Mededeling

Collapse
No announcement yet.

adultfinder

Collapse
X
  •  
  • Filter
  • Tijd
  • Show
Clear All
new posts

  • adultfinder

    Krijg heel vaak sites die ik niet wil, zoals adultfinder!!!
    Zou je even kunnen kijken??

    Alvast mijn dank!!!

    Logfile of HijackThis v1.99.1
    Scan saved at 22:37:28, on 11-5-2008
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16640)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\csrss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    c:\program files\common files\logishrd\lvmvfm\LVPrcSrv.exe
    C:\WINDOWS\System32\SCardSvr.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    D:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\McAfee\MBK\MBackMonitor.exe
    C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
    c:\program files\common files\mcafee\mna\mcnasvc.exe
    c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
    C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
    C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
    C:\Program Files\McAfee\MPF\MPFSrv.exe
    C:\PROGRA~1\McAfee.com\Agent\mcagent.exe
    C:\WINDOWS\system32\RUNDLL32.EXE
    C:\Program Files\Analog Devices\Core\smax4pnp.exe
    C:\Program Files\Analog Devices\SoundMAX\Smax4.exe
    C:\Program Files\McAfee\MSK\MskSrver.exe
    C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe
    C:\Program Files\Common Files\Real\Update_OB\realsched.exe
    C:\Program Files\Pinnacle\Shared Files\Programs\USBTip\USBTip.exe
    D:\Program Files\PowerISO\PWRISOVM.EXE
    D:\Program Files\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlservr.exe
    D:\Program Files\RAM Idle LE\RAM_XP.exe
    C:\Program Files\SiteAdvisor\6172\SiteAdv.exe
    C:\Program Files\Mcafee\MWL\MWLGui.exe
    C:\Program Files\McAfee\MBK\McAfeeDataBackup.exe
    C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
    C:\Program Files\QuickTime\QTTask.exe
    C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe
    C:\Program Files\Logitech\QuickCam10\QuickCam10.exe
    D:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
    C:\WINDOWS\system32\nvsvc32.exe
    D:\Program Files\PC Tools AntiVirus\PCTAV.exe
    C:\Program Files\Windows Live\Messenger\msnmsgr.exe
    C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
    C:\WINDOWS\system32\ctfmon.exe
    D:\Program Files\PC Tools AntiVirus\PCTAVSvc.exe
    C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
    C:\Program Files\Common Files\LogiShrd\LComMgr\LVComSX.exe
    C:\WINDOWS\system32\svchost.exe
    c:\program files\pinnacle\shared files\programs\mediaserver\pmshost.exe
    C:\Program Files\Windows Media Player\WMPNetwk.exe
    C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
    C:\Program Files\Mcafee\MWL\MwlSvc.exe
    C:\WINDOWS\System32\alg.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
    C:\Program Files\Internet Explorer\IEXPLORE.EXE
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
    c:\PROGRA~1\mcafee\msc\mcuimgr.exe
    C:\WINDOWS\system32\wscntfy.exe
    C:\PROGRA~1\McAfee.com\Agent\mcupdate.exe
    D:\Rajiv\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.nl/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.nl/
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: (no name) - {089FD14D-132B-48FC-8861-0048AE113215} - C:\Program Files\SiteAdvisor\6253\SiteAdv.dll
    O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
    O2 - BHO: McAntiPhishingBHO - {377C180E-6F0E-4D4C-980F-F45BD3D40CF4} - C:\Program Files\McAfee\MSK\mcapbho.dll
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - D:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
    O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptsn.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O3 - Toolbar: McAfee SiteAdvisor - {0BF43445-2F28-4351-9252-17FE6E806AA0} - C:\Program Files\SiteAdvisor\6253\SiteAdv.dll
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe
    O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
    O4 - HKLM\..\Run: [SoundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray
    O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe"
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [USBToolTip] "C:\Program Files\Pinnacle\Shared Files\Programs\USBTip\USBTip.exe"
    O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\system32\PSDrvCheck.exe -CheckReg
    O4 - HKLM\..\Run: [PWRISOVM.EXE] D:\Program Files\PowerISO\PWRISOVM.EXE
    O4 - HKLM\..\Run: [RAM Idle Professional] D:\Program Files\RAM Idle LE\RAM_XP.exe
    O4 - HKLM\..\Run: [SiteAdvisor] C:\Program Files\SiteAdvisor\6172\SiteAdv.exe
    O4 - HKLM\..\Run: [MWLExe] C:\Program Files\Mcafee\MWL\MWLGui.exe /Start
    O4 - HKLM\..\Run: [McAfee Backup] C:\Program Files\McAfee\MBK\McAfeeDataBackup.exe
    O4 - HKLM\..\Run: [MBkLogOnHook] C:\Program Files\McAfee\MBK\LogOnHook.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
    O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe"
    O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam10\QuickCam10.exe" /hide
    O4 - HKLM\..\Run: [!AVG Anti-Spyware] "D:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
    O4 - HKLM\..\Run: [SearchIndexer] rundll32.exe "C:\WINDOWS\system32\vgswdqkq.dll",sitypnow
    O4 - HKLM\..\Run: [mcagent_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey
    O4 - HKLM\..\Run: [PCTAVApp] "D:\Program Files\PC Tools AntiVirus\PCTAV.exe" /MONITORSCAN
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
    O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE12\EXCEL.EXE/3000
    O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://D:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
    O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O10 - Unknown file in Winsock LSP: c:\program files\common files\pc tools\lsp\pctlsp.dll
    O10 - Unknown file in Winsock LSP: c:\program files\common files\pc tools\lsp\pctlsp.dll
    O10 - Unknown file in Winsock LSP: c:\program files\common files\pc tools\lsp\pctlsp.dll
    O10 - Unknown file in Winsock LSP: c:\program files\common files\pc tools\lsp\pctlsp.dll
    O11 - Options group: [INTERNATIONAL] International*
    O16 - DPF: RaptisoftGameLoader - http://www.miniclip.com/games/hamsterball/en/raptisoftgameloader.cab
    O16 - DPF: {10D8193E-7842-493D-897E-E9E2FF2481DA} (WDClient.clsWDClient) - http://www.video4all.nl/src/wdclient.cab
    O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
    O16 - DPF: {D83C1BD1-DCBB-11D4-9425-0050BF33FA6E} (CycloScopeLite Control) - http://www.cyclomedia.nl/download/components/CycloScopeLite.cab
    O17 - HKLM\System\CCS\Services\Tcpip\..\{0A14438F-7A86-4CAA-8BD0-A9569FD2E719}: NameServer = 85.255.116.120,85.255.112.114
    O17 - HKLM\System\CCS\Services\Tcpip\..\{175F24D4-4E9E-4766-9A2E-CBB171908B05}: NameServer = 85.255.116.120,85.255.112.114
    O17 - HKLM\System\CCS\Services\Tcpip\..\{73E71C5D-4BCA-47F9-BB2D-EA68F07E25FB}: NameServer = 85.255.116.120,85.255.112.114
    O17 - HKLM\System\CCS\Services\Tcpip\..\{7CA320F7-C48D-463D-9F75-56ECF8946A34}: NameServer = 85.255.116.120,85.255.112.114
    O17 - HKLM\System\CCS\Services\Tcpip\..\{940F847F-067D-4B14-8BB6-2C6E57462751}: NameServer = 85.255.116.120,85.255.112.114
    O17 - HKLM\System\CCS\Services\Tcpip\..\{99CAB3FD-C6D2-405D-9818-09B71C210499}: NameServer = 85.255.116.120,85.255.112.114
    O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 85.255.116.120 85.255.112.114
    O17 - HKLM\System\CS1\Services\Tcpip\..\{0A14438F-7A86-4CAA-8BD0-A9569FD2E719}: NameServer = 85.255.116.120,85.255.112.114
    O17 - HKLM\System\CS2\Services\Tcpip\Parameters: NameServer = 85.255.116.120 85.255.112.114
    O17 - HKLM\System\CS2\Services\Tcpip\..\{0A14438F-7A86-4CAA-8BD0-A9569FD2E719}: NameServer = 85.255.116.120,85.255.112.114
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 85.255.116.120 85.255.112.114
    O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
    O18 - Protocol: siteadvisor - {3A5DC592-7723-4EAA-9EE6-AF4222BCF879} - C:\Program Files\SiteAdvisor\6253\SiteAdv.dll
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
    O18 - Protocol: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll
    O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
    O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - D:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
    O23 - Service: iPod-service (iPod Service) - Apple Inc. - D:\Wicky\I tunes I pod\iPod\bin\iPodService.exe
    O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\common files\logishrd\lvmvfm\LVPrcSrv.exe
    O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
    O23 - Service: MBackMonitor - McAfee - C:\Program Files\McAfee\MBK\MBackMonitor.exe
    O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
    O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\program files\common files\mcafee\mna\mcnasvc.exe
    O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
    O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
    O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
    O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
    O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
    O23 - Service: McAfee SpamKiller Service (MSK80Service) - McAfee, Inc. - C:\Program Files\McAfee\MSK\MskSrver.exe
    O23 - Service: MSSQL$PINNACLESYS - Unknown owner - D:\Program Files\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlservr.exe" -sPINNACLESYS (file missing)
    O23 - Service: McAfee Wireless Network Security Service (MWLSvc) - McAfee, Inc. - C:\Program Files\Mcafee\MWL\MwlSvc.exe
    O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
    O23 - Service: PC Tools AntiVirus Engine (PCTAVSvc) - PC Tools Research Pty Ltd - D:\Program Files\PC Tools AntiVirus\PCTAVSvc.exe
    O23 - Service: Pinnacle Systems Media Service (PinnacleSys.MediaServer) - Pinnacle Systems - c:\program files\pinnacle\shared files\programs\mediaserver\pmshost.exe
    O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - %ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini (file missing)
    O23 - Service: SQLAgent$PINNACLESYS - Unknown owner - D:\Program Files\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlagent.EXE" -i PINNACLESYS (file missing)

  • #2
    Download FixWareout van:
    (http://downloads.subratam.org/Fixwareout.exe)

    Sla het op je bureaublad op en dubbelklik Fixwareout.exe. Klik eerst op Next en daarna op Install. Controleer daarna of Run fixit aangevinkt is en klik op Finish. Laat dan de fix zijn werk doen.
    Je zal gevraagd worden om de computer opnieuw op te starten, doe dat. Het kan zijn dat je computer langer doet over het opstarten dan gewoonlijk; dit is normaal.

    Let op! Als je antivirus een scriptblokker heeft krijg je een waarschuwing zoals "malicious script warning" wanneer je dit tooltje gaat draaien. Je kunt deze waarschuwing negeren.

    Plaats, na het herstarten, de inhoud van het log dat je hier kan vinden: C:\fixwareout\report.txt.


    Download: RVAXO.exe
    • Sla het bestand op je bureaublad op, dubbelklik het en kies voor "Unzip" om het uit te pakken.
    • Start de computer in veilige modus.
    • Open nu de map RVAXO op je bureaublad en dubbeklik RunMe.cmd
      Er zal een cmd-schermpje openen, daarin zullen snel enkele regels over niet gevonden bestanden voorbijkomen, dit is normaal.
    • Mogelijk start er ook een uninstaller van een rogue scanner op, sluit deze niet af maar volg eventuele aanwijzingen en laat deze gewoon zijn werk doen.
    • Daarna zal je PC herstarten, laat hem nu weer in normale modus starten. Na de herstart opent het cmd-venster van RVAXO opnieuw.
      Laat deze lopen en wacht tot er een logfile opent: C:\RVAXO-results.log
    • Herstart je computer niet vanzelf, of start de tool niet na de reboot, doe dit dan handmatig.
    • Post de inhoud van de logfile in je volgende bericht.


    Download Deckard's System Scanner naar je Bureaublad.
    • Sluit alle toepassingen en vensters.
    • Dubbelklik op dss.exe om het te activeren, en volg de aanwijzingen.
    • Wanneer de scan volledig is, zal een tekstbestand - main.txt - openen.
    • Kopieer (Ctrl+A gevolgd door Ctrl+C) en plak (Ctrl+V) de inhoud van main.txt in je volgende antwoord evenals extra.txt.

    Opmerking: Sommige firewalls kunnen waarschuwen dat sigcheck.exe probeert verbinding te maken met het internet
    - zorg dat sigcheck.exe toestemming krijgt om dit te doen !
    Tevens kan het gebeuren dat je Antivirus DSS als verdacht aangeeft, of zelfs probeert te verwijderen.
    Laat je Antivirus dit niet verwijderen ! (In dit geval is het misschien beter om tijdens de scan van DSS je Antivirus even uit te schakelen)

    Comment


    • #3
      als ik FixWareout download en wil installeren, krijg ik een foutmelding dat de files corrupted zijn...
      Wat moet ik doen?

      Comment


      • #4
        Probeer dan eerst die andere 2 programma's maar even.

        Comment


        • #5
          ---RVAXO.exe Updated: 2008-05-10---first run---
          Uninstallers:

          Files found:
          C:\WINDOWS\system32\wpcap.dll
          C:\WINDOWS\system32\lsprst7.tgz
          C:\WINDOWS\system32\lsprst7.dll
          C:\WINDOWS\system32\actskn45.ocx

          Folders Found:

          Hosts-file was reset, If you use a custom hosts file please replace it...

          --------------RVAXO.exe last run---------------
          Not deleted items:

          --------------RVAXO.exe finished----------------

          EN

          Deckard's System Scanner v20071014.68
          Run by Rajiv on 2008-05-12 21:10:18
          Computer is in Normal Mode.
          --------------------------------------------------------------------------------

          -- System Restore --------------------------------------------------------------

          Successfully created a Deckard's System Scanner Restore Point.


          -- Last 5 Restore Point(s) --
          61: 2008-05-12 19:10:29 UTC - RP177 - Deckard's System Scanner Restore Point
          60: 2008-05-11 22:23:06 UTC - RP176 - Controlepunt van systeem
          59: 2008-05-10 09:57:54 UTC - RP175 - Controlepunt van systeem
          58: 2008-05-09 08:18:40 UTC - RP174 - Controlepunt van systeem
          57: 2008-05-05 12:07:47 UTC - RP173 - Controlepunt van systeem


          -- First Restore Point --
          1: 2008-02-13 14:49:35 UTC - RP117 - Software Distribution Service 3.0


          Backed up registry hives.
          Performed disk cleanup.



          -- HijackThis (run as Rajiv.exe) -----------------------------------------------

          Unable to find log (file not found); running clone.
          -- HijackThis Clone ------------------------------------------------------------


          Emulating logfile of Trend Micro HijackThis v2.0.2
          Scan saved at 2008-05-12 21:12:56
          Platform: Windows XP Service Pack 2 (5.01.2600)
          MSIE: Internet Explorer (7.00.6000.16640)
          Boot mode: Normal

          Running processes:
          C:\WINDOWS\system32\smss.exe
          C:\WINDOWS\system32\csrss.exe
          C:\WINDOWS\system32\winlogon.exe
          C:\WINDOWS\system32\services.exe
          C:\WINDOWS\system32\lsass.exe
          C:\WINDOWS\system32\svchost.exe
          C:\WINDOWS\system32\svchost.exe
          C:\WINDOWS\system32\svchost.exe
          C:\WINDOWS\system32\svchost.exe
          C:\WINDOWS\system32\svchost.exe
          C:\WINDOWS\system32\spoolsv.exe
          C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
          C:\WINDOWS\system32\scardsvr.exe
          C:\WINDOWS\explorer.exe
          C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
          D:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
          C:\WINDOWS\system32\svchost.exe
          C:\Program Files\McAfee\MBK\MBackMonitor.exe
          C:\Program Files\McAfee\MSC\mcmscsvc.exe
          C:\Program Files\Common Files\McAfee\MNA\McNASvc.exe
          C:\Program Files\Common Files\McAfee\McProxy\McProxy.exe
          C:\Program Files\McAfee\VirusScan\Mcshield.exe
          C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
          C:\Program Files\McAfee\MPF\MpfSrv.exe
          C:\Program Files\McAfee\MSK\msksrver.exe
          D:\Program Files\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlservr.exe
          D:\Program Files\PC Tools AntiVirus\PCTAVSvc.exe
          C:\Program Files\McAfee.com\Agent\mcagent.exe
          C:\WINDOWS\system32\svchost.exe
          C:\Program Files\Windows Media Player\wmpnetwk.exe
          C:\Program Files\Pinnacle\Shared Files\Programs\MediaServer\PMSHost.exe
          C:\WINDOWS\system32\alg.exe
          C:\WINDOWS\system32\notepad.exe
          C:\WINDOWS\system32\rundll32.exe
          C:\Program Files\Analog Devices\Core\smax4pnp.exe
          C:\Program Files\Analog Devices\SoundMAX\SMax4.exe
          C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe
          C:\Program Files\Common Files\Real\Update_OB\realsched.exe
          C:\Program Files\Pinnacle\Shared Files\Programs\USBTip\USBTip.exe
          D:\Program Files\PowerISO\PWRISOVM.EXE
          C:\WINDOWS\system32\wuauclt.exe
          D:\Program Files\RAM Idle LE\RAM_XP.exe
          C:\Program Files\SiteAdvisor\6172\SiteAdv.exe
          C:\Program Files\McAfee\MWL\MwlGui.exe
          C:\Program Files\McAfee\MBK\McAfeeDataBackup.exe
          C:\Program Files\McAfee\VirusScan\mcsysmon.exe
          C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
          C:\Program Files\QuickTime\QTTask.exe
          C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe
          C:\Program Files\Logitech\QuickCam10\QuickCam10.exe
          D:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
          D:\Program Files\PC Tools AntiVirus\PCTAV.exe
          C:\Program Files\Windows Live\Messenger\msnmsgr.exe
          C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
          C:\WINDOWS\system32\ctfmon.exe
          C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
          C:\Program Files\Common Files\LogiShrd\LComMgr\LVComSX.exe
          C:\Program Files\McAfee\MWL\MwlSvc.exe
          C:\Program Files\Common Files\LogiShrd\LQCVFX\COCIManager.exe
          C:\Program Files\McAfee\MSC\mcuimgr.exe
          C:\Program Files\McAfee\MSC\mcupdmgr.exe
          D:\Documenten en settings\Rajiv\Bureaublad\dss.exe
          D:\Rajiv\Rajiv.exe

          R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
          R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.nl/
          R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
          R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
          R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
          R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
          R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.nl/
          O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
          O2 - BHO: (no name) - {089FD14D-132B-48FC-8861-0048AE113215} - C:\Program Files\SiteAdvisor\6253\SiteAdv.dll
          O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
          O2 - BHO: McAntiPhishingBHO - {377C180E-6F0E-4D4C-980F-F45BD3D40CF4} - C:\Program Files\McAfee\MSK\mcapbho.dll
          O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - D:\Program Files\Spybot - Search & Destroy\SDHelper.dll
          O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
          O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptsn.dll
          O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
          O3 - Toolbar: McAfee SiteAdvisor - {0BF43445-2F28-4351-9252-17FE6E806AA0} - C:\Program Files\SiteAdvisor\6253\SiteAdv.dll
          O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
          O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
          O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
          O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe
          O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
          O4 - HKLM\..\Run: [SoundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray
          O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe"
          O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
          O4 - HKLM\..\Run: [USBToolTip] "C:\Program Files\Pinnacle\Shared Files\Programs\USBTip\USBTip.exe"
          O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\system32\PSDrvCheck.exe -CheckReg
          O4 - HKLM\..\Run: [PWRISOVM.EXE] D:\Program Files\PowerISO\PWRISOVM.EXE
          O4 - HKLM\..\Run: [RAM Idle Professional] D:\Program Files\RAM Idle LE\RAM_XP.exe
          O4 - HKLM\..\Run: [SiteAdvisor] C:\Program Files\SiteAdvisor\6172\SiteAdv.exe
          O4 - HKLM\..\Run: [MWLExe] C:\Program Files\Mcafee\MWL\MWLGui.exe /Start
          O4 - HKLM\..\Run: [McAfee Backup] C:\Program Files\McAfee\MBK\McAfeeDataBackup.exe
          O4 - HKLM\..\Run: [MBkLogOnHook] C:\Program Files\McAfee\MBK\LogOnHook.exe
          O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
          O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
          O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe"
          O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam10\QuickCam10.exe" /hide
          O4 - HKLM\..\Run: [!AVG Anti-Spyware] "D:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
          O4 - HKLM\..\Run: [mcagent_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey
          O4 - HKLM\..\Run: [PCTAVApp] "D:\Program Files\PC Tools AntiVirus\PCTAV.exe" /MONITORSCAN
          O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
          O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
          O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
          O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
          O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
          O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
          O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
          O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
          O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE12\EXCEL.EXE/3000
          O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://D:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
          O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
          O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
          O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
          O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
          O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
          O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\network diagnostic\xpnetdiag.exe
          O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\network diagnostic\xpnetdiag.exe
          O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
          O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
          O16 - DPF: RaptisoftGameLoader () - http://www.miniclip.com/games/hamsterball/en/raptisoftgameloader.cab
          O16 - DPF: {10D8193E-7842-493D-897E-E9E2FF2481DA} (WDClient.clsWDClient) - http://www.video4all.nl/src/wdclient.cab
          O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/5/b/0/5b0d4654-aa20-495c-b89f-c1c34c691085/LegitCheckControl.cab
          O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
          O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
          O16 - DPF: {D83C1BD1-DCBB-11D4-9425-0050BF33FA6E} (CycloScopeLite Control) - http://www.cyclomedia.nl/download/components/CycloScopeLite.cab
          O17 - HKLM\SYSTEM\CCS\Services\Tcpip\..\{0A14438F-7A86-4CAA-8BD0-A9569FD2E719}: NameServer = 85.255.116.120,85.255.112.114
          O17 - HKLM\SYSTEM\CCS\Services\Tcpip\..\{175F24D4-4E9E-4766-9A2E-CBB171908B05}: NameServer = 85.255.116.120,85.255.112.114
          O17 - HKLM\SYSTEM\CCS\Services\Tcpip\..\{73E71C5D-4BCA-47F9-BB2D-EA68F07E25FB}: NameServer = 85.255.116.120,85.255.112.114
          O17 - HKLM\SYSTEM\CCS\Services\Tcpip\..\{7CA320F7-C48D-463D-9F75-56ECF8946A34}: NameServer = 85.255.116.120,85.255.112.114
          O17 - HKLM\SYSTEM\CCS\Services\Tcpip\..\{940F847F-067D-4B14-8BB6-2C6E57462751}: NameServer = 85.255.116.120,85.255.112.114
          O17 - HKLM\SYSTEM\CCS\Services\Tcpip\..\{99CAB3FD-C6D2-405D-9818-09B71C210499}: NameServer = 85.255.116.120,85.255.112.114
          O17 - HKLM\SYSTEM\CS1\Services\Tcpip\Parameters: NameServer = 85.255.116.120 85.255.112.114
          O17 - HKLM\SYSTEM\CS2\Services\Tcpip\Parameters: NameServer = 85.255.116.120 85.255.112.114
          O17 - HKLM\SYSTEM\CCS\Services\Tcpip\Parameters: NameServer = 85.255.116.120 85.255.112.114
          O18 - Protocol: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} - C:\Program Files\Common Files\Microsoft Shared\Web Folders\PKMCDO.DLL
          O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.8.5.1302.1018.dll
          O18 - Protocol: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\MSITSS.DLL
          O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.8.5.1302.1018.dll
          O18 - Protocol: mso-offdap - {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Program Files\Common Files\Microsoft Shared\Web Components\10\OWC10.DLL
          O18 - Protocol: siteadvisor - {3A5DC592-7723-4EAA-9EE6-AF4222BCF879} - C:\Program Files\SiteAdvisor\6253\SiteAdv.dll
          O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll
          O18 - Protocol: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll
          O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
          O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - D:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
          O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
          O23 - Service: iPod-service (iPod Service) - Apple Inc. - D:\Wicky\I tunes I pod\iPod\bin\iPodService.exe
          O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
          O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
          O23 - Service: MBackMonitor - McAfee - C:\Program Files\McAfee\MBK\MBackMonitor.exe
          O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\Program Files\McAfee\MSC\mcmscsvc.exe
          O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\MNA\McNASvc.exe
          O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan\mcods.exe
          O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McProxy\McProxy.exe
          O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan\Mcshield.exe
          O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan\mcsysmon.exe
          O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MpfSrv.exe
          O23 - Service: McAfee SpamKiller Service (MSK80Service) - McAfee, Inc. - C:\Program Files\McAfee\MSK\msksrver.exe
          O23 - Service: McAfee Wireless Network Security Service (MWLSvc) - McAfee, Inc. - C:\Program Files\McAfee\MWL\MwlSvc.exe
          O23 - Service: NBService - Unknown owner - C:\Program Files\Nero\Nero 7\Nero
          O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
          O23 - Service: PC Tools AntiVirus Engine (PCTAVSvc) - PC Tools Research Pty Ltd - D:\Program Files\PC Tools AntiVirus\PCTAVSvc.exe
          O23 - Service: Pinnacle Systems Media Service (PinnacleSys.MediaServer) - Pinnacle Systems - C:\Program Files\Pinnacle\Shared Files\Programs\MediaServer\PMSHost.exe
          O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe


          --
          End of file - 14665 bytes

          -- HijackThis Fixed Entries (D:\Rajiv\backups\) --------------------------------

          backup-20070330-214943-520 O9 - Extra button: MyCom - {E7EBEE94-D039-4153-89B4-3B07711E468C} - http://www.mycom.nl (file missing) (HKCU)
          backup-20070330-232948-549 O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
          backup-20070330-232948-976 R3 - URLSearchHook: &Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)

          -- File Associations -----------------------------------------------------------

          All associations okay.


          -- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------

          R1 PCLEPCI - c:\windows\system32\drivers\pclepci.sys <Not Verified; Pinnacle Systems GmbH; PCLEPCI>
          R1 SCDEmu - c:\windows\system32\drivers\scdemu.sys <Not Verified; PowerISO Computing, Inc.; scdemu>
          R1 StarOpen - c:\windows\system32\drivers\staropen.sys
          R2 Sentinel - c:\windows\system32\drivers\sentinel.sys <Not Verified; Rainbow Technologies, Inc.; Sentinel System Driver>
          R3 ASAPIW2K - c:\windows\system32\drivers\asapiw2k.sys <Not Verified; VOB Computersysteme GmbH; asapi>
          R3 MarvinBus (Pinnacle Marvin Bus) - c:\windows\system32\drivers\marvinbus.sys <Not Verified; Pinnacle Systems GmbH; Pinnacle Marvin Discrete>
          R3 Pcouffin (Low level access layer for CD devices) - c:\windows\system32\drivers\pcouffin.sys <Not Verified; VSO Software; Patin couffin engine>

          S0 BTHidMgr (Bluetooth HID Manager Service) - c:\windows\system32\drivers\bthidmgr.sys (file missing)
          S3 BlueletAudio (Bluetooth Audio Service) - c:\windows\system32\drivers\blueletaudio.sys (file missing)
          S3 BlueletSCOAudio (Bluetooth SCO Audio Service) - c:\windows\system32\drivers\blueletscoaudio.sys (file missing)
          S3 BT (Bluetooth PAN Network Adapter) - c:\windows\system32\drivers\btnetdrv.sys (file missing)
          S3 BTHidEnum (Bluetooth HID Enumerator) - c:\windows\system32\drivers\vbtenum.sys (file missing)
          S3 catchme - d:\docume~1\rajiv\locals~1\temp\catchme.sys (file missing)
          S3 NPF (NetGroup Packet Filter Driver) - c:\windows\system32\drivers\npf.sys <Not Verified; CACE Technologies; WinPcap Netgroup Packet Filter Driver>
          S3 VComm (Virtual Serial port driver) - c:\windows\system32\drivers\vcomm.sys (file missing)
          S3 VcommMgr (Bluetooth VComm Manager Service) - c:\windows\system32\drivers\vcommmgr.sys (file missing)


          -- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------

          R2 Apple Mobile Device - "c:\program files\common files\apple\mobile device support\bin\applemobiledeviceservice.exe" <Not Verified; Apple, Inc.; Apple Mobile Device Service>
          R2 PinnacleSys.MediaServer (Pinnacle Systems Media Service) - c:\program files\pinnacle\shared files\programs\mediaserver\pmshost.exe <Not Verified; Pinnacle Systems; Media Server>

          S3 NBService - c:\program files\nero\nero 7\nero backitup\nbservice.exe
          S3 rpcapd (Remote Packet Capture Protocol v.0 (experimental)) - "c:\program files\winpcap\rpcapd.exe" -d -f "c:\program files\winpcap\rpcapd.ini" <Not Verified; CACE Technologies; Remote Packet Capture Daemon>


          -- Device Manager: Disabled ----------------------------------------------------

          Class GUID: {D76B962B-F0B8-41F2-8590-6605FE4EA312}
          Description: Bluetooth HID Manager
          Device ID: ROOT\BLUETOOTH\0000
          Manufacturer: IVT Corporation
          Name: Bluetooth HID Manager
          PNP Device ID: ROOT\BLUETOOTH\0000
          Service: BTHidMgr

          Class GUID: {D76B962B-F0B8-41F2-8590-6605FE4EA312}
          Description: Bluetooth VComm Manager
          Device ID: ROOT\BLUETOOTH\0001
          Manufacturer: IVT Corporation
          Name: Bluetooth VComm Manager
          PNP Device ID: ROOT\BLUETOOTH\0001
          Service: VcommMgr

          Class GUID: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA}
          Description: Bluetooth HID Enum Device
          Device ID: ROOT\HIDCLASS\0000
          Manufacturer: IVT Corporation
          Name: Bluetooth HID Enum Device
          PNP Device ID: ROOT\HIDCLASS\0000
          Service: BTHidEnum

          Class GUID: {4D36E96C-E325-11CE-BFC1-08002BE10318}
          Description: Bluetooth AV Audio
          Device ID: ROOT\MEDIA\0000
          Manufacturer: IVT Corporation.
          Name: Bluetooth AV Audio
          PNP Device ID: ROOT\MEDIA\0000
          Service: BlueletAudio

          Class GUID: {4D36E96C-E325-11CE-BFC1-08002BE10318}
          Description: Bluetooth SCO Audio
          Device ID: ROOT\MEDIA\0001
          Manufacturer: IVT Corporation.
          Name: Bluetooth SCO Audio
          PNP Device ID: ROOT\MEDIA\0001
          Service: BlueletSCOAudio

          Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
          Description: Bluetooth PAN Network Adapter
          Device ID: ROOT\NET\0000
          Manufacturer: IVT Corporation
          Name: Bluetooth PAN Network Adapter
          PNP Device ID: ROOT\NET\0000
          Service: BT

          Class GUID: {4D36E978-E325-11CE-BFC1-08002BE10318}
          Description: Bluetooth Serial Port
          Device ID: ROOT\PORTS\0000
          Manufacturer: IVT Corporation
          Name: Bluetooth Serial Port (COM3)
          PNP Device ID: ROOT\PORTS\0000
          Service: VComm

          Class GUID: {4D36E978-E325-11CE-BFC1-08002BE10318}
          Description: Bluetooth Serial Port
          Device ID: ROOT\PORTS\0001
          Manufacturer: IVT Corporation
          Name: Bluetooth Serial Port (COM4)
          PNP Device ID: ROOT\PORTS\0001
          Service: VComm

          Class GUID: {4D36E978-E325-11CE-BFC1-08002BE10318}
          Description: Bluetooth Serial Port
          Device ID: ROOT\PORTS\0002
          Manufacturer: IVT Corporation
          Name: Bluetooth Serial Port (COM5)
          PNP Device ID: ROOT\PORTS\0002
          Service: VComm

          Class GUID: {4D36E978-E325-11CE-BFC1-08002BE10318}
          Description: Bluetooth Serial Port
          Device ID: ROOT\PORTS\0003
          Manufacturer: IVT Corporation
          Name: Bluetooth Serial Port (COM6)
          PNP Device ID: ROOT\PORTS\0003
          Service: VComm

          Class GUID: {4D36E978-E325-11CE-BFC1-08002BE10318}
          Description: Bluetooth Serial Port
          Device ID: ROOT\PORTS\0004
          Manufacturer: IVT Corporation
          Name: Bluetooth Serial Port (COM7)
          PNP Device ID: ROOT\PORTS\0004
          Service: VComm

          Class GUID: {4D36E978-E325-11CE-BFC1-08002BE10318}
          Description: Bluetooth Serial Port
          Device ID: ROOT\PORTS\0005
          Manufacturer: IVT Corporation
          Name: Bluetooth Serial Port (COM8)
          PNP Device ID: ROOT\PORTS\0005
          Service: VComm

          Class GUID: {4D36E978-E325-11CE-BFC1-08002BE10318}
          Description: Bluetooth Serial Port
          Device ID: ROOT\PORTS\0006
          Manufacturer: IVT Corporation
          Name: Bluetooth Serial Port (COM9)
          PNP Device ID: ROOT\PORTS\0006
          Service: VComm

          Class GUID: {4D36E978-E325-11CE-BFC1-08002BE10318}
          Description: Bluetooth Serial Port
          Device ID: ROOT\PORTS\0007
          Manufacturer: IVT Corporation
          Name: Bluetooth Serial Port (COM10)
          PNP Device ID: ROOT\PORTS\0007
          Service: VComm

          Class GUID: {4D36E978-E325-11CE-BFC1-08002BE10318}
          Description: Bluetooth Serial Port
          Device ID: ROOT\PORTS\0008
          Manufacturer: IVT Corporation
          Name: Bluetooth Serial Port (COM11)
          PNP Device ID: ROOT\PORTS\0008
          Service: VComm

          Class GUID: {4D36E978-E325-11CE-BFC1-08002BE10318}
          Description: Bluetooth Serial Port
          Device ID: ROOT\PORTS\0011
          Manufacturer: IVT Corporation
          Name: Bluetooth Serial Port (COM12)
          PNP Device ID: ROOT\PORTS\0011
          Service: VComm

          Class GUID: {4D36E978-E325-11CE-BFC1-08002BE10318}
          Description: Bluetooth Serial Port
          Device ID: ROOT\PORTS\0012
          Manufacturer: IVT Corporation
          Name: Bluetooth Serial Port (COM13)
          PNP Device ID: ROOT\PORTS\0012
          Service: VComm


          -- Scheduled Tasks -------------------------------------------------------------

          2008-05-01 01:00:00 356 --a------ C:\WINDOWS\Tasks\McQcTask.job
          2008-03-15 02:00:00 264 --a------ C:\WINDOWS\Tasks\McDefragTask.job


          -- Files created between 2008-04-12 and 2008-05-12 -----------------------------

          2008-05-12 21:09:56 0 d-------- D:\Deckard
          2008-05-12 20:55:59 7048 --a------ C:\WINDOWS\system32\fixp.bat
          2008-05-12 20:55:58 818420 --a------ C:\WINDOWS\system32\RVAXO.bat
          2008-05-12 20:55:58 69632 --a------ C:\WINDOWS\system32\remove.exe
          2008-05-06 02:02:30 0 d-------- D:\Documenten en settings\Wicky Prewies\Application Data\PC Tools
          2008-05-02 23:30:01 0 d-------- D:\Documenten en settings\Lila\Application Data\PC Tools
          2008-05-02 01:00:26 0 d-------- D:\Documenten en settings\Rajiv\Application Data\PC Tools
          2008-05-02 00:59:16 0 d-------- C:\Program Files\Common Files\PC Tools
          2008-05-02 00:59:09 0 d-------- D:\Documenten en settings\All Users\Application Data\PC Tools
          2008-05-01 22:59:04 0 dr-h----- D:\Documenten en settings\Rajiv\Onlangs geopend
          2008-04-13 18:06:41 0 d-------- D:\Suriname 2007


          -- Find3M Report ---------------------------------------------------------------

          2008-05-12 21:06:44 464256 --a------ C:\WINDOWS\system32\perfh013.dat
          2008-05-12 21:06:44 78772 --a------ C:\WINDOWS\system32\perfc013.dat
          2008-05-02 00:59:16 0 d-------- C:\Program Files\Common Files
          2008-05-02 00:53:52 0 d-------- D:\Documenten en settings\Rajiv\Application Data\SiteAdvisor
          2008-04-20 15:26:46 0 d-------- D:\Documenten en settings\Rajiv\Application Data\Real
          2008-04-06 14:07:49 0 d-------- C:\Program Files\McAfee
          2008-03-21 19:10:22 0 d-------- C:\Program Files\Nufsoft
          2008-03-14 13:42:53 0 d-------- C:\Program Files\Windows Media Connect 2
          2008-02-13 17:37:23 0 --a------ C:\WINDOWS\nsreg.dat


          -- Registry Dump ---------------------------------------------------------------

          *Note* empty entries & legit default entries are not shown


          [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{377C180E-6F0E-4D4C-980F-F45BD3D40CF4}]
          19-09-2007 07:15 329032 --a------ C:\Program Files\McAfee\MSK\mcapbho.dll

          [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
          "NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [24-01-2006 12:15]
          "nwiz"="nwiz.exe" [24-01-2006 12:15 C:\WINDOWS\system32\nwiz.exe]
          "NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [24-01-2006 12:15]
          "High Definition Audio Property Page Shortcut"="HDAShCut.exe" [27-10-2004 15:21 C:\WINDOWS\system32\HdAShCut.exe]
          "SoundMAXPnP"="C:\Program Files\Analog Devices\Core\smax4pnp.exe" [20-05-2005 03:11]
          "SoundMAX"="C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" [07-09-2005 15:35]
          "RemoteControl"="C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe" [02-11-2004 20:24]
          "TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [17-11-2006 14:11]
          "USBToolTip"="C:\Program Files\Pinnacle\Shared Files\Programs\USBTip\USBTip.exe" [23-01-2006 16:42]
          "PinnacleDriverCheck"="C:\WINDOWS\system32\PSDrvCheck.exe" [11-03-2004 01:26]
          "PWRISOVM.EXE"="D:\Program Files\PowerISO\PWRISOVM.EXE" [06-11-2006 10:27]
          "RAM Idle Professional"="D:\Program Files\RAM Idle LE\RAM_XP.exe" [17-01-2006 06:38]
          "SiteAdvisor"="C:\Program Files\SiteAdvisor\6172\SiteAdv.exe" [02-02-2007 19:41]
          "MWLExe"="C:\Program Files\Mcafee\MWL\MWLGui.exe" [28-07-2007 10:32]
          "McAfee Backup"="C:\Program Files\McAfee\MBK\McAfeeDataBackup.exe" [16-01-2007 14:59]
          "MBkLogOnHook"="C:\Program Files\McAfee\MBK\LogOnHook.exe" [08-01-2007 12:22]
          "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe" [14-03-2007 03:43]
          "QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [29-06-2007 06:24]
          "LogitechCommunicationsManager"="C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe" [08-02-2007 01:12]
          "LogitechQuickCamRibbon"="C:\Program Files\Logitech\QuickCam10\QuickCam10.exe" [08-02-2007 01:13]
          "!AVG Anti-Spyware"="D:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [11-06-2007 11:25]
          "mcagent_exe"="C:\Program Files\McAfee.com\Agent\mcagent.exe" [03-08-2007 23:33]
          "PCTAVApp"="D:\Program Files\PC Tools AntiVirus\PCTAV.exe" [05-03-2008 09:37]

          [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
          "MsnMsgr"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [18-10-2007 12:34]
          "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe" [09-10-2006 12:28]
          "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [04-08-2004 14:00]
          "WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" [02-11-2006 23:53]

          [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
          "DisableRegistryTools"=0 (0x0)

          [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
          "System"="kdjoq.exe"

          [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]
          @=""

          [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
          @=""

          [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\D:^Documenten en settings^All Users^Menu Start^Programma's^Opstarten^Adobe Reader Snelle start.lnk]
          path=D:\Documenten en settings\All Users\Menu Start\Programma's\Opstarten\Adobe Reader Snelle start.lnk
          backup=C:\WINDOWS\pss\Adobe Reader Snelle start.lnkCommon Startup

          [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\D:^Documenten en settings^All Users^Menu Start^Programma's^Opstarten^Microsoft Office.lnk]
          path=D:\Documenten en settings\All Users\Menu Start\Programma's\Opstarten\Microsoft Office.lnk
          backup=C:\WINDOWS\pss\Microsoft Office.lnkCommon Startup

          [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\D:^Documenten en settings^All Users^Menu Start^Programma's^Opstarten^WinZip Quick Pick.lnk]
          path=D:\Documenten en settings\All Users\Menu Start\Programma's\Opstarten\WinZip Quick Pick.lnk
          backup=C:\WINDOWS\pss\WinZip Quick Pick.lnkCommon Startup

          [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
          "D:\Wicky\I tunes I pod\iTunesHelper.exe"

          [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
          C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe

          [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
          "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized


          [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{74571f57-129d-11db-bf3f-806d6172696f}]
          PlayWithPowerDVD\Command- "C:\Program Files\CyberLink DVD Solution\PowerDVD\PowerDVD.exe" "%l"




          -- End of Deckard's System Scanner: finished at 2008-05-12 21:14:21 ------------

          Comment


          • #6
            Download The Avenger en pak het programma uit op je bureaublad.
            Open de map avenger en start het programma door op avenger.exe te dubbelklikken.
            In het venster Input Script here, kopieer en plak je onderstaande dikgedrukte tekst:


            Files to delete:
            C:\WINDOWS\system32\vgswdqkq.dll
            C:\WINDOWS\system32\kdjoq.exe


            Klik daarna op de knop Execute.
            The Avenger zal aangeven dat de computer gaat herstarten, sta dit toe.
            Na reboot opent een logfile (avenger.txt). Post de inhoud van deze logfile met een nieuw logje van Hijackthis

            Comment


            • #7
              Logfile of The Avenger Version 2.0, (c) by Swandog46
              http://swandog46.geekstogo.com

              Platform: Windows XP

              *******************

              Script file opened successfully.
              Script file read successfully.

              Backups directory opened successfully at C:\Avenger

              *******************

              Beginning to process script file:

              Rootkit scan active.
              No rootkits found!


              Error: file "C:\WINDOWS\system32\vgswdqkq.dll" not found!
              Deletion of file "C:\WINDOWS\system32\vgswdqkq.dll" failed!
              Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND)
              --> the object does not exist

              File "C:\WINDOWS\system32\kdjoq.exe" deleted successfully.

              Completed script processing.

              *******************

              Finished! Terminate.


              EN

              Logfile of Trend Micro HijackThis v2.0.2
              Scan saved at 4:13:56, on 13-5-2008
              Platform: Windows XP SP2 (WinNT 5.01.2600)
              MSIE: Internet Explorer v7.00 (7.00.6000.16640)
              Boot mode: Normal

              Running processes:
              C:\WINDOWS\System32\smss.exe
              C:\WINDOWS\system32\winlogon.exe
              C:\WINDOWS\system32\services.exe
              C:\WINDOWS\system32\lsass.exe
              C:\WINDOWS\system32\svchost.exe
              C:\WINDOWS\System32\svchost.exe
              C:\WINDOWS\system32\spoolsv.exe
              c:\program files\common files\logishrd\lvmvfm\LVPrcSrv.exe
              C:\WINDOWS\Explorer.EXE
              C:\WINDOWS\system32\NOTEPAD.EXE
              C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
              D:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
              C:\WINDOWS\System32\svchost.exe
              C:\Program Files\McAfee\MBK\MBackMonitor.exe
              C:\WINDOWS\system32\RUNDLL32.EXE
              C:\Program Files\Analog Devices\Core\smax4pnp.exe
              C:\Program Files\Analog Devices\SoundMAX\Smax4.exe
              C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe
              C:\Program Files\Common Files\Real\Update_OB\realsched.exe
              C:\Program Files\Pinnacle\Shared Files\Programs\USBTip\USBTip.exe
              D:\Program Files\PowerISO\PWRISOVM.EXE
              D:\Program Files\RAM Idle LE\RAM_XP.exe
              C:\Program Files\SiteAdvisor\6172\SiteAdv.exe
              C:\Program Files\Mcafee\MWL\MWLGui.exe
              C:\Program Files\McAfee\MBK\McAfeeDataBackup.exe
              C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
              C:\Program Files\QuickTime\QTTask.exe
              C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe
              C:\Program Files\Logitech\QuickCam10\QuickCam10.exe
              D:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
              C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
              C:\Program Files\McAfee.com\Agent\mcagent.exe
              D:\Program Files\PC Tools AntiVirus\PCTAV.exe
              C:\Program Files\Windows Live\Messenger\msnmsgr.exe
              C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
              C:\WINDOWS\system32\ctfmon.exe
              C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
              c:\program files\common files\mcafee\mna\mcnasvc.exe
              c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
              C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
              C:\Program Files\Common Files\LogiShrd\LComMgr\LVComSX.exe
              C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
              C:\Program Files\McAfee\MPF\MPFSrv.exe
              C:\Program Files\McAfee\MSK\MskSrver.exe
              D:\Program Files\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlservr.exe
              C:\WINDOWS\system32\nvsvc32.exe
              D:\Program Files\PC Tools AntiVirus\PCTAVSvc.exe
              C:\WINDOWS\system32\svchost.exe
              C:\Program Files\internet explorer\iexplore.exe
              c:\program files\pinnacle\shared files\programs\mediaserver\pmshost.exe
              C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
              C:\WINDOWS\system32\wuauclt.exe
              C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
              C:\Program Files\Mcafee\MWL\MwlSvc.exe
              C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
              C:\WINDOWS\system32\wuauclt.exe
              c:\PROGRA~1\mcafee\msc\mcuimgr.exe
              D:\Program Files\Trend Micro\HijackThis\HijackThis.exe

              R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.nl/
              R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
              R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
              R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.nl/
              R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
              O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
              O2 - BHO: (no name) - {089FD14D-132B-48FC-8861-0048AE113215} - C:\Program Files\SiteAdvisor\6253\SiteAdv.dll
              O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
              O2 - BHO: McAntiPhishingBHO - {377C180E-6F0E-4D4C-980F-F45BD3D40CF4} - C:\Program Files\McAfee\MSK\mcapbho.dll
              O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - D:\PROGRA~1\SPYBOT~1\SDHelper.dll
              O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
              O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptsn.dll
              O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
              O3 - Toolbar: McAfee SiteAdvisor - {0BF43445-2F28-4351-9252-17FE6E806AA0} - C:\Program Files\SiteAdvisor\6253\SiteAdv.dll
              O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
              O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
              O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
              O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe
              O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
              O4 - HKLM\..\Run: [SoundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray
              O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe"
              O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
              O4 - HKLM\..\Run: [USBToolTip] "C:\Program Files\Pinnacle\Shared Files\Programs\USBTip\USBTip.exe"
              O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\system32\PSDrvCheck.exe -CheckReg
              O4 - HKLM\..\Run: [PWRISOVM.EXE] D:\Program Files\PowerISO\PWRISOVM.EXE
              O4 - HKLM\..\Run: [RAM Idle Professional] D:\Program Files\RAM Idle LE\RAM_XP.exe
              O4 - HKLM\..\Run: [SiteAdvisor] C:\Program Files\SiteAdvisor\6172\SiteAdv.exe
              O4 - HKLM\..\Run: [MWLExe] C:\Program Files\Mcafee\MWL\MWLGui.exe /Start
              O4 - HKLM\..\Run: [McAfee Backup] C:\Program Files\McAfee\MBK\McAfeeDataBackup.exe
              O4 - HKLM\..\Run: [MBkLogOnHook] C:\Program Files\McAfee\MBK\LogOnHook.exe
              O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
              O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
              O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe"
              O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam10\QuickCam10.exe" /hide
              O4 - HKLM\..\Run: [!AVG Anti-Spyware] "D:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
              O4 - HKLM\..\Run: [mcagent_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey
              O4 - HKLM\..\Run: [PCTAVApp] "D:\Program Files\PC Tools AntiVirus\PCTAV.exe" /MONITORSCAN
              O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
              O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
              O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
              O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
              O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Lokale service')
              O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Netwerkservice')
              O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
              O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
              O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE12\EXCEL.EXE/3000
              O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://D:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
              O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
              O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
              O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
              O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
              O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
              O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
              O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
              O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
              O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
              O16 - DPF: RaptisoftGameLoader - http://www.miniclip.com/games/hamsterball/en/raptisoftgameloader.cab
              O16 - DPF: {10D8193E-7842-493D-897E-E9E2FF2481DA} (WDClient.clsWDClient) - http://www.video4all.nl/src/wdclient.cab
              O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
              O16 - DPF: {D83C1BD1-DCBB-11D4-9425-0050BF33FA6E} (CycloScopeLite Control) - http://www.cyclomedia.nl/download/components/CycloScopeLite.cab
              O17 - HKLM\System\CCS\Services\Tcpip\..\{0A14438F-7A86-4CAA-8BD0-A9569FD2E719}: NameServer = 85.255.116.120,85.255.112.114
              O17 - HKLM\System\CCS\Services\Tcpip\..\{175F24D4-4E9E-4766-9A2E-CBB171908B05}: NameServer = 85.255.116.120,85.255.112.114
              O17 - HKLM\System\CCS\Services\Tcpip\..\{73E71C5D-4BCA-47F9-BB2D-EA68F07E25FB}: NameServer = 85.255.116.120,85.255.112.114
              O17 - HKLM\System\CCS\Services\Tcpip\..\{7CA320F7-C48D-463D-9F75-56ECF8946A34}: NameServer = 85.255.116.120,85.255.112.114
              O17 - HKLM\System\CCS\Services\Tcpip\..\{940F847F-067D-4B14-8BB6-2C6E57462751}: NameServer = 85.255.116.120,85.255.112.114
              O17 - HKLM\System\CCS\Services\Tcpip\..\{99CAB3FD-C6D2-405D-9818-09B71C210499}: NameServer = 85.255.116.120,85.255.112.114
              O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 85.255.116.120 85.255.112.114
              O17 - HKLM\System\CS1\Services\Tcpip\..\{0A14438F-7A86-4CAA-8BD0-A9569FD2E719}: NameServer = 85.255.116.120,85.255.112.114
              O17 - HKLM\System\CS2\Services\Tcpip\Parameters: NameServer = 85.255.116.120 85.255.112.114
              O17 - HKLM\System\CS2\Services\Tcpip\..\{0A14438F-7A86-4CAA-8BD0-A9569FD2E719}: NameServer = 85.255.116.120,85.255.112.114
              O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 85.255.116.120 85.255.112.114
              O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
              O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
              O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - D:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
              O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
              O23 - Service: iPod-service (iPod Service) - Apple Inc. - D:\Wicky\I tunes I pod\iPod\bin\iPodService.exe
              O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\common files\logishrd\lvmvfm\LVPrcSrv.exe
              O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
              O23 - Service: MBackMonitor - McAfee - C:\Program Files\McAfee\MBK\MBackMonitor.exe
              O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
              O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\program files\common files\mcafee\mna\mcnasvc.exe
              O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
              O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
              O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
              O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
              O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
              O23 - Service: McAfee SpamKiller Service (MSK80Service) - McAfee, Inc. - C:\Program Files\McAfee\MSK\MskSrver.exe
              O23 - Service: McAfee Wireless Network Security Service (MWLSvc) - McAfee, Inc. - C:\Program Files\Mcafee\MWL\MwlSvc.exe
              O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
              O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
              O23 - Service: PC Tools AntiVirus Engine (PCTAVSvc) - PC Tools Research Pty Ltd - D:\Program Files\PC Tools AntiVirus\PCTAVSvc.exe
              O23 - Service: Pinnacle Systems Media Service (PinnacleSys.MediaServer) - Pinnacle Systems - c:\program files\pinnacle\shared files\programs\mediaserver\pmshost.exe
              O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe

              --
              End of file - 13203 bytes

              Comment


              • #8
                Start Hijackthis en vink alleen de volgende regels aan:
                O17 - HKLM\System\CCS\Services\Tcpip\..\{0A14438F-7A86-4CAA-8BD0-A9569FD2E719}: NameServer = 85.255.116.120,85.255.112.114
                O17 - HKLM\System\CCS\Services\Tcpip\..\{175F24D4-4E9E-4766-9A2E-CBB171908B05}: NameServer = 85.255.116.120,85.255.112.114
                O17 - HKLM\System\CCS\Services\Tcpip\..\{73E71C5D-4BCA-47F9-BB2D-EA68F07E25FB}: NameServer = 85.255.116.120,85.255.112.114
                O17 - HKLM\System\CCS\Services\Tcpip\..\{7CA320F7-C48D-463D-9F75-56ECF8946A34}: NameServer = 85.255.116.120,85.255.112.114
                O17 - HKLM\System\CCS\Services\Tcpip\..\{940F847F-067D-4B14-8BB6-2C6E57462751}: NameServer = 85.255.116.120,85.255.112.114
                O17 - HKLM\System\CCS\Services\Tcpip\..\{99CAB3FD-C6D2-405D-9818-09B71C210499}: NameServer = 85.255.116.120,85.255.112.114
                O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 85.255.116.120 85.255.112.114
                O17 - HKLM\System\CS1\Services\Tcpip\..\{0A14438F-7A86-4CAA-8BD0-A9569FD2E719}: NameServer = 85.255.116.120,85.255.112.114
                O17 - HKLM\System\CS2\Services\Tcpip\Parameters: NameServer = 85.255.116.120 85.255.112.114
                O17 - HKLM\System\CS2\Services\Tcpip\..\{0A14438F-7A86-4CAA-8BD0-A9569FD2E719}: NameServer = 85.255.116.120,85.255.112.114
                O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 85.255.116.120 85.255.112.114

                Sluit alle openstaande vensters(behalve Hijackthis) en klik op "Fix checked".

                Ga naar het Configuratiescherm en klik op "Netwerkverbindingen". Rechtsklik op je standaard verbinding en kies "Eigenschappen".
                Klik op het tabblad "Algemeen" en dubbelklik op "Internet-Protocol (TCP/IP)". Selecteer "Automatisch een DNS-serveradres laten toewijzen".
                Ga naar Start – Uitvoeren en tik in "cmd"
                Druk op enter.
                Daarna tik je in: ipconfig /flushdns
                Druk op enter.
                Sluit het venster.

                Herstart je computer.

                Post na de herstart een nieuw logje van Hijackthis ter controle

                Comment


                • #9
                  Oorspronkelijk geplaatst door rajiv
                  Sorry voor de late reactie...
                  Had een overlijdingsgeval in de familie...

                  Ik post weer een log.....

                  Logfile of Trend Micro HijackThis v2.0.2
                  Scan saved at 17:16:12, on 27-5-2008
                  Platform: Windows XP SP2 (WinNT 5.01.2600)
                  MSIE: Internet Explorer v7.00 (7.00.6000.16640)
                  Boot mode: Normal

                  Running processes:
                  C:\WINDOWS\System32\smss.exe
                  C:\WINDOWS\system32\winlogon.exe
                  C:\WINDOWS\system32\services.exe
                  C:\WINDOWS\system32\lsass.exe
                  C:\WINDOWS\system32\svchost.exe
                  C:\WINDOWS\System32\svchost.exe
                  C:\WINDOWS\system32\spoolsv.exe
                  c:\program files\common files\logishrd\lvmvfm\LVPrcSrv.exe
                  C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
                  D:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
                  C:\WINDOWS\System32\svchost.exe
                  C:\Program Files\McAfee\MBK\MBackMonitor.exe
                  C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
                  c:\program files\common files\mcafee\mna\mcnasvc.exe
                  c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
                  C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
                  C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
                  C:\Program Files\McAfee\MPF\MPFSrv.exe
                  C:\Program Files\McAfee\MSK\MskSrver.exe
                  D:\Program Files\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlservr.exe
                  C:\WINDOWS\system32\nvsvc32.exe
                  D:\Program Files\PC Tools AntiVirus\PCTAVSvc.exe
                  C:\WINDOWS\system32\svchost.exe
                  c:\program files\pinnacle\shared files\programs\mediaserver\pmshost.exe
                  C:\WINDOWS\Explorer.EXE
                  C:\PROGRA~1\McAfee.com\Agent\mcagent.exe
                  C:\WINDOWS\system32\RUNDLL32.EXE
                  C:\Program Files\Analog Devices\Core\smax4pnp.exe
                  C:\Program Files\Analog Devices\SoundMAX\Smax4.exe
                  C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe
                  C:\Program Files\Common Files\Real\Update_OB\realsched.exe
                  C:\Program Files\Pinnacle\Shared Files\Programs\USBTip\USBTip.exe
                  D:\Program Files\PowerISO\PWRISOVM.EXE
                  D:\Program Files\RAM Idle LE\RAM_XP.exe
                  C:\Program Files\SiteAdvisor\6172\SiteAdv.exe
                  C:\Program Files\Mcafee\MWL\MWLGui.exe
                  C:\Program Files\McAfee\MBK\McAfeeDataBackup.exe
                  C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
                  C:\Program Files\QuickTime\QTTask.exe
                  C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe
                  C:\Program Files\Logitech\QuickCam10\QuickCam10.exe
                  D:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
                  D:\Program Files\PC Tools AntiVirus\PCTAV.exe
                  C:\Program Files\Windows Live\Messenger\msnmsgr.exe
                  C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
                  C:\WINDOWS\system32\ctfmon.exe
                  C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
                  C:\WINDOWS\system32\wuauclt.exe
                  C:\Program Files\Common Files\LogiShrd\LComMgr\LVComSX.exe
                  C:\Program Files\Mcafee\MWL\MwlSvc.exe
                  C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
                  C:\WINDOWS\system32\wuauclt.exe
                  C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
                  C:\Program Files\Internet Explorer\IEXPLORE.EXE
                  c:\PROGRA~1\mcafee\msc\mcuimgr.exe
                  C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
                  D:\Program Files\Trend Micro\HijackThis\HijackThis.exe

                  R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.nl/
                  R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
                  R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
                  R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.nl/
                  R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
                  O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
                  O2 - BHO: (no name) - {089FD14D-132B-48FC-8861-0048AE113215} - C:\Program Files\SiteAdvisor\6253\SiteAdv.dll
                  O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
                  O2 - BHO: McAntiPhishingBHO - {377C180E-6F0E-4D4C-980F-F45BD3D40CF4} - C:\Program Files\McAfee\MSK\mcapbho.dll
                  O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - D:\PROGRA~1\SPYBOT~1\SDHelper.dll
                  O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
                  O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptsn.dll
                  O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
                  O3 - Toolbar: McAfee SiteAdvisor - {0BF43445-2F28-4351-9252-17FE6E806AA0} - C:\Program Files\SiteAdvisor\6253\SiteAdv.dll
                  O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
                  O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
                  O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
                  O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe
                  O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
                  O4 - HKLM\..\Run: [SoundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray
                  O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe"
                  O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
                  O4 - HKLM\..\Run: [USBToolTip] "C:\Program Files\Pinnacle\Shared Files\Programs\USBTip\USBTip.exe"
                  O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\system32\PSDrvCheck.exe -CheckReg
                  O4 - HKLM\..\Run: [PWRISOVM.EXE] D:\Program Files\PowerISO\PWRISOVM.EXE
                  O4 - HKLM\..\Run: [RAM Idle Professional] D:\Program Files\RAM Idle LE\RAM_XP.exe
                  O4 - HKLM\..\Run: [SiteAdvisor] C:\Program Files\SiteAdvisor\6172\SiteAdv.exe
                  O4 - HKLM\..\Run: [MWLExe] C:\Program Files\Mcafee\MWL\MWLGui.exe /Start
                  O4 - HKLM\..\Run: [McAfee Backup] C:\Program Files\McAfee\MBK\McAfeeDataBackup.exe
                  O4 - HKLM\..\Run: [MBkLogOnHook] C:\Program Files\McAfee\MBK\LogOnHook.exe
                  O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
                  O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
                  O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe"
                  O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam10\QuickCam10.exe" /hide
                  O4 - HKLM\..\Run: [!AVG Anti-Spyware] "D:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
                  O4 - HKLM\..\Run: [mcagent_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey
                  O4 - HKLM\..\Run: [PCTAVApp] "D:\Program Files\PC Tools AntiVirus\PCTAV.exe" /MONITORSCAN
                  O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
                  O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
                  O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
                  O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
                  O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Lokale service')
                  O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Netwerkservice')
                  O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
                  O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
                  O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE12\EXCEL.EXE/3000
                  O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://D:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
                  O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
                  O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
                  O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
                  O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
                  O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
                  O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
                  O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
                  O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
                  O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
                  O16 - DPF: RaptisoftGameLoader - http://www.miniclip.com/games/hamste...gameloader.cab
                  O16 - DPF: {10D8193E-7842-493D-897E-E9E2FF2481DA} (WDClient.clsWDClient) - http://www.video4all.nl/src/wdclient.cab
                  O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
                  O16 - DPF: {D83C1BD1-DCBB-11D4-9425-0050BF33FA6E} (CycloScopeLite Control) - http://www.cyclomedia.nl/download/co...oScopeLite.cab
                  O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
                  O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
                  O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - D:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
                  O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
                  O23 - Service: iPod-service (iPod Service) - Apple Inc. - D:\Wicky\I tunes I pod\iPod\bin\iPodService.exe
                  O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\common files\logishrd\lvmvfm\LVPrcSrv.exe
                  O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
                  O23 - Service: MBackMonitor - McAfee - C:\Program Files\McAfee\MBK\MBackMonitor.exe
                  O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
                  O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\program files\common files\mcafee\mna\mcnasvc.exe
                  O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
                  O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
                  O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
                  O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
                  O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
                  O23 - Service: McAfee SpamKiller Service (MSK80Service) - McAfee, Inc. - C:\Program Files\McAfee\MSK\MskSrver.exe
                  O23 - Service: McAfee Wireless Network Security Service (MWLSvc) - McAfee, Inc. - C:\Program Files\Mcafee\MWL\MwlSvc.exe
                  O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
                  O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
                  O23 - Service: PC Tools AntiVirus Engine (PCTAVSvc) - PC Tools Research Pty Ltd - D:\Program Files\PC Tools AntiVirus\PCTAVSvc.exe
                  O23 - Service: Pinnacle Systems Media Service (PinnacleSys.MediaServer) - Pinnacle Systems - c:\program files\pinnacle\shared files\programs\mediaserver\pmshost.exe
                  O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe

                  --
                  End of file - 11895 bytes

                  Comment


                  • #10
                    Logje ziet er schoon uit

                    Ondervind je nog problemen?

                    Comment


                    • #11
                      geen problemen meer!

                      Super thanx!

                      Groetjes,
                      Rajiv

                      Comment


                      • #12
                        Graag gedaan hoor

                        Comment

                        Sorry, you are not authorized to view this page
                        Working...
                        X