Mededeling

Collapse
No announcement yet.

Spyware probleem

Collapse
X
Collapse
  •  
  • Page of 1
  • Filter
  • Tijd
  • Show
Clear All
new posts
Vorige template Volgende
  • #1

    Spyware probleem

    Hallo,

    Een vriend van me heeft last van spyware/virus.
    Hij heeft AVG antivirus geinstalleerd maar die helpt niet echt veel verder.
    Ook al antispyware software laten draaien, maar zo komen we er ook niet
    vanaf.

    Hieronder het HiJ Logje.

    Mvg,

    Pieter

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 15:29:53, on 19/04/2008
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.20733)
    Boot mode: Normal
    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
    C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
    C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
    C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
    C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
    C:\Program Files\NetProject\scit.exe
    C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
    C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
    C:\Program Files\QuickTime\qttask.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Messenger\msmsgs.exe
    C:\Program Files\NetProject\scm.exe
    C:\Program Files\Microsoft Office\Office\WINWORD.EXE
    C:\Program Files\MSN Messenger\usnsvc.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
    O2 - BHO: flashget urlcatch - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\Program Files\FlashGet\jccatch.dll
    O2 - BHO: (no name) - {7C109800-A5D5-438F-9640-18D17E168B88} - C:\Program Files\NetProject\sbmdl.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: 403445 helper - {9E654A16-4765-4EAA-94EC-D5A6578053A4} - C:\WINDOWS\system32\403445\403445.dll (file missing)
    O2 - BHO: FlashGet GetFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\Program Files\FlashGet\getflash.dll
    O3 - Toolbar: Internet Service - {51D81DD5-55B7-497F-95DB-D356429BB54E} - C:\Program Files\NetProject\wamdl.dll (file missing)
    O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
    O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
    O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
    O4 - HKLM\..\Policies\Explorer\Run: [some] C:\Program Files\NetProject\scit.exe
    O4 - HKLM\..\Policies\Explorer\Run: [start] C:\Program Files\NetProject\sbmntr.exe
    O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVGFRE~1\avgw.exe /RUNONCE (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-19\..\RunOnce: [ShowDeskFix] regsvr32 /s /n /i:u shell32 (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-20\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVGFRE~1\avgw.exe /RUNONCE (User 'NETWORK SERVICE')
    O4 - HKUS\S-1-5-20\..\RunOnce: [ShowDeskFix] regsvr32 /s /n /i:u shell32 (User 'NETWORK SERVICE')
    O4 - HKUS\S-1-5-18\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVGFRE~1\avgw.exe /RUNONCE (User 'SYSTEM')
    O4 - HKUS\S-1-5-18\..\RunOnce: [ShowDeskFix] regsvr32 /s /n /i:u shell32 (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVGFRE~1\avgw.exe /RUNONCE (User 'Default user')
    O4 - HKUS\.DEFAULT\..\RunOnce: [ShowDeskFix] regsvr32 /s /n /i:u shell32 (User 'Default user')
    O4 - Global Startup: 54 Mbps Wireless Configuration Utility.lnk = ?
    O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
    O8 - Extra context menu item: &Download All with FlashGet - C:\Program Files\FlashGet\jc_all.htm
    O8 - Extra context menu item: &Download with FlashGet - C:\Program Files\FlashGet\jc_link.htm
    O9 - Extra button: (no name) - {9034A523-D068-4BE8-A284-9DF278BE776E} - http://www.ieservicegate.com/redirect.php (file missing)
    O9 - Extra 'Tools' menuitem: IE Anti-Spyware - {9034A523-D068-4BE8-A284-9DF278BE776E} - http://www.ieservicegate.com/redirect.php (file missing)
    O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe
    O9 - Extra 'Tools' menuitem: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w2/resources/MSNPUpld.cab
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1195565322152
    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1195565288699
    O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} (HP Download Manager) - https://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.cab
    O22 - SharedTaskScheduler: hemimorphite - {12a31567-9883-4cc0-a684-ad5804394d69} - C:\WINDOWS\system32\vualf.dll (file missing)
    O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
    O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
    O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
    O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
    O23 - Service: IviRegMgr - InterVideo - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
    O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
    O24 - Desktop Component 0: (no name) - file:///C:/DOCUME~1/Serge/LOCALS~1/Temp/msoclip1/01/clip_image002.jpg
    --
    End of file - 7386 bytes
    Labels: Geen
    • Citaat
  • #2
    Download: RVAXO.exe
    • Sla het bestand op je bureaublad op, dubbelklik het en kies voor "Unzip" om het uit te pakken.
    • Start de computer in veilige modus.
    • Open nu de map RVAXO op je bureaublad en dubbeklik RunMe.cmd
      Er zal een cmd-schermpje openen, daarin zullen snel enkele regels over niet gevonden bestanden voorbijkomen, dit is normaal.
    • Mogelijk start er ook een uninstaller van een rogue scanner op, sluit deze niet af maar volg eventuele aanwijzingen en laat deze gewoon zijn werk doen.
    • Daarna zal je PC herstarten, laat hem nu weer in normale modus starten. Na de herstart opent het cmd-venster van RVAXO opnieuw.
      Laat deze lopen en wacht tot er een logfile opent: C:\RVAXO-results.log
    • Herstart je computer niet vanzelf, of start de tool niet na de reboot, doe dit dan handmatig.
    • Post de inhoud van de logfile in je volgende bericht.

    Download Deckard's System Scanner naar je Bureaublad.
    • Sluit alle toepassingen en vensters.
    • Dubbelklik op dss.exe om het te activeren, en volg de aanwijzingen.
    • Wanneer de scan volledig is, zal een tekstbestand - main.txt - openen.
    • Kopieer (Ctrl+A gevolgd door Ctrl+C) en plak (Ctrl+V) de inhoud van main.txt in je volgende antwoord evenals extra.txt.

    Opmerking: Sommige firewalls kunnen waarschuwen dat sigcheck.exe probeert verbinding te maken met het internet
    - zorg dat sigcheck.exe toestemming krijgt om dit te doen !
    Tevens kan het gebeuren dat je Antivirus DSS als verdacht aangeeft, of zelfs probeert te verwijderen.
    Laat je Antivirus dit niet verwijderen ! (In dit geval is het misschien beter om tijdens de scan van DSS je Antivirus even uit te schakelen)
    • Citaat

    Comment

    • #3
      Beste,

      hartelijk dank voor het snelle antwoord.
      Hieronder de resultaten van de de scans:

      Mvg,

      Pieter




      RVAXO:

      ---RVAXO.exe Updated: 2008-04-21---first run---
      Uninstallers:

      Files found:
      C:\Documents and Settings\All Users\STARTM~1\Online Security Guide.url
      C:\Documents and Settings\All Users\STARTM~1\Security Troubleshooting.url
      C:\Documents and Settings\Serge\FAVORI~1\Online Security Test.url

      Folders Found:
      C:\WINDOWS\system32\403445
      C:\Program Files\NetProject

      Hosts-file was reset, If you use a custom hosts file please replace it...

      --------------RVAXO.exe last run---------------
      Not deleted items:

      --------------RVAXO.exe finished----------------


      Deckard's System Scanner:

      Main:

      Deckard's System Scanner v20071014.68
      Run by Serge on 2008-04-21 20:32:43
      Computer is in Normal Mode.
      --------------------------------------------------------------------------------

      -- System Restore --------------------------------------------------------------

      Successfully created a Deckard's System Scanner Restore Point.


      -- Last 5 Restore Point(s) --
      76: 2008-04-21 18:32:53 UTC - RP142 - Deckard's System Scanner Restore Point
      75: 2008-04-21 07:59:30 UTC - RP141 - System Checkpoint
      74: 2008-04-19 09:27:53 UTC - RP140 - System Checkpoint
      73: 2008-04-16 14:27:15 UTC - RP139 - Installed 54 Mbps Wireless Network Adapter
      72: 2008-04-16 14:13:13 UTC - RP138 - Installé Ad-Aware 2007


      -- First Restore Point --
      1: 2008-01-22 15:12:04 UTC - RP67 - System Checkpoint


      Backed up registry hives.
      Performed disk cleanup.

      Total Physical Memory: 448 MiB (512 MiB recommended).


      -- HijackThis (run as Serge.exe) -----------------------------------------------

      Logfile of Trend Micro HijackThis v2.0.2
      Scan saved at 20:33:28, on 21/04/2008
      Platform: Windows XP SP2 (WinNT 5.01.2600)
      MSIE: Internet Explorer v7.00 (7.00.6000.20733)
      Boot mode: Normal

      Running processes:
      C:\WINDOWS\System32\smss.exe
      C:\WINDOWS\system32\winlogon.exe
      C:\WINDOWS\system32\services.exe
      C:\WINDOWS\system32\lsass.exe
      C:\WINDOWS\system32\Ati2evxx.exe
      C:\WINDOWS\system32\svchost.exe
      C:\WINDOWS\System32\svchost.exe
      C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
      C:\WINDOWS\system32\Ati2evxx.exe
      C:\WINDOWS\Explorer.EXE
      C:\WINDOWS\system32\spoolsv.exe
      C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
      C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
      C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
      C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
      C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
      C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
      C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
      C:\Program Files\QuickTime\qttask.exe
      C:\WINDOWS\system32\ctfmon.exe
      C:\Program Files\MSN Messenger\MsnMsgr.Exe
      C:\Program Files\Messenger\msmsgs.exe
      C:\Documents and Settings\Serge\Desktop\dss.exe
      C:\PROGRA~1\TRENDM~1\HIJACK~1\Serge.exe

      R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
      R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
      R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
      O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
      O2 - BHO: flashget urlcatch - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\Program Files\FlashGet\jccatch.dll
      O2 - BHO: 403445 helper - {9E654A16-4765-4EAA-94EC-D5A6578053A4} - C:\WINDOWS\system32\403445\403445.dll (file missing)
      O2 - BHO: FlashGet GetFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\Program Files\FlashGet\getflash.dll
      O3 - Toolbar: Internet Service - {51D81DD5-55B7-497F-95DB-D356429BB54E} - C:\Program Files\NetProject\wamdl.dll (file missing)
      O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
      O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
      O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
      O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
      O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
      O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
      O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
      O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
      O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVGFRE~1\avgw.exe /RUNONCE (User 'LOCAL SERVICE')
      O4 - HKUS\S-1-5-19\..\RunOnce: [ShowDeskFix] regsvr32 /s /n /i:u shell32 (User 'LOCAL SERVICE')
      O4 - HKUS\S-1-5-20\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVGFRE~1\avgw.exe /RUNONCE (User 'NETWORK SERVICE')
      O4 - HKUS\S-1-5-20\..\RunOnce: [ShowDeskFix] regsvr32 /s /n /i:u shell32 (User 'NETWORK SERVICE')
      O4 - HKUS\S-1-5-18\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVGFRE~1\avgw.exe /RUNONCE (User 'SYSTEM')
      O4 - HKUS\S-1-5-18\..\RunOnce: [ShowDeskFix] regsvr32 /s /n /i:u shell32 (User 'SYSTEM')
      O4 - HKUS\.DEFAULT\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVGFRE~1\avgw.exe /RUNONCE (User 'Default user')
      O4 - HKUS\.DEFAULT\..\RunOnce: [ShowDeskFix] regsvr32 /s /n /i:u shell32 (User 'Default user')
      O4 - Global Startup: 54 Mbps Wireless Configuration Utility.lnk = ?
      O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
      O8 - Extra context menu item: &Download All with FlashGet - C:\Program Files\FlashGet\jc_all.htm
      O8 - Extra context menu item: &Download with FlashGet - C:\Program Files\FlashGet\jc_link.htm
      O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe
      O9 - Extra 'Tools' menuitem: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe
      O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
      O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
      O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
      O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
      O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w2/resources/MSNPUpld.cab
      O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1195565322152
      O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1195565288699
      O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} (HP Download Manager) - https://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.cab
      O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
      O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe
      O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
      O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
      O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
      O23 - Service: IviRegMgr - InterVideo - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
      O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe

      --
      End of file - 6436 bytes

      -- File Associations -----------------------------------------------------------

      All associations okay.


      -- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------

      R2 CAN300 - c:\windows\system32\drivers\can300.sys <Not Verified; MoTeC P/L; can300>
      R3 Iviaspi (IVI ASPI Shell) - c:\windows\system32\drivers\iviaspi.sys <Not Verified; InterVideo, Inc.; InterVideo ASPI Shell>

      S3 W8100PCI (54 Mbps Wireless Driver) - c:\windows\system32\drivers\mrv8k51.sys <Not Verified; Marvell Semiconductor, Inc; Device driver for Marvell 802.11 NIC>


      -- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------

      All services whitelisted.


      -- Device Manager: Disabled ----------------------------------------------------

      No disabled devices found.


      -- Scheduled Tasks -------------------------------------------------------------

      2008-04-21 20:18:00 462 --a------ C:\WINDOWS\Tasks\SDMsgUpdate (TE).job
      2008-04-03 17:21:01 284 --a------ C:\WINDOWS\Tasks\AppleSoftwareUpdate.job


      -- Files created between 2008-03-21 and 2008-04-21 -----------------------------

      2008-04-21 20:26:56 0 d-------- C:\RVAXO
      2008-04-21 20:23:31 798228 --a------ C:\WINDOWS\system32\RVAXO.bat
      2008-04-21 20:23:31 69632 --a------ C:\WINDOWS\system32\remove.exe
      2008-04-19 18:05:56 86016 --a------ C:\WINDOWS\sflib32.dll <Not Verified; SuperFlow Corporation; WinDyn>
      2008-04-19 18:05:55 1423872 --a------ C:\WINDOWS\system32\Pegrp32a.dll <Not Verified; Gigasoft, Inc.; ProEssentials -32>
      2008-04-19 18:05:55 910368 --a------ C:\WINDOWS\system32\owl52t.dll
      2008-04-19 18:05:55 319488 --a------ C:\WINDOWS\system32\cw3230mt.dll <Not Verified; Borland International; Borland C++ 5.0>
      2008-04-19 18:05:55 84000 --a------ C:\WINDOWS\system32\bds52t.dll <Not Verified; Borland International; Borland C++ 5.2>
      2008-04-19 18:05:55 0 d-------- C:\SFData
      2008-04-19 18:05:55 0 d-------- C:\Program Files\SuperFlow
      2008-04-19 15:18:50 0 d-------- C:\Program Files\Trend Micro
      2008-04-19 13:01:38 0 d-------- C:\windyn
      2008-04-16 16:27:22 0 d-------- C:\Program Files\54 Mbps WLAN
      2008-04-16 16:13:15 0 d-------- C:\Program Files\Lavasoft
      2008-04-16 16:13:15 0 d-------- C:\Documents and Settings\All Users\Application Data\Lavasoft
      2008-04-16 16:12:40 0 d-------- C:\Program Files\Common Files\Wise Installation Wizard
      2008-04-16 16:06:54 256512 -ra------ C:\WINDOWS\system32\drivers\mrv8k51.sys <Not Verified; Marvell Semiconductor, Inc; Device driver for Marvell 802.11 NIC>
      2008-04-16 15:47:50 0 d-------- C:\WINDOWS\system32\appmgmt
      2008-04-16 12:08:10 0 dr-h----- C:\Documents and Settings\Serge\Recent
      2008-04-15 16:03:49 0 d-a------ C:\Documents and Settings\All Users\Application Data\TEMP
      2008-04-09 11:29:32 0 d-------- C:\Program Files\Linguistic Systems
      2008-04-08 14:32:48 592 --a------ C:\WINDOWS\chgkey.vbs
      2008-04-08 14:25:15 0 d-------- C:\Program Files\Realtek
      2008-04-08 14:25:01 0 d-------- C:\Documents and Settings\Serge\Application Data\InstallShield
      2008-04-08 14:15:07 0 d-------- C:\Program Files\Lavalys
      2008-04-08 14:06:28 0 d-------- C:\temp
      2008-04-01 15:22:06 0 d-------- C:\pwrcmdr
      2008-03-27 23:34:30 10368 --a------ C:\WINDOWS\system32\drivers\iviaspi.sys <Not Verified; InterVideo, Inc.; InterVideo ASPI Shell>
      2008-03-27 23:33:25 0 d-------- C:\Program Files\QuickTime
      2008-03-27 23:33:10 0 d-------- C:\Program Files\Apple Software Update
      2008-03-27 23:32:26 0 d-------- C:\Documents and Settings\All Users\Application Data\Apple Computer
      2008-03-27 23:31:44 0 d-------- C:\Program Files\Common Files\xing shared
      2008-03-27 23:31:25 0 d-------- C:\Program Files\Real
      2008-03-27 23:31:22 0 d-------- C:\Program Files\Common Files\Real
      2008-03-27 23:31:19 0 d-------- C:\Documents and Settings\Serge\Application Data\Real
      2008-03-27 23:29:52 0 d-------- C:\Documents and Settings\All Users\Application Data\Corel
      2008-03-27 23:29:16 0 d-------- C:\Program Files\Common Files\Protexis
      2008-03-27 23:29:16 0 d-------- C:\Program Files\Common Files\InterVideo
      2008-03-27 23:28:42 0 d-------- C:\Program Files\Corel
      2008-03-23 17:27:41 0 d-------- C:\Program Files\MSXML 6.0
      2008-03-23 17:25:36 0 d-------- C:\Program Files\MSXML 4.0
      2008-03-23 17:24:11 0 d--h----- C:\WINDOWS\$hf_mig$


      -- Find3M Report ---------------------------------------------------------------

      2008-04-19 18:04:20 0 d-------- C:\Program Files\Common Files
      2008-04-19 13:18:08 0 d-------- C:\Program Files\FlashGet
      2008-04-16 17:12:19 0 d-------- C:\Documents and Settings\Serge\Application Data\AVG7
      2008-04-16 16:27:16 0 d--h----- C:\Program Files\InstallShield Installation Information
      2008-03-23 12:12:18 0 d-------- C:\Program Files\Startwijzer
      2008-03-20 12:50:01 0 d-------- C:\Documents and Settings\Serge\Application Data\Solid Data
      2008-03-19 15:45:45 0 d-------- C:\Program Files\HP
      2008-03-19 15:43:03 0 d-------- C:\Documents and Settings\Serge\Application Data\HP
      2008-03-12 15:30:05 0 d-------- C:\Program Files\OptimumG
      2008-03-05 11:00:34 0 d-------- C:\Documents and Settings\Serge\Application Data\AdobeUM
      2008-03-05 10:36:14 0 d-------- C:\Program Files\YOSHIMURA
      2008-03-05 10:35:02 0 d-------- C:\Program Files\Common Files\InstallShield


      -- Registry Dump ---------------------------------------------------------------

      *Note* empty entries & legit default entries are not shown


      [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{9E654A16-4765-4EAA-94EC-D5A6578053A4}]
      C:\WINDOWS\system32\403445\403445.dll

      [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]
      "{51D81DD5-55B7-497F-95DB-D356429BB54E}"= C:\Program Files\NetProject\wamdl.dll [ ]

      [-HKEY_CLASSES_ROOT\CLSID\{51D81DD5-55B7-497F-95DB-D356429BB54E}]

      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
      "AVG7_CC"="C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe" [16/04/2008 10:18]
      "ATIModeChange"="Ati2mdxx.exe" [04/09/2001 14:24 C:\WINDOWS\system32\Ati2mdxx.exe]
      "ATIPTA"="C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [09/03/2004 22:10]
      "TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [27/03/2008 23:31]
      "QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [01/09/2006 16:57]

      [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
      "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [04/08/2004 00:56]
      "MsnMsgr"="C:\Program Files\MSN Messenger\MsnMsgr.exe" [19/01/2007 13:54]
      "MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [22/07/2007 14:32]

      [HKEY_USERS\.default\software\microsoft\windows\currentversion\runonce]
      "ShowDeskFix"=regsvr32 /s /n /i:u shell32

      C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
      54 Mbps Wireless Configuration Utility.lnk - C:\Program Files\54 Mbps WLAN\WLANMON.exe [16/04/2008 16:27:22]
      Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office\OSA9.EXE [17/02/1999 21:05:56]

      [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]
      @="Service"

      [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^DOCUME~1^ALLUSE~1^Start Menu^Programs^Startup^InterVideo WinCinema Manager.lnk]
      path=C:\DOCUME~1\ALLUSE~1\Start Menu\Programs\Startup\InterVideo WinCinema Manager.lnk
      backup=C:\WINDOWS\pss\InterVideo WinCinema Manager.lnkCommon Startup




      -- End of Deckard's System Scanner: finished at 2008-04-21 20:33:58 ------------


      Extra:

      Deckard's System Scanner v20071014.68
      Extra logfile - please post this as an attachment with your post.
      --------------------------------------------------------------------------------

      -- System Information ----------------------------------------------------------

      Microsoft Windows XP Professional (build 2600) SP 2.0
      Architecture: X86; Language: English

      CPU 0: Mobile Intel(R) Pentium(R) 4 CPU 2.80GHz
      Percentage of Memory in Use: 62%
      Physical Memory (total/avail): 447.48 MiB / 169.39 MiB
      Pagefile Memory (total/avail): 1058.01 MiB / 838.73 MiB
      Virtual Memory (total/avail): 2047.88 MiB / 1938.34 MiB

      C: is Fixed (NTFS) - 37.25 GiB total, 23.58 GiB free.
      D: is CDROM (CDFS)
      E: is Removable (FAT32)

      \\.\PHYSICALDRIVE0 - TOSHIBA MK4025GAS - 37.26 GiB - 1 partition
      \PARTITION0 (bootable) - Installable File System - 37.25 GiB - C:

      \\.\PHYSICALDRIVE1 - JetFlash TS4GJF2A USB Device - 3.82 GiB - 1 partition
      \PARTITION0 - Unknown - 3.83 GiB - E:



      -- Security Center -------------------------------------------------------------

      AUOptions is scheduled to auto-install.
      Windows Internal Firewall is enabled.

      FirstRunDisabled is set.
      AntivirusOverride is set.

      Unable to create WMI object.

      -- Environment Variables -------------------------------------------------------

      ALLUSERSPROFILE=C:\Documents and Settings\All Users
      APPDATA=C:\Documents and Settings\Serge\Application Data
      CLASSPATH=.;C:\Program Files\JavaSoft\JRE\1.3.1_02\lib\ext\QTJava.zip
      CLIENTNAME=Console
      CommonProgramFiles=C:\Program Files\Common Files
      COMPUTERNAME=SERGEPC
      ComSpec=C:\WINDOWS\system32\cmd.exe
      FP_NO_HOST_CHECK=NO
      HOMEDRIVE=C:
      HOMEPATH=\Documents and Settings\Serge
      KTD=C:\WINDOWS\DriverPacks
      LOGONSERVER=\\SERGEPC
      NUMBER_OF_PROCESSORS=1
      OS=Windows_NT
      Path=C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\Program Files\ATI Technologies\ATI Control Panel;C:\Program Files\QuickTime\QTSystem\
      PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
      PROCESSOR_ARCHITECTURE=x86
      PROCESSOR_IDENTIFIER=x86 Family 15 Model 2 Stepping 9, GenuineIntel
      PROCESSOR_LEVEL=15
      PROCESSOR_REVISION=0209
      ProgramFiles=C:\Program Files
      PROMPT=$P$G
      QTJAVA=C:\Program Files\JavaSoft\JRE\1.3.1_02\lib\ext\QTJava.zip
      SESSIONNAME=Console
      SystemDrive=C:
      SystemRoot=C:\WINDOWS
      TEMP=C:\DOCUME~1\Serge\LOCALS~1\Temp
      TMP=C:\DOCUME~1\Serge\LOCALS~1\Temp
      USERDOMAIN=SERGEPC
      USERNAME=Serge
      USERPROFILE=C:\Documents and Settings\Serge
      windir=C:\WINDOWS


      -- User Profiles ---------------------------------------------------------------

      Serge (admin)


      -- Add/Remove Programs ---------------------------------------------------------

      --> C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
      --> rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
      54 Mbps Wireless Network Adapter --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D6C37813-7CC8-4C5B-9EAB-115AEA47A2C5}\Setup.exe" -l0x9
      Ad-Aware 2007 --> MsiExec.exe /I{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}
      Adobe Flash Player ActiveX --> C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
      Adobe Reader 6.0.1 - Nederlands --> MsiExec.exe /I{AC76BA86-7AD7-1043-7B44-A00000000001}
      Adobe Reader Japanese Fonts --> MsiExec.exe /I{AC76BA86-7AD7-5A76-5A64-7E8A45000001}
      Alarm 2.0.2 --> "C:\Program Files\Alarm\unins000.exe"
      Apple Software Update --> MsiExec.exe /I{55FA89BD-21D3-42F7-9249-C94C0094A83C}
      ATI - Software-verwijderprogramma --> C:\Program Files\ATI Technologies\UninstallAll\AtiCimUn.exe
      ATI Control Panel --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{0BEDBD4E-2D34-47B5-9973-57E62B29307C}\setup.exe"
      ATI Display Driver --> rundll32 C:\WINDOWS\system32\atiiiexx.dll,[email protected] -force_restart -flags:0x2010001 -inf_classISPLAY -clean
      AVG Free Edition --> C:\Program Files\Grisoft\AVG Free\setup.exe /UNINSTALL
      Corel WinDVD 9 --> C:\Program Files\InstallShield Installation Information\{E3993D46-AE3F-402E-9F9D-EEBDFBEC3564}\setup.exe -runfromtemp -l0x0409
      CP210x USB to UART Bridge Controller --> C:\WINDOWS\system32\slabunin2k.exe C:\WINDOWS\system32\slabunin.u2k
      Euroglot Professional 4.5 (remove only) --> "C:\Program Files\Linguistic Systems\Euroglot Professional 4.5\uninstall.exe"
      EVEREST Ultimate Edition v4.50 --> "C:\Program Files\Lavalys\EVEREST Ultimate Edition\unins000.exe"
      FlashGet 1.9.6.1073 --> C:\Program Files\FlashGet\uninst.exe
      Google Earth --> MsiExec.exe /I{1E04F83B-2AB9-4301-9EF7-E86307F79C72}
      HijackThis 2.0.2 --> "C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
      InterVideo WinDVD 4 --> "C:\Program Files\InstallShield Installation Information\{98E8A2EF-4EAE-43B8-A172-74842B764777}\setup.exe" REMOVEALL
      Java 2 Runtime Environment Standard Edition v1.3.1_02 --> C:\WINDOWS\IsUninst.exe -f"C:\Program Files\JavaSoft\JRE\1.3.1_02\Uninst.isu"
      Java 2 SDK Standard Edition v1.3.1_02 --> C:\WINDOWS\IsUninst.exe -fC:\jdk1.3.1_02\Uninst.isu
      Media Player Codec Pack 1.1.0 --> C:\WINDOWS\system32\C2MP\Uninst.exe
      Microsoft Office 2000 Professional --> MsiExec.exe /I{00010413-78E1-11D2-B60F-006097C998E7}
      Microsoft Visual C++ 2005 Redistributable --> MsiExec.exe /X{A49F249F-0C91-497F-86DF-B2585E8E76B7}
      MoTeC ECU Manager 3.3 --> C:\WINDOWS\IsUninst.exe -fC:\MoTeC\M800-v33\Uninst.isu -cC:\MoTeC\M800-v33\uninst.dll
      Mozilla Firefox (2.0.0.14) --> C:\Program Files\Mozilla Firefox\uninstall\helper.exe
      MSXML 6.0 Parser (KB933579) --> MsiExec.exe /I{0A869A65-8C94-4F7C-A5C7-972D3C8CED9E}
      OptimumK Demo 3.0 --> MsiExec.exe /I{F00A1F1E-B649-4FC7-973A-4BCDE52D7729}
      PCI 1620 Cardbus Controller and Software --> C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{AE2310DC-B261-4D84-BE03-BD318EB41B78} /l1033
      QuickTime --> MsiExec.exe /I{F07B861C-72B9-40A4-8B1A-AAED4C06A7E8}
      RealPlayer --> C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
      Realtek AC'97 Audio --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FB08F381-6533-4108-B7DD-039E11FBC27E}\setup.exe" REMOVE
      REALTEK GbE & FE Ethernet PCI NIC Driver --> C:\Program Files\InstallShield Installation Information\{ACCA20B0-C4D1-4BF5-BF21-0A0EB5EF9730}\setup.exe -runfromtemp -l0x0013 -removeonly
      REALTEK Gigabit and Fast Ethernet NIC Driver --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{94FB906A-CF42-4128-A509-D353026A607E}\setup.exe" -l0x13 REMOVE
      Silicon Laboratories CP210x Evaluation Kit Tools Release 3.3 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E1B355D3-ABC2-41E8-96A8-54738A689AD6}\Setup.exe" -l0x9
      SLD Codec Pack --> C:\Program Files\SLD Codec Pack\uninstall.exe
      SmartDraw 2007 --> C:\PROGRA~1\SMARTD~1\UNWISE.EXE C:\PROGRA~1\SMARTD~1\install.log
      SuperFlow Test Data Viewer --> C:\WINDOWS\IsUninst.exe -f"C:\Program Files\SuperFlow\SuperFlow Test Data Viewer\Uninst.isu"
      TOSHIBA Software Modem --> Tosmreg -U
      VideoLAN VLC media player 0.8.6c --> C:\Program Files\VideoLAN\VLC\uninstall.exe
      Windows Live Messenger --> MsiExec.exe /I{9816B8B8-4B53-4D3D-9235-AD931252001D}
      WinRAR archiver --> C:\Program Files\WinRAR\uninstall.exe
      YOSHIMURA Engine Management Professional --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{837006C4-83B7-4BF9-ABC7-AD262FBBFCDF}\Setup.exe" -l0x9 UNINSTALL


      -- Application Event Log -------------------------------------------------------

      Event Record #/Type3049 / Error
      Event Submitted/Written: 04/21/2008 08:27:08 PM
      Event ID/Source: 1090 / Userenv
      Event Description:
      Windows couldn't log the RSoP (Resultant Set of Policies) session status. An attempt to connect to WMI failed. No more RSoP logging will be done for this application of policy.

      Event Record #/Type3048 / Error
      Event Submitted/Written: 04/21/2008 08:27:08 PM
      Event ID/Source: 1090 / Userenv
      Event Description:
      Windows couldn't log the RSoP (Resultant Set of Policies) session status. An attempt to connect to WMI failed. No more RSoP logging will be done for this application of policy.

      Event Record #/Type3047 / Error
      Event Submitted/Written: 04/21/2008 08:27:08 PM
      Event ID/Source: 1802 / SecurityCenter
      Event Description:
      The Windows Security Center Service was unable to establish event queries with WMI to monitor third party AntiVirus and Firewall.

      Event Record #/Type3042 / Error
      Event Submitted/Written: 04/21/2008 08:12:32 PM
      Event ID/Source: 1090 / Userenv
      Event Description:
      Windows couldn't log the RSoP (Resultant Set of Policies) session status. An attempt to connect to WMI failed. No more RSoP logging will be done for this application of policy.

      Event Record #/Type3041 / Error
      Event Submitted/Written: 04/21/2008 08:12:30 PM
      Event ID/Source: 1090 / Userenv
      Event Description:
      Windows couldn't log the RSoP (Resultant Set of Policies) session status. An attempt to connect to WMI failed. No more RSoP logging will be done for this application of policy.



      -- Security Event Log ----------------------------------------------------------

      No Errors/Warnings found.


      -- System Event Log ------------------------------------------------------------

      Event Record #/Type958 / Error
      Event Submitted/Written: 04/21/2008 08:24:14 PM
      Event ID/Source: 7026 / Service Control Manager
      Event Description:
      The following boot-start or system-start driver(s) failed to load:
      AFD
      Avg7Core
      Avg7RsW
      Avg7RsXP
      Fips
      intelppm
      IPSec
      MRxSmb
      NetBIOS
      NetBT
      RasAcd
      Rdbss
      Tcpip

      Event Record #/Type957 / Error
      Event Submitted/Written: 04/21/2008 08:24:14 PM
      Event ID/Source: 7001 / Service Control Manager
      Event Description:
      The IPSEC Services service depends on the IPSEC driver service which failed to start because of the following error:
      %%31

      Event Record #/Type956 / Error
      Event Submitted/Written: 04/21/2008 08:24:14 PM
      Event ID/Source: 7001 / Service Control Manager
      Event Description:
      The TCP/IP NetBIOS Helper service depends on the AFD service which failed to start because of the following error:
      %%31

      Event Record #/Type955 / Error
      Event Submitted/Written: 04/21/2008 08:24:14 PM
      Event ID/Source: 7001 / Service Control Manager
      Event Description:
      The DNS Client service depends on the TCP/IP Protocol Driver service which failed to start because of the following error:
      %%31

      Event Record #/Type954 / Error
      Event Submitted/Written: 04/21/2008 08:24:14 PM
      Event ID/Source: 7001 / Service Control Manager
      Event Description:
      The DHCP Client service depends on the NetBios over Tcpip service which failed to start because of the following error:
      %%31



      -- End of Deckard's System Scanner: finished at 2008-04-21 20:33:58 ------------
      • Citaat

      Comment

      • #4
        Start Hijackthis en vink alleen de volgende regels aan:
        O2 - BHO: 403445 helper - {9E654A16-4765-4EAA-94EC-D5A6578053A4} - C:\WINDOWS\system32\403445\403445.dll (file missing)
        O3 - Toolbar: Internet Service - {51D81DD5-55B7-497F-95DB-D356429BB54E} - C:\Program Files\NetProject\wamdl.dll (file missing)
        Sluit alle openstaande vensters(behalve Hijackthis) en klik op "Fix checked".

        Vertel of er nog problemen zijn
        • Citaat

        Comment

        • #5
          Heel fel bedankt,

          alles is nu terug dik in orde
          • Citaat

          Comment

          • #6
            Graag gedaan hoor

            Dit mag je nog doen:

            Download ATF cleaner (mirror)(gemaakt door Atribune)

            Belangrijk: Sluit al je browservensters(IE en/of Firefox en/of Opera) om de tool goed te kunnen laten werken.

            Dubbelklik op ATF cleaner om het programma te starten.
            Op het tabblad "Main", plaats je een vinkje bij Select All.
            Klik op de knop Empty Selected.

            Het volgende doen als je ook FireFox als browser hebt:
            Klik op tabblad "Firefox", plaats een vinkje bij Select All.
            Wil je de door Firefox opgeslagen wachtwoorden behouden, dan klik je in het venster dat verschijnt op "No".
            (dit haalt het vinkje weer weg bij "Firefox saved passwords")
            Klik op de knop Empty Selected.

            Het volgende doen als je ook Opera als browser hebt:
            Klik op tabblad "Opera", plaats een vinkje bij Select All.
            Wil je de door Opera opgeslagen wachtwoorden behouden, dan klik je in het venster dat verschijnt op "No".
            Klik op de knop Empty Selected.
            Ga naar het tabblad "Main" en klik op de knop Exit om het programma af te sluiten.

            Ga naar Start - Uitvoeren en geef hier het volgende in:
            Combofix /U
            Druk daarna op OK.
            Let op: Er moet een spatie tussen Combofix en /U zitten.

            Dit zal Combofix deïnstalleren.

            Schakel Systeemherstel uit. Herstart de computer. Schakel Systeemherstel weer in.
            Kijk hier hoe je je systeemherstel moet uitschakelen.
            Hiermee verwijder je eventuele restanten van de infecties uit je systeemherstel.

            Groeten smeenk
            • Citaat

            Comment

            Vorige template Volgende
            Sorry, you are not authorized to view this page
            Working...
            X