Mededeling

Collapse
No announcement yet.

Blauw spyware "warning" krijg ik niet weg

Collapse
X
  •  
  • Filter
  • Tijd
  • Show
Clear All
new posts

  • Blauw spyware "warning" krijg ik niet weg

    Help, zit met mijn handen in het haar.
    Sinds 2 dagen is mijn wallpaper veranderd in een blauw scherm met de mededeling: "Warning you are in danger! You're computer is infected with spyware...". Ik krijg ook regelmatig pop-ups uit mijn taskbar die me zegt dat ik met een spyware probleem zit. Klikken op die link brengt me naar een betalende anti-spyware site.
    Ook wordt er ongevraagd onregelmatig een website geopend.

    Ik heb reeds geprobeerd op via mijn "safe mode" enkele acties te ondernemen zonder resultaat:
    Smitrem laten lopen
    De nieuwst AVG antispyware laten lopen
    CCleaner laten lopen
    Na opstart in "normal" mode lijkt het probleem enkele minuten opgelost maar dan is het er weer.

    Nu weet ik het niet meer. Graag hulp. Hieronder mijn hijack this log.

    LVH


    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 11:30:49, on 17/02/2008
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16608)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
    C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
    C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Analog Devices\Core\smax4pnp.exe
    C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
    C:\Program Files\Dell\Media Experience\PCMService.exe
    C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
    C:\WINDOWS\system32\dla\tfswctrl.exe
    C:\WINDOWS\system32\LVCOMSX.EXE
    C:\Program Files\Logitech\Video\LogiTray.exe
    C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe
    C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe
    C:\WINDOWS\system32\hkcmd.exe
    C:\WINDOWS\system32\igfxpers.exe
    C:\Program Files\QuickTime\QTTask.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\Program Files\Belgacom\bin\sprtcmd.exe
    C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
    C:\WINDOWS\comsysobj.exe
    C:\WINDOWS\shellexcon.exe
    C:\WINDOWS\win32st.exe
    C:\WINDOWS\winstrse.exe
    C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Messenger\msmsgs.exe
    C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
    C:\WINDOWS\NCLAUNCH.EXe
    C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    C:\Program Files\Logitech\Video\FxSvr2.exe
    C:\Program Files\MSN Toolbar Suite\DS\02.05.0001.1119\en-us\bin\WindowsSearch.exe
    C:\Program Files\MSN Toolbar Suite\DS\02.05.0001.1119\en-us\bin\WindowsSearchIndexer.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Microsoft Office\OFFICE11\OUTLOOK.EXE
    C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE
    C:\Program Files\Belgacom\bin\tgshell.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.be/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://securityresponse.symantec.com/avcenter/fix_homepage/
    R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.com/0SEENUS/SAOS01?FORM=TOOLBR
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page = http://go.microsoft.com/fwlink/?LinkId=54843
    R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.euro.dell.com/countries/be/nlb/gen/default.htm
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
    O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.0\coIEPlg.dll
    O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\PROGRA~1\COMMON~1\SYMANT~1\IDS\IPSBHO.dll
    O2 - BHO: MSN Search Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\TB\02.05.0001.1119\en-us\msntb.dll
    O3 - Toolbar: MSN Search Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\TB\02.05.0001.1119\en-us\msntb.dll
    O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
    O3 - Toolbar: Norton-werkbalk weergeven - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.0\CoIEPlg.dll
    O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
    O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Dell\Media Experience\PCMService.exe"
    O4 - HKLM\..\Run: [DVDLauncher] "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe"
    O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
    O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r
    O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
    O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
    O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
    O4 - HKLM\..\Run: [OpwareSE2] "C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe"
    O4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe" /icon
    O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
    O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
    O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [Belgacom] "C:\Program Files\Belgacom\bin\sprtcmd.exe" /P Belgacom
    O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
    O4 - HKLM\..\Run: [osCheck] "C:\Program Files\Norton Internet Security\osCheck.exe"
    O4 - HKLM\..\Run: [SMSERIALWORKSTARTER] "C:\WINDOWS\comsysobj.exe"
    O4 - HKLM\..\Run: [SMSERIALWORKERSTART] "C:\WINDOWS\shellexcon.exe"
    O4 - HKLM\..\Run: [SMSERIALSTARTER] "C:\WINDOWS\win32st.exe"
    O4 - HKLM\..\Run: [SMSERIALWORKERSTARTER] "C:\WINDOWS\winstrse.exe"
    O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
    O4 - HKLM\..\RunOnce: [SpybotDeletingA4639] command /c del "C:\Program Files\VideoBox\Uninstall.exe"
    O4 - HKLM\..\RunOnce: [SpybotDeletingC7158] cmd /c del "C:\Program Files\VideoBox\Uninstall.exe"
    O4 - HKLM\..\RunOnce: [SpybotDeletingA650] command /c del "C:\Documents and Settings\Lieven\Menu Start\Programma's\VideoBox\Uninstall.lnk"
    O4 - HKLM\..\RunOnce: [SpybotDeletingC8190] cmd /c del "C:\Documents and Settings\Lieven\Menu Start\Programma's\VideoBox\Uninstall.lnk"
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
    O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
    O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
    O4 - HKCU\..\Run: [NCLaunch] C:\WINDOWS\NCLAUNCH.EXe
    O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.0.720.3640\GoogleToolbarNotifier.exe
    O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    O4 - HKCU\..\RunOnce: [SpybotDeletingD6331] cmd /c del "C:\Program Files\VideoBox\Uninstall.exe"
    O4 - HKCU\..\RunOnce: [SpybotDeletingB5571] command /c del "C:\Documents and Settings\Lieven\Menu Start\Programma's\VideoBox\Uninstall.lnk"
    O4 - HKCU\..\RunOnce: [SpybotDeletingD5151] cmd /c del "C:\Documents and Settings\Lieven\Menu Start\Programma's\VideoBox\Uninstall.lnk"
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Lokale service')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Netwerkservice')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
    O4 - Global Startup: Windows Desktop Search.lnk = C:\Program Files\MSN Toolbar Suite\DS\02.05.0001.1119\en-us\bin\WindowsSearch.exe
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\msjava.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\msjava.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
    O16 - DPF: {193C772A-87BE-4B19-A7BB-445B226FE9A1} (ewidoOnlineScan Control) - http://downloads.ewido.net/ewidoOnlineScan.cab
    O16 - DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} (Symantec Download Manager) - https://webdl.symantec.com/activex/symdlmgr.cab
    O17 - HKLM\System\CCS\Services\Tcpip\..\{36D2CA35-AF9F-4093-8A32-F2D6370CCAE3}: NameServer = 195.238.2.22 195.238.2.21
    O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222
    O17 - HKLM\System\CS1\Services\Tcpip\..\{36D2CA35-AF9F-4093-8A32-F2D6370CCAE3}: NameServer = 195.238.2.22 195.238.2.21
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222
    O18 - Protocol: bw+0 - {E9DDCE2B-E1D0-40B9-AAA7-3083E4D5D700} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw+0s - {E9DDCE2B-E1D0-40B9-AAA7-3083E4D5D700} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw-0 - {E9DDCE2B-E1D0-40B9-AAA7-3083E4D5D700} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw-0s - {E9DDCE2B-E1D0-40B9-AAA7-3083E4D5D700} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw00 - {E9DDCE2B-E1D0-40B9-AAA7-3083E4D5D700} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw00s - {E9DDCE2B-E1D0-40B9-AAA7-3083E4D5D700} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw10 - {E9DDCE2B-E1D0-40B9-AAA7-3083E4D5D700} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw10s - {E9DDCE2B-E1D0-40B9-AAA7-3083E4D5D700} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw20 - {E9DDCE2B-E1D0-40B9-AAA7-3083E4D5D700} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw20s - {E9DDCE2B-E1D0-40B9-AAA7-3083E4D5D700} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw30 - {E9DDCE2B-E1D0-40B9-AAA7-3083E4D5D700} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw30s - {E9DDCE2B-E1D0-40B9-AAA7-3083E4D5D700} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw40 - {E9DDCE2B-E1D0-40B9-AAA7-3083E4D5D700} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw40s - {E9DDCE2B-E1D0-40B9-AAA7-3083E4D5D700} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw50 - {E9DDCE2B-E1D0-40B9-AAA7-3083E4D5D700} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw50s - {E9DDCE2B-E1D0-40B9-AAA7-3083E4D5D700} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw60 - {E9DDCE2B-E1D0-40B9-AAA7-3083E4D5D700} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw60s - {E9DDCE2B-E1D0-40B9-AAA7-3083E4D5D700} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw70 - {E9DDCE2B-E1D0-40B9-AAA7-3083E4D5D700} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw70s - {E9DDCE2B-E1D0-40B9-AAA7-3083E4D5D700} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw80 - {E9DDCE2B-E1D0-40B9-AAA7-3083E4D5D700} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw80s - {E9DDCE2B-E1D0-40B9-AAA7-3083E4D5D700} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw90 - {E9DDCE2B-E1D0-40B9-AAA7-3083E4D5D700} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw90s - {E9DDCE2B-E1D0-40B9-AAA7-3083E4D5D700} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwa0 - {E9DDCE2B-E1D0-40B9-AAA7-3083E4D5D700} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwa0s - {E9DDCE2B-E1D0-40B9-AAA7-3083E4D5D700} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwb0 - {E9DDCE2B-E1D0-40B9-AAA7-3083E4D5D700} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwb0s - {E9DDCE2B-E1D0-40B9-AAA7-3083E4D5D700} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwc0 - {E9DDCE2B-E1D0-40B9-AAA7-3083E4D5D700} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwc0s - {E9DDCE2B-E1D0-40B9-AAA7-3083E4D5D700} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwd0 - {E9DDCE2B-E1D0-40B9-AAA7-3083E4D5D700} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwd0s - {E9DDCE2B-E1D0-40B9-AAA7-3083E4D5D700} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwe0 - {E9DDCE2B-E1D0-40B9-AAA7-3083E4D5D700} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwe0s - {E9DDCE2B-E1D0-40B9-AAA7-3083E4D5D700} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwf0 - {E9DDCE2B-E1D0-40B9-AAA7-3083E4D5D700} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwf0s - {E9DDCE2B-E1D0-40B9-AAA7-3083E4D5D700} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
    O18 - Protocol: bwg0 - {E9DDCE2B-E1D0-40B9-AAA7-3083E4D5D700} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwg0s - {E9DDCE2B-E1D0-40B9-AAA7-3083E4D5D700} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwh0 - {E9DDCE2B-E1D0-40B9-AAA7-3083E4D5D700} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwh0s - {E9DDCE2B-E1D0-40B9-AAA7-3083E4D5D700} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwi0 - {E9DDCE2B-E1D0-40B9-AAA7-3083E4D5D700} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwi0s - {E9DDCE2B-E1D0-40B9-AAA7-3083E4D5D700} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwj0 - {E9DDCE2B-E1D0-40B9-AAA7-3083E4D5D700} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwj0s - {E9DDCE2B-E1D0-40B9-AAA7-3083E4D5D700} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwk0 - {E9DDCE2B-E1D0-40B9-AAA7-3083E4D5D700} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwk0s - {E9DDCE2B-E1D0-40B9-AAA7-3083E4D5D700} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwl0 - {E9DDCE2B-E1D0-40B9-AAA7-3083E4D5D700} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwl0s - {E9DDCE2B-E1D0-40B9-AAA7-3083E4D5D700} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwm0 - {E9DDCE2B-E1D0-40B9-AAA7-3083E4D5D700} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwm0s - {E9DDCE2B-E1D0-40B9-AAA7-3083E4D5D700} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwn0 - {E9DDCE2B-E1D0-40B9-AAA7-3083E4D5D700} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwn0s - {E9DDCE2B-E1D0-40B9-AAA7-3083E4D5D700} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwo0 - {E9DDCE2B-E1D0-40B9-AAA7-3083E4D5D700} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwo0s - {E9DDCE2B-E1D0-40B9-AAA7-3083E4D5D700} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwp0 - {E9DDCE2B-E1D0-40B9-AAA7-3083E4D5D700} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwp0s - {E9DDCE2B-E1D0-40B9-AAA7-3083E4D5D700} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwq0 - {E9DDCE2B-E1D0-40B9-AAA7-3083E4D5D700} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwq0s - {E9DDCE2B-E1D0-40B9-AAA7-3083E4D5D700} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwr0 - {E9DDCE2B-E1D0-40B9-AAA7-3083E4D5D700} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwr0s - {E9DDCE2B-E1D0-40B9-AAA7-3083E4D5D700} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bws0 - {E9DDCE2B-E1D0-40B9-AAA7-3083E4D5D700} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bws0s - {E9DDCE2B-E1D0-40B9-AAA7-3083E4D5D700} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwt0 - {E9DDCE2B-E1D0-40B9-AAA7-3083E4D5D700} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwt0s - {E9DDCE2B-E1D0-40B9-AAA7-3083E4D5D700} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwu0 - {E9DDCE2B-E1D0-40B9-AAA7-3083E4D5D700} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwu0s - {E9DDCE2B-E1D0-40B9-AAA7-3083E4D5D700} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwv0 - {E9DDCE2B-E1D0-40B9-AAA7-3083E4D5D700} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwv0s - {E9DDCE2B-E1D0-40B9-AAA7-3083E4D5D700} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bww0 - {E9DDCE2B-E1D0-40B9-AAA7-3083E4D5D700} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bww0s - {E9DDCE2B-E1D0-40B9-AAA7-3083E4D5D700} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwx0 - {E9DDCE2B-E1D0-40B9-AAA7-3083E4D5D700} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwx0s - {E9DDCE2B-E1D0-40B9-AAA7-3083E4D5D700} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwy0 - {E9DDCE2B-E1D0-40B9-AAA7-3083E4D5D700} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwy0s - {E9DDCE2B-E1D0-40B9-AAA7-3083E4D5D700} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwz0 - {E9DDCE2B-E1D0-40B9-AAA7-3083E4D5D700} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwz0s - {E9DDCE2B-E1D0-40B9-AAA7-3083E4D5D700} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: offline-8876480 - {E9DDCE2B-E1D0-40B9-AAA7-3083E4D5D700} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
    O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: Planner voor Automatische LiveUpdate (Automatic LiveUpdate Scheduler) - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
    O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
    O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
    O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
    O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
    O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE
    O23 - Service: LiveUpdate Notice - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
    O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe
    O23 - Service: Symantec Core LC - Unknown owner - C:\PROGRA~1\COMMON~1\SYMANT~1\CCPD-LC\symlcsvc.exe

    --
    End of file - 24189 bytes

  • #2
    Start HijackThis nog een keer en plaats alleen een vinkje voor de volgende regels:
    O4 - HKLM\..\Run: [SMSERIALWORKSTARTER] "C:\WINDOWS\comsysobj.exe"
    O4 - HKLM\..\Run: [SMSERIALWORKERSTART] "C:\WINDOWS\shellexcon.exe"
    O4 - HKLM\..\Run: [SMSERIALSTARTER] "C:\WINDOWS\win32st.exe"
    O4 - HKLM\..\Run: [SMSERIALWORKERSTARTER] "C:\WINDOWS\winstrse.exe"
    O17 - HKLM\System\CCS\Services\Tcpip\..\{36D2CA35-AF9F-4093-8A32-F2D6370CCAE3}: NameServer = 195.238.2.22 195.238.2.21
    O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222
    O17 - HKLM\System\CS1\Services\Tcpip\..\{36D2CA35-AF9F-4093-8A32-F2D6370CCAE3}: NameServer = 195.238.2.22 195.238.2.21
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222

    Sluit alle open vensters(behalve HijackThis), klik daarna op "Fix checked" en sluit HijackThis af.

    Download FixWareout van:
    http://swandog46.geekstogo.com/Fixwareout.exe (Mirror)

    Sla het op je bureaublad op en dubbelklik Fixwareout.exe. Klik eerst op Next en daarna op Install. Controleer daarna of Run fixit aangevinkt is en klik op Finish. Laat dan de fix zijn werk doen.
    Je zal gevraagd worden om de computer opnieuw op te starten, doe dat. Het kan zijn dat je computer langer doet over het opstarten dan gewoonlijk; dit is normaal.

    Let op! Als je antivirus een scriptblokker heeft krijg je een waarschuwing zoals "malicious script warning" wanneer je dit tooltje gaat draaien. Je kunt deze waarschuwing negeren.

    Plaats, na het herstarten, de inhoud van het log dat je hier kan vinden: C:\fixwareout\report.txt, post ook een nieuw HijackThis log.

    Comment


    • #3
      stappen uitgevoerd

      Vooreerst tof om te zien dat jullie hierop zo snel reageren... chappoo

      Ik heb de stappen gevolgd en hieronder het resultaat van de logs.
      Moet ik nu nog iets doen of zou het opgelost moeten zijn? Heb wel al de indruk dat ik al geen spontane website opstart meer heb. Het blauwe "warning" scherm is er nog wel, de pop-ups ook niet meer.


      Username "Lieven" - 17/02/2008 18:12:49 [Fixwareout edited 9/01/2007]

      ~~~~~ Prerun check

      De DNS-omzettingscache is leeggemaakt.


      System was rebooted successfully.

      ~~~~~ Postrun check
      ....
      ....
      ~~~~~ Misc files.
      ....
      ~~~~~ Checking for older varients.
      ....

      ~~~~~ Current runs (hklm hkcu "run" Keys Only)
      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
      "SoundMAXPnP"="C:\\Program Files\\Analog Devices\\Core\\smax4pnp.exe"
      "SunJavaUpdateSched"="C:\\Program Files\\Java\\j2re1.4.2_03\\bin\\jusched.exe"
      "PCMService"="\"C:\\Program Files\\Dell\\Media Experience\\PCMService.exe\""
      "DVDLauncher"="\"C:\\Program Files\\CyberLink\\PowerDVD\\DVDLauncher.exe\""
      "dla"="C:\\WINDOWS\\system32\\dla\\tfswctrl.exe"
      "UpdateManager"="\"C:\\Program Files\\Common Files\\Sonic\\Update Manager\\sgtray.exe\" /r"
      "LVCOMSX"="C:\\WINDOWS\\system32\\LVCOMSX.EXE"
      "LogitechVideoRepair"="C:\\Program Files\\Logitech\\Video\\ISStart.exe "
      "LogitechVideoTray"="C:\\Program Files\\Logitech\\Video\\LogiTray.exe"
      "OpwareSE2"="\"C:\\Program Files\\ScanSoft\\OmniPageSE2.0\\OpwareSE2.exe\""
      "SpeedTouch USB Diagnostics"="\"C:\\Program Files\\Thomson\\SpeedTouch USB\\Dragdiag.exe\" /icon"
      "igfxtray"="C:\\WINDOWS\\system32\\igfxtray.exe"
      "igfxhkcmd"="C:\\WINDOWS\\system32\\hkcmd.exe"
      "igfxpers"="C:\\WINDOWS\\system32\\igfxpers.exe"
      "QuickTime Task"="\"C:\\Program Files\\QuickTime\\QTTask.exe\" -atboottime"
      "iTunesHelper"="\"C:\\Program Files\\iTunes\\iTunesHelper.exe\""
      "Belgacom"="\"C:\\Program Files\\Belgacom\\bin\\sprtcmd.exe\" /P Belgacom"
      "ccApp"="\"C:\\Program Files\\Common Files\\Symantec Shared\\ccApp.exe\""
      "osCheck"="\"C:\\Program Files\\Norton Internet Security\\osCheck.exe\""
      "!AVG Anti-Spyware"="\"C:\\Program Files\\Grisoft\\AVG Anti-Spyware 7.5\\avgas.exe\" /minimized"

      [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
      "CTFMON.EXE"="C:\\WINDOWS\\system32\\ctfmon.exe"
      "MSMSGS"="\"C:\\Program Files\\Messenger\\msmsgs.exe\" /background"
      "LDM"="C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"
      "LogitechSoftwareUpdate"="\"C:\\Program Files\\Logitech\\Video\\ManifestEngine.exe\" boot"
      "NCLaunch"="C:\\WINDOWS\\NCLAUNCH.EXe"
      "swg"="C:\\Program Files\\Google\\GoogleToolbarNotifier\\1.0.720.3640\\GoogleToolbarNotifier.exe"
      ....
      Hosts file was reset, If you use a custom hosts file please replace it...
      ~~~~~ End report ~~~~~






      Logfile of Trend Micro HijackThis v2.0.2
      Scan saved at 19:48:56, on 17/02/2008
      Platform: Windows XP SP2 (WinNT 5.01.2600)
      MSIE: Internet Explorer v7.00 (7.00.6000.16608)
      Boot mode: Normal

      Running processes:
      C:\WINDOWS\System32\smss.exe
      C:\WINDOWS\system32\winlogon.exe
      C:\WINDOWS\system32\services.exe
      C:\WINDOWS\system32\lsass.exe
      C:\WINDOWS\system32\svchost.exe
      C:\WINDOWS\System32\svchost.exe
      C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
      C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
      C:\WINDOWS\system32\spoolsv.exe
      C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
      C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
      C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
      C:\WINDOWS\system32\svchost.exe
      C:\WINDOWS\Explorer.EXE
      C:\Program Files\Analog Devices\Core\smax4pnp.exe
      C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
      C:\Program Files\Dell\Media Experience\PCMService.exe
      C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
      C:\WINDOWS\system32\dla\tfswctrl.exe
      C:\WINDOWS\system32\LVCOMSX.EXE
      C:\Program Files\Logitech\Video\LogiTray.exe
      C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe
      C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe
      C:\WINDOWS\system32\hkcmd.exe
      C:\WINDOWS\system32\igfxpers.exe
      C:\Program Files\QuickTime\QTTask.exe
      C:\Program Files\iTunes\iTunesHelper.exe
      C:\Program Files\Belgacom\bin\sprtcmd.exe
      C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
      C:\WINDOWS\system32\ctfmon.exe
      C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
      C:\Program Files\Microsoft Office\OFFICE11\OUTLOOK.EXE
      C:\Program Files\Messenger\msmsgs.exe
      C:\Program Files\Logitech\Video\FxSvr2.exe
      C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
      C:\WINDOWS\NCLAUNCH.EXe
      C:\Program Files\MSN Toolbar Suite\DS\02.05.0001.1119\en-us\bin\WindowsSearch.exe
      C:\Program Files\MSN Toolbar Suite\DS\02.05.0001.1119\en-us\bin\WindowsSearchIndexer.exe
      C:\Program Files\iPod\bin\iPodService.exe
      C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE
      C:\Program Files\MSN Toolbar Suite\DS\02.05.0001.1119\en-us\bin\WindowsSearchFilter.exe
      C:\Program Files\Internet Explorer\IEXPLORE.EXE
      C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

      R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
      R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
      R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
      R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
      R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
      R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.com/0SEENUS/SAOS01?FORM=TOOLBR
      R1 - HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page = http://go.microsoft.com/fwlink/?LinkId=54843
      R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.euro.dell.com/countries/be/nlb/gen/default.htm
      R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
      O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
      O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
      O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.0\coIEPlg.dll
      O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\PROGRA~1\COMMON~1\SYMANT~1\IDS\IPSBHO.dll
      O2 - BHO: MSN Search Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\TB\02.05.0001.1119\en-us\msntb.dll
      O3 - Toolbar: MSN Search Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\TB\02.05.0001.1119\en-us\msntb.dll
      O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
      O3 - Toolbar: Norton-werkbalk weergeven - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.0\CoIEPlg.dll
      O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
      O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
      O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Dell\Media Experience\PCMService.exe"
      O4 - HKLM\..\Run: [DVDLauncher] "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe"
      O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
      O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r
      O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
      O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
      O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
      O4 - HKLM\..\Run: [OpwareSE2] "C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe"
      O4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe" /icon
      O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
      O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
      O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
      O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
      O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
      O4 - HKLM\..\Run: [Belgacom] "C:\Program Files\Belgacom\bin\sprtcmd.exe" /P Belgacom
      O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
      O4 - HKLM\..\Run: [osCheck] "C:\Program Files\Norton Internet Security\osCheck.exe"
      O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
      O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
      O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
      O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
      O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
      O4 - HKCU\..\Run: [NCLaunch] C:\WINDOWS\NCLAUNCH.EXe
      O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.0.720.3640\GoogleToolbarNotifier.exe
      O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Lokale service')
      O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Netwerkservice')
      O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
      O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
      O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
      O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
      O4 - Global Startup: Windows Desktop Search.lnk = C:\Program Files\MSN Toolbar Suite\DS\02.05.0001.1119\en-us\bin\WindowsSearch.exe
      O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\msjava.dll
      O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\msjava.dll
      O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
      O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
      O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
      O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
      O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
      O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
      O16 - DPF: {193C772A-87BE-4B19-A7BB-445B226FE9A1} (ewidoOnlineScan Control) - http://downloads.ewido.net/ewidoOnlineScan.cab
      O16 - DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} (Symantec Download Manager) - https://webdl.symantec.com/activex/symdlmgr.cab
      O17 - HKLM\System\CCS\Services\Tcpip\..\{36D2CA35-AF9F-4093-8A32-F2D6370CCAE3}: NameServer = 195.238.2.22 195.238.2.21
      O17 - HKLM\System\CS1\Services\Tcpip\..\{36D2CA35-AF9F-4093-8A32-F2D6370CCAE3}: NameServer = 195.238.2.22 195.238.2.21
      O18 - Protocol: bw+0 - {E9DDCE2B-E1D0-40B9-AAA7-3083E4D5D700} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw+0s - {E9DDCE2B-E1D0-40B9-AAA7-3083E4D5D700} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw-0 - {E9DDCE2B-E1D0-40B9-AAA7-3083E4D5D700} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw-0s - {E9DDCE2B-E1D0-40B9-AAA7-3083E4D5D700} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw00 - {E9DDCE2B-E1D0-40B9-AAA7-3083E4D5D700} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw00s - {E9DDCE2B-E1D0-40B9-AAA7-3083E4D5D700} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw10 - {E9DDCE2B-E1D0-40B9-AAA7-3083E4D5D700} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw10s - {E9DDCE2B-E1D0-40B9-AAA7-3083E4D5D700} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw20 - {E9DDCE2B-E1D0-40B9-AAA7-3083E4D5D700} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw20s - {E9DDCE2B-E1D0-40B9-AAA7-3083E4D5D700} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw30 - {E9DDCE2B-E1D0-40B9-AAA7-3083E4D5D700} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw30s - {E9DDCE2B-E1D0-40B9-AAA7-3083E4D5D700} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw40 - {E9DDCE2B-E1D0-40B9-AAA7-3083E4D5D700} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw40s - {E9DDCE2B-E1D0-40B9-AAA7-3083E4D5D700} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw50 - {E9DDCE2B-E1D0-40B9-AAA7-3083E4D5D700} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw50s - {E9DDCE2B-E1D0-40B9-AAA7-3083E4D5D700} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw60 - {E9DDCE2B-E1D0-40B9-AAA7-3083E4D5D700} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw60s - {E9DDCE2B-E1D0-40B9-AAA7-3083E4D5D700} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw70 - {E9DDCE2B-E1D0-40B9-AAA7-3083E4D5D700} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw70s - {E9DDCE2B-E1D0-40B9-AAA7-3083E4D5D700} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw80 - {E9DDCE2B-E1D0-40B9-AAA7-3083E4D5D700} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw80s - {E9DDCE2B-E1D0-40B9-AAA7-3083E4D5D700} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw90 - {E9DDCE2B-E1D0-40B9-AAA7-3083E4D5D700} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw90s - {E9DDCE2B-E1D0-40B9-AAA7-3083E4D5D700} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwa0 - {E9DDCE2B-E1D0-40B9-AAA7-3083E4D5D700} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwa0s - {E9DDCE2B-E1D0-40B9-AAA7-3083E4D5D700} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwb0 - {E9DDCE2B-E1D0-40B9-AAA7-3083E4D5D700} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwb0s - {E9DDCE2B-E1D0-40B9-AAA7-3083E4D5D700} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwc0 - {E9DDCE2B-E1D0-40B9-AAA7-3083E4D5D700} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwc0s - {E9DDCE2B-E1D0-40B9-AAA7-3083E4D5D700} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwd0 - {E9DDCE2B-E1D0-40B9-AAA7-3083E4D5D700} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwd0s - {E9DDCE2B-E1D0-40B9-AAA7-3083E4D5D700} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwe0 - {E9DDCE2B-E1D0-40B9-AAA7-3083E4D5D700} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwe0s - {E9DDCE2B-E1D0-40B9-AAA7-3083E4D5D700} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwf0 - {E9DDCE2B-E1D0-40B9-AAA7-3083E4D5D700} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwf0s - {E9DDCE2B-E1D0-40B9-AAA7-3083E4D5D700} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
      O18 - Protocol: bwg0 - {E9DDCE2B-E1D0-40B9-AAA7-3083E4D5D700} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwg0s - {E9DDCE2B-E1D0-40B9-AAA7-3083E4D5D700} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwh0 - {E9DDCE2B-E1D0-40B9-AAA7-3083E4D5D700} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwh0s - {E9DDCE2B-E1D0-40B9-AAA7-3083E4D5D700} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwi0 - {E9DDCE2B-E1D0-40B9-AAA7-3083E4D5D700} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwi0s - {E9DDCE2B-E1D0-40B9-AAA7-3083E4D5D700} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwj0 - {E9DDCE2B-E1D0-40B9-AAA7-3083E4D5D700} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwj0s - {E9DDCE2B-E1D0-40B9-AAA7-3083E4D5D700} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwk0 - {E9DDCE2B-E1D0-40B9-AAA7-3083E4D5D700} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwk0s - {E9DDCE2B-E1D0-40B9-AAA7-3083E4D5D700} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwl0 - {E9DDCE2B-E1D0-40B9-AAA7-3083E4D5D700} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwl0s - {E9DDCE2B-E1D0-40B9-AAA7-3083E4D5D700} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwm0 - {E9DDCE2B-E1D0-40B9-AAA7-3083E4D5D700} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwm0s - {E9DDCE2B-E1D0-40B9-AAA7-3083E4D5D700} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwn0 - {E9DDCE2B-E1D0-40B9-AAA7-3083E4D5D700} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwn0s - {E9DDCE2B-E1D0-40B9-AAA7-3083E4D5D700} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwo0 - {E9DDCE2B-E1D0-40B9-AAA7-3083E4D5D700} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwo0s - {E9DDCE2B-E1D0-40B9-AAA7-3083E4D5D700} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwp0 - {E9DDCE2B-E1D0-40B9-AAA7-3083E4D5D700} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwp0s - {E9DDCE2B-E1D0-40B9-AAA7-3083E4D5D700} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwq0 - {E9DDCE2B-E1D0-40B9-AAA7-3083E4D5D700} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwq0s - {E9DDCE2B-E1D0-40B9-AAA7-3083E4D5D700} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwr0 - {E9DDCE2B-E1D0-40B9-AAA7-3083E4D5D700} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwr0s - {E9DDCE2B-E1D0-40B9-AAA7-3083E4D5D700} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bws0 - {E9DDCE2B-E1D0-40B9-AAA7-3083E4D5D700} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bws0s - {E9DDCE2B-E1D0-40B9-AAA7-3083E4D5D700} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwt0 - {E9DDCE2B-E1D0-40B9-AAA7-3083E4D5D700} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwt0s - {E9DDCE2B-E1D0-40B9-AAA7-3083E4D5D700} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwu0 - {E9DDCE2B-E1D0-40B9-AAA7-3083E4D5D700} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwu0s - {E9DDCE2B-E1D0-40B9-AAA7-3083E4D5D700} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwv0 - {E9DDCE2B-E1D0-40B9-AAA7-3083E4D5D700} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwv0s - {E9DDCE2B-E1D0-40B9-AAA7-3083E4D5D700} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bww0 - {E9DDCE2B-E1D0-40B9-AAA7-3083E4D5D700} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bww0s - {E9DDCE2B-E1D0-40B9-AAA7-3083E4D5D700} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwx0 - {E9DDCE2B-E1D0-40B9-AAA7-3083E4D5D700} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwx0s - {E9DDCE2B-E1D0-40B9-AAA7-3083E4D5D700} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwy0 - {E9DDCE2B-E1D0-40B9-AAA7-3083E4D5D700} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwy0s - {E9DDCE2B-E1D0-40B9-AAA7-3083E4D5D700} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwz0 - {E9DDCE2B-E1D0-40B9-AAA7-3083E4D5D700} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwz0s - {E9DDCE2B-E1D0-40B9-AAA7-3083E4D5D700} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: offline-8876480 - {E9DDCE2B-E1D0-40B9-AAA7-3083E4D5D700} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
      O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
      O23 - Service: Planner voor Automatische LiveUpdate (Automatic LiveUpdate Scheduler) - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
      O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
      O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
      O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
      O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
      O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
      O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
      O23 - Service: LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE
      O23 - Service: LiveUpdate Notice - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
      O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe
      O23 - Service: Symantec Core LC - Unknown owner - C:\PROGRA~1\COMMON~1\SYMANT~1\CCPD-LC\symlcsvc.exe

      --
      End of file - 22641 bytes

      Comment


      • #4
        Download: RVAXO.exe
        • Sla het bestand op je bureaublad op, dubbelklik het en kies voor "Unzip" om het uit te pakken.
        • Open nu de map RVAXO op je bureaublad en dubbeklik RunMe.cmd
          Er zal een cmd-schermpje openen, daarin zullen snel enkele regels over niet gevonden bestanden voorbijkomen, dit is normaal.
        • Mogelijk start er ook een uninstaller van een rogue scanner op, sluit deze niet af maar volg eventuele aanwijzingen en laat deze gewoon zijn werk doen.
        • Daarna zal je PC herstarten, na de herstart opent het cmd-venster van RVAXO opnieuw.
          Laat deze lopen en wacht tot er een logfile opent: C:\RVAXO-results.log
        • Herstart je computer niet vanzelf, of start de tool niet na de reboot, doe dit dan handmatig.
        • Post de inhoud van de logfile in je volgende bericht.


        Download Combofix (mirror) naar je Bureaublad.
        Dubbelklik op Combofix.exe
        Tijdens het runnen van de fix, NIET in het venster klikken, want dit zal je pc doen vasthangen.
        Wanneer de fix voltooid is en na herstart, zal de log combofix.txt openen(je kan hem ook hier vinden: C:\Combofix.txt)
        Plaats deze log in je volgende post.

        NOTA: Indien je virusscanner reageert met een melding van een scriptuitvoering, mag je dit negeren.

        Comment


        • #5
          vervolg

          Bedankt voor de snelle reactie.
          Alles uitgevoerd zoals gevraagd. De logs zijn hieronder.
          Wat heb ik nu al juist gedaan?


          ---RVAXO.exe Updated: 2008-02-17---first run---
          Files found:
          C:\WINDOWS\winstrse.exe
          C:\WINDOWS\win32st.exe
          C:\WINDOWS\shellexcon.exe
          C:\WINDOWS\comsysobj.exe

          Uninstallers:


          Folders Found:


          Hosts-file was reset, If you use a custom hosts file please replace it...

          --------------RVAXO.exe last run---------------

          Files found:

          Folders Found:

          --------------RVAXO.exe finished----------------





          ComboFix 08-02-17.2 - Lieven 2008-02-17 21:31:56.1 - NTFSx86
          Microsoft Windows XP Home Edition 5.1.2600.2.1252.31.1043.18.469 [GMT 1:00]
          Gestart vanuit: C:\Documents and Settings\Lieven\Bureaublad\ComboFix.exe
          * Nieuw herstelpunt werd aangemaakt

          WAARSCHUWING - DE RECOVERY CONSOLE IS NIET OP DIT SYSTEEM GEINSTALLEERD !!
          .

          (((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
          .

          C:\Documents and Settings\Wout\Local Settings\Temp\_install.exe
          C:\WINDOWS\cracrwinz.exe

          .
          (((((((((((((((((((( Bestanden Gemaakt van 2008-01-17 to 2008-02-17 ))))))))))))))))))))))))))))))
          .

          2008-02-17 21:24 . 2008-02-17 21:25 <DIR> d-------- C:\RVAXO
          2008-02-17 21:22 . 2008-02-17 12:52 700,333 --a------ C:\WINDOWS\SYSTEM32\RVAXO.bat
          2008-02-17 21:22 . 2001-10-01 14:51 69,632 --a------ C:\WINDOWS\SYSTEM32\remove.exe
          2008-02-17 18:12 . 2008-02-17 18:17 <DIR> d-------- C:\fixwareout
          2008-02-17 17:58 . 2008-02-17 21:11 <DIR> dr-h----- C:\Documents and Settings\Lieven\Onlangs geopend
          2008-02-17 11:10 . 2008-02-17 11:10 <DIR> d-------- C:\Program Files\Trend Micro
          2008-02-16 23:44 . 2008-02-16 23:44 444 --a------ C:\WINDOWS\SYSTEM32\d3d8caps.dat
          2008-02-16 23:13 . 2005-02-07 12:11 <DIR> d--h----- C:\Documents and Settings\Administrator\Sjablonen
          2008-02-16 23:13 . 2005-02-07 12:11 <DIR> dr-h----- C:\Documents and Settings\Administrator\Onlangs geopend
          2008-02-16 23:13 . 2005-02-07 12:11 <DIR> d--h----- C:\Documents and Settings\Administrator\Netwerkprinteromgeving
          2008-02-16 23:13 . 2005-02-07 12:28 <DIR> dr------- C:\Documents and Settings\Administrator\Mijn documenten
          2008-02-16 23:13 . 2005-02-07 12:11 <DIR> dr------- C:\Documents and Settings\Administrator\Menu Start
          2008-02-16 23:13 . 2005-02-07 12:11 <DIR> dr------- C:\Documents and Settings\Administrator\Favorieten
          2008-02-16 23:13 . 2005-02-07 12:11 <DIR> d-------- C:\Documents and Settings\Administrator\Bureaublad
          2008-02-16 23:13 . 2005-02-07 12:29 <DIR> d-------- C:\Documents and Settings\Administrator\Application Data\Symantec
          2008-02-16 23:13 . 2005-02-07 12:35 <DIR> d-------- C:\Documents and Settings\Administrator\Application Data\Sonic
          2008-02-16 23:13 . 2005-02-07 12:28 <DIR> d-------- C:\Documents and Settings\Administrator\Application Data\Jasc Software Inc
          2008-02-16 23:13 . 2008-02-14 22:26 <DIR> d-------- C:\Documents and Settings\Administrator\Application Data\Apple Computer
          2008-02-16 23:11 . 2008-02-16 23:11 <DIR> d-------- C:\Program Files\CCleaner
          2008-02-16 22:53 . 2008-02-16 22:53 <DIR> d-------- C:\Documents and Settings\Lieven\Application Data\Grisoft
          2008-02-16 22:52 . 2008-02-16 22:52 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Grisoft
          2008-02-16 22:52 . 2007-05-30 13:10 10,872 --a------ C:\WINDOWS\SYSTEM32\DRIVERS\AvgAsCln.sys
          2008-02-16 21:40 . 2008-02-17 15:07 <DIR> d-------- C:\Program Files\Spybot - Search & Destroy
          2008-02-16 21:40 . 2008-02-17 15:07 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
          2008-02-13 23:12 . 2008-02-17 17:57 2,359,350 --a------ C:\WINDOWS\mywallpaper.bmp
          2008-02-13 22:32 . 2008-02-13 22:32 <DIR> d-------- C:\Program Files\Lavasoft
          2008-02-13 22:32 . 2008-02-13 22:33 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Lavasoft
          2008-02-13 22:31 . 2008-02-13 22:31 <DIR> d-------- C:\Program Files\Common Files\Wise Installation Wizard
          2008-02-13 22:16 . 2008-02-17 17:54 <DIR> d-------- C:\Program Files\Firewall
          2008-02-13 22:01 . 2008-02-13 22:09 <DIR> d-------- C:\Program Files\SpyBurner
          2008-02-13 21:53 . 2008-02-13 21:53 20,992 --a------ C:\WINDOWS\hllibex.exe
          2008-02-13 21:53 . 2008-02-13 21:53 3,072 --a------ C:\WINDOWS\tromomwin32.exe
          2008-02-13 21:53 . 2008-02-13 21:53 1,685 --a------ C:\WINDOWS\config.ini
          2008-02-13 21:53 . 2008-02-13 21:53 1,409 --a------ C:\WINDOWS\wmstrbum.exe
          2008-02-13 21:53 . 2008-02-13 21:53 1,272 --a------ C:\WINDOWS\sysobjwertb.dll
          2008-01-19 16:32 . 2008-01-19 16:32 114,268 --a------ C:\WINDOWS\Run32A50.mch
          2008-01-19 16:13 . 2008-01-19 16:16 <DIR> d-------- C:\PC_Play&Learn
          2008-01-19 16:08 . 2008-01-19 16:31 <DIR> d-------- C:\WINDOWS\A5W_DATA
          2008-01-19 16:08 . 2008-01-19 16:08 35 --a------ C:\WINDOWS\A5W.INI
          2008-01-19 15:18 . 2008-01-19 15:18 <DIR> d-------- C:\Documents and Settings\Gijs\WINDOWS
          2008-01-18 18:41 . 2008-01-18 18:41 <DIR> d-------- C:\Intelliga

          .
          ((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
          .
          2008-02-17 20:34 --------- d-----w C:\Program Files\Common Files\Symantec Shared
          2008-02-17 09:49 --------- d-----w C:\Documents and Settings\All Users\Application Data\Symantec
          2008-02-13 21:20 --------- d-----w C:\Documents and Settings\Lieven\Application Data\Lavasoft
          2008-02-07 20:21 --------- d-----w C:\Program Files\Microsoft ActiveSync
          2008-01-31 16:17 --------- d-----w C:\Program Files\RekenTaal
          2008-01-19 14:16 --------- d-----w C:\Documents and Settings\Gijs\Application Data\Symantec
          2008-01-15 08:54 10,537 ----a-w C:\WINDOWS\system32\drivers\coh_mon.cat
          2008-01-15 04:28 706 ----a-w C:\WINDOWS\system32\drivers\COH_Mon.inf
          2008-01-12 17:32 23,904 ----a-w C:\WINDOWS\system32\drivers\COH_Mon.sys
          2008-01-11 05:52 44,544 ----a-w C:\WINDOWS\SYSTEM32\DLLCACHE\pngfilt.dll
          2008-01-01 12:35 --------- d-----w C:\Documents and Settings\Wout\Application Data\Symantec
          2007-12-22 09:12 --------- d-----w C:\Program Files\Norton Internet Security
          2007-12-19 22:57 347,136 ----a-w C:\WINDOWS\SYSTEM32\DLLCACHE\dxtmsft.dll
          2007-12-18 09:51 179,584 ----a-w C:\WINDOWS\system32\drivers\mrxdav.sys
          2007-12-18 09:51 179,584 ------w C:\WINDOWS\SYSTEM32\DLLCACHE\mrxdav.sys
          2007-12-14 10:32 12,632 ----a-w C:\WINDOWS\SYSTEM32\lsdelete.exe
          2007-12-13 21:57 60,800 ----a-w C:\WINDOWS\SYSTEM32\S32EVNT1.DLL
          2007-12-08 05:18 3,592,192 ----a-w C:\WINDOWS\SYSTEM32\DLLCACHE\mshtml.dll
          2007-12-06 11:04 70,656 ------w C:\WINDOWS\SYSTEM32\DLLCACHE\ie4uinit.exe
          2007-12-06 11:04 625,664 ------w C:\WINDOWS\SYSTEM32\DLLCACHE\iexplore.exe
          2007-12-06 11:00 13,824 ------w C:\WINDOWS\SYSTEM32\DLLCACHE\ieudinit.exe
          2007-12-06 04:59 161,792 ------w C:\WINDOWS\SYSTEM32\DLLCACHE\ieakui.dll
          2007-12-04 18:42 550,912 ----a-w C:\WINDOWS\SYSTEM32\oleaut32.dll
          2007-12-04 18:42 550,912 ------w C:\WINDOWS\SYSTEM32\DLLCACHE\oleaut32.dll
          .

          ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
          .
          .
          REGEDIT4
          *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

          [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}]
          2007-08-24 20:51 316784 --a------ C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.0\coIEPlg.dll

          [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{6D53EC84-6AAE-4787-AEEE-F4628F01010C}]
          2008-01-31 22:48 116088 --a------ C:\PROGRA~1\COMMON~1\SYMANT~1\IDS\IPSBHO.dll

          [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
          {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0}
          {327C2873-E90D-4C37-AA9D-10AC9BABA46C}
          {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}

          [HKEY_CLASSES_ROOT\clsid\{7febefe3-6b19-4349-98d2-ffb09d4b49ca}]
          [HKEY_CLASSES_ROOT\CoIEPlg.CoToolbar.1]
          [HKEY_CLASSES_ROOT\CoIEPlg.CoToolbar]

          [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]
          "{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}"= C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.0\CoIEPlg.dll [2007-08-24 20:51 316784]

          [HKEY_CLASSES_ROOT\clsid\{7febefe3-6b19-4349-98d2-ffb09d4b49ca}]
          [HKEY_CLASSES_ROOT\CoIEPlg.CoToolbar.1]
          [HKEY_CLASSES_ROOT\CoIEPlg.CoToolbar]

          [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
          "CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 13:00 15360]
          "MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2004-10-13 17:24 1694208]
          "LDM"="C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe" [2006-07-09 20:19 36864]
          "LogitechSoftwareUpdate"="C:\Program Files\Logitech\Video\ManifestEngine.exe" [2005-06-08 14:44 196608]
          "NCLaunch"="C:\WINDOWS\NCLAUNCH.EXe" [2006-01-15 17:14 40960]
          "swg"="C:\Program Files\Google\GoogleToolbarNotifier\1.0.720.3640\GoogleToolbarNotifier.exe" [ ]

          [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
          "SoundMAXPnP"="C:\Program Files\Analog Devices\Core\smax4pnp.exe" [2004-10-14 16:42 1404928]
          "SunJavaUpdateSched"="C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe" [2003-11-19 18:48 32881]
          "PCMService"="C:\Program Files\Dell\Media Experience\PCMService.exe" [2004-04-11 21:15 290816]
          "DVDLauncher"="C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe" [2004-10-12 17:54 57344]
          "dla"="C:\WINDOWS\system32\dla\tfswctrl.exe" [2004-08-13 02:05 122939]
          "UpdateManager"="C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" [2004-01-07 02:01 110592]
          "LVCOMSX"="C:\WINDOWS\system32\LVCOMSX.EXE" [2005-07-19 17:32 221184]
          "LogitechVideoRepair"="C:\Program Files\Logitech\Video\ISStart.exe" [2005-06-08 15:24 458752]
          "LogitechVideoTray"="C:\Program Files\Logitech\Video\LogiTray.exe" [2005-06-08 15:14 217088]
          "OpwareSE2"="C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe" [2003-05-08 10:00 49152]
          "SpeedTouch USB Diagnostics"="C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe" [2004-01-26 10:38 866816]
          "igfxtray"="C:\WINDOWS\system32\igfxtray.exe" [2005-09-20 08:35 94208]
          "igfxhkcmd"="C:\WINDOWS\system32\hkcmd.exe" [2005-09-20 08:32 77824]
          "igfxpers"="C:\WINDOWS\system32\igfxpers.exe" [2005-09-20 08:36 114688]
          "QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [2007-06-29 05:24 286720]
          "iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2007-09-26 13:42 267064]
          "Belgacom"="C:\Program Files\Belgacom\bin\sprtcmd.exe" [2006-06-22 09:34 192512]
          "ccApp"="C:\Program Files\Common Files\Symantec Shared\ccApp.exe" [2008-01-31 13:15 51048]
          "osCheck"="C:\Program Files\Norton Internet Security\osCheck.exe" [2007-08-24 21:53 714608]
          "!AVG Anti-Spyware"="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [2007-06-11 10:25 6731312]

          [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
          "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-04 13:00 15360]

          C:\Documents and Settings\All Users\Menu Start\Programma's\Opstarten\
          Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-09-24 07:05:26 29696]
          Logitech Desktop Messenger.lnk - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe [2006-07-09 20:19:47 196608]
          Windows Desktop Search.lnk - C:\Program Files\MSN Toolbar Suite\DS\02.05.0001.1119\en-us\bin\WindowsSearch.exe [2005-09-20 18:10:04 238080]

          R2 A4S2;A4S2;C:\WINDOWS\system32\drivers\a4s2.sys [1997-05-12 10:51]
          R2 LiveUpdate Notice;LiveUpdate Notice;"C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" [2008-01-31 13:15]
          R3 COH_Mon;COH_Mon;C:\WINDOWS\system32\Drivers\COH_Mon.sys [2008-01-12 18:32]
          R3 SymIMMP;SymIMMP;C:\WINDOWS\system32\DRIVERS\SymIM.sys [2007-08-09 17:27]
          S3 SymIM;Symantec Network Security Intermediate Filter Service;C:\WINDOWS\system32\DRIVERS\SymIM.sys [2007-08-09 17:27]

          [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{84b9ebed-e448-11da-b730-000e50d294bb}]
          \Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL start.htm

          [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{a23dda1a-c994-11da-b6dc-001111ce07f9}]
          \Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL start.htm

          *Newly Created Service* - COMHOST
          .
          Inhoud van de 'Gedeelde Taken' map
          "2008-01-18 18:04:01 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
          - C:\Program Files\Apple Software Update\SoftwareUpdate.exe
          "2008-01-28 19:00:00 C:\WINDOWS\Tasks\Norton Internet Security - Volledige systeemscan uitvoeren - Lieven.job"
          - C:\Program Files\Norton Internet Security\Norton AntiVirus\Navw32.exeh/TASK:
          .
          **************************************************************************

          catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
          Rootkit scan 2008-02-17 21:34:52
          Windows 5.1.2600 Service Pack 2 NTFS

          scannen van verborgen processen ...

          scannen van verborgen autostart items ...

          scannen van verborgen bestanden ...

          Scan succesvol afgerond
          verborgen bestanden: 0

          **************************************************************************
          .
          Voltooingstijd: 2008-02-17 21:35:41
          ComboFix-quarantined-files.txt 2008-02-17 20:35:23
          .
          2008-02-12 21:04:15 --- E O F ---

          Comment


          • #6
            Open de map RVAXO op je bureaublad en dubbelklik Uninstall.cmd
            Dit zal alles van RVAXO doen verwijderen.

            Je Java software is verouderd.
            Oudere versies hebben lekken die malware de kans geeft om zich te installeren op je systeem.
            Doe eerst deze stappen om Java te de-installeren en de nieuwere versie te installeren:
            • Download Java Runtime Environment (JRE) 6u4 en bewaar het naar je Bureaublad.
            • Sluit alle programma's die eventueel open zijn - Zeker je web browser!
            • Ga dan naar Start > Configuratiescherm > Software en verwijder alle oudere versies van Java uit de Softwarelijst.
            • Vink alles aan met Java Runtime Environment (JRE of J2SE) in de naam.
            • Klik dan op Verwijderen of op de Wijzig/Verwijder knop.
            • Herhaal dit tot alle oudere versies verdwenen zijn.
            • Na het verwijderen van alle oudere versies, herstart je pc.
            • Dubbelklik vervolgens op jre-6u4-windows-i586-p.exe op je Bureaublad om de nieuwste versie van Java te installeren.


            Open een kladblokbestand.
            Kopieer onderstaande (alles wat vetgedrukt is) in dit kladblokbestand.

            @ECHO OFF
            IF EXIST log.txt DEL log.txt
            ECHO Deleting files>>log.txt
            FOR %%g in (
            C:\WINDOWS\hllibex.exe
            C:\WINDOWS\tromomwin32.exe
            C:\WINDOWS\wmstrbum.exe
            C:\WINDOWS\sysobjwertb.dll) DO (
            IF EXIST %%g (
            ATTRIB -r -s -h %%g
            DEL %%g
            IF EXIST %%g (
            ECHO %%g not deleted>>log.txt
            ) ELSE (
            ECHO %%g deleted>>log.txt)
            ) ELSE (
            ECHO %%g not found>>log.txt))
            >>log.txt (
            ECHO.
            ECHO Deleting folders)
            FOR %%I in (
            "C:\Program Files\SpyBurner"
            C:\fixwareout) DO (
            IF EXIST %%I (
            RD /S /Q %%I
            IF EXIST %%I (
            ECHO %%I not deleted>>log.txt
            ) ELSE (
            ECHO %%I deleted>>log.txt)
            ) ELSE (
            ECHO %%I not found>>log.txt))
            START NOTEPAD.EXE log.txt

            Ga naar Bestand - Opslaan als.
            Bij "Opslaan in" kies je: Bureaublad
            Bij "Bestandsnaam" zet je: del.bat
            Bij "Opslaan als type" selecteer je: Alle bestanden (*.*).
            Klik op de knop Opslaan.

            Herstart de computer.

            Dubbelklik op del.bat en post de inhoud van de logfile die opent.

            Start HijackThis opnieuw, maak een nieuwe log en post deze.

            Comment


            • #7
              stappen uitgevoerd

              Zoals gevraagd hieronder de output van de logs.
              Enig zicht of dit probleem helemaal kan opgelost worden? Het blauwe scherm is er nog, de andere symptomen zijn verdwenen.

              LVH.




              Deleting files
              C:\WINDOWS\hllibex.exe deleted
              C:\WINDOWS\tromomwin32.exe deleted
              C:\WINDOWS\wmstrbum.exe deleted
              C:\WINDOWS\sysobjwertb.dll deleted

              Deleting folders
              "C:\Program Files\SpyBurner" deleted
              C:\fixwareout deleted




              Logfile of Trend Micro HijackThis v2.0.2
              Scan saved at 22:14:44, on 18/02/2008
              Platform: Windows XP SP2 (WinNT 5.01.2600)
              MSIE: Internet Explorer v7.00 (7.00.6000.16608)
              Boot mode: Normal

              Running processes:
              C:\WINDOWS\System32\smss.exe
              C:\WINDOWS\system32\winlogon.exe
              C:\WINDOWS\system32\services.exe
              C:\WINDOWS\system32\lsass.exe
              C:\WINDOWS\system32\svchost.exe
              C:\WINDOWS\System32\svchost.exe
              C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
              C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
              C:\WINDOWS\system32\spoolsv.exe
              C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
              C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
              C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
              C:\WINDOWS\system32\svchost.exe
              C:\WINDOWS\Explorer.EXE
              C:\Program Files\Analog Devices\Core\smax4pnp.exe
              C:\Program Files\Dell\Media Experience\PCMService.exe
              C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
              C:\WINDOWS\system32\dla\tfswctrl.exe
              C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe
              C:\WINDOWS\system32\LVCOMSX.EXE
              C:\Program Files\Logitech\Video\LogiTray.exe
              C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe
              C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe
              C:\WINDOWS\system32\hkcmd.exe
              C:\WINDOWS\system32\igfxpers.exe
              C:\Program Files\QuickTime\QTTask.exe
              C:\Program Files\iTunes\iTunesHelper.exe
              C:\Program Files\Belgacom\bin\sprtcmd.exe
              C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
              C:\Program Files\Microsoft Office\OFFICE11\OUTLOOK.EXE
              C:\WINDOWS\system32\ctfmon.exe
              C:\Program Files\Logitech\Video\FxSvr2.exe
              C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
              C:\WINDOWS\system32\wuauclt.exe
              C:\Program Files\Java\jre1.6.0_04\bin\jusched.exe
              C:\Program Files\Messenger\msmsgs.exe
              C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
              C:\WINDOWS\NCLAUNCH.EXe
              C:\Program Files\iPod\bin\iPodService.exe
              C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
              C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE
              C:\Program Files\MSN Toolbar Suite\DS\02.05.0001.1119\en-us\bin\WindowsSearch.exe
              C:\Program Files\MSN Toolbar Suite\DS\02.05.0001.1119\en-us\bin\WindowsSearchIndexer.exe
              C:\Program Files\Internet Explorer\IEXPLORE.EXE
              C:\Program Files\MSN Toolbar Suite\DS\02.05.0001.1119\en-us\bin\WindowsSearchFilter.exe
              C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

              R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
              R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
              R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
              R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
              R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
              R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.com/0SEENUS/SAOS01?FORM=TOOLBR
              R1 - HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page = http://go.microsoft.com/fwlink/?LinkId=54843
              R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.euro.dell.com/countries/be/nlb/gen/default.htm
              R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
              O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
              O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
              O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.0\coIEPlg.dll
              O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\PROGRA~1\COMMON~1\SYMANT~1\IDS\IPSBHO.dll
              O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll
              O2 - BHO: MSN Search Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\TB\02.05.0001.1119\en-us\msntb.dll
              O3 - Toolbar: MSN Search Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\TB\02.05.0001.1119\en-us\msntb.dll
              O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
              O3 - Toolbar: Norton-werkbalk weergeven - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.0\CoIEPlg.dll
              O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
              O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Dell\Media Experience\PCMService.exe"
              O4 - HKLM\..\Run: [DVDLauncher] "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe"
              O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
              O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r
              O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
              O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
              O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
              O4 - HKLM\..\Run: [OpwareSE2] "C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe"
              O4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe" /icon
              O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
              O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
              O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
              O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
              O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
              O4 - HKLM\..\Run: [Belgacom] "C:\Program Files\Belgacom\bin\sprtcmd.exe" /P Belgacom
              O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
              O4 - HKLM\..\Run: [osCheck] "C:\Program Files\Norton Internet Security\osCheck.exe"
              O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
              O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_04\bin\jusched.exe"
              O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
              O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
              O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
              O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
              O4 - HKCU\..\Run: [NCLaunch] C:\WINDOWS\NCLAUNCH.EXe
              O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.0.720.3640\GoogleToolbarNotifier.exe
              O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Lokale service')
              O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Netwerkservice')
              O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
              O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
              O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
              O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
              O4 - Global Startup: Windows Desktop Search.lnk = C:\Program Files\MSN Toolbar Suite\DS\02.05.0001.1119\en-us\bin\WindowsSearch.exe
              O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll
              O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll
              O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
              O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
              O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
              O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
              O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
              O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
              O16 - DPF: {193C772A-87BE-4B19-A7BB-445B226FE9A1} (ewidoOnlineScan Control) - http://downloads.ewido.net/ewidoOnlineScan.cab
              O16 - DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} (Symantec Download Manager) - https://webdl.symantec.com/activex/symdlmgr.cab
              O17 - HKLM\System\CCS\Services\Tcpip\..\{36D2CA35-AF9F-4093-8A32-F2D6370CCAE3}: NameServer = 195.238.2.22 195.238.2.21
              O17 - HKLM\System\CS1\Services\Tcpip\..\{36D2CA35-AF9F-4093-8A32-F2D6370CCAE3}: NameServer = 195.238.2.22 195.238.2.21
              O18 - Protocol: bw+0 - {E9DDCE2B-E1D0-40B9-AAA7-3083E4D5D700} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
              O18 - Protocol: bw+0s - {E9DDCE2B-E1D0-40B9-AAA7-3083E4D5D700} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
              O18 - Protocol: bw-0 - {E9DDCE2B-E1D0-40B9-AAA7-3083E4D5D700} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
              O18 - Protocol: bw-0s - {E9DDCE2B-E1D0-40B9-AAA7-3083E4D5D700} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
              O18 - Protocol: bw00 - {E9DDCE2B-E1D0-40B9-AAA7-3083E4D5D700} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
              O18 - Protocol: bw00s - {E9DDCE2B-E1D0-40B9-AAA7-3083E4D5D700} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
              O18 - Protocol: bw10 - {E9DDCE2B-E1D0-40B9-AAA7-3083E4D5D700} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
              O18 - Protocol: bw10s - {E9DDCE2B-E1D0-40B9-AAA7-3083E4D5D700} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
              O18 - Protocol: bw20 - {E9DDCE2B-E1D0-40B9-AAA7-3083E4D5D700} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
              O18 - Protocol: bw20s - {E9DDCE2B-E1D0-40B9-AAA7-3083E4D5D700} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
              O18 - Protocol: bw30 - {E9DDCE2B-E1D0-40B9-AAA7-3083E4D5D700} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
              O18 - Protocol: bw30s - {E9DDCE2B-E1D0-40B9-AAA7-3083E4D5D700} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
              O18 - Protocol: bw40 - {E9DDCE2B-E1D0-40B9-AAA7-3083E4D5D700} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
              O18 - Protocol: bw40s - {E9DDCE2B-E1D0-40B9-AAA7-3083E4D5D700} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
              O18 - Protocol: bw50 - {E9DDCE2B-E1D0-40B9-AAA7-3083E4D5D700} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
              O18 - Protocol: bw50s - {E9DDCE2B-E1D0-40B9-AAA7-3083E4D5D700} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
              O18 - Protocol: bw60 - {E9DDCE2B-E1D0-40B9-AAA7-3083E4D5D700} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
              O18 - Protocol: bw60s - {E9DDCE2B-E1D0-40B9-AAA7-3083E4D5D700} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
              O18 - Protocol: bw70 - {E9DDCE2B-E1D0-40B9-AAA7-3083E4D5D700} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
              O18 - Protocol: bw70s - {E9DDCE2B-E1D0-40B9-AAA7-3083E4D5D700} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
              O18 - Protocol: bw80 - {E9DDCE2B-E1D0-40B9-AAA7-3083E4D5D700} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
              O18 - Protocol: bw80s - {E9DDCE2B-E1D0-40B9-AAA7-3083E4D5D700} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
              O18 - Protocol: bw90 - {E9DDCE2B-E1D0-40B9-AAA7-3083E4D5D700} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
              O18 - Protocol: bw90s - {E9DDCE2B-E1D0-40B9-AAA7-3083E4D5D700} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
              O18 - Protocol: bwa0 - {E9DDCE2B-E1D0-40B9-AAA7-3083E4D5D700} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
              O18 - Protocol: bwa0s - {E9DDCE2B-E1D0-40B9-AAA7-3083E4D5D700} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
              O18 - Protocol: bwb0 - {E9DDCE2B-E1D0-40B9-AAA7-3083E4D5D700} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
              O18 - Protocol: bwb0s - {E9DDCE2B-E1D0-40B9-AAA7-3083E4D5D700} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
              O18 - Protocol: bwc0 - {E9DDCE2B-E1D0-40B9-AAA7-3083E4D5D700} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
              O18 - Protocol: bwc0s - {E9DDCE2B-E1D0-40B9-AAA7-3083E4D5D700} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
              O18 - Protocol: bwd0 - {E9DDCE2B-E1D0-40B9-AAA7-3083E4D5D700} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
              O18 - Protocol: bwd0s - {E9DDCE2B-E1D0-40B9-AAA7-3083E4D5D700} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
              O18 - Protocol: bwe0 - {E9DDCE2B-E1D0-40B9-AAA7-3083E4D5D700} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
              O18 - Protocol: bwe0s - {E9DDCE2B-E1D0-40B9-AAA7-3083E4D5D700} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
              O18 - Protocol: bwf0 - {E9DDCE2B-E1D0-40B9-AAA7-3083E4D5D700} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
              O18 - Protocol: bwf0s - {E9DDCE2B-E1D0-40B9-AAA7-3083E4D5D700} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
              O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
              O18 - Protocol: bwg0 - {E9DDCE2B-E1D0-40B9-AAA7-3083E4D5D700} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
              O18 - Protocol: bwg0s - {E9DDCE2B-E1D0-40B9-AAA7-3083E4D5D700} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
              O18 - Protocol: bwh0 - {E9DDCE2B-E1D0-40B9-AAA7-3083E4D5D700} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
              O18 - Protocol: bwh0s - {E9DDCE2B-E1D0-40B9-AAA7-3083E4D5D700} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
              O18 - Protocol: bwi0 - {E9DDCE2B-E1D0-40B9-AAA7-3083E4D5D700} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
              O18 - Protocol: bwi0s - {E9DDCE2B-E1D0-40B9-AAA7-3083E4D5D700} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
              O18 - Protocol: bwj0 - {E9DDCE2B-E1D0-40B9-AAA7-3083E4D5D700} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
              O18 - Protocol: bwj0s - {E9DDCE2B-E1D0-40B9-AAA7-3083E4D5D700} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
              O18 - Protocol: bwk0 - {E9DDCE2B-E1D0-40B9-AAA7-3083E4D5D700} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
              O18 - Protocol: bwk0s - {E9DDCE2B-E1D0-40B9-AAA7-3083E4D5D700} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
              O18 - Protocol: bwl0 - {E9DDCE2B-E1D0-40B9-AAA7-3083E4D5D700} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
              O18 - Protocol: bwl0s - {E9DDCE2B-E1D0-40B9-AAA7-3083E4D5D700} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
              O18 - Protocol: bwm0 - {E9DDCE2B-E1D0-40B9-AAA7-3083E4D5D700} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
              O18 - Protocol: bwm0s - {E9DDCE2B-E1D0-40B9-AAA7-3083E4D5D700} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
              O18 - Protocol: bwn0 - {E9DDCE2B-E1D0-40B9-AAA7-3083E4D5D700} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
              O18 - Protocol: bwn0s - {E9DDCE2B-E1D0-40B9-AAA7-3083E4D5D700} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
              O18 - Protocol: bwo0 - {E9DDCE2B-E1D0-40B9-AAA7-3083E4D5D700} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
              O18 - Protocol: bwo0s - {E9DDCE2B-E1D0-40B9-AAA7-3083E4D5D700} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
              O18 - Protocol: bwp0 - {E9DDCE2B-E1D0-40B9-AAA7-3083E4D5D700} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
              O18 - Protocol: bwp0s - {E9DDCE2B-E1D0-40B9-AAA7-3083E4D5D700} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
              O18 - Protocol: bwq0 - {E9DDCE2B-E1D0-40B9-AAA7-3083E4D5D700} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
              O18 - Protocol: bwq0s - {E9DDCE2B-E1D0-40B9-AAA7-3083E4D5D700} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
              O18 - Protocol: bwr0 - {E9DDCE2B-E1D0-40B9-AAA7-3083E4D5D700} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
              O18 - Protocol: bwr0s - {E9DDCE2B-E1D0-40B9-AAA7-3083E4D5D700} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
              O18 - Protocol: bws0 - {E9DDCE2B-E1D0-40B9-AAA7-3083E4D5D700} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
              O18 - Protocol: bws0s - {E9DDCE2B-E1D0-40B9-AAA7-3083E4D5D700} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
              O18 - Protocol: bwt0 - {E9DDCE2B-E1D0-40B9-AAA7-3083E4D5D700} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
              O18 - Protocol: bwt0s - {E9DDCE2B-E1D0-40B9-AAA7-3083E4D5D700} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
              O18 - Protocol: bwu0 - {E9DDCE2B-E1D0-40B9-AAA7-3083E4D5D700} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
              O18 - Protocol: bwu0s - {E9DDCE2B-E1D0-40B9-AAA7-3083E4D5D700} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
              O18 - Protocol: bwv0 - {E9DDCE2B-E1D0-40B9-AAA7-3083E4D5D700} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
              O18 - Protocol: bwv0s - {E9DDCE2B-E1D0-40B9-AAA7-3083E4D5D700} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
              O18 - Protocol: bww0 - {E9DDCE2B-E1D0-40B9-AAA7-3083E4D5D700} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
              O18 - Protocol: bww0s - {E9DDCE2B-E1D0-40B9-AAA7-3083E4D5D700} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
              O18 - Protocol: bwx0 - {E9DDCE2B-E1D0-40B9-AAA7-3083E4D5D700} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
              O18 - Protocol: bwx0s - {E9DDCE2B-E1D0-40B9-AAA7-3083E4D5D700} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
              O18 - Protocol: bwy0 - {E9DDCE2B-E1D0-40B9-AAA7-3083E4D5D700} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
              O18 - Protocol: bwy0s - {E9DDCE2B-E1D0-40B9-AAA7-3083E4D5D700} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
              O18 - Protocol: bwz0 - {E9DDCE2B-E1D0-40B9-AAA7-3083E4D5D700} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
              O18 - Protocol: bwz0s - {E9DDCE2B-E1D0-40B9-AAA7-3083E4D5D700} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
              O18 - Protocol: offline-8876480 - {E9DDCE2B-E1D0-40B9-AAA7-3083E4D5D700} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
              O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
              O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
              O23 - Service: Planner voor Automatische LiveUpdate (Automatic LiveUpdate Scheduler) - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
              O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
              O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
              O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
              O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
              O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
              O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
              O23 - Service: LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE
              O23 - Service: LiveUpdate Notice - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
              O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe
              O23 - Service: Symantec Core LC - Unknown owner - C:\PROGRA~1\COMMON~1\SYMANT~1\CCPD-LC\symlcsvc.exe

              --
              End of file - 22680 bytes

              Comment


              • #8
                Ga naar Start - configuratiescherm - vormgeving en thema's
                (als dat er niet staat moet je even op "Categorieweergave" klikken) - Bureaublad - Bureaublad aanpassen - Website .
                Verwijder alles wat daar eventueel staat (behalve "Mijn huidige pagina").

                Helpt dat?

                Comment


                • #9
                  Het is gelukt...

                  Fantastisch, het is allemaal weg. Had dit nooit zelf kunnen realiseren.
                  Heel erg bedankt voor uw tijd en kennis. Ik kan jullie initiatief alleen maar aanmoedigen.


                  P.S. Mocht je nog wat tijd hebben, kan je me dan even zeggen wat we allemaal gedaan hebben. Ben wel geinteresseerd om hierover meer te weten.

                  Groeten,
                  Lieven.

                  Comment


                  • #10
                    Tip

                    Ik neem aan dat jullie nog Belgische vragen krijgen en daarvoor oplossingen bieden.
                    Vermeldt ook een Belgisch rekeningnr waarop donaties kunnen gebeuren.

                    Alvast bedankt en success,
                    Lieven.

                    Comment


                    • #11
                      Graag gedaan hoor

                      Voor donaties uit het buitenland wordt dat IBAN nummer gebruikt

                      Comment

                      Sorry, you are not authorized to view this page
                      Working...
                      X