Wil je je logfile voortaan niet meer tussen de kleur codes zetten, hij is erg moeilijk leesbaar zo, b.v.d.

Start Hijackthis, kies voor 'Do a system scan only' en vink onderstaande regels aan:

r3 - urlsearchhook: sweetim for internet explorer - {bc4ffe41-de9f-46fa-b455-aad49b9f9938} - c:\program files\macrogaming\sweetimbarforie\toolbar.dll (file missing)
o2 - bho: sweetie - {1a0aadcd-3a72-4b5f-900f-e3bb5a838e2a} - c:\progra~1\macrog~1\sweeti~1\toolbar.dll (file missing)
o2 - bho: (no name) - {7e853d72-626a-48ec-a868-ba8d5e23e045} - (no file)
o3 - toolbar: sweetim for internet explorer - {bc4ffe41-de9f-46fa-b455-aad49b9f9938} - c:\program files\macrogaming\sweetimbarforie\toolbar.dll (file missing)
o4 - hklm\..\run: [devenv] c:\windows\system\smvss.exe /w
o4 - hklm\..\run: [msconfig] c:\windows\pchealth\helpctr\binaries\msconfig.exe /auto
o9 - extra button: (no name) - {2d663d1a-8670-49d9-a1a5-4c56b4e14e84} - (no file)

Sluit nu alle openstaande vensters, behalve Hijackthis en klik op Fix Checked.

Download Combofix naar je bureaublad

Indien je Combofix al eerder hebt gebruikt, gelieve die versie te verwijderen en Combofix opnieuw te downloaden via bovenstaande link, want Combofix wordt dagelijks geupdate.

OPMERKING: indien je, tijdens of na het downloaden van Combofix of tijdens het gebruik van Combofix een melding krijgt van je Antivirus- of een andere realtime scanner, schakel dan deze scanner uit en download Combofix opnieuw. Sommige scanners zien bepaalde componenten die Combofix gebruikt als verdacht en gaan deze blokkeren of verwijderen!

Dubbelklik op combofix.exe
Kies voor "Continue" door 1 te typen gevolgd door ENTER.
Tijdens het runnen van de fix, NIET in het venster klikken, want dit zal je pc doen vasthangen.

Wanneer de fix voltooid is en na herstart, zal de log combofix.txt openen.
Plaats in je volgende antwoord het logje van combofix (combofix.txt) tesamen met een vers Hijackthis log.

alleereerst dankjewel voor je hulp.

Ik heb gedaan wat je vroeg.
na de herstart verscheen er een pop up over een missing .dll

ik heb er een printscreen van gemaakt zie bijlage.


\((groter plaatje)in de volgende reply))

hier volgen de logs van combofix en hijackthis

ComboFix 08-02-18.1 - Ron Meurs 2008-02-18 0:17:44.1 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1043.18.588 [GMT 1:00]
Gestart vanuit: C:\Documents and Settings\Ron Meurs\Bureaublad\ComboFix.exe
* Nieuw herstelpunt werd aangemaakt

WAARSCHUWING - DE RECOVERY CONSOLE IS NIET OP DIT SYSTEEM GEINSTALLEERD !!
.

(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\WINDOWS\system32\UpMedia
F:\Autorun.inf

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))

.
-------\nm


(((((((((((((((((((( Bestanden Gemaakt van 2008-01-17 to 2008-02-17 ))))))))))))))))))))))))))))))
.

2008-02-14 20:39 . 2008-02-14 20:39 <DIR> d-------- C:\Program Files\Trend Micro
2008-02-14 18:17 . 2008-02-14 18:02 691,545 --a------ C:\WINDOWS\unins000.exe
2008-02-14 18:17 . 2008-02-14 18:17 3,456 --a------ C:\WINDOWS\unins000.dat
2008-02-14 18:06 . 2008-02-14 18:06 <DIR> d-------- C:\Documents and Settings\Ron Meurs\Application Data\Lavasoft
2008-02-14 17:02 . 2008-02-14 17:02 <DIR> d-------- C:\Documents and Settings\Ron Meurs\Application Data\ScanSoft
2008-02-14 16:35 . 2008-02-14 16:35 23 --a------ C:\WINDOWS\BO9420CN.INI
2008-02-14 16:10 . 2001-09-06 20:47 6,912 --a------ C:\WINDOWS\system32\drivers\serscan.sys
2008-02-14 16:10 . 2001-09-06 20:47 6,912 --a--c--- C:\WINDOWS\system32\dllcache\serscan.sys
2008-02-14 16:10 . 2008-02-14 16:10 227 --a------ C:\WINDOWS\Brpfx04a.ini
2008-02-14 16:10 . 2008-02-14 16:10 92 --a------ C:\WINDOWS\brpcfx.ini
2008-02-14 16:10 . 2008-02-14 16:11 65 --a------ C:\WINDOWS\system32\bd9420cn.dat
2008-02-14 16:09 . 2005-06-09 13:21 1,149,952 --a------ C:\WINDOWS\system32\BrWia05b.dll
2008-02-14 16:09 . 2005-04-08 15:48 163,840 --a------ C:\WINDOWS\system32\NSSearch.dll
2008-02-14 16:09 . 2005-05-12 01:01 122,880 --a------ C:\WINDOWS\system32\BrfxD05a.dll
2008-02-14 16:09 . 2002-11-26 13:43 106,496 --a------ C:\WINDOWS\system32\BrMuSNMP.dll
2008-02-14 16:09 . 2005-04-14 16:46 53,248 --a------ C:\WINDOWS\system32\BrNetSti.dll
2008-02-14 16:09 . 2005-02-10 17:52 34,816 --a------ C:\WINDOWS\system32\BrWiaNCp.dll
2008-02-14 16:09 . 2005-06-15 13:12 31,744 --a------ C:\WINDOWS\system32\Brnsplg.dll
2008-02-14 16:09 . 2003-11-28 18:57 0 --a------ C:\WINDOWS\brdfxspd.dat
2008-02-14 16:06 . 2008-02-14 16:06 <DIR> d-------- C:\Program Files\Common Files\ScanSoft Shared
2008-02-14 16:06 . 2003-09-24 11:37 27,134 --a------ C:\WINDOWS\maxlink.ini
2008-02-13 17:14 . 2008-02-13 17:32 <DIR> d-------- C:\UBCD4Win
2008-02-12 01:48 . 2008-02-12 11:18 13,030 --a------ C:\PDOXUSRS.NET
2008-02-11 23:48 . 2008-02-12 01:01 <DIR> d-------- C:\Program Files\Microloon2008
2008-02-11 23:48 . 2008-02-11 23:48 <DIR> d-------- C:\Program Files\Common Files\Borland Shared
2008-02-11 23:48 . 1999-06-21 05:10 183,808 --------- C:\WINDOWS\system32\BDEADMIN.CPL
2008-02-07 22:12 . 2008-02-07 22:12 <DIR> d-------- C:\Program Files\PrintServer Utilities
2008-02-07 22:12 . 2007-05-15 10:11 208,896 --a------ C:\WINDOWS\system32\Bot.dll
2008-02-07 22:12 . 2006-07-27 19:05 69,120 --a------ C:\WINDOWS\system32\psnt.dll
2008-02-07 22:12 . 2001-03-15 17:36 101 --a------ C:\WINDOWS\PSXLPR.INI
2008-02-07 21:21 . 2008-02-18 00:27 202 --a------ C:\WINDOWS\system32\PSLOG
2008-02-05 22:57 . 2008-02-05 22:58 <DIR> d-------- C:\Program Files\mp3DirectCut
2008-02-05 19:19 . 2008-02-05 19:19 <DIR> d-------- C:\Program Files\WAV to MP3 Encoder
2008-02-05 19:19 . 2001-12-12 10:35 348,160 --a------ C:\WINDOWS\system32\MEnc.ocx
2008-02-05 19:19 . 2002-08-22 22:27 348,160 --a------ C:\WINDOWS\system32\FlatBtn6.ocx
2008-02-05 19:01 . 2008-02-05 19:03 <DIR> d-------- C:\Program Files\Audacity
2008-02-05 18:48 . 2008-02-06 12:43 54,156 --ah----- C:\WINDOWS\QTFont.qfn
2008-02-05 18:48 . 2008-02-05 18:48 1,409 --a------ C:\WINDOWS\QTFont.for
2008-01-31 16:14 . 2008-01-31 16:14 34,304 --a------ C:\WINDOWS\system\smvss.exe
2008-01-31 16:04 . 2008-01-31 16:04 512,096 --a------ C:\WINDOWS\system32\drivers\amon.sys
2008-01-31 16:04 . 2008-01-31 16:04 298,104 --a------ C:\WINDOWS\system32\imon.dll
2008-01-31 16:04 . 2008-01-31 16:04 15,424 --a------ C:\WINDOWS\system32\drivers\nod32drv.sys
2008-01-30 18:25 . 2008-01-30 18:25 <DIR> d-------- C:\Documents and Settings\NetworkService\Mijn documenten

.
((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-02-14 23:20 --------- d-----w C:\Program Files\Kazaa Lite K++
2008-02-14 23:12 --------- d-----w C:\Program Files\Spyware Doctor
2008-02-14 23:01 --------- d-----w C:\Program Files\Hitman Pro
2008-02-14 18:06 --------- d-----w C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-02-14 17:24 --------- d-----w C:\Program Files\Spybot - Search & Destroy
2008-02-14 17:06 --------- d-----w C:\Program Files\SpywareBlaster
2008-02-14 17:05 --------- d-----w C:\Program Files\Lavasoft
2008-02-14 17:03 74,240 ----a-w C:\WINDOWS\system32\drivers\iksyssec.sys
2008-02-14 17:03 56,832 ----a-w C:\WINDOWS\system32\drivers\iksysflt.sys
2008-02-14 15:50 --------- d-----w C:\Program Files\Eset
2008-02-14 15:09 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-02-14 15:09 --------- d-----w C:\Program Files\Brother
2008-02-14 15:06 --------- d-----w C:\Program Files\ScanSoft
2008-02-14 15:06 --------- d-----w C:\Documents and Settings\All Users\Application Data\ScanSoft
2008-02-13 16:28 --------- d-----w C:\Program Files\RealVNC
2008-02-06 09:59 --------- d-----w C:\Program Files\ShotOnline International
2008-01-31 16:53 --------- d-----w C:\Program Files\eMule
2008-01-30 16:49 --------- d-----w C:\Program Files\JukeItUp Ecstasy Edition
2008-01-16 11:09 77,712 -c--a-w C:\Documents and Settings\Ron Meurs\Application Data\GDIPFONTCACHEV1.DAT
2008-01-15 12:49 --------- d-----w C:\Documents and Settings\All Users\Application Data\Avg7
2008-01-10 17:46 --------- d-----w C:\Program Files\SystemRequirementsLab
2008-01-10 17:46 --------- d-----w C:\Documents and Settings\Ron Meurs\Application Data\SystemRequirementsLab
2008-01-10 16:38 --------- d-----w C:\Documents and Settings\Ron Meurs\Application Data\InstallShield Installation Information
2008-01-10 16:21 --------- d-----w C:\Program Files\Unreal Tournament 3
2008-01-10 16:20 --------- d-----w C:\Program Files\Common Files\Wise Installation Wizard
2008-01-10 16:20 --------- d-----w C:\Program Files\AGEIA Technologies
2008-01-04 14:27 --------- d-----w C:\Program Files\Common Files\Ahead
2008-01-04 14:22 --------- d-----w C:\Program Files\LimewirePlus
2008-01-04 13:54 --------- d-----w C:\Documents and Settings\Ron Meurs\Application Data\uTorrent
2008-01-04 10:01 --------- d-----w C:\Program Files\Common Files\InstallShield
2007-12-28 20:49 --------- d-----w C:\Program Files\BitDownload
2007-12-28 20:49 --------- d-----w C:\Documents and Settings\Ron Meurs\Application Data\BitDownload(2)
2007-12-28 20:49 --------- d-----w C:\Documents and Settings\All Users\Application Data\Trymedia
2007-12-18 09:51 179,584 ----a-w C:\WINDOWS\system32\drivers\mrxdav.sys
2007-12-17 12:29 --------- d-----w C:\Program Files\Vialabel
2007-11-22 13:01 164 ----a-w C:\install.dat
2007-11-21 14:19 230,432 ----a-w C:\StiImg.dat
2007-11-18 18:28 6,787,081 ----a-w C:\Documents and Settings\Ron Meurs\CC2update.exe
2007-03-22 21:48 20 -c-h--w C:\Documents and Settings\All Users\Application Data\PKP_DLec.DAT
2001-02-28 12:14 476,576 -c--a-w C:\Documents and Settings\Ron Meurs\SETUP.EXE
2000-06-21 16:46 1,499,904 -c--a-w C:\Documents and Settings\Ron Meurs\INSTMSIW.EXE
2000-06-21 16:46 1,489,152 -c--a-w C:\Documents and Settings\Ron Meurs\INSTMSI.EXE
2001-09-07 12:00 94,784 -csh--w C:\WINDOWS\twain.dll
2004-08-03 23:03 50,688 --sh--w C:\WINDOWS\twain_32.dll
2004-08-03 23:03 54,784 -csh--w C:\WINDOWS\system32\msvcirt.dll
2004-08-03 23:03 12,288 --sh--w C:\WINDOWS\system32\regsvr32.exe
.

((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 00:03 15360]
"lycosInside"="C:\Program Files\lycos\Lyc_SysTray.exe" [2006-02-11 00:45 332840]
"msnmsgr"="~C:\PROGRA~1\MSNMES~1\msnmsgr.exe" [ ]
"DrvMon.exe"="C:\WINDOWS\system32\DrvMon.exe" [2004-09-10 03:16 53248]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe" [ ]
"SweetIM"="C:\Program Files\Macrogaming\SweetIM\SweetIM.exe" [ ]
"WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" [2006-11-02 22:53 204288]
"LDM"="\Program\" [ ]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2007-12-05 01:41 8523776]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2006-10-25 18:58 282624]
"SweetIM"="C:\Program Files\Macrogaming\SweetIM\SweetIM.exe" [ ]
"SetDefPrt"="C:\Program Files\Brother\Brmfl05a\BrStDvPt.exe" [2005-01-26 18:02 49152]
"ControlCenter2.0"="C:\Program Files\Brother\ControlCenter2\brctrcen.exe" [2005-07-22 21:36 933888]
"nwiz"="nwiz.exe" [2007-12-05 01:41 1626112 C:\WINDOWS\system32\nwiz.exe]
"NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2007-12-05 01:41 81920]
"nod32kui"="C:\Program Files\Eset\nod32kui.exe" [2008-01-31 16:04 949376]
"SSBkgdUpdate"="C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2003-10-14 10:22 155648]
"PaperPort PTD"="C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe" [2005-03-18 12:40 57393]
"IndexSearch"="C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe" [2005-03-18 12:53 40960]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-04 00:03 15360]
"PcSync"="C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe" [2006-11-09 17:15 1634304]
"Picasa Media Detector"="C:\Program Files\Picasa2\PicasaMediaDetector.exe" [2007-09-28 02:17 443968]

C:\Documents and Settings\All Users\Menu Start\Programma's\Opstarten\
Adobe Gamma Loader.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2005-02-20 12:41:13 110592]
Logitech Desktop Messenger.lnk - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe [2005-02-19 13:15:34 450560]
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE [2001-02-13 01:01:04 83360]
Statusvenster.lnk - C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe [2008-01-04 11:01:57 802816]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoViewOnDrive"= 0 (0x0)

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Adobe Reader Snelle start.lnk]
path=C:\Documents and Settings\All Users\Menu Start\Programma's\Opstarten\Adobe Reader Snelle start.lnk
backup=C:\WINDOWS\pss\Adobe Reader Snelle start.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BitTorrent]
C:\Program Files\BitTorrent\bittorrent.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LDM]


[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TomTomHOME.exe]
--a------ 2007-10-31 10:19 378784 C:\Program Files\TomTom HOME 2\HOMERunner.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"winvnc"=2 (0x2)

R2 ACEDRV06;ACEDRV06;C:\WINDOWS\system32\drivers\ACEDRV06.sys [2007-03-19 19:40]
R2 SVKP;SVKP;C:\WINDOWS\system32\SVKP.sys [2005-12-28 23:43]
R3 PAC207;Trust WB-1400T Webcam;C:\WINDOWS\system32\DRIVERS\pfc027.sys [2005-02-24 12:29]
S3 BrScnUsb;Brother USB Still Image driver;C:\WINDOWS\system32\Drivers\BrScnUsb.sys [2004-10-15 12:50]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\##Rockinronnie#OPS LAG (F)]
\Shell\AutoRun\command - Z:\setupSNK.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{bf0b5239-23f0-11db-8906-000461845014}]
\Shell\AutoRun\command - G:\loader.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{feaafb72-928b-11dc-8a40-000461845014}]
\Shell\AutoRun\command - H:\InstallTomTomHOME.exe

.
Inhoud van de 'Gedeelde Taken' map
"2008-02-29 10:00:19 C:\WINDOWS\Tasks\User_Feed_Synchronization-{5CA99DB3-E76A-430B-B31C-53C5A835BE72}.job"
- C:\WINDOWS\system32\msfeedssync.exe
.
**************************************************************************

catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-02-18 00:28:31
Windows 5.1.2600 Service Pack 2 NTFS

scannen van verborgen processen ...

scannen van verborgen autostart items ...

HKCU\Software\Microsoft\Windows\CurrentVersion\Run
msnmsgr = ~"C:\PROGRA~1\MSNMES~1\msnmsgr.exe" /background?s?n

scannen van verborgen bestanden ...

Scan succesvol afgerond
verborgen bestanden: 0

**************************************************************************
.
--------------------- DLLs Geladen Onder Lopende Processen ---------------------

PROCESS: C:\WINDOWS\system32\lsass.exe [5.01.2600.2180]
-> C:\Program Files\Eset\pr_imon.dll

PROCESS: C:\WINDOWS\explorer.exe [6.00.2900.3156]
-> C:\Program Files\Eset\pr_imon.dll
-> C:\Program Files\WS_FTP Pro\nsftpch.dll
.
------------------------ Other Running Processes ------------------------
.
C:\WINDOWS\system32\brsvc01a.exe
C:\WINDOWS\system32\brss01a.exe
C:\Program Files\Eset\nod32krn.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\PAStiSvc.exe
C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
C:\Program Files\Windows Media Player\WMPNetwk.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\system32\rundll32.exe
.
**************************************************************************
.
Voltooingstijd: 2008-02-18 0:31:14 - machine was rebooted
ComboFix-quarantined-files.txt 2008-02-17 23:31:11
.
2008-02-14 23:14:56 --- E O F ---


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 0:35:15, on 18-2-2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16608)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\brsvc01a.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\brss01a.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Eset\nod32krn.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\PAStiSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Eset\nod32kui.exe
C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\lycos\Lyc_SysTray.exe
C:\WINDOWS\system32\DrvMon.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.nl/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: WsftpBrowserHelper Class - {601ED020-FB6C-11D3-87D8-0050DA59922B} - C:\Program Files\WS_FTP Pro\wsbho2k0.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SweetIM] C:\Program Files\Macrogaming\SweetIM\SweetIM.exe
O4 - HKLM\..\Run: [SetDefPrt] C:\Program Files\Brother\Brmfl05a\BrStDvPt.exe
O4 - HKLM\..\Run: [ControlCenter2.0] C:\Program Files\Brother\ControlCenter2\brctrcen.exe /autorun
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [PaperPort PTD] C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
O4 - HKLM\..\Run: [IndexSearch] C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [lycosInside] C:\Program Files\lycos\Lyc_SysTray.exe
O4 - HKCU\..\Run: [msnmsgr] ~"C:\PROGRA~1\MSNMES~1\msnmsgr.exe" /background
O4 - HKCU\..\Run: [DrvMon.exe] C:\WINDOWS\system32\DrvMon.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [SweetIM] C:\Program Files\Macrogaming\SweetIM\SweetIM.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [LDM] \Program\
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Lokale service')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Netwerkservice')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Statusvenster.lnk = C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.informatique.nl
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O18 - Protocol: bw+0 - {DE97F86F-9A52-4F50-9736-889DCAF297C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {DE97F86F-9A52-4F50-9736-889DCAF297C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {DE97F86F-9A52-4F50-9736-889DCAF297C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {DE97F86F-9A52-4F50-9736-889DCAF297C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {DE97F86F-9A52-4F50-9736-889DCAF297C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {DE97F86F-9A52-4F50-9736-889DCAF297C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {DE97F86F-9A52-4F50-9736-889DCAF297C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {DE97F86F-9A52-4F50-9736-889DCAF297C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {DE97F86F-9A52-4F50-9736-889DCAF297C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {DE97F86F-9A52-4F50-9736-889DCAF297C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {DE97F86F-9A52-4F50-9736-889DCAF297C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {DE97F86F-9A52-4F50-9736-889DCAF297C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {DE97F86F-9A52-4F50-9736-889DCAF297C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {DE97F86F-9A52-4F50-9736-889DCAF297C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {DE97F86F-9A52-4F50-9736-889DCAF297C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {DE97F86F-9A52-4F50-9736-889DCAF297C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {DE97F86F-9A52-4F50-9736-889DCAF297C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {DE97F86F-9A52-4F50-9736-889DCAF297C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {DE97F86F-9A52-4F50-9736-889DCAF297C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {DE97F86F-9A52-4F50-9736-889DCAF297C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {DE97F86F-9A52-4F50-9736-889DCAF297C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {DE97F86F-9A52-4F50-9736-889DCAF297C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {DE97F86F-9A52-4F50-9736-889DCAF297C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {DE97F86F-9A52-4F50-9736-889DCAF297C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {DE97F86F-9A52-4F50-9736-889DCAF297C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {DE97F86F-9A52-4F50-9736-889DCAF297C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {DE97F86F-9A52-4F50-9736-889DCAF297C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {DE97F86F-9A52-4F50-9736-889DCAF297C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {DE97F86F-9A52-4F50-9736-889DCAF297C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {DE97F86F-9A52-4F50-9736-889DCAF297C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {DE97F86F-9A52-4F50-9736-889DCAF297C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {DE97F86F-9A52-4F50-9736-889DCAF297C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {DE97F86F-9A52-4F50-9736-889DCAF297C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {DE97F86F-9A52-4F50-9736-889DCAF297C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {DE97F86F-9A52-4F50-9736-889DCAF297C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {DE97F86F-9A52-4F50-9736-889DCAF297C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {DE97F86F-9A52-4F50-9736-889DCAF297C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {DE97F86F-9A52-4F50-9736-889DCAF297C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {DE97F86F-9A52-4F50-9736-889DCAF297C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {DE97F86F-9A52-4F50-9736-889DCAF297C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {DE97F86F-9A52-4F50-9736-889DCAF297C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {DE97F86F-9A52-4F50-9736-889DCAF297C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {DE97F86F-9A52-4F50-9736-889DCAF297C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {DE97F86F-9A52-4F50-9736-889DCAF297C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {DE97F86F-9A52-4F50-9736-889DCAF297C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {DE97F86F-9A52-4F50-9736-889DCAF297C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {DE97F86F-9A52-4F50-9736-889DCAF297C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {DE97F86F-9A52-4F50-9736-889DCAF297C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {DE97F86F-9A52-4F50-9736-889DCAF297C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {DE97F86F-9A52-4F50-9736-889DCAF297C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {DE97F86F-9A52-4F50-9736-889DCAF297C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {DE97F86F-9A52-4F50-9736-889DCAF297C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {DE97F86F-9A52-4F50-9736-889DCAF297C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {DE97F86F-9A52-4F50-9736-889DCAF297C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {DE97F86F-9A52-4F50-9736-889DCAF297C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {DE97F86F-9A52-4F50-9736-889DCAF297C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {DE97F86F-9A52-4F50-9736-889DCAF297C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {DE97F86F-9A52-4F50-9736-889DCAF297C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {DE97F86F-9A52-4F50-9736-889DCAF297C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {DE97F86F-9A52-4F50-9736-889DCAF297C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {DE97F86F-9A52-4F50-9736-889DCAF297C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {DE97F86F-9A52-4F50-9736-889DCAF297C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {DE97F86F-9A52-4F50-9736-889DCAF297C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {DE97F86F-9A52-4F50-9736-889DCAF297C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {DE97F86F-9A52-4F50-9736-889DCAF297C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {DE97F86F-9A52-4F50-9736-889DCAF297C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {DE97F86F-9A52-4F50-9736-889DCAF297C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {DE97F86F-9A52-4F50-9736-889DCAF297C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {DE97F86F-9A52-4F50-9736-889DCAF297C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {DE97F86F-9A52-4F50-9736-889DCAF297C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {DE97F86F-9A52-4F50-9736-889DCAF297C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {DE97F86F-9A52-4F50-9736-889DCAF297C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {DE97F86F-9A52-4F50-9736-889DCAF297C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {DE97F86F-9A52-4F50-9736-889DCAF297C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {DE97F86F-9A52-4F50-9736-889DCAF297C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {DE97F86F-9A52-4F50-9736-889DCAF297C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {DE97F86F-9A52-4F50-9736-889DCAF297C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\WINDOWS\system32\brsvc01a.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\svcntaux.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\swdsvc.exe
O23 - Service: STI Simulator - Unknown owner - C:\WINDOWS\System32\PAStiSvc.exe
O23 - Service: Webroot Spy Sweeper Engine (WebrootSpySweeperService) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe

--
End of file - 18963 bytes

Hier even een groter jpeg file van de foutmlding

Dat DLL bestand behoort tot je Nokia software, gebruik je deze nog?
Anders kan je het DLL bestandje hier downloaden.

Verder zie ik geen rare dingen meer in je logfile staan.
Zijn er nog problemen?

nee ik had geen problemen meer na de eerste opstart

alleen een popup en die is verholpen.

Maar ze zeiden dat ik een virus of een worm had smvss.exe ofzo??
of had je dat al verholpen??

in elk geval
enorm bedankt voor de hulp.
en dat er heel vaak die regel 018 in het log staat is ook niet erg?

nou ja geen problemen is een groot woord....

ik probberde net in mijn mail op diverse links te drukken maar het enige wat gebeurde is een groot wit scvherm van de browser en verder niets.

als ik gewoon de browser opstart via et programma werkt ie wel.

hoe kan dat nou ineens???

Hmm goed dat je het zegt, ik had deze over het hoofd gezien. ops:
Die 018 regels zijn van Logitech Desktop Manager en opzich niet schadelijk.
In jou geval heeft deze de 'hik' gekregen, je kan hem verwijderen via configuratiescherm --> software.


Open Kladblok, kopiëer en plak het volgende (vetgedrukte tekst) in een leeg venster:

File::
C:\WINDOWS\system\smvss.exe

Registry::
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LDM]


Sla dit op op je Bureaublad als CFScript.txt

Sleep CFScript.txt in ComboFix.exe zoals getoond in onderstaand voorbeeld :



Dit zal ComboFix doen herstarten.
Start opnieuw op als daarom gevraagd wordt,
en post de inhoud van de Combofix.txt in je volgende antwoord.

Problemen over?

Hoi Pimmert,

ik heb het combofixje weer gedaab zoals je schreef.
Na het runnen van combofix kreeg ik weer deze melding .

http://www.nucia.eu/forum/attachment.php?attachmentid=3290&d=1203292012

hier volgt de log van combofix

ComboFix 08-02-18.1 - Ron Meurs 2008-02-20 11:17:38.2 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1043.18.590 [GMT 1:00]
Gestart vanuit: C:\Documents and Settings\Ron Meurs\Bureaublad\ComboFix.exe
Command switches used :: C:\Documents and Settings\Ron Meurs\Bureaublad\CFScript.txt
* Nieuw herstelpunt werd aangemaakt

WAARSCHUWING - DE RECOVERY CONSOLE IS NIET OP DIT SYSTEEM GEINSTALLEERD !!

FILE ::
C:\WINDOWS\system\smvss.exe
.

(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\WINDOWS\system\smvss.exe

.
(((((((((((((((((((( Bestanden Gemaakt van 2008-01-20 to 2008-02-20 ))))))))))))))))))))))))))))))
.

2008-02-14 20:39 . 2008-02-14 20:39 <DIR> d-------- C:\Program Files\Trend Micro
2008-02-14 18:17 . 2008-02-14 18:02 691,545 --a------ C:\WINDOWS\unins000.exe
2008-02-14 18:17 . 2008-02-14 18:17 3,456 --a------ C:\WINDOWS\unins000.dat
2008-02-14 18:06 . 2008-02-14 18:06 <DIR> d-------- C:\Documents and Settings\Ron Meurs\Application Data\Lavasoft
2008-02-14 17:02 . 2008-02-14 17:02 <DIR> d-------- C:\Documents and Settings\Ron Meurs\Application Data\ScanSoft
2008-02-14 16:35 . 2008-02-14 16:35 23 --a------ C:\WINDOWS\BO9420CN.INI
2008-02-14 16:10 . 2001-09-06 20:47 6,912 --a------ C:\WINDOWS\system32\drivers\serscan.sys
2008-02-14 16:10 . 2001-09-06 20:47 6,912 --a--c--- C:\WINDOWS\system32\dllcache\serscan.sys
2008-02-14 16:10 . 2008-02-14 16:10 227 --a------ C:\WINDOWS\Brpfx04a.ini
2008-02-14 16:10 . 2008-02-14 16:10 92 --a------ C:\WINDOWS\brpcfx.ini
2008-02-14 16:10 . 2008-02-14 16:11 65 --a------ C:\WINDOWS\system32\bd9420cn.dat
2008-02-14 16:09 . 2005-06-09 13:21 1,149,952 --a------ C:\WINDOWS\system32\BrWia05b.dll
2008-02-14 16:09 . 2005-04-08 15:48 163,840 --a------ C:\WINDOWS\system32\NSSearch.dll
2008-02-14 16:09 . 2005-05-12 01:01 122,880 --a------ C:\WINDOWS\system32\BrfxD05a.dll
2008-02-14 16:09 . 2002-11-26 13:43 106,496 --a------ C:\WINDOWS\system32\BrMuSNMP.dll
2008-02-14 16:09 . 2005-04-14 16:46 53,248 --a------ C:\WINDOWS\system32\BrNetSti.dll
2008-02-14 16:09 . 2005-02-10 17:52 34,816 --a------ C:\WINDOWS\system32\BrWiaNCp.dll
2008-02-14 16:09 . 2005-06-15 13:12 31,744 --a------ C:\WINDOWS\system32\Brnsplg.dll
2008-02-14 16:09 . 2003-11-28 18:57 0 --a------ C:\WINDOWS\brdfxspd.dat
2008-02-14 16:06 . 2008-02-14 16:06 <DIR> d-------- C:\Program Files\Common Files\ScanSoft Shared
2008-02-14 16:06 . 2003-09-24 11:37 27,134 --a------ C:\WINDOWS\maxlink.ini
2008-02-13 17:14 . 2008-02-13 17:32 <DIR> d-------- C:\UBCD4Win
2008-02-12 01:48 . 2008-02-12 11:18 13,030 --a------ C:\PDOXUSRS.NET
2008-02-11 23:48 . 2008-02-12 01:01 <DIR> d-------- C:\Program Files\Microloon2008
2008-02-11 23:48 . 2008-02-11 23:48 <DIR> d-------- C:\Program Files\Common Files\Borland Shared
2008-02-11 23:48 . 1999-06-21 05:10 183,808 --------- C:\WINDOWS\system32\BDEADMIN.CPL
2008-02-07 22:12 . 2008-02-07 22:12 <DIR> d-------- C:\Program Files\PrintServer Utilities
2008-02-07 22:12 . 2007-05-15 10:11 208,896 --a------ C:\WINDOWS\system32\Bot.dll
2008-02-07 22:12 . 2006-07-27 19:05 69,120 --a------ C:\WINDOWS\system32\psnt.dll
2008-02-07 22:12 . 2001-03-15 17:36 101 --a------ C:\WINDOWS\PSXLPR.INI
2008-02-07 21:21 . 2008-02-20 11:11 202 --a------ C:\WINDOWS\system32\PSLOG
2008-02-05 22:57 . 2008-02-05 22:58 <DIR> d-------- C:\Program Files\mp3DirectCut
2008-02-05 19:19 . 2008-02-05 19:19 <DIR> d-------- C:\Program Files\WAV to MP3 Encoder
2008-02-05 19:19 . 2001-12-12 10:35 348,160 --a------ C:\WINDOWS\system32\MEnc.ocx
2008-02-05 19:19 . 2002-08-22 22:27 348,160 --a------ C:\WINDOWS\system32\FlatBtn6.ocx
2008-02-05 19:01 . 2008-02-05 19:03 <DIR> d-------- C:\Program Files\Audacity
2008-02-05 18:48 . 2008-02-06 12:43 54,156 --ah----- C:\WINDOWS\QTFont.qfn
2008-02-05 18:48 . 2008-02-05 18:48 1,409 --a------ C:\WINDOWS\QTFont.for
2008-01-31 16:04 . 2008-01-31 16:04 512,096 --a------ C:\WINDOWS\system32\drivers\amon.sys
2008-01-31 16:04 . 2008-01-31 16:04 298,104 --a------ C:\WINDOWS\system32\imon.dll
2008-01-31 16:04 . 2008-01-31 16:04 15,424 --a------ C:\WINDOWS\system32\drivers\nod32drv.sys
2008-01-30 18:25 . 2008-01-30 18:25 <DIR> d-------- C:\Documents and Settings\NetworkService\Mijn documenten

.
((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-02-14 23:20 --------- d-----w C:\Program Files\Kazaa Lite K++
2008-02-14 23:12 --------- d-----w C:\Program Files\Spyware Doctor
2008-02-14 23:01 --------- d-----w C:\Program Files\Hitman Pro
2008-02-14 18:06 --------- d-----w C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-02-14 17:24 --------- d-----w C:\Program Files\Spybot - Search & Destroy
2008-02-14 17:06 --------- d-----w C:\Program Files\SpywareBlaster
2008-02-14 17:05 --------- d-----w C:\Program Files\Lavasoft
2008-02-14 17:03 74,240 ----a-w C:\WINDOWS\system32\drivers\iksyssec.sys
2008-02-14 17:03 56,832 ----a-w C:\WINDOWS\system32\drivers\iksysflt.sys
2008-02-14 15:50 --------- d-----w C:\Program Files\Eset
2008-02-14 15:09 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-02-14 15:09 --------- d-----w C:\Program Files\Brother
2008-02-14 15:06 --------- d-----w C:\Program Files\ScanSoft
2008-02-14 15:06 --------- d-----w C:\Documents and Settings\All Users\Application Data\ScanSoft
2008-02-13 16:28 --------- d-----w C:\Program Files\RealVNC
2008-02-06 09:59 --------- d-----w C:\Program Files\ShotOnline International
2008-01-31 16:53 --------- d-----w C:\Program Files\eMule
2008-01-30 16:49 --------- d-----w C:\Program Files\JukeItUp Ecstasy Edition
2008-01-16 11:09 77,712 -c--a-w C:\Documents and Settings\Ron Meurs\Application Data\GDIPFONTCACHEV1.DAT
2008-01-15 12:49 --------- d-----w C:\Documents and Settings\All Users\Application Data\Avg7
2008-01-10 17:46 --------- d-----w C:\Program Files\SystemRequirementsLab
2008-01-10 17:46 --------- d-----w C:\Documents and Settings\Ron Meurs\Application Data\SystemRequirementsLab
2008-01-10 16:38 --------- d-----w C:\Documents and Settings\Ron Meurs\Application Data\InstallShield Installation Information
2008-01-10 16:21 --------- d-----w C:\Program Files\Unreal Tournament 3
2008-01-10 16:20 --------- d-----w C:\Program Files\Common Files\Wise Installation Wizard
2008-01-10 16:20 --------- d-----w C:\Program Files\AGEIA Technologies
2008-01-04 14:27 --------- d-----w C:\Program Files\Common Files\Ahead
2008-01-04 14:22 --------- d-----w C:\Program Files\LimewirePlus
2008-01-04 13:54 --------- d-----w C:\Documents and Settings\Ron Meurs\Application Data\uTorrent
2008-01-04 10:01 --------- d-----w C:\Program Files\Common Files\InstallShield
2007-12-28 20:49 --------- d-----w C:\Program Files\BitDownload
2007-12-28 20:49 --------- d-----w C:\Documents and Settings\Ron Meurs\Application Data\BitDownload(2)
2007-12-28 20:49 --------- d-----w C:\Documents and Settings\All Users\Application Data\Trymedia
2007-12-07 02:18 824,832 ----a-w C:\WINDOWS\system32\wininet.dll
2007-12-05 01:53 356,352 ----a-w C:\WINDOWS\system32\NVUNINST.EXE
2007-12-04 18:42 550,912 ------w C:\WINDOWS\system32\oleaut32.dll
2007-11-22 13:01 164 ----a-w C:\install.dat
2007-11-21 14:19 230,432 ----a-w C:\StiImg.dat
2007-11-18 18:28 6,787,081 ----a-w C:\Documents and Settings\Ron Meurs\CC2update.exe
2007-03-22 21:48 20 -c-h--w C:\Documents and Settings\All Users\Application Data\PKP_DLec.DAT
2001-02-28 12:14 476,576 -c--a-w C:\Documents and Settings\Ron Meurs\SETUP.EXE
2000-06-21 16:46 1,499,904 -c--a-w C:\Documents and Settings\Ron Meurs\INSTMSIW.EXE
2000-06-21 16:46 1,489,152 -c--a-w C:\Documents and Settings\Ron Meurs\INSTMSI.EXE
2001-09-07 12:00 94,784 -csh--w C:\WINDOWS\twain.dll
2004-08-03 23:03 50,688 --sh--w C:\WINDOWS\twain_32.dll
2004-08-03 23:03 54,784 -csh--w C:\WINDOWS\system32\msvcirt.dll
2004-08-03 23:03 12,288 --sh--w C:\WINDOWS\system32\regsvr32.exe
.

((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 00:03 15360]
"lycosInside"="C:\Program Files\lycos\Lyc_SysTray.exe" [2006-02-11 00:45 332840]
"msnmsgr"="~C:\PROGRA~1\MSNMES~1\msnmsgr.exe" [ ]
"DrvMon.exe"="C:\WINDOWS\system32\DrvMon.exe" [2004-09-10 03:16 53248]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe" [ ]
"SweetIM"="C:\Program Files\Macrogaming\SweetIM\SweetIM.exe" [ ]
"WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" [2006-11-02 22:53 204288]
"LDM"="\Program\" [ ]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2007-12-05 01:41 8523776]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2006-10-25 18:58 282624]
"SweetIM"="C:\Program Files\Macrogaming\SweetIM\SweetIM.exe" [ ]
"SetDefPrt"="C:\Program Files\Brother\Brmfl05a\BrStDvPt.exe" [2005-01-26 18:02 49152]
"ControlCenter2.0"="C:\Program Files\Brother\ControlCenter2\brctrcen.exe" [2005-07-22 21:36 933888]
"nwiz"="nwiz.exe" [2007-12-05 01:41 1626112 C:\WINDOWS\system32\nwiz.exe]
"NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2007-12-05 01:41 81920]
"nod32kui"="C:\Program Files\Eset\nod32kui.exe" [2008-01-31 16:04 949376]
"SSBkgdUpdate"="C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2003-10-14 10:22 155648]
"PaperPort PTD"="C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe" [2005-03-18 12:40 57393]
"IndexSearch"="C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe" [2005-03-18 12:53 40960]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-04 00:03 15360]
"PcSync"="C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe" [2006-11-09 17:15 1634304]
"Picasa Media Detector"="C:\Program Files\Picasa2\PicasaMediaDetector.exe" [2007-09-28 02:17 443968]

C:\Documents and Settings\All Users\Menu Start\Programma's\Opstarten\
Adobe Gamma Loader.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2005-02-20 12:41:13 110592]
Logitech Desktop Messenger.lnk - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe [2005-02-19 13:15:34 450560]
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE [2001-02-13 01:01:04 83360]
Statusvenster.lnk - C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe [2008-01-04 11:01:57 802816]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoViewOnDrive"= 0 (0x0)

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Adobe Reader Snelle start.lnk]
path=C:\Documents and Settings\All Users\Menu Start\Programma's\Opstarten\Adobe Reader Snelle start.lnk
backup=C:\WINDOWS\pss\Adobe Reader Snelle start.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BitTorrent]
C:\Program Files\BitTorrent\bittorrent.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TomTomHOME.exe]
--a------ 2007-10-31 10:19 378784 C:\Program Files\TomTom HOME 2\HOMERunner.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"winvnc"=2 (0x2)

R2 ACEDRV06;ACEDRV06;C:\WINDOWS\system32\drivers\ACEDRV06.sys [2007-03-19 19:40]
R2 SVKP;SVKP;C:\WINDOWS\system32\SVKP.sys [2005-12-28 23:43]
R3 PAC207;Trust WB-1400T Webcam;C:\WINDOWS\system32\DRIVERS\pfc027.sys [2005-02-24 12:29]
S3 BrScnUsb;Brother USB Still Image driver;C:\WINDOWS\system32\Drivers\BrScnUsb.sys [2004-10-15 12:50]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\##Rockinronnie#OPS LAG (F)]
\Shell\AutoRun\command - Z:\setupSNK.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{bf0b5239-23f0-11db-8906-000461845014}]
\Shell\AutoRun\command - G:\loader.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{feaafb72-928b-11dc-8a40-000461845014}]
\Shell\AutoRun\command - H:\InstallTomTomHOME.exe

.
Inhoud van de 'Gedeelde Taken' map
"2008-02-29 10:00:19 C:\WINDOWS\Tasks\User_Feed_Synchronization-{5CA99DB3-E76A-430B-B31C-53C5A835BE72}.job"
- C:\WINDOWS\system32\msfeedssync.exe
.
**************************************************************************

catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-02-20 11:19:55
Windows 5.1.2600 Service Pack 2 NTFS

scannen van verborgen processen ...

scannen van verborgen autostart items ...

HKCU\Software\Microsoft\Windows\CurrentVersion\Run
msnmsgr = ~"C:\PROGRA~1\MSNMES~1\msnmsgr.exe" /background?s?n

scannen van verborgen bestanden ...

Scan succesvol afgerond
verborgen bestanden: 0

**************************************************************************
.
--------------------- DLLs Geladen Onder Lopende Processen ---------------------

PROCESS: C:\WINDOWS\system32\lsass.exe [5.01.2600.2180]
-> C:\Program Files\Eset\pr_imon.dll
.
Voltooingstijd: 2008-02-20 11:20:25
ComboFix-quarantined-files.txt 2008-02-20 10:20:23
ComboFix2.txt 2008-02-17 23:31:15
.
2008-02-14 23:14:56 --- E O F ---

Installeer de Nokia Suite software eens opnieuw en kijk dan hoe alles functioneert. Heb je verder nog problemen?

IK heb geen problemen verder.
ik heb nokia niet hersteld en ook geen foutmelding meer.

dus vooralsnog ga ik het effe aankijken.

in elk geval bedankt voor de hulp

Je logjes zien er i.i.g. goed uit.

Deinstalleer Combofix, ga naar start --> uitvoeren en typ daar: Combofix /u
Dit zal Combofix verwijderen en je systeemherstel resetten.

Download ATF Cleaner (by Atribune)

Dubbelklik op ATF cleaner om het programma te starten.
Op het tabblad "Main", plaats je een vinkje bij Select All.
Klik op de knop Empty Selected.

Het volgende doen als je ook FireFox als browser hebt:
Klik op tabblad "Firefox", plaats een vinkje bij Select All.
Wil je de door Firefox opgeslagen wachtwoorden behouden, dan klik je in het venster dat verschijnt op "No".
(dit haalt het vinkje weer weg bij "Firefox saved passwords")
Klik op de knop Empty Selected.

Het volgende doen als je ook Opera als browser hebt:
Klik op tabblad "Opera", plaats een vinkje bij Select All.
Wil je de door Opera opgeslagen wachtwoorden behouden, dan klik je in het venster dat verschijnt op "No".
Klik op de knop Empty Selected.
Ga naar het tabblad "Main" en klik op de knop Exit om het programma af te sluiten.

Graag gedaan.