1985c6f7} - C:\Documents and Settings\Cees\Local Settings\Apps\2.0\ZL3C94VO.1E1\HQK8MWZ3.A9Q\keep..tion_6c174d367efa5404_0001.0000_528ceab7e52da640\K eepV.exe1 (file missing)
                          O9 - Extra button: LanWhoIs - {F96A9D15-8486-414D-9ACE-312197E3364F} - C:\PROGRA~1\LANTRI~1\LanWhoIs\lanwhois.htm
                          O9 - Extra 'Tools' menuitem: LanWhoIs - {F96A9D15-8486-414D-9ACE-312197E3364F} - C:\PROGRA~1\LANTRI~1\LanWhoIs\lanwhois.htm
                          O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
                          O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
                          O10 - Unknown file in Winsock LSP: bmnet.dll
                          O10 - Unknown file in Winsock LSP: bmnet.dll
                          O10 - Unknown file in Winsock LSP: bmnet.dll
                          O14 - IERESET.INF: START_PAGE_URL=http://www.asus.com
                          O16 - DPF: {493ACF15-5CD9-4474-82A6-91670C3DD66E} (LinkedIn ContactFinderControl) - http://www.linkedin.com/cab/LinkedInContactFinderControl.cab
                          O16 - DPF: {4CCA4E80-9259-11D9-AC6E-444553544200} (FixController Control) - http://h30155.www3.hp.com/ediags/dd/install/HPInstallMgr_v01_5.cab
                          O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} (Image Uploader Control) - http://cache.hyves.nl/statics/Aurigma/ImageUploader4.cab
                          O16 - DPF: {745395C8-D0E1-4227-8586-624CA9A10A8D} (AxisMediaControl Class) - http://81.205.150.70:10000/activex/AMC.cab
                          O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://javadl-esd.sun.com/update/1.6.0/jinstall-6u3-windows-i586-jc.cab
                          O16 - DPF: {A8F2B9BD-A6A0-486A-9744-18920D898429} (ScorchPlugin Class) - http://www.sibelius.com/download/software/win/ActiveXPlugin.cab
                          O16 - DPF: {DE591B16-A452-11D6-AED1-0001030A4E46} (PBGNX Control) - https://gto.postbank.nl/GTO/PBGNX.cab
                          O16 - DPF: {DE625294-70E6-45ED-B895-CFFA13AEB044} (AxisMediaControlEmb Class) - http://82.92.176.201:9995/activex/AMC.cab
                          O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Skype\toolbars\Shared\Skype4ComAPI.dll
                          O20 - AppInit_DLLs: C:\WINDOWS\system32\guard32.dll
                          O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL
                          O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
                          O23 - Service: Apache2.2 - Apache Software Foundation - D:\Websites\xampp\apache\bin\apache.exe
                          O23 - Service: ASWLSVC - Unknown owner - C:\WINDOWS\system32\ASWLSVC.exe
                          O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
                          O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
                          O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
                          O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
                          O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
                          O23 - Service: Bytemobile Web Configurator (bmwebcfg) - Bytemobile, Inc. - C:\WINDOWS\system32\bmwebcfg.exe
                          O23 - Service: Bwsvc - BUFFALO INC. - C:\Program Files\BUFFALO\Client Manager3\bwsvc\bwsvc.exe
                          O23 - Service: COMODO Firewall Pro Helper Service (cmdAgent) - COMODO - C:\Program Files\COMODO\Firewall\cmdagent.exe
                          O23 - Service: Firebird Server - DefaultInstance (FirebirdServerDefaultInstance) - The Firebird Project - C:\Program Files\Alexion Software\Relation Manager\data\firebird\bin\fbserver.exe
                          O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
                          O23 - Service: IDriveE Service - Pro Softnet Corporation - C:\Program Files\IDrive\IDriveE Service.exe
                          O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
                          O23 - Service: InCD Helper (read only) (InCDsrvR) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
                          O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
                          O23 - Service: MNS Framework (MNSFramework) - Unknown owner - C:\WINDOWS\system32\MNSFramework.exe
                          O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
                          O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - C:\Program Files\WinPcap\rpcapd.exe
                          O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe
                          O23 - Service: wampapache - Apache Software Foundation - c:\wamp\apache2\bin\httpd.exe
                          O23 - Service: wampmysqld - Unknown owner - c:\wamp\mysql\bin\mysqld-nt.exe
                          O23 - Service: Xdrive Service - Xdrive LLC - C:\Program Files\Xdrive\Xdrive Desktop\XdriveService.exe

                          --
                          End of file - 19738 bytes

                          Comment


                          • #14
                            Zijn er nog problemen?

                            Comment


                            • #15
                              Beste Marckie,

                              Tijdens opstarten heb ik nog geen problemen waargenomen.
                              IE is zojuist wel weer spontaan gestopt. Ik zeg "spontaan" omdat ik de mededeling op het scherm zag staan " dat IE wordt afgebroken" terwijl ik zelf afwezig was. Het was dus niet n.a.v. een (bv. surf) aktie van mij, maar blijkbaar ten gevolge van 'iets' dat ook zonder mijn impuls op de achtergrond draait en de stationair IE beinvloedt.

                              Kan daarna IE wel weer gewoon opstarten en normaal werken.
                              Heb trouwens IE 7.0.5730.11 (english version)

                              Comment

                              Sorry, you are not authorized to view this page
                              Working...
                              X
                              😀
                              🥰
                              🤢
                              😎
                              😡
                              👍
                              👎