Mededeling

**smeenk** · 26-05-08, 23:11

Download VirtumundoBegone (mirror)
Sla dit op op je bureaublad.

Dubbelklik op VirtumundoBeGone.exe en volg de aanwijzingen.
Schrik niet als je een blauw scherm met een foutmelding te zien krijgt - dit is normaal.
Als de fix klaar is, start je de pc opnieuw op.
Plaats de inhoud van het logbestand VBG.TXT, dat nu op je bureaublad staat, hier in je volgende bericht.

Post ook een nieuw logje van Hijackthis

**timoboontjuh** · 27-05-08, 18:38

datgene wat jij zegt van dat programma werkt niet, hij kapt t niet, en geeft gelijk een melding door in dat besttand, van dat hij het niet kan vinden. help aub verder, want hij wihet niet aanpakken.

**smeenk** · 27-05-08, 18:45

Installeer unlocker eens : http://ccollomb.free.fr/unlocker/

Probeer daarna dit bestand te vinden met je verkenner:
C:\WINDOWS\System32\C:\WINDOWS\system32\ljJBsSJd.dll
Rechtklik op het bestand en kies voor het icoontje van Unlocker en daarna voor "Alles vrijgeven".
Herstart je computer en post een nieuw logje van Hijackthis

**timoboontjuh** · 27-05-08, 19:05

hier heeft u/heb je de nieuwe log van HijackThis:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:02:54, on 27-5-2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
C:\Program Files\Eset\nod32krn.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\svchost.exe
C:\ATI-CPanel\atiptaxx.exe
C:\Program Files\Eset\nod32kui.exe
C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe
C:\Program Files\Logitech\QuickCam\Quickcam.exe
C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Unlocker\UnlockerAssistant.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
C:\WINDOWS\system32\Rundll32.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpobnz08.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqimzone.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\Bin\hpoSTS08.exe
C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\rundll32.exe
C:\DOCUME~1\Timo\LOCALS~1\Temp\Rar$EX00.109\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.nl/ig?hl=nl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [ATIPTA] C:\ATI-CPanel\atiptaxx.exe
O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Host Process] C:\WINDOWS\Fonts\svchost.exe
O4 - HKLM\..\Run: [UnlockerAssistant] "C:\Program Files\Unlocker\UnlockerAssistant.exe"
O4 - HKLM\..\Run: [BMc6191582] Rundll32.exe "C:\WINDOWS\system32\gxhclryv.dll",s
O4 - HKLM\..\Run: [c52a261e] rundll32.exe "C:\WINDOWS\system32\hkrfnpby.dll",b
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Lokale service')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Netwerkservice')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: HP Photosmart Premier Snelstart.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: hp psc 2000 Series.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpobnz08.exe
O4 - Global Startup: hpoddt01.exe.lnk = ?
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1211294651609
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1211306219265
O18 - Protocol: bw+0 - {0884C03C-91A7-4C94-AFFC-FA6079213490} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {0884C03C-91A7-4C94-AFFC-FA6079213490} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {0884C03C-91A7-4C94-AFFC-FA6079213490} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {0884C03C-91A7-4C94-AFFC-FA6079213490} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {0884C03C-91A7-4C94-AFFC-FA6079213490} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {0884C03C-91A7-4C94-AFFC-FA6079213490} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {0884C03C-91A7-4C94-AFFC-FA6079213490} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {0884C03C-91A7-4C94-AFFC-FA6079213490} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {0884C03C-91A7-4C94-AFFC-FA6079213490} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {0884C03C-91A7-4C94-AFFC-FA6079213490} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {0884C03C-91A7-4C94-AFFC-FA6079213490} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {0884C03C-91A7-4C94-AFFC-FA6079213490} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {0884C03C-91A7-4C94-AFFC-FA6079213490} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {0884C03C-91A7-4C94-AFFC-FA6079213490} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {0884C03C-91A7-4C94-AFFC-FA6079213490} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {0884C03C-91A7-4C94-AFFC-FA6079213490} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {0884C03C-91A7-4C94-AFFC-FA6079213490} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {0884C03C-91A7-4C94-AFFC-FA6079213490} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {0884C03C-91A7-4C94-AFFC-FA6079213490} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {0884C03C-91A7-4C94-AFFC-FA6079213490} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {0884C03C-91A7-4C94-AFFC-FA6079213490} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {0884C03C-91A7-4C94-AFFC-FA6079213490} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {0884C03C-91A7-4C94-AFFC-FA6079213490} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {0884C03C-91A7-4C94-AFFC-FA6079213490} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {0884C03C-91A7-4C94-AFFC-FA6079213490} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {0884C03C-91A7-4C94-AFFC-FA6079213490} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {0884C03C-91A7-4C94-AFFC-FA6079213490} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {0884C03C-91A7-4C94-AFFC-FA6079213490} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {0884C03C-91A7-4C94-AFFC-FA6079213490} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {0884C03C-91A7-4C94-AFFC-FA6079213490} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {0884C03C-91A7-4C94-AFFC-FA6079213490} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {0884C03C-91A7-4C94-AFFC-FA6079213490} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {0884C03C-91A7-4C94-AFFC-FA6079213490} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {0884C03C-91A7-4C94-AFFC-FA6079213490} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {0884C03C-91A7-4C94-AFFC-FA6079213490} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {0884C03C-91A7-4C94-AFFC-FA6079213490} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {0884C03C-91A7-4C94-AFFC-FA6079213490} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {0884C03C-91A7-4C94-AFFC-FA6079213490} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {0884C03C-91A7-4C94-AFFC-FA6079213490} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {0884C03C-91A7-4C94-AFFC-FA6079213490} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {0884C03C-91A7-4C94-AFFC-FA6079213490} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {0884C03C-91A7-4C94-AFFC-FA6079213490} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {0884C03C-91A7-4C94-AFFC-FA6079213490} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {0884C03C-91A7-4C94-AFFC-FA6079213490} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {0884C03C-91A7-4C94-AFFC-FA6079213490} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {0884C03C-91A7-4C94-AFFC-FA6079213490} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {0884C03C-91A7-4C94-AFFC-FA6079213490} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {0884C03C-91A7-4C94-AFFC-FA6079213490} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {0884C03C-91A7-4C94-AFFC-FA6079213490} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {0884C03C-91A7-4C94-AFFC-FA6079213490} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {0884C03C-91A7-4C94-AFFC-FA6079213490} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {0884C03C-91A7-4C94-AFFC-FA6079213490} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {0884C03C-91A7-4C94-AFFC-FA6079213490} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {0884C03C-91A7-4C94-AFFC-FA6079213490} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {0884C03C-91A7-4C94-AFFC-FA6079213490} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {0884C03C-91A7-4C94-AFFC-FA6079213490} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {0884C03C-91A7-4C94-AFFC-FA6079213490} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {0884C03C-91A7-4C94-AFFC-FA6079213490} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {0884C03C-91A7-4C94-AFFC-FA6079213490} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {0884C03C-91A7-4C94-AFFC-FA6079213490} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {0884C03C-91A7-4C94-AFFC-FA6079213490} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {0884C03C-91A7-4C94-AFFC-FA6079213490} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {0884C03C-91A7-4C94-AFFC-FA6079213490} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {0884C03C-91A7-4C94-AFFC-FA6079213490} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {0884C03C-91A7-4C94-AFFC-FA6079213490} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {0884C03C-91A7-4C94-AFFC-FA6079213490} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {0884C03C-91A7-4C94-AFFC-FA6079213490} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {0884C03C-91A7-4C94-AFFC-FA6079213490} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {0884C03C-91A7-4C94-AFFC-FA6079213490} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {0884C03C-91A7-4C94-AFFC-FA6079213490} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {0884C03C-91A7-4C94-AFFC-FA6079213490} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {0884C03C-91A7-4C94-AFFC-FA6079213490} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {0884C03C-91A7-4C94-AFFC-FA6079213490} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {0884C03C-91A7-4C94-AFFC-FA6079213490} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {0884C03C-91A7-4C94-AFFC-FA6079213490} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {0884C03C-91A7-4C94-AFFC-FA6079213490} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {0884C03C-91A7-4C94-AFFC-FA6079213490} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\HPZIPM12.EXE

--
End of file - 19104 bytes

**smeenk** · 27-05-08, 19:07

Download Malwarebytes' Anti-Malware via hier of hier.

Dubbelklik mbam-setup.exe om het programma te installeren.

Zorg ervoor dat er een vinkje geplaatst is voor Update Malwarebytes' Anti-Malware en Launch Malwarebytes' Anti-Malware, Klik daarna op "finish".
Indien een update gevonden werd, zal het die downloaden en de laatste versie installeren.
Wanneer het programma volledig up to date is, selecteer "Perform Quick Scan", daarna klik Scan.
Het scannen kan een tijdje duren, dus wees geduldig.
Wanneer de scan voltooid is, klik OK, daarna "Show Results" om de resultaten te zien.
Zorg ervoor dat daar alles aangevinkt is, daarna klik: Remove Selected.
Na het verwijderen zal een log openen en zal er gevraagd worden om de computer opnieuw op te starten. (Zie extra nota onderaan)
De log wordt automatisch bewaard door MBAM die je kan zien door de "Logs" tab te klikken in MBAM.
Kopieer en plak de resultaten van de log in je volgend antwoord, samen met een nieuw HijackThislog.

Extra opmerking:
Indien MBAM moeilijkheden heeft met het verwijderen van bepaalde bestanden zal het enkele meldingen geven waar je OK moet klikken. Daarna zal het vragen om de Computer opnieuw op te starten... dus sta toe dat MBAM de computer opnieuw opstart.

**timoboontjuh** · 27-05-08, 20:05

okeej bedankt alvast voor zover, hier zijn de logs van de bestanden:
de anti-mallware-log
Malwarebytes' Anti-Malware 1.12
Database versie: 791

Scan type: Snelle Scan
Objecten gescand: 50335
Verstreken tijd: 12 minute(s), 15 second(s)

Geheugenprocessen geïnfecteerd: 0
Geheugenmodulen geïnfecteerd: 2
Registersleutels geïnfecteerd: 10
Registerwaarden geïnfecteerd: 3
Registerdata bestanden geïnfecteerd: 2
Mappen geïnfecteerd: 0
Bestanden geïnfecteerd: 13

Geheugenprocessen geïnfecteerd:
(Geen kwaadaardige items gevonden)

Geheugenmodulen geïnfecteerd:
C:\WINDOWS\system32\hkrfnpby.dll (Trojan.Vundo) -> No action taken.
C:\WINDOWS\system32\nnnkHAqO.dll (Trojan.Vundo) -> No action taken.

Registersleutels geïnfecteerd:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4e19efb6-92c0-42d2-ae5d-4ec6741312bf} (Trojan.Vundo) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{4e19efb6-92c0-42d2-ae5d-4ec6741312bf} (Trojan.Vundo) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{36a66318-0b48-47a5-ad4e-1442b2c09cf1} (Trojan.Vundo) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{99e03de2-3ee2-41dc-a447-4659d153b879} (Trojan.Vundo) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\aoprndtws (Malware.Trace) -> No action taken.
HKEY_CURRENT_USER\Software\Microsoft\affri (Malware.Trace) -> No action taken.
HKEY_CURRENT_USER\Software\Microsoft\rdfa (Trojan.Vundo) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\affri (Malware.Trace) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Juan (Malware.Trace) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\RemoveRP (Trojan.Vundo) -> No action taken.

Registerwaarden geïnfecteerd:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\c52a261e (Trojan.Vundo) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\BMc6191582 (Trojan.Agent) -> No action taken.
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\Host Process (Worm.IRCBot) -> No action taken.

Registerdata bestanden geïnfecteerd:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\LSA\Authentication Packages (Trojan.Vundo) -> Data: c:\windows\system32\nnnkhaqo -> No action taken.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Authentication Packages (Trojan.Vundo) -> Data: c:\windows\system32\nnnkhaqo -> No action taken.

Mappen geïnfecteerd:
(Geen kwaadaardige items gevonden)

Bestanden geïnfecteerd:
C:\WINDOWS\system32\hkrfnpby.dll (Trojan.Vundo) -> No action taken.
C:\WINDOWS\system32\ybpnfrkh.ini (Trojan.Vundo) -> No action taken.
C:\WINDOWS\system32\nnnkHAqO.dll (Trojan.Vundo) -> No action taken.
C:\WINDOWS\system32\OqAHknnn.ini (Trojan.Vundo) -> No action taken.
C:\WINDOWS\system32\OqAHknnn.ini2 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\system32\ljJBsSJd.dll (Trojan.Vundo) -> No action taken.
C:\Documents and Settings\Timo\Local Settings\Temporary Internet Files\Content.IE5\6Y7LT5WP\css4[1] (Trojan.Vundo) -> No action taken.
C:\Documents and Settings\Timo\Local Settings\Temporary Internet Files\Content.IE5\7MHBI1YT\kb456456[1] (Trojan.Vundo) -> No action taken.
C:\Documents and Settings\Timo\Local Settings\Temporary Internet Files\Content.IE5\TD1LWC7L\kb456456[1] (Trojan.Vundo) -> No action taken.
C:\Documents and Settings\Timo\Local Settings\Temporary Internet Files\Content.IE5\YLHDGLER\kb456456[1] (Trojan.Vundo) -> No action taken.
C:\WINDOWS\cookies.ini (Malware.Trace) -> No action taken.
C:\WINDOWS\system32\tlxqcaov.dll (Trojan.Agent) -> No action taken.
C:\WINDOWS\Fonts\a.zip (Trojan.Downloader) -> No action taken.

HijackThislog:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:05:09, on 27-5-2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\WINDOWS\Explorer.EXE
C:\ATI-CPanel\atiptaxx.exe
C:\Program Files\Eset\nod32kui.exe
C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe
C:\Program Files\Logitech\QuickCam\Quickcam.exe
C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Unlocker\UnlockerAssistant.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpobnz08.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqimzone.exe
C:\Program Files\Eset\nod32krn.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\Bin\hpoSTS08.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\WinRAR\WinRAR.exe
C:\DOCUME~1\Timo\LOCALS~1\Temp\Rar$EX00.672\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.nl/ig?hl=nl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: {b61309f3-0708-13d8-6774-222d23ce2c0a} - {a0c2ec32-d222-4776-8d31-80703f90316b} - C:\WINDOWS\system32\idlloeup.dll
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [ATIPTA] C:\ATI-CPanel\atiptaxx.exe
O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [UnlockerAssistant] "C:\Program Files\Unlocker\UnlockerAssistant.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Lokale service')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Netwerkservice')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: HP Photosmart Premier Snelstart.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: hp psc 2000 Series.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpobnz08.exe
O4 - Global Startup: hpoddt01.exe.lnk = ?
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1211294651609
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1211306219265
O18 - Protocol: bw+0 - {0884C03C-91A7-4C94-AFFC-FA6079213490} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {0884C03C-91A7-4C94-AFFC-FA6079213490} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {0884C03C-91A7-4C94-AFFC-FA6079213490} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {0884C03C-91A7-4C94-AFFC-FA6079213490} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {0884C03C-91A7-4C94-AFFC-FA6079213490} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {0884C03C-91A7-4C94-AFFC-FA6079213490} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {0884C03C-91A7-4C94-AFFC-FA6079213490} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {0884C03C-91A7-4C94-AFFC-FA6079213490} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {0884C03C-91A7-4C94-AFFC-FA6079213490} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {0884C03C-91A7-4C94-AFFC-FA6079213490} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {0884C03C-91A7-4C94-AFFC-FA6079213490} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {0884C03C-91A7-4C94-AFFC-FA6079213490} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {0884C03C-91A7-4C94-AFFC-FA6079213490} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {0884C03C-91A7-4C94-AFFC-FA6079213490} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {0884C03C-91A7-4C94-AFFC-FA6079213490} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {0884C03C-91A7-4C94-AFFC-FA6079213490} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {0884C03C-91A7-4C94-AFFC-FA6079213490} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {0884C03C-91A7-4C94-AFFC-FA6079213490} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {0884C03C-91A7-4C94-AFFC-FA6079213490} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {0884C03C-91A7-4C94-AFFC-FA6079213490} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {0884C03C-91A7-4C94-AFFC-FA6079213490} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {0884C03C-91A7-4C94-AFFC-FA6079213490} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {0884C03C-91A7-4C94-AFFC-FA6079213490} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {0884C03C-91A7-4C94-AFFC-FA6079213490} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {0884C03C-91A7-4C94-AFFC-FA6079213490} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {0884C03C-91A7-4C94-AFFC-FA6079213490} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {0884C03C-91A7-4C94-AFFC-FA6079213490} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {0884C03C-91A7-4C94-AFFC-FA6079213490} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {0884C03C-91A7-4C94-AFFC-FA6079213490} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {0884C03C-91A7-4C94-AFFC-FA6079213490} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {0884C03C-91A7-4C94-AFFC-FA6079213490} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {0884C03C-91A7-4C94-AFFC-FA6079213490} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {0884C03C-91A7-4C94-AFFC-FA6079213490} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {0884C03C-91A7-4C94-AFFC-FA6079213490} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {0884C03C-91A7-4C94-AFFC-FA6079213490} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {0884C03C-91A7-4C94-AFFC-FA6079213490} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {0884C03C-91A7-4C94-AFFC-FA6079213490} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {0884C03C-91A7-4C94-AFFC-FA6079213490} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {0884C03C-91A7-4C94-AFFC-FA6079213490} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {0884C03C-91A7-4C94-AFFC-FA6079213490} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {0884C03C-91A7-4C94-AFFC-FA6079213490} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {0884C03C-91A7-4C94-AFFC-FA6079213490} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {0884C03C-91A7-4C94-AFFC-FA6079213490} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {0884C03C-91A7-4C94-AFFC-FA6079213490} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {0884C03C-91A7-4C94-AFFC-FA6079213490} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {0884C03C-91A7-4C94-AFFC-FA6079213490} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {0884C03C-91A7-4C94-AFFC-FA6079213490} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {0884C03C-91A7-4C94-AFFC-FA6079213490} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {0884C03C-91A7-4C94-AFFC-FA6079213490} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {0884C03C-91A7-4C94-AFFC-FA6079213490} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {0884C03C-91A7-4C94-AFFC-FA6079213490} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {0884C03C-91A7-4C94-AFFC-FA6079213490} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {0884C03C-91A7-4C94-AFFC-FA6079213490} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {0884C03C-91A7-4C94-AFFC-FA6079213490} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {0884C03C-91A7-4C94-AFFC-FA6079213490} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {0884C03C-91A7-4C94-AFFC-FA6079213490} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {0884C03C-91A7-4C94-AFFC-FA6079213490} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {0884C03C-91A7-4C94-AFFC-FA6079213490} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {0884C03C-91A7-4C94-AFFC-FA6079213490} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {0884C03C-91A7-4C94-AFFC-FA6079213490} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {0884C03C-91A7-4C94-AFFC-FA6079213490} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {0884C03C-91A7-4C94-AFFC-FA6079213490} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {0884C03C-91A7-4C94-AFFC-FA6079213490} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {0884C03C-91A7-4C94-AFFC-FA6079213490} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {0884C03C-91A7-4C94-AFFC-FA6079213490} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {0884C03C-91A7-4C94-AFFC-FA6079213490} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {0884C03C-91A7-4C94-AFFC-FA6079213490} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {0884C03C-91A7-4C94-AFFC-FA6079213490} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {0884C03C-91A7-4C94-AFFC-FA6079213490} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {0884C03C-91A7-4C94-AFFC-FA6079213490} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {0884C03C-91A7-4C94-AFFC-FA6079213490} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {0884C03C-91A7-4C94-AFFC-FA6079213490} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {0884C03C-91A7-4C94-AFFC-FA6079213490} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {0884C03C-91A7-4C94-AFFC-FA6079213490} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {0884C03C-91A7-4C94-AFFC-FA6079213490} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {0884C03C-91A7-4C94-AFFC-FA6079213490} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {0884C03C-91A7-4C94-AFFC-FA6079213490} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\HPZIPM12.EXE

--
End of file - 19288 bytes

**smeenk** · 27-05-08, 20:39

Download dit bestand: zoek.exe
Dubbelklik het, na een tijdje opent er een logje.
Post de inhoud van dit logje in je volgende bericht

**timoboontjuh** · 27-05-08, 20:41

okee, heb ik gedaan, hier heb je de log van dat zoek.exe:
======C:\WINDOWS====
----a-w 0 2008-05-27 18:01:16 C:\WINDOWS\0.log
----a-w 13,669 2008-05-27 17:06:22 C:\WINDOWS\BMc6191582.txt
----a-w 109,816 2008-05-27 16:34:07 C:\WINDOWS\BMc6191582.xml
--s-a-w 2,048 2008-05-27 18:00:46 C:\WINDOWS\bootstat.dat
----a-w 115 2008-05-27 16:21:58 C:\WINDOWS\BricoPackFoldersDelete.cmd
----a-w 5,103 2008-05-27 16:24:22 C:\WINDOWS\BricoPackUninst.txt
------r 118,784 2008-05-20 17:27:42 C:\WINDOWS\bwUnin-7.2.0.157-8876480SL.exe
----a-w 373 2008-05-20 18:42:40 C:\WINDOWS\cmsetacl.log
----a-w 2,864 2008-05-21 14:16:43 C:\WINDOWS\COM+.log
----a-w 159,945 2008-05-27 18:18:33 C:\WINDOWS\comsetup.log
----a-w 0 2008-05-20 14:29:44 C:\WINDOWS\control.ini
----a-w 6,968 2008-05-23 20:59:33 C:\WINDOWS\DirectX.log
----a-w 23,556 2008-05-21 05:36:05 C:\WINDOWS\DPINST.LOG
----a-w 586 2008-05-20 18:50:07 C:\WINDOWS\DtcInstall.log
----a-w 461,553 2008-05-27 18:18:33 C:\WINDOWS\FaxSetup.log
----a-w 91,330 2008-05-21 14:17:56 C:\WINDOWS\hpiins01.dat
----a-w 20,458 2008-05-21 13:14:46 C:\WINDOWS\hpoins01.dat
----a-w 9,379 2008-05-20 19:16:17 C:\WINDOWS\IDNMitigationAPIs.log
----a-w 38,108 2008-05-20 19:18:28 C:\WINDOWS\ie7.log
----a-w 23,471 2008-05-20 19:20:55 C:\WINDOWS\ie7_main.log
----a-w 71,407 2008-05-27 18:18:33 C:\WINDOWS\iis6.log
----a-w 1,374 2008-05-20 21:14:39 C:\WINDOWS\imsins.BAK
----a-w 1,374 2008-05-27 18:18:33 C:\WINDOWS\imsins.log
----a-w 4,458 2008-05-20 15:01:24 C:\WINDOWS\KB835409.log
----a-w 5,967 2008-05-20 14:49:59 C:\WINDOWS\KB842773.log
----a-w 25,110 2008-05-20 15:53:13 C:\WINDOWS\KB873333.log
----a-w 27,386 2008-05-20 15:57:23 C:\WINDOWS\KB873339.log
----a-w 32,199 2008-05-20 16:02:16 C:\WINDOWS\KB885835.log
----a-w 31,195 2008-05-20 16:01:53 C:\WINDOWS\KB885836.log
----a-w 22,316 2008-05-20 15:51:34 C:\WINDOWS\KB888302.log
----a-w 27,846 2008-05-20 15:54:33 C:\WINDOWS\KB890046.log
----a-w 212,736 2008-05-20 15:16:19 C:\WINDOWS\KB890859.log
----a-w 26,799 2008-05-20 15:55:57 C:\WINDOWS\KB891781.log
----a-w 7,335 2008-05-20 14:50:42 C:\WINDOWS\KB892130.log
----a-w 31,087 2008-05-20 15:58:44 C:\WINDOWS\KB893756.log
----a-w 8,872 2008-05-20 14:50:22 C:\WINDOWS\KB893803v2.log
----a-w 27,991 2008-05-20 15:56:22 C:\WINDOWS\KB896358.log
----a-w 29,209 2008-05-20 15:57:42 C:\WINDOWS\KB896423.log
----a-w 31,334 2008-05-20 15:59:04 C:\WINDOWS\KB896424.log
----a-w 16,238 2008-05-20 15:49:37 C:\WINDOWS\KB896428.log
----a-w 8,105 2008-05-20 14:50:32 C:\WINDOWS\KB898461.log
----a-w 35,057 2008-05-20 16:03:20 C:\WINDOWS\KB899587.log
----a-w 31,331 2008-05-20 15:59:45 C:\WINDOWS\KB899591.log
----a-w 23,620 2008-05-20 15:51:22 C:\WINDOWS\KB900725.log
----a-w 31,015 2008-05-20 16:00:15 C:\WINDOWS\KB901017.log
----a-w 23,750 2008-05-20 15:52:14 C:\WINDOWS\KB901214.log
----a-w 8,714 2008-05-20 15:06:56 C:\WINDOWS\KB902400.log
----a-w 20,914 2008-05-20 15:50:46 C:\WINDOWS\KB904706.log
----a-w 24,890 2008-05-20 15:52:43 C:\WINDOWS\KB905414.log
----a-w 8,786 2008-05-20 15:07:01 C:\WINDOWS\KB905495.log
----a-w 20,314 2008-05-20 15:50:09 C:\WINDOWS\KB905749.log
----a-w 16,458 2008-05-20 15:48:44 C:\WINDOWS\KB908519.log
----a-w 21,002 2008-05-20 15:50:35 C:\WINDOWS\KB908531.log
----a-w 209,396 2008-05-20 15:16:36 C:\WINDOWS\KB910437.log
----a-w 30,134 2008-05-20 15:58:26 C:\WINDOWS\KB911280.log
----a-w 29,890 2008-05-20 15:57:58 C:\WINDOWS\KB911562.log
----a-w 12,316 2008-05-20 15:02:28 C:\WINDOWS\KB911564.log
----a-w 7,798 2008-05-20 15:49:23 C:\WINDOWS\KB911565.log
----a-w 7,301 2008-05-20 15:01:36 C:\WINDOWS\KB911567-OE6SP1-20060316.165634.log
----a-w 31,460 2008-05-20 16:00:56 C:\WINDOWS\KB911927.log
----a-w 21,221 2008-05-20 15:51:00 C:\WINDOWS\KB912919.log
----a-w 20,143 2008-05-20 15:49:55 C:\WINDOWS\KB913580.log
----a-w 27,902 2008-05-20 15:53:51 C:\WINDOWS\KB914388.log
----a-w 16,574 2008-05-20 15:48:30 C:\WINDOWS\KB914389.log
----a-w 15,890 2008-05-20 15:04:07 C:\WINDOWS\KB914798.log
----a-w 3,068 2008-05-20 19:14:49 C:\WINDOWS\KB915865.log
----a-w 26,255 2008-05-20 15:53:29 C:\WINDOWS\KB917344.log
----a-w 23,451 2008-05-20 15:51:49 C:\WINDOWS\KB917422.log
----a-w 12,451 2008-05-20 15:02:13 C:\WINDOWS\KB917734.log
----a-w 24,026 2008-05-20 15:52:27 C:\WINDOWS\KB917953.log
----a-w 10,300 2008-05-20 15:02:52 C:\WINDOWS\KB918439-IE6SP1-20060530.145346.log
----a-w 11,289 2008-05-20 15:01:52 C:\WINDOWS\KB918899-IE6SP1-20060725.123917.log
----a-w 27,309 2008-05-20 15:54:14 C:\WINDOWS\KB919007.log
----a-w 27,345 2008-05-20 15:56:08 C:\WINDOWS\KB920670.log
----a-w 19,323 2008-05-20 15:48:37 C:\WINDOWS\KB920683.log
----a-w 30,906 2008-05-20 15:59:25 C:\WINDOWS\KB920685.log
----a-w 28,569 2008-05-20 15:56:56 C:\WINDOWS\KB921398.log
----a-w 32,070 2008-05-20 16:01:17 C:\WINDOWS\KB921883.log
----a-w 30,705 2008-05-20 16:00:37 C:\WINDOWS\KB922616.log
----a-w 33,475 2008-05-20 16:02:36 C:\WINDOWS\KB922819.log
----a-w 21,321 2008-05-20 15:52:03 C:\WINDOWS\KB923191.log
----a-w 32,086 2008-05-20 16:01:35 C:\WINDOWS\KB923414.log
----a-w 34,230 2008-05-20 16:03:00 C:\WINDOWS\KB924191.log
----a-w 28,386 2008-05-20 15:57:11 C:\WINDOWS\KB924496.log
----a-w 10,257 2008-05-20 15:03:48 C:\WINDOWS\KB925486-IE6SP1-20060918.120000.log
----a-w 11,672 2008-05-20 21:14:39 C:\WINDOWS\KB941569.log
----a-w 18,352 2008-05-27 18:18:33 C:\WINDOWS\KB942763.log
----a-w 48,431 2008-05-20 19:20:53 C:\WINDOWS\KB947864-IE7.log
----a-w 3,244 2008-05-20 19:39:12 C:\WINDOWS\MSCompPackV1.log
----a-w 23,508 2008-05-27 18:18:33 C:\WINDOWS\msgsocm.log
----a-w 9,051 2008-05-20 19:15:36 C:\WINDOWS\NLSDownlevelMapping.log
----a-w 0 2008-05-20 14:47:22 C:\WINDOWS\nsreg.dat
----a-w 96,035 2008-05-27 18:18:33 C:\WINDOWS\ntdtcsetup.log
----a-w 239,037 2008-05-27 18:18:33 C:\WINDOWS\ocgen.log
----a-w 26,533 2008-05-27 18:18:33 C:\WINDOWS\ocmsn.log
----a-w 395 2008-05-20 15:34:21 C:\WINDOWS\ODBC.INI
----a-w 4,207 2008-05-20 14:29:30 C:\WINDOWS\ODBCINST.INI
----a-w 1,523 2008-05-20 18:50:11 C:\WINDOWS\OEWABLog.txt
----a-w 22 2008-05-27 17:03:37 C:\WINDOWS\pskt.ini
----a-w 1,409 2008-05-21 15:19:45 C:\WINDOWS\QTFont.for
---ha-w 54,156 2008-05-27 18:01:04 C:\WINDOWS\QTFont.qfn
----a-w 8,192 2008-05-20 14:32:25 C:\WINDOWS\REGLOCS.OLD
----a-w 1,672 2008-05-20 16:21:20 C:\WINDOWS\regopt.log
----a-w 8,122 2008-05-27 18:00:03 C:\WINDOWS\SchedLgU.Txt
----a-w 1,536 2008-05-20 18:42:26 C:\WINDOWS\sessmgr.setup.log
----a-w 185,008 2008-05-20 14:49:49 C:\WINDOWS\setupact.log
----a-w 910,857 2008-05-27 18:18:33 C:\WINDOWS\setupapi.log
----a-w 0 2008-05-20 16:20:24 C:\WINDOWS\setuperr.log
----a-w 736,248 2008-05-20 18:49:38 C:\WINDOWS\setuplog.txt
----a-w 140,827 2008-05-20 20:15:24 C:\WINDOWS\spupdsvc.log
----a-w 187 2008-05-20 18:49:51 C:\WINDOWS\spupdsvc.log.1.log
----a-w 0 2008-05-20 16:23:25 C:\WINDOWS\Sti_Trace.log
----a-w 985,020 2008-05-20 18:44:57 C:\WINDOWS\svcpack.log
------w 231 2008-05-20 16:21:19 C:\WINDOWS\system.ini
----a-w 181,208 2008-05-27 18:18:33 C:\WINDOWS\tsoc.log
----a-w 176,133 2008-05-20 21:14:29 C:\WINDOWS\updspapi.log
----a-w 36 2008-05-20 14:26:41 C:\WINDOWS\vb.ini
----a-w 37 2008-05-20 14:26:41 C:\WINDOWS\vbaddin.ini
----a-w 2,064 2008-05-20 15:55:49 C:\WINDOWS\vminst.log
----a-w 159 2008-05-27 18:01:12 C:\WINDOWS\wiadebug.log
----a-w 49 2008-05-27 18:01:10 C:\WINDOWS\wiaservc.log
----a-w 716 2008-05-27 10:07:33 C:\WINDOWS\win.ini
----a-w 280 2008-05-20 14:29:12 C:\WINDOWS\Windows Update.log
---ha-r 749 2008-05-20 14:28:33 C:\WINDOWS\WindowsShell.Manifest
----a-w 1,727,235 2008-05-27 18:18:35 C:\WINDOWS\WindowsUpdate.log
----a-w 26,657 2008-05-20 19:37:08 C:\WINDOWS\WMFDist11.log
----a-w 18,689 2008-05-20 19:38:58 C:\WINDOWS\wmp11.log
----a-w 8,238 2008-05-21 14:50:39 C:\WINDOWS\wmsetup.log
----a-w 596 2008-05-20 19:42:16 C:\WINDOWS\wmsetup10.log
----a-w 316,640 2008-05-20 19:37:03 C:\WINDOWS\WMSysPr9.prx
----a-w 299,552 2008-05-20 14:29:40 C:\WINDOWS\WMSysPrx.prx
----a-w 10,820 2008-05-20 19:35:19 C:\WINDOWS\Wudf01000Inst.log
----a-w 2,560 2008-05-27 15:39:05 C:\WINDOWS\_MSRSTRT.EXE

Entries: 133 (130)
Directories: 0 Files: 133
Bytes: 9,189,055 Blocks: 18,012
======C:\WINDOWS\system32=====
----a-w 237 2008-05-20 14:31:42 C:\WINDOWS\System32\$winnt$.inf
----a-w 16,832 2008-05-20 19:38:55 C:\WINDOWS\System32\amcompat.tlb
----a-w 108,544 2008-05-26 12:42:12 C:\WINDOWS\System32\awxsgllb.dll
---ha-r 749 2008-05-20 14:28:33 C:\WINDOWS\System32\cdplayer.exe.manifest
----a-w 0 2008-05-27 17:02:53 C:\WINDOWS\System32\clkcnt.txt
----a-w 2,845 2008-05-20 14:29:44 C:\WINDOWS\System32\CONFIG.NT
----a-w 3,580 2008-05-20 21:35:44 C:\WINDOWS\System32\d3d9caps.dat
----a-w 21,748 2008-05-20 14:26:53 C:\WINDOWS\System32\emptyregdb.dat
----a-w 200,144 2008-05-21 14:17:24 C:\WINDOWS\System32\FNTCACHE.DAT
----a-w 110,592 2008-05-27 16:53:58 C:\WINDOWS\System32\gxhclryv.dll
----a-w 0 2008-05-20 16:24:11 C:\WINDOWS\System32\h323log.txt
------w 97,280 2008-05-27 17:54:30 C:\WINDOWS\System32\hkrfnpby.dll
----a-w 117,760 2008-05-26 12:44:59 C:\WINDOWS\System32\idlloeup.dll
----a-w 298,104 2008-05-20 17:11:22 C:\WINDOWS\System32\imon.dll
----a-w 274 2008-05-26 16:46:06 C:\WINDOWS\System32\imon1.dat
----a-w 45 2008-05-20 15:12:59 C:\WINDOWS\System32\initdebug.nfo
--sha-w 1,404,699 2008-05-25 11:56:03 C:\WINDOWS\System32\jgdopjsc.ini
--sh--w 1,404,699 2008-05-25 11:55:57 C:\WINDOWS\System32\jgdopjsc.tmp
----a-w 6,341 2008-05-24 19:20:09 C:\WINDOWS\System32\jupdate-1.6.0_06-b02.log
--sh--w 1,404,639 2008-05-25 11:55:17 C:\WINDOWS\System32\kkkillcg.ini
---ha-r 488 2008-05-20 14:28:39 C:\WINDOWS\System32\logonui.exe.manifest
----a-w 12,632 2008-05-16 09:58:04 C:\WINDOWS\System32\lsdelete.exe
----a-w 6,586 2008-05-22 17:42:41 C:\WINDOWS\System32\lvcoinst.log
--sh--w 1,404,939 2008-05-26 12:41:11 C:\WINDOWS\System32\mbxshjgb.ini
----a-w 143 2008-05-27 15:41:52 C:\WINDOWS\System32\mcrh.tmp
----a-w 16,863,864 2008-05-09 12:35:06 C:\WINDOWS\System32\MRT.exe
---ha-r 749 2008-05-20 14:28:33 C:\WINDOWS\System32\ncpa.cpl.manifest
------w 370,688 2008-05-27 17:54:30 C:\WINDOWS\System32\nnnkHAqO.dll
----a-w 23,392 2008-05-20 19:38:55 C:\WINDOWS\System32\nscompat.tlb
---ha-r 749 2008-05-20 14:28:33 C:\WINDOWS\System32\nwc.cpl.manifest
----a-w 63,188 2008-05-21 14:15:49 C:\WINDOWS\System32\perfc009.dat
----a-w 82,192 2008-05-21 14:15:49 C:\WINDOWS\System32\perfc013.dat
----a-w 403,968 2008-05-21 14:15:49 C:\WINDOWS\System32\perfh009.dat
----a-w 468,568 2008-05-21 14:15:49 C:\WINDOWS\System32\perfh013.dat
----a-w 991,480 2008-05-21 14:15:49 C:\WINDOWS\System32\PerfStringBackup.INI
----a-w 11,482 2008-05-20 16:37:09 C:\WINDOWS\System32\PQ_DEBUG.TXT
---ha-r 749 2008-05-20 14:28:33 C:\WINDOWS\System32\sapi.cpl.manifest
----a-w 110,592 2008-05-27 15:38:12 C:\WINDOWS\System32\sjtthgwv.dll
----a-w 269 2008-05-20 18:49:50 C:\WINDOWS\System32\spupdwxp.log
----a-w 138,760 2008-05-27 18:18:26 C:\WINDOWS\System32\TZLog.log
----a-w 147,456 2008-05-25 10:52:36 C:\WINDOWS\System32\vbzip10.dll
---ha-r 488 2008-05-20 14:28:39 C:\WINDOWS\System32\WindowsLogon.manifest
----a-w 25,065 2008-05-20 14:33:41 C:\WINDOWS\System32\wmpscheme.xml
----a-w 2,206 2008-05-25 19:42:53 C:\WINDOWS\System32\wpa.dbl
---ha-r 749 2008-05-20 14:28:33 C:\WINDOWS\System32\wuaucpl.cpl.manifest
--sh--w 1,417,941 2008-05-26 21:10:43 C:\WINDOWS\System32\xtajxiws.ini
--sh--w 1,404,759 2008-05-25 14:50:48 C:\WINDOWS\System32\yeynonuf.ini

Entries: 47 (34)
Directories: 0 Files: 47
Bytes: 29,153,254 Blocks: 56,958
======C:\WINDOWS\system32\drivers=====
----a-w 82,380 2008-05-21 13:14:33 C:\WINDOWS\System32\drivers\AFS2K.SYS
----a-w 512,096 2008-05-20 17:11:22 C:\WINDOWS\System32\drivers\amon.sys
----a-w 12,960 2008-04-29 09:19:50 C:\WINDOWS\System32\drivers\Awrtpd.sys
----a-w 15,648 2008-04-29 09:19:54 C:\WINDOWS\System32\drivers\Awrtrd.sys
----a-w 0 2008-05-27 18:00:37 C:\WINDOWS\System32\drivers\logiflt.iad
----a-w 0 2008-05-27 18:00:40 C:\WINDOWS\System32\drivers\lvuvc.hs
----a-w 15,864 2008-05-05 18:46:32 C:\WINDOWS\System32\drivers\mbam.sys
----a-w 27,048 2008-05-05 18:46:36 C:\WINDOWS\System32\drivers\mbamcatchme.sys
----a-w 15,424 2008-05-20 17:11:21 C:\WINDOWS\System32\drivers\nod32drv.sys
----a-w 15,648 2008-04-29 09:20:00 C:\WINDOWS\System32\drivers\NSDriver.sys

Entries: 10 (10)
Directories: 0 Files: 10
Bytes: 697,068 Blocks: 1,365
=======C:\Program Files=====
Entries: 0 (0)
Directories: 0 Files: 0
Bytes: 0 Blocks: 0
=======C:=====
----a-w 0 2008-05-20 14:29:46 C:\AUTOEXEC.BAT
--sha-r 211 2008-05-20 15:13:45 C:\boot.ini
----a-w 0 2008-05-20 14:29:44 C:\CONFIG.SYS
----a-w 38 2008-05-21 14:48:42 C:\CTJINI.INI
----a-w 1,063 2008-05-21 14:49:06 C:\drvpnp.dat
----a-w 488 2008-05-25 19:49:53 C:\hpfr5550.xml
--sha-r 0 2008-05-20 14:29:44 C:\IO.SYS
--sha-r 0 2008-05-20 14:29:44 C:\MSDOS.SYS
--sha-r 47,564 2008-05-20 15:09:54 C:\NTDETECT.COM
--sha-r 251,712 2008-05-20 18:34:19 C:\ntldr
--sha-w 2,145,386,496 2008-05-27 18:00:38 C:\pagefile.sys
----a-w 546 2008-05-21 14:48:56 C:\pnpID.dat
----a-w 185 2008-05-20 14:38:21 C:\temp.log

Entries: 13 (7)
Directories: 0 Files: 13
Bytes: 2,145,688,303 Blocks: 4,190,802
======C:\Documents and Settings\Timo\Application Data======
--sha-w 62 2008-05-20 16:20:55 C:\Documents and Settings\Timo\Application Data\desktop.ini

Entries: 1 (0)
Directories: 0 Files: 1
Bytes: 62 Blocks: 1
======C:\Temp======
Entries: 0 (0)
Directories: 0 Files: 0
Bytes: 0 Blocks: 0
======C:\Documents and Settings\Timo======
----a-w 0 2008-05-20 15:12:57 C:\Documents and Settings\Timo\initdebug.nfo
----a-w 2,359,296 2008-05-27 18:00:00 C:\Documents and Settings\Timo\NTUSER.DAT
---ha-w 315,392 2008-05-27 18:40:33 C:\Documents and Settings\Timo\ntuser.dat.LOG
--sh--w 288 2008-05-27 18:00:00 C:\Documents and Settings\Timo\ntuser.ini

Entries: 4 (2)
Directories: 0 Files: 4
Bytes: 2,674,976 Blocks: 5,225
======C:\WINDOWS\Downloaded Program Files====
---h--w 65 2008-05-20 14:28:39 C:\WINDOWS\Downloaded Program Files\desktop.ini

Entries: 1 (0)
Directories: 0 Files: 1
Bytes: 65 Blocks: 1
=============

**smeenk** · 27-05-08, 20:48

Open een kladblokbestand.
Kopieer onderstaande (alles wat vetgedrukt is) in dit kladblokbestand.

@ECHO OFF
IF EXIST log.txt DEL log.txt
ECHO Deleting files>>log.txt
FOR %%g in (
C:\WINDOWS\BMc6191582.txt
C:\WINDOWS\BMc6191582.xml
C:\WINDOWS\pskt.ini
C:\WINDOWS\System32\awxsgllb.dll
C:\WINDOWS\System32\clkcnt.txt
C:\WINDOWS\System32\gxhclryv.dll
C:\WINDOWS\System32\hkrfnpby.dll
C:\WINDOWS\System32\idlloeup.dll
C:\WINDOWS\System32\jgdopjsc.ini
C:\WINDOWS\System32\jgdopjsc.tmp
C:\WINDOWS\System32\kkkillcg.ini
C:\WINDOWS\System32\mbxshjgb.ini
C:\WINDOWS\System32\mcrh.tmp
C:\WINDOWS\System32\nnnkHAqO.dll
C:\WINDOWS\System32\sjtthgwv.dll
C:\WINDOWS\System32\xtajxiws.ini
C:\WINDOWS\System32\yeynonuf.ini
C:\WINDOWS\System32\drivers\logiflt.iad
C:\WINDOWS\System32\drivers\lvuvc.hs) DO (
DEL /Q %%gNUCIA
IF EXIST %%g (
ATTRIB -r -s -h %%g
DEL %%g
REN %%g *NUCIA
IF EXIST %%gNUCIA (
ECHO renamed to %%gNUCIA>>log.txt)
IF EXIST %%g (
ECHO %%g not deleted>>log.txt
) ELSE (
ECHO %%g deleted>>log.txt)
) ELSE (
ECHO %%g not found>>log.txt))
START NOTEPAD.EXE log.txt

Ga naar Bestand - Opslaan als.
Bij "Opslaan in" kies je: Bureaublad
Bij "Bestandsnaam" zet je: del.bat
Bij "Opslaan als type" selecteer je: Alle bestanden (*.*).
Klik op de knop Opslaan.

Dubbelklik op del.bat en post de inhoud van de logfile die opent.

**timoboontjuh** · 27-05-08, 20:51

hier hebben we hem weer, een log:
Deleting files
C:\WINDOWS\BMc6191582.txt deleted
C:\WINDOWS\BMc6191582.xml deleted
C:\WINDOWS\pskt.ini deleted
C:\WINDOWS\System32\awxsgllb.dll deleted
C:\WINDOWS\System32\clkcnt.txt deleted
C:\WINDOWS\System32\gxhclryv.dll deleted
C:\WINDOWS\System32\hkrfnpby.dll deleted
renamed to C:\WINDOWS\System32\idlloeup.dllNUCIA
C:\WINDOWS\System32\idlloeup.dll deleted
C:\WINDOWS\System32\jgdopjsc.ini deleted
C:\WINDOWS\System32\jgdopjsc.tmp deleted
C:\WINDOWS\System32\kkkillcg.ini deleted
C:\WINDOWS\System32\mbxshjgb.ini deleted
C:\WINDOWS\System32\mcrh.tmp deleted
C:\WINDOWS\System32\nnnkHAqO.dll deleted
C:\WINDOWS\System32\sjtthgwv.dll deleted
C:\WINDOWS\System32\xtajxiws.ini deleted
C:\WINDOWS\System32\yeynonuf.ini deleted
C:\WINDOWS\System32\drivers\logiflt.iad deleted
C:\WINDOWS\System32\drivers\lvuvc.hs deleted

**smeenk** · 27-05-08, 22:00

Download Deckard's System Scanner naar je Bureaublad.

Sluit alle toepassingen en vensters.
Dubbelklik op dss.exe om het te activeren, en volg de aanwijzingen.
Wanneer de scan volledig is, zal een tekstbestand - main.txt - openen.
Kopiëer (Ctrl+A gevolgd door Ctrl+C) en plak (Ctrl+V) de inhoud van main.txt in je volgende antwoord.

Opmerking: Sommige firewalls kunnen waarschuwen dat sigcheck.exe probeert verbinding te maken met het internet
- zorg dat sigcheck.exe toestemming krijgt om dit te doen !
Tevens kan het gebeuren dat je Antivirus DSS als verdacht aangeeft, of zelfs probeert te verwijderen.
Laat je Antivirus dit niet verwijderen ! (In dit geval is het misschien beter om tijdens de scan van DSS je Antivirus even uit te schakelen)

**timoboontjuh** · 27-05-08, 22:15

Deckard's System Scanner v20071014.68
Run by Timo on 2008-05-27 22:05:36
Computer is in Normal Mode.
--------------------------------------------------------------------------------

-- System Restore --------------------------------------------------------------

Successfully created a Deckard's System Scanner Restore Point.

-- Last 5 Restore Point(s) --
20: 2008-05-27 20:05:40 UTC - RP55 - Deckard's System Scanner Restore Point
19: 2008-05-27 18:58:44 UTC - RP54 - Installed Compatibility Pack for the 2007 Office system
18: 2008-05-27 18:18:06 UTC - RP53 - Software Distribution Service 3.0
17: 2008-05-27 16:21:57 UTC - RP52 - BricoPack Automatic Restore Point
16: 2008-05-26 18:32:20 UTC - RP51 - Ad-Aware Restore Point 2008-05-26 20:32:16

-- First Restore Point --
1: 2008-05-25 11:18:29 UTC - RP36 - Controlepunt van systeem

Backed up registry hives.
Performed disk cleanup.

-- HijackThis Clone ------------------------------------------------------------

Emulating logfile of Trend Micro HijackThis v2.0.2
Scan saved at 2008-05-27 22:07:21
Platform: Windows XP Service Pack 3 (5.01.2600)
MSIE: Internet Explorer (7.00.6000.16640)
Boot mode: Normal

Running processes:
C:\WINDOWS\system32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\WINDOWS\explorer.exe
C:\ATI-CPanel\atiptaxx.exe
C:\Program Files\ESET\nod32kui.exe
C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe
C:\Program Files\Logitech\QuickCam\Quickcam.exe
C:\Program Files\Hewlett-Packard\HP Software Update\hpwuSchd2.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Unlocker\UnlockerAssistant.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpobnz08.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqimzone.exe
C:\Program Files\ESET\nod32krn.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hposts08.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Common Files\LogiShrd\LQCVFX\COCIManager.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\SpeedFan\speedfan.exe
C:\WINDOWS\system32\wscntfy.exe
D:\dss.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.nl/ig?hl=nl
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://home.microsoft.com/access/autosearch.asp?p=%s
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: {b61309f3-0708-13d8-6774-222d23ce2c0a} - {a0c2ec32-d222-4776-8d31-80703f90316b} - C:\WINDOWS\system32\idlloeup.dll (file missing)
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [ATIPTA] C:\ATI-CPanel\atiptaxx.exe
O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [UnlockerAssistant] "C:\Program Files\Unlocker\UnlockerAssistant.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: HP Photosmart Premier Snelstart.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: hp psc 2000 Series.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpobnz08.exe
O4 - Global Startup: hpoddt01.exe.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = ?
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\network diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\network diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1211294651609
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1211306219265
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
O18 - Protocol: bw+0 - {0884c03c-91a7-4c94-affc-fa6079213490} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {0884c03c-91a7-4c94-affc-fa6079213490} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {0884c03c-91a7-4c94-affc-fa6079213490} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {0884c03c-91a7-4c94-affc-fa6079213490} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {0884c03c-91a7-4c94-affc-fa6079213490} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {0884c03c-91a7-4c94-affc-fa6079213490} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {0884c03c-91a7-4c94-affc-fa6079213490} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {0884c03c-91a7-4c94-affc-fa6079213490} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {0884c03c-91a7-4c94-affc-fa6079213490} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {0884c03c-91a7-4c94-affc-fa6079213490} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {0884c03c-91a7-4c94-affc-fa6079213490} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {0884c03c-91a7-4c94-affc-fa6079213490} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {0884c03c-91a7-4c94-affc-fa6079213490} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {0884c03c-91a7-4c94-affc-fa6079213490} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {0884c03c-91a7-4c94-affc-fa6079213490} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {0884c03c-91a7-4c94-affc-fa6079213490} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {0884c03c-91a7-4c94-affc-fa6079213490} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {0884c03c-91a7-4c94-affc-fa6079213490} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {0884c03c-91a7-4c94-affc-fa6079213490} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {0884c03c-91a7-4c94-affc-fa6079213490} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {0884c03c-91a7-4c94-affc-fa6079213490} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {0884c03c-91a7-4c94-affc-fa6079213490} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {0884c03c-91a7-4c94-affc-fa6079213490} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {0884c03c-91a7-4c94-affc-fa6079213490} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {0884c03c-91a7-4c94-affc-fa6079213490} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {0884c03c-91a7-4c94-affc-fa6079213490} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {0884c03c-91a7-4c94-affc-fa6079213490} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {0884c03c-91a7-4c94-affc-fa6079213490} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {0884c03c-91a7-4c94-affc-fa6079213490} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {0884c03c-91a7-4c94-affc-fa6079213490} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {0884c03c-91a7-4c94-affc-fa6079213490} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {0884c03c-91a7-4c94-affc-fa6079213490} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {0884c03c-91a7-4c94-affc-fa6079213490} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {0884c03c-91a7-4c94-affc-fa6079213490} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {0884c03c-91a7-4c94-affc-fa6079213490} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {0884c03c-91a7-4c94-affc-fa6079213490} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {0884c03c-91a7-4c94-affc-fa6079213490} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {0884c03c-91a7-4c94-affc-fa6079213490} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {0884c03c-91a7-4c94-affc-fa6079213490} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {0884c03c-91a7-4c94-affc-fa6079213490} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {0884c03c-91a7-4c94-affc-fa6079213490} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {0884c03c-91a7-4c94-affc-fa6079213490} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {0884c03c-91a7-4c94-affc-fa6079213490} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {0884c03c-91a7-4c94-affc-fa6079213490} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {0884c03c-91a7-4c94-affc-fa6079213490} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {0884c03c-91a7-4c94-affc-fa6079213490} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {0884c03c-91a7-4c94-affc-fa6079213490} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {0884c03c-91a7-4c94-affc-fa6079213490} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {0884c03c-91a7-4c94-affc-fa6079213490} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {0884c03c-91a7-4c94-affc-fa6079213490} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {0884c03c-91a7-4c94-affc-fa6079213490} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {0884c03c-91a7-4c94-affc-fa6079213490} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {0884c03c-91a7-4c94-affc-fa6079213490} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {0884c03c-91a7-4c94-affc-fa6079213490} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {0884c03c-91a7-4c94-affc-fa6079213490} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {0884c03c-91a7-4c94-affc-fa6079213490} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {0884c03c-91a7-4c94-affc-fa6079213490} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {0884c03c-91a7-4c94-affc-fa6079213490} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {0884c03c-91a7-4c94-affc-fa6079213490} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {0884c03c-91a7-4c94-affc-fa6079213490} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {0884c03c-91a7-4c94-affc-fa6079213490} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {0884c03c-91a7-4c94-affc-fa6079213490} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {0884c03c-91a7-4c94-affc-fa6079213490} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {0884c03c-91a7-4c94-affc-fa6079213490} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {0884c03c-91a7-4c94-affc-fa6079213490} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {0884c03c-91a7-4c94-affc-fa6079213490} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {0884c03c-91a7-4c94-affc-fa6079213490} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {0884c03c-91a7-4c94-affc-fa6079213490} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {0884c03c-91a7-4c94-affc-fa6079213490} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {0884c03c-91a7-4c94-affc-fa6079213490} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {0884c03c-91a7-4c94-affc-fa6079213490} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {0884c03c-91a7-4c94-affc-fa6079213490} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {0884c03c-91a7-4c94-affc-fa6079213490} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {0884c03c-91a7-4c94-affc-fa6079213490} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {0884c03c-91a7-4c94-affc-fa6079213490} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {0884c03c-91a7-4c94-affc-fa6079213490} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.8.5.1302.1018.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.8.5.1302.1018.dll
O18 - Protocol: mso-offdap - {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Program Files\Common Files\Microsoft Shared\Web Components\10\OWC10.DLL
O18 - Protocol: mso-offdap11 - {32505114-5902-49B2-880A-1F7738E5A384} - C:\Program Files\Common Files\Microsoft Shared\Web Components\11\OWC11.DLL
O18 - Protocol: offline-8876480 - {0884C03C-91A7-4C94-AFFC-FA6079213490} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll
O18 - Filter: text/xml - {807553E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\ESET\nod32krn.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\spool\drivers\w32x86\3\HPZIPM12.EXE

--
End of file - 20297 bytes

-- File Associations -----------------------------------------------------------

.cpl - cplfile - shell\cplopen\command - rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.cpl - cplfile - shell\runas\command - rundll32.exe shell32.dll,Control_RunDLLAsUser "%1",%*
.reg - regfile - shell\open\command - regedit.exe "%1" %*
.scr - scrfile - shell\open\command - "%1" %*

-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------

R0 giveio - c:\windows\system32\giveio.sys
R0 speedfan - c:\windows\system32\speedfan.sys <Not Verified; Windows (R) 2000 DDK provider; Windows (R) 2000 DDK driver>
R1 AFS2K - c:\windows\system32\drivers\afs2k.sys <Not Verified; Oak Technology Inc.; AFS>

-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------

R2 Apple Mobile Device - "c:\program files\common files\apple\mobile device support\bin\applemobiledeviceservice.exe" <Not Verified; Apple, Inc.; Apple Mobile Device Service>
R2 Bonjour Service (Bonjour-service) - "c:\program files\bonjour\mdnsresponder.exe" <Not Verified; Apple Inc.; Bonjour>

-- Device Manager: Disabled ----------------------------------------------------

No disabled devices found.

-- Scheduled Tasks -------------------------------------------------------------

2008-05-25 12:54:15 284 --a------ C:\WINDOWS\Tasks\AppleSoftwareUpdate.job

-- Files created between 2008-04-27 and 2008-05-27 -----------------------------

2008-05-27 20:58:36 0 d-------- C:\Program Files\MSECache
2008-05-27 20:18:14 0 d-------- C:\WINDOWS\LastGood
2008-05-27 19:38:45 0 d-------- C:\Documents and Settings\Timo\Application Data\Malwarebytes
2008-05-27 19:38:37 0 d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-05-27 19:38:36 0 d-------- C:\Program Files\Malwarebytes' Anti-Malware
2008-05-27 18:51:02 0 d-------- C:\Documents and Settings\Timo\Application Data\Desktopicon
2008-05-27 18:21:58 115 --a------ C:\WINDOWS\BricoPackFoldersDelete.cmd
2008-05-27 18:21:09 0 d-------- C:\WINDOWS\BricoPacks
2008-05-27 17:39:05 2560 --a------ C:\WINDOWS\_MSRSTRT.EXE
2008-05-27 12:04:58 0 d-------- C:\Program Files\Stardock
2008-05-26 19:22:33 0 d-------- C:\Program Files\Lavasoft
2008-05-26 19:22:32 0 d-------- C:\Documents and Settings\All Users\Application Data\Lavasoft
2008-05-26 19:21:36 0 d-------- C:\Program Files\Common Files\Wise Installation Wizard
2008-05-26 18:53:51 0 d--h----- C:\WINDOWS\PIF
2008-05-25 12:53:59 0 d-------- C:\Program Files\Apple Software Update
2008-05-25 12:52:36 147456 --a------ C:\WINDOWS\system32\vbzip10.dll <Not Verified; Info-ZIP; Info-ZIP's WiZ>
2008-05-24 21:20:47 0 d-------- C:\Documents and Settings\Timo\Application Data\LimeWire
2008-05-24 21:20:19 0 d-------- C:\Program Files\Sun
2008-05-22 18:53:52 0 d-------- C:\Documents and Settings\Timo\Application Data\GrabIt
2008-05-22 18:46:48 0 d-------- C:\Program Files\GrabIt
2008-05-21 22:35:19 0 d-------- C:\WINDOWS\system32\NtmsData
2008-05-21 17:19:31 0 d-------- C:\Documents and Settings\Timo\Application Data\Apple Computer
2008-05-21 17:19:00 0 d-------- C:\Program Files\iPod
2008-05-21 17:18:51 0 d-------- C:\Program Files\iTunes
2008-05-21 17:18:27 0 d-------- C:\Program Files\Bonjour
2008-05-21 17:17:04 0 d-------- C:\Program Files\QuickTime
2008-05-21 17:17:00 0 d-------- C:\Documents and Settings\All Users\Application Data\Apple Computer
2008-05-21 17:15:33 0 d-------- C:\Program Files\Common Files\Apple
2008-05-21 17:15:31 0 d-------- C:\Documents and Settings\All Users\Application Data\Apple
2008-05-21 17:11:36 0 d-------- C:\Documents and Settings\Timo\Application Data\WinRAR
2008-05-21 16:54:43 217088 --a------ C:\WINDOWS\Alcrmv.exe <Not Verified; Realtek Semiconductor Corp.; Realtek AC'97 Removing driver Tool>
2008-05-21 16:54:37 4124352 -ra------ C:\WINDOWS\system32\drivers\ALCXWDM.SYS <Not Verified; Realtek Semiconductor Corp.; Windows (R) WDM driver for Realtek AC'97 Audio(HRTF data Copyright 1994 by MIT Media Lab)>
2008-05-21 16:53:56 10528768 --a------ C:\WINDOWS\system32\RTLCPL.EXE <Not Verified; Realtek Semiconductor Corp.; Realtek Audio Sound Effect Manager>
2008-05-21 16:53:56 0 d-------- C:\Program Files\Realtek AC97
2008-05-21 16:53:52 577536 --a------ C:\WINDOWS\SOUNDMAN.EXE <Not Verified; Realtek Semiconductor Corp.; Realtek Sound Manager>
2008-05-21 16:53:51 147456 --a------ C:\WINDOWS\system32\RTLCPAPI.dll <Not Verified; ; RtlCPAPI Module>
2008-05-21 16:53:49 315392 --a------ C:\WINDOWS\alcupd.exe <Not Verified; Realtek Semiconductor Corp.; Realtek AC'97 Update driver Tool>
2008-05-21 16:48:41 0 d-------- C:\$CTJX
2008-05-21 16:47:47 1063 --a------ C:\drvpnp.dat
2008-05-21 16:28:12 0 d-------- C:\Documents and Settings\Timo\Application Data\HP
2008-05-21 16:18:09 0 d-------- C:\Documents and Settings\All Users\Application Data\HP
2008-05-21 16:00:55 0 d-------- C:\Documents and Settings\All Users\Application Data\Sonic
2008-05-21 16:00:51 0 d-------- C:\Program Files\Common Files\Sonic Shared
2008-05-21 15:58:42 0 d-------- C:\Program Files\Common Files\HP
2008-05-21 15:52:01 0 d-------- C:\Program Files\HP
2008-05-21 15:20:21 0 --------- C:\WINDOWS\hpimdl01.dat
2008-05-21 15:20:21 91330 --a------ C:\WINDOWS\hpiins01.dat
2008-05-21 15:15:57 0 d-------- C:\Documents and Settings\Timo\Application Data\Hewlett-Packard
2008-05-21 15:14:33 82380 --a------ C:\WINDOWS\system32\drivers\AFS2K.SYS <Not Verified; Oak Technology Inc.; AFS>
2008-05-21 15:10:29 73728 --a------ C:\WINDOWS\system32\HPZipm12.exe <Not Verified; HP; HP PML>
2008-05-21 15:06:30 0 d-------- C:\Program Files\Common Files\Hewlett-Packard
2008-05-21 15:05:17 0 d-------- C:\Program Files\Hewlett-Packard
2008-05-21 15:03:21 16622 --------- C:\WINDOWS\hpomdl01.dat
2008-05-21 15:03:21 20458 --a------ C:\WINDOWS\hpoins01.dat
2008-05-20 23:25:46 3580 --a------ C:\WINDOWS\system32\d3d9caps.dat
2008-05-20 23:24:30 0 d-------- C:\Documents and Settings\All Users\Application Data\Logishrd
2008-05-20 22:52:36 0 d-------- C:\WINDOWS\system32\URTTemp
2008-05-20 21:38:34 0 d-------- C:\Program Files\Windows Media Connect 2
2008-05-20 21:35:14 0 d-------- C:\WINDOWS\system32\LogFiles
2008-05-20 21:35:14 0 d-------- C:\WINDOWS\system32\drivers\UMDF
2008-05-20 21:01:16 0 d-------- C:\Program Files\Microsoft CAPICOM 2.1.0.2
2008-05-20 20:49:34 0 d-------- C:\WINDOWS\Prefetch
2008-05-20 20:41:15 0 d-------- C:\WINDOWS\system32\nl-nl
2008-05-20 20:41:14 0 d-------- C:\WINDOWS\system32\nl
2008-05-20 20:41:14 0 d-------- C:\WINDOWS\l2schemas
2008-05-20 20:34:51 0 d-------- C:\WINDOWS\network diagnostic
2008-05-20 19:55:33 0 d--hs--c- C:\Program Files\Common Files\WindowsLiveInstaller
2008-05-20 19:55:19 0 d-------- C:\Documents and Settings\All Users\Application Data\WLInstaller
2008-05-20 19:49:29 0 d-------- C:\Program Files\Microsoft Silverlight
2008-05-20 19:25:07 0 d-------- C:\Program Files\Common Files\Logitech
2008-05-20 19:23:25 0 d-------- C:\Program Files\Common Files\LogiShrd
2008-05-20 19:23:24 0 d-------- C:\Program Files\Logitech
2008-05-20 19:23:24 0 d-------- C:\Documents and Settings\All Users\Application Data\Logitech
2008-05-20 19:15:39 298104 --a------ C:\WINDOWS\system32\imon.dll <Not Verified; Eset; NOD32 Antivirus System>
2008-05-20 19:07:11 0 d-------- C:\Documents and Settings\All Users\Application Data\Messenger Plus!
2008-05-20 19:05:12 0 d-------- C:\Program Files\Windows Live
2008-05-20 19:05:11 0 d-------- C:\Program Files\Messenger Plus! Live
2008-05-20 18:57:57 0 d-------- C:\Documents and Settings\Timo\Contacts
2008-05-20 18:57:20 0 d-------- C:\Documents and Settings\All Users\Application Data\Windows Live Toolbar
2008-05-20 18:57:14 0 d-------- C:\Program Files\Windows Live Toolbar
2008-05-20 18:56:11 0 d------c- C:\WINDOWS\system32\DRVSTORE
2008-05-20 18:55:53 0 d-------- C:\Program Files\MSN Messenger
2008-05-20 18:21:24 0 d-------- C:\Program Files\Common Files\ODBC
2008-05-20 18:21:21 0 d-------- C:\Program Files\Common Files\SpeechEngines
2008-05-20 18:21:20 0 dr------- C:\Program Files <PROGRA~1>
2008-05-20 18:21:20 0 d-------- C:\Program Files\Common Files
2008-05-20 18:20:55 0 d--h----- C:\Documents and Settings\Default User\Sjablonen
2008-05-20 18:20:55 0 dr-h----- C:\Documents and Settings\Default User\SendTo
2008-05-20 18:20:55 0 d--h----- C:\Documents and Settings\Default User\Onlangs geopend
2008-05-20 18:20:55 0 d--h----- C:\Documents and Settings\Default User\Netwerkprinteromgeving
2008-05-20 18:20:55 0 d--h----- C:\Documents and Settings\Default User\NetHood
2008-05-20 18:20:55 0 d-------- C:\Documents and Settings\Default User\Mijn documenten
2008-05-20 18:20:55 0 dr------- C:\Documents and Settings\Default User\Menu Start
2008-05-20 18:20:55 0 dr-h----- C:\Documents and Settings\Default User\Local Settings
2008-05-20 18:20:55 0 d-------- C:\Documents and Settings\Default User\Favorieten
2008-05-20 18:20:55 0 d---s---- C:\Documents and Settings\Default User\Cookies
2008-05-20 18:20:55 0 d-------- C:\Documents and Settings\Default User\Bureaublad
2008-05-20 18:20:55 0 d--h----- C:\Documents and Settings\All Users\Sjablonen
2008-05-20 18:20:55 0 dr------- C:\Documents and Settings\All Users\Menu Start
2008-05-20 18:20:55 0 d-------- C:\Documents and Settings\All Users\Favorieten
2008-05-20 18:20:55 0 dr------- C:\Documents and Settings\All Users\Documenten
2008-05-20 18:20:55 0 d-------- C:\Documents and Settings\All Users\Bureaublad
2008-05-20 18:20:41 0 d-------- C:\WINDOWS\system32\CatRoot2
2008-05-20 18:20:41 0 d-------- C:\WINDOWS\system32\CatRoot
2008-05-20 18:20:35 0 dr-h----- C:\Documents and Settings\Default User\Application Data
2008-05-20 18:20:35 0 d---s---- C:\Documents and Settings\Default User\Application Data\Microsoft
2008-05-20 18:20:35 0 dr-h----- C:\Documents and Settings\All Users\Application Data
2008-05-20 18:20:35 0 d---s---- C:\Documents and Settings\All Users\Application Data\Microsoft
2008-05-20 18:20:16 0 d-------- C:\Documents and Settings <DOCUME~1>
2008-05-20 18:15:38 0 d-------- C:\WINDOWS
2008-05-20 18:15:38 0 d-------- C:\WINDOWS\WinSxS
2008-05-20 18:15:38 0 dr------- C:\WINDOWS\Web
2008-05-20 18:15:38 0 d-------- C:\WINDOWS\twain_32
2008-05-20 18:15:38 0 d-------- C:\WINDOWS\system32
2008-05-20 18:15:38 0 d-------- C:\WINDOWS\system32\wins
2008-05-20 18:15:38 0 d-------- C:\WINDOWS\system32\wbem
2008-05-20 18:15:38 0 d-------- C:\WINDOWS\system32\usmt
2008-05-20 18:15:38 0 d-------- C:\WINDOWS\system32\spool
2008-05-20 18:15:38 0 d-------- C:\WINDOWS\system32\ShellExt
2008-05-20 18:15:38 0 d-------- C:\WINDOWS\system32\Setup
2008-05-20 18:15:38 0 d-------- C:\WINDOWS\system32\ras
2008-05-20 18:15:38 0 d-------- C:\WINDOWS\system32\oobe
2008-05-20 18:15:38 0 d-------- C:\WINDOWS\system32\npp
2008-05-20 18:15:38 0 d-------- C:\WINDOWS\system32\mui
2008-05-20 18:15:38 0 d-------- C:\WINDOWS\system32\inetsrv
2008-05-20 18:15:38 0 d-------- C:\WINDOWS\system32\IME
2008-05-20 18:15:38 0 d-------- C:\WINDOWS\system32\icsxml
2008-05-20 18:15:38 0 d-------- C:\WINDOWS\system32\ias
2008-05-20 18:15:38 0 d-------- C:\WINDOWS\system32\export
2008-05-20 18:15:38 0 d-------- C:\WINDOWS\system32\drivers
2008-05-20 18:15:38 0 d-------- C:\WINDOWS\system32\drivers\etc
2008-05-20 18:15:38 0 d-------- C:\WINDOWS\system32\drivers\disdn
2008-05-20 18:15:38 0 dr-hs--c- C:\WINDOWS\system32\dllcache
2008-05-20 18:15:38 0 d-------- C:\WINDOWS\system32\dhcp
2008-05-20 18:15:38 0 d-------- C:\WINDOWS\system32\config
2008-05-20 18:15:38 0 d-------- C:\WINDOWS\system32\3com_dmi
2008-05-20 18:15:38 0 d-------- C:\WINDOWS\system32\3076
2008-05-20 18:15:38 0 d-------- C:\WINDOWS\system32\2052
2008-05-20 18:15:38 0 d-------- C:\WINDOWS\system32\1054
2008-05-20 18:15:38 0 d-------- C:\WINDOWS\system32\1043
2008-05-20 18:15:38 0 d-------- C:\WINDOWS\system32\1042
2008-05-20 18:15:38 0 d-------- C:\WINDOWS\system32\1041
2008-05-20 18:15:38 0 d-------- C:\WINDOWS\system32\1037
2008-05-20 18:15:38 0 d-------- C:\WINDOWS\system32\1033
2008-05-20 18:15:38 0 d-------- C:\WINDOWS\system32\1031
2008-05-20 18:15:38 0 d-------- C:\WINDOWS\system32\1028
2008-05-20 18:15:38 0 d-------- C:\WINDOWS\system32\1025
2008-05-20 18:15:38 0 d-------- C:\WINDOWS\system
2008-05-20 18:15:38 0 d-------- C:\WINDOWS\security
2008-05-20 18:15:38 0 d-------- C:\WINDOWS\Resources
2008-05-20 18:15:38 0 d-------- C:\WINDOWS\repair
2008-05-20 18:15:38 0 d-------- C:\WINDOWS\mui
2008-05-20 18:15:38 0 d-------- C:\WINDOWS\msapps
2008-05-20 18:15:38 0 d-------- C:\WINDOWS\msagent
2008-05-20 18:15:38 0 d-------- C:\WINDOWS\Media
2008-05-20 18:15:38 0 d-------- C:\WINDOWS\java
2008-05-20 18:15:38 0 d--h----- C:\WINDOWS\inf
2008-05-20 18:15:38 0 d-------- C:\WINDOWS\ime
2008-05-20 18:15:38 0 d-------- C:\WINDOWS\Help
2008-05-20 18:15:38 0 dr--s---- C:\WINDOWS\Fonts
2008-05-20 18:15:38 0 d-------- C:\WINDOWS\Driver Cache
2008-05-20 18:15:38 0 d-------- C:\WINDOWS\Debug
2008-05-20 18:15:38 0 d-------- C:\WINDOWS\Cursors
2008-05-20 18:15:38 0 d-------- C:\WINDOWS\Connection Wizard
2008-05-20 18:15:38 0 d-------- C:\WINDOWS\Config
2008-05-20 18:15:38 0 d-------- C:\WINDOWS\AppPatch
2008-05-20 18:15:38 0 d-------- C:\WINDOWS\addins
2008-05-20 17:55:38 46352 --a------ C:\WINDOWS\setdebug.exe <Not Verified; Microsoft Corporation; Microsoft(R) Windows (R) Operating System>
2008-05-20 17:55:37 139536 --a------ C:\WINDOWS\system32\javaee.dll <Not Verified; Microsoft Corporation; Microsoft(R) Windows (R) Operating System>
2008-05-20 17:55:37 6550 --a------ C:\WINDOWS\jautoexp.dat
2008-05-20 17:55:22 113 --a------ C:\WINDOWS\system32\zonedon.reg
2008-05-20 17:55:21 113 --a------ C:\WINDOWS\system32\zonedoff.reg
2008-05-20 17:33:23 0 d-------- C:\Program Files\Microsoft.NET
2008-05-20 17:32:43 0 d-------- C:\WINDOWS\SHELLNEW
2008-05-20 17:23:36 0 d-------- C:\Documents and Settings\LocalService\Menu Start
2008-05-20 17:12:59 0 d-------- C:\Program Files\SpeedFan
2008-05-20 17:12:43 0 d-------- C:\WINDOWS\provisioning
2008-05-20 17:12:43 0 d-------- C:\WINDOWS\peernet
2008-05-20 17:11:32 0 d-------- C:\WINDOWS\ServicePackFiles
2008-05-20 17:05:59 0 d-------- C:\WINDOWS\EHome
2008-05-20 16:57:42 0 d-------- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
2008-05-20 16:50:27 0 d-------- C:\WINDOWS\system32\PreInstall
2008-05-20 16:50:24 0 d--h----- C:\WINDOWS\$hf_mig$
2008-05-20 16:49:44 0 d-------- C:\WINDOWS\system32\bits
2008-05-20 16:47:22 0 --a------ C:\WINDOWS\nsreg.dat
2008-05-20 16:47:17 0 d-------- C:\Documents and Settings\Timo\Application Data\Mozilla
2008-05-20 16:44:17 0 d-------- C:\WINDOWS\SoftwareDistribution
2008-05-20 16:44:11 0 d--hs---- C:\Documents and Settings\Timo\UserData
2008-05-20 16:43:55 0 d-------- C:\Documents and Settings\Timo\Application Data\Macromedia
2008-05-20 16:43:55 0 d-------- C:\Documents and Settings\Timo\Application Data\Adobe
2008-05-20 16:39:21 0 d---s---- C:\WINDOWS\system32\Microsoft
2008-05-20 16:38:16 0 d--h----- C:\Program Files\InstallShield Installation Information
2008-05-20 16:38:16 0 d-------- C:\ATI-CPanel <ATI-CP~1>
2008-05-20 16:38:11 0 d-------- C:\Program Files\Common Files\InstallShield
2008-05-20 16:36:06 0 d-------- C:\WINDOWS\system32\ReinstallBackups
2008-05-20 16:35:20 546 --a------ C:\pnpID.dat
2008-05-20 16:33:44 0 d--hs---- C:\WINDOWS\Installer
2008-05-20 16:33:40 0 d-------- C:\Documents and Settings\Timo\Application Data\Identities
2008-05-20 16:33:28 0 d--h----- C:\Documents and Settings\Timo\Local Settings
2008-05-20 16:33:28 0 dr------- C:\Documents and Settings\Timo\Favorieten
2008-05-20 16:33:28 0 d--hs---- C:\Documents and Settings\Timo\Cookies
2008-05-20 16:33:28 0 d-------- C:\Documents and Settings\Timo\Bureaublad
2008-05-20 16:33:28 0 d--h----- C:\Documents and Settings\Timo\Application Data
2008-05-20 16:33:27 0 d--h----- C:\Documents and Settings\Timo\Sjablonen
2008-05-20 16:33:27 0 dr-h----- C:\Documents and Settings\Timo\SendTo
2008-05-20 16:33:27 0 dr-h----- C:\Documents and Settings\Timo\Onlangs geopend
2008-05-20 16:33:27 2359296 --a------ C:\Documents and Settings\Timo\NTUSER.DAT
2008-05-20 16:33:27 0 d--h----- C:\Documents and Settings\Timo\Netwerkprinteromgeving
2008-05-20 16:33:27 0 d--h----- C:\Documents and Settings\Timo\NetHood
2008-05-20 16:33:27 0 dr------- C:\Documents and Settings\Timo\Mijn documenten
2008-05-20 16:33:27 0 dr------- C:\Documents and Settings\Timo\Menu Start
2008-05-20 16:32:40 0 d--hs---- C:\System Volume Information <SYSTEM~1>
2008-05-20 16:32:38 229376 --a------ C:\Documents and Settings\LocalService\NTUSER.DAT
2008-05-20 16:32:38 0 d--h----- C:\Documents and Settings\LocalService\Local Settings
2008-05-20 16:32:38 0 d--hs---- C:\Documents and Settings\LocalService\Cookies
2008-05-20 16:32:38 0 d-------- C:\Documents and Settings\LocalService\Application Data
2008-05-20 16:32:38 0 d---s---- C:\Documents and Settings\LocalService\Application Data\Microsoft
2008-05-20 16:32:37 229376 --a------ C:\Documents and Settings\NetworkService\NTUSER.DAT
2008-05-20 16:32:37 0 d--h----- C:\Documents and Settings\NetworkService\Local Settings
2008-05-20 16:32:37 0 d--hs---- C:\Documents and Settings\NetworkService\Cookies
2008-05-20 16:32:37 0 d-------- C:\Documents and Settings\NetworkService\Application Data
2008-05-20 16:32:37 0 d---s---- C:\Documents and Settings\NetworkService\Application Data\Microsoft
2008-05-20 16:29:56 0 d-------- C:\WINDOWS\system32\xircom
2008-05-20 16:29:56 0 d-------- C:\Program Files\microsoft frontpage
2008-05-20 16:29:52 262144 --ah----- C:\Documents and Settings\Default User\NTUSER.DAT
2008-05-20 16:29:44 0 -rahs---- C:\MSDOS.SYS
2008-05-20 16:29:44 0 -rahs---- C:\IO.SYS
2008-05-20 16:29:44 0 --a------ C:\CONFIG.SYS
2008-05-20 16:29:44 0 --a------ C:\AUTOEXEC.BAT
2008-05-20 16:28:49 0 d--hs---- C:\Documents and Settings\All Users\DRM
2008-05-20 16:28:40 0 dr------- C:\WINDOWS\Offline Web Pages
2008-05-20 16:28:39 0 d---s---- C:\WINDOWS\Downloaded Program Files
2008-05-20 16:28:08 0 d-------- C:\WINDOWS\system32\DirectX
2008-05-20 16:27:26 0 d---s---- C:\WINDOWS\Tasks
2008-05-20 16:27:23 0 d-------- C:\Program Files\Common Files\MSSoap
2008-05-20 16:27:18 0 d-------- C:\WINDOWS\system32\Macromed
2008-05-20 16:27:18 0 d-------- C:\WINDOWS\srchasst
2008-05-20 16:27:16 0 d-------- C:\Program Files\Movie Maker
2008-05-20 16:27:12 0 d-------- C:\WINDOWS\system32\Restore
2008-05-20 16:27:12 0 d-------- C:\WINDOWS\PCHealth
2008-05-20 16:26:53 21748 --a------ C:\WINDOWS\system32\emptyregdb.dat
2008-05-20 16:26:36 0 d-------- C:\WINDOWS\Registration
2008-05-20 16:26:01 0 d--h----- C:\Program Files\WindowsUpdate
2008-05-20 16:26:01 0 d-------- C:\Program Files\Online Services
2008-05-20 16:25:55 0 d-------- C:\Program Files\Messenger
2008-05-20 16:25:50 0 d-------- C:\Program Files\MSN Gaming Zone
2008-05-20 16:25:14 0 d-------- C:\Program Files\Windows NT
2008-05-20 16:25:11 0 d-------- C:\WINDOWS\system32\MsDtc
2008-05-20 16:25:11 0 d-------- C:\WINDOWS\system32\Com

-- Find3M Report ---------------------------------------------------------------

2008-05-21 16:15:49 468568 --a------ C:\WINDOWS\system32\perfh013.dat
2008-05-21 16:15:49 82192 --a------ C:\WINDOWS\system32\perfc013.dat
2008-05-20 18:20:55 62 --ahs---- C:\Documents and Settings\Timo\Application Data\desktop.ini
2008-04-14 19:02:58 1037312 --a------ C:\WINDOWS\explorers_original.exe <Not Verified; Microsoft Corporation; Besturingssysteem Microsoft® Windows®>
2008-04-14 19:02:58 1037312 --a------ C:\WINDOWS\explorers.exe <Not Verified; Microsoft Corporation; Besturingssysteem Microsoft® Windows®>

-- Registry Dump ---------------------------------------------------------------

*Note* empty entries & legit default entries are not shown

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{a0c2ec32-d222-4776-8d31-80703f90316b}]
C:\WINDOWS\system32\idlloeup.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ATIModeChange"="Ati2mdxx.exe" [04-09-2001 16:24 C:\WINDOWS\system32\Ati2mdxx.exe]
"ATIPTA"="C:\ATI-CPanel\atiptaxx.exe" [05-06-2003 12:35]
"nod32kui"="C:\Program Files\Eset\nod32kui.exe" [20-05-2008 19:11]
"LogitechCommunicationsManager"="C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe" [25-10-2007 16:33]
"LogitechQuickCamRibbon"="C:\Program Files\Logitech\QuickCam\Quickcam.exe" [25-10-2007 16:37]
"HP Software Update"="C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe" [24-09-2005 00:08]
"SoundMan"="SOUNDMAN.EXE" [16-04-2007 15:28 C:\WINDOWS\SOUNDMAN.EXE]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [28-03-2008 23:37]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [30-03-2008 10:36]
"UnlockerAssistant"="C:\Program Files\Unlocker\UnlockerAssistant.exe" [02-05-2008 06:15]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [14-04-2008 19:02]
"LDM"="C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe" [20-05-2008 19:27]

C:\Documents and Settings\All Users\Menu Start\Programma's\Opstarten\
HP Digital Imaging Monitor.lnk - C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe [24-9-2005 0:28:44]
HP Photosmart Premier Snelstart.lnk - C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqthb08.exe [24-9-2005 1:39:30]
hp psc 2000 Series.lnk - C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpobnz08.exe [6-4-2003 0:37:10]
hpoddt01.exe.lnk - C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe [6-4-2003 1:06:58]
Logitech Desktop Messenger.lnk - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe [20-5-2008 19:27:43]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\dimsntfy]
C:\WINDOWS\System32\dimsntfy.dll

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
SecurityProviders msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll,

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vds]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]
@="Volume shadow copy"

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
eapsvcs eaphost
dot3svc dot3svc

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
napagent
hkmsvc

-- End of Deckard's System Scanner: finished at 2008-05-27 22:10:24 ------------

**smeenk** · 27-05-08, 23:24

Verwijder dit bestand:
C:\WINDOWS\System32\idlloeup.dllNUCIA

Start Hijackthis en vink alleen de volgende regel aan:
O2 - BHO: {b61309f3-0708-13d8-6774-222d23ce2c0a} - {a0c2ec32-d222-4776-8d31-80703f90316b} - C:\WINDOWS\system32\idlloeup.dll (file missing)
Sluit alle openstaande vensters(behalve Hijackthis) en klik op de knop "Fix checked".

Download ATF cleaner (mirror)(gemaakt door Atribune)

Belangrijk: Sluit al je browservensters(IE en/of Firefox en/of Opera) om de tool goed te kunnen laten werken.

Dubbelklik op ATF cleaner om het programma te starten.
Op het tabblad "Main", plaats je een vinkje bij Select All.
Klik op de knop Empty Selected.

Het volgende doen als je ook FireFox als browser hebt:
Klik op tabblad "Firefox", plaats een vinkje bij Select All.
Wil je de door Firefox opgeslagen wachtwoorden behouden, dan klik je in het venster dat verschijnt op "No".
(dit haalt het vinkje weer weg bij "Firefox saved passwords")
Klik op de knop Empty Selected.

Het volgende doen als je ook Opera als browser hebt:
Klik op tabblad "Opera", plaats een vinkje bij Select All.
Wil je de door Opera opgeslagen wachtwoorden behouden, dan klik je in het venster dat verschijnt op "No".
Klik op de knop Empty Selected.
Ga naar het tabblad "Main" en klik op de knop Exit om het programma af te sluiten.

Schakel Systeemherstel uit. Herstart de computer. Schakel Systeemherstel weer in.
Kijk hier hoe je je systeemherstel moet uitschakelen.
Hiermee verwijder je eventuele restanten van de infecties uit je systeemherstel.

Dan denk ik dat alles weer OK is.

Groeten smeenk

**timoboontjuh** · 28-05-08, 15:09

hartstikke bedankt

ah je bent echt de beste smeenk, mijn pc is nu gered, en ik kan weer op internet zonder dat er enig iets inspringt, je bent voor mij echt een ware held.

Mededeling

word gek van internet virus

word gek van internet virus

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment