schorvoort
-
Items
9 -
Registratiedatum
-
Laatst bezocht
Inhoudstype
Profielen
Forums
Store
Berichten die geplaatst zijn door schorvoort
-
-
Geen wonder dat er problemen voorkomen op deze PC, zit vol met ongewenste "beestjes"
Start Hijackthis op en kies voor 'Do a system scan only'. Selecteer alleen de items hieronder genoemd:
R3 - URLSearchHook: (no name) - {4718115F-DCB1-894D-C809-D998BE16F7BF} - C:\WINDOWS\System32\xamjrqd.dll (file missing)
O2 - BHO: System - {D1C8F9CE-563E-11D8-813C-005022E14DE3} - C:\Program Files\LNM Client\AddAPI.dll
O3 - Toolbar: (no name) - {37B85A29-692B-4205-9CAD-2626E4993404} - (no file)
O4 - HKLM\..\Run: [iehelper] C:\Program Files\syslaunch.exe
O4 - HKLM\..\Run: [systray] C:\WINDOWS\System32\a.exe
O4 - HKLM\..\Run: [] C:\WINDOWS\System32\
O4 - HKLM\..\Run: [iyus] C:\WINDOWS\System32\iyus\ajobjoap.exe
O4 - HKLM\..\Run: [savePokeOwnsMeal] C:\Documents and Settings\All Users\Application Data\Software Readme Save Poke\Lies Test.exe
O4 - HKLM\..\Run: [syschk] syschk.exe /fastcheck
O4 - HKLM\..\Run: [nethm.exe] C:\WINDOWS\system32\nethm.exe
O4 - HKLM\..\Run: [winbw.exe] C:\WINDOWS\system32\winbw.exe
O4 - HKLM\..\Run: [ipjx32.exe] C:\WINDOWS\system32\ipjx32.exe
O4 - HKLM\..\Run: [hgqhp.exe] C:\WINDOWS\System32\hgqhp.exe
O4 - HKCU\..\Run: [syschk] syschk.exe /fastcheck
O4 - HKCU\..\Run: [mpegbarb] C:\DOCUME~1\Denis\APPLIC~1\LOCKSB~1\pingoozeproxy.exe
O4 - HKCU\..\Run: [Mrtc] C:\WINDOWS\System32\j?vaw.exe
O4 - HKCU\..\Run: [Tnlu] "C:\PROGRA~1\COMMON~1\WNSXS~1\msconfig.exe" -vt ndrv
O4 - HKCU\..\Run: [Windows update loader] C:\Windows\xpupdate.exe
O4 - Startup: Download Plus.lnk = C:\Documents and Settings\Denis\Application Data\DownloadPlus.exe
O4 - Startup: Yahoo! Widgets.lnk = C:\Program Files\Pixoria\Konfabulator\YahooWidgets.exe
O4 - Global Startup: GStartup.lnk = C:\Program Files\Common Files\GMT\GMT.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O9 - Extra button: LNM Client - {5D602A21-B929-11d7-A5D3-005022E14DE3} - LNM.eu : Welkom (file missing)
O15 - Trusted Zone: *.frame.crazywinnings.com
O15 - Trusted Zone: *.slotchbar.com
O15 - Trusted Zone: *.frame.crazywinnings.com (HKLM)
O15 - Trusted Zone: *.slotchbar.com (HKLM)
O15 - Trusted IP range: 67.19.185.246
O15 - ProtocolDefaults: 'http' protocol is in My Computer Zone, should be Internet Zone
O15 - ProtocolDefaults: 'https' protocol is in Trusted Zone, should be Internet Zone
O15 - ProtocolDefaults: 'http' protocol is in My Computer Zone, should be Internet Zone (HKLM)
O15 - ProtocolDefaults: 'https' protocol is in Trusted Zone, should be Internet Zone (HKLM)
O17 - HKLM\System\CCS\Services\Tcpip\..\{527531EF-2E09-4FC2-AF58-61B1CF324EC0}: NameServer = 85.255.116.155,85.255.112.26
O17 - HKLM\System\CCS\Services\Tcpip\..\{881DE64E-1B4C-4E16-B9FB-EE17F05DE7F1}: NameServer = 85.255.116.155,85.255.112.26
O17 - HKLM\System\CCS\Services\Tcpip\..\{B862C927-DC0D-4DE7-BB88-D65F4E950CAA}: NameServer = 85.255.116.155,85.255.112.26
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 85.255.116.155 85.255.112.26
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 85.255.116.155 85.255.112.26
O18 - Filter: tœ†5òÏTÆR - {E6A92098-CE89-4101-920E-8A043B066D43} - (no file)
O24 - Desktop Component 0: Security - C:\WINDOWS\desktop.html
Klik op 'Fix checked' om de items te verwijderen.
Download MBAM (Malwarebytes' Anti-Malware).
Dubbelklik op mbam-setup.exe om het programma te installeren.
Zorg ervoor dat er een vinkje geplaatst is voor Update Malwarebytes' Anti-Malware en Start Malwarebytes' Anti-Malware, Klik daarna op "Voltooien".
Indien een update gevonden werd, zal die gedownload en geïnstalleerd worden.
Wanneer het programma volledig up to date is, selecteer dan in het tabblad Scanner : "Snelle Scan", daarna klik op Scan.
Het scannen kan een tijdje duren, dus wees geduldig.
Wanneer de scan voltooid is, klik op OK, daarna "Bekijk Resultaten" om de resultaten te zien.
Zorg ervoor dat daar alles aangevinkt is, daarna klik op: Verwijder geselecteerde.
Na het verwijderen zal een log openen en zal er gevraagd worden om de computer opnieuw op te starten. (Zie verder)
De log wordt automatisch bewaard door MBAM en kan je terugvinden door op de "Logs" tab te klikken in MBAM.
Indien MBAM moeilijkheden heeft met het verwijderen van bepaalde bestanden zal het enkele meldingen geven waar je OK moet klikken.
Daarna zal het vragen om de computeropnieuw op te starten... dus sta toe dat MBAM de computer opnieuw opstart.
Plak de inhoud van het logje in je volgende bericht, samen met een nieuw HijackThis log.
bedankt hoor . alles is in orde na het draaien en verwijderen van hijackthis en malwarebytes . ik heb mijn windows kunnen updaten.
ik had nog ff een vraagje . hoe kun je zien op de log van hijackthis welke items moeten verwijderd worden? hoe weet je zoiets?
-
Een update die niet wil, zou (eventueel) kunnen wijzen op malware. Laat ons eens kijken met dit :
Download HiJackThis
Dubbelklik op HJTInstall.exe
Hijackthis wordt nu op je PC geïnstalleerd, een snel koppeling wordt op je bureaublad geplaatst. Klik op "Do a systemscan and save a logfile". en hang dit logje aan je volgende bericht.
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 23:23:04, on 9/12/2008
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
H:\photoshop\PhotoshopElementsFileAgent.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\UAService7.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\RunDll32.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\kdx\KHost.exe
C:\Program Files\HP\HP Software Update\HPWuSchd.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\Picasa2\PicasaMediaDetector.exe
C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe
C:\Program Files\Winamp\winampa.exe
C:\WINDOWS\System32\ctfmon.exe
C:\WINDOWS\System32\RUNDLL32.EXE
C:\Program Files\phonostar\ps_agent.exe
C:\Program Files\phonostar\ps_timer.exe
C:\Program Files\LNM Client\Client.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\MediaKey v2.00\Versato.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Documents and Settings\All Users\Menu Start\Programma's\Opstarten\THDetect.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\Program Files\Rainlendar\Rainlendar.exe
C:\Program Files\Pixoria\Konfabulator\YahooWidgets.exe
C:\Program Files\MediaKey v2.00\MePlayer.exe
C:\Program Files\MediaKey v2.00\OSD.EXE
C:\Program Files\Pixoria\Konfabulator\YahooWidgets.exe
C:\Program Files\Pixoria\Konfabulator\YahooWidgets.exe
C:\Program Files\Pixoria\Konfabulator\YahooWidgets.exe
C:\Program Files\Pixoria\Konfabulator\YahooWidgets.exe
C:\Program Files\Pixoria\Konfabulator\YahooWidgets.exe
C:\Program Files\Java\jre1.5.0_06\bin\jucheck.exe
C:\WINDOWS\System32\WISPTIS.EXE
C:\Program Files\Messenger\msmsgs.exe
C:\PROGRA~1\WINZIP\winzip32.exe
C:\unzipped\HiJackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Het Nieuwsblad - Advertentie
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
R3 - URLSearchHook: (no name) - {4718115F-DCB1-894D-C809-D998BE16F7BF} - C:\WINDOWS\System32\xamjrqd.dll (file missing)
O2 - BHO: System - {D1C8F9CE-563E-11D8-813C-005022E14DE3} - C:\Program Files\LNM Client\AddAPI.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: McAfee SiteAdvisor - {0BF43445-2F28-4351-9252-17FE6E806AA0} - C:\Program Files\SiteAdvisor\4144\SiteAdv.dll
O3 - Toolbar: (no name) - {37B85A29-692B-4205-9CAD-2626E4993404} - (no file)
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [PMXInit] C:\WINDOWS\System32\pmxinit.exe
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\System32\NeroCheck.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iehelper] C:\Program Files\syslaunch.exe
O4 - HKLM\..\Run: [systray] C:\WINDOWS\System32\a.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [] C:\WINDOWS\System32\
O4 - HKLM\..\Run: [iyus] C:\WINDOWS\System32\iyus\ajobjoap.exe
O4 - HKLM\..\Run: [AVG_CC] C:\PROGRA~1\Grisoft\AVG6\avgcc32.exe /STARTUP
O4 - HKLM\..\Run: [kdx] C:\WINDOWS\kdx\KHost.exe
O4 - HKLM\..\Run: [savePokeOwnsMeal] C:\Documents and Settings\All Users\Application Data\Software Readme Save Poke\Lies Test.exe
O4 - HKLM\..\Run: [syschk] syschk.exe /fastcheck
O4 - HKLM\..\Run: [zSPGuard] c:\program files\pjw\spguard\spguard.exe /s
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd.exe"
O4 - HKLM\..\Run: [nethm.exe] C:\WINDOWS\system32\nethm.exe
O4 - HKLM\..\Run: [winbw.exe] C:\WINDOWS\system32\winbw.exe
O4 - HKLM\..\Run: [PrevxHome] C:\Program Files\PREVX\Prevx Home\SAGUI.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [ipjx32.exe] C:\WINDOWS\system32\ipjx32.exe
O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [hgqhp.exe] C:\WINDOWS\System32\hgqhp.exe
O4 - HKLM\..\Run: [iCQ Lite] "C:\Program Files\ICQLite\ICQLite.exe" -minimize
O4 - HKLM\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe
O4 - HKLM\..\Run: [sSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [OpwareSE4] "C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe"
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NVMCTRAY.DLL,NvTaskbarInit
O4 - HKCU\..\Run: [WeatherAloud] C:\Program Files\WeatherAloud\WeatherAloud.exe -auto
O4 - HKCU\..\Run: [syschk] syschk.exe /fastcheck
O4 - HKCU\..\Run: [mpegbarb] C:\DOCUME~1\Denis\APPLIC~1\LOCKSB~1\pingoozeproxy.exe
O4 - HKCU\..\Run: [Mrtc] C:\WINDOWS\System32\j?vaw.exe
O4 - HKCU\..\Run: [Tnlu] "C:\PROGRA~1\COMMON~1\WNSXS~1\msconfig.exe" -vt ndrv
O4 - HKCU\..\Run: [EA Core] "C:\Program Files\Electronic Arts\EA Link\Core.exe" -silent
O4 - HKCU\..\Run: [Windows update loader] C:\Windows\xpupdate.exe
O4 - HKCU\..\Run: [PhonostarAgent] C:\Program Files\phonostar\ps_agent.exe
O4 - HKCU\..\Run: [PhonostarTimer] C:\Program Files\phonostar\ps_timer.exe
O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [uniblue RegistryBooster 2] C:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe /S
O4 - HKCU\..\Run: [LNM Client] "C:\Program Files\LNM Client\Client.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\RunOnce: [iCQ Lite] C:\Program Files\ICQLite\ICQLite.exe -trayboot
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Lokale service')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Netwerkservice')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - S-1-5-18 Startup: OpenOffice.org 1.0.1.lnk = C:\Program Files\OpenOffice.org1.0.1\program\quickstart.exe (User 'SYSTEM')
O4 - .DEFAULT Startup: OpenOffice.org 1.0.1.lnk = C:\Program Files\OpenOffice.org1.0.1\program\quickstart.exe (User 'Default user')
O4 - .DEFAULT User Startup: OpenOffice.org 1.0.1.lnk = C:\Program Files\OpenOffice.org1.0.1\program\quickstart.exe (User 'Default user')
O4 - Startup: Download Plus.lnk = C:\Documents and Settings\Denis\Application Data\DownloadPlus.exe
O4 - Startup: Rainlendar.lnk = C:\Program Files\Rainlendar\Rainlendar.exe
O4 - Startup: Yahoo! Widgets.lnk = C:\Program Files\Pixoria\Konfabulator\YahooWidgets.exe
O4 - Global Startup: Genius Multimedia Keyboard Driver.lnk = C:\Program Files\MediaKey v2.00\Versato.exe
O4 - Global Startup: GStartup.lnk = C:\Program Files\Common Files\GMT\GMT.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: THDetect.exe
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Easy-WebPrint Afdrukken - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_Print.html
O8 - Extra context menu item: Easy-WebPrint Afdrukvoorbeeld - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_Preview.html
O8 - Extra context menu item: Easy-WebPrint Toevoegen aan afdruklijst - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint Versneld afdrukken - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_HSPrint.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\npjpi150_06.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\npjpi150_06.dll
O9 - Extra button: LNM Client - {5D602A21-B929-11d7-A5D3-005022E14DE3} - www.lnm.eu (file missing)
O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O15 - Trusted Zone: *.frame.crazywinnings.com
O15 - Trusted Zone: *.slotchbar.com
O15 - Trusted Zone: *.frame.crazywinnings.com (HKLM)
O15 - Trusted Zone: *.slotchbar.com (HKLM)
O15 - Trusted IP range: 67.19.185.246
O15 - ProtocolDefaults: 'http' protocol is in My Computer Zone, should be Internet Zone
O15 - ProtocolDefaults: 'https' protocol is in Trusted Zone, should be Internet Zone
O15 - ProtocolDefaults: 'http' protocol is in My Computer Zone, should be Internet Zone (HKLM)
O15 - ProtocolDefaults: 'https' protocol is in Trusted Zone, should be Internet Zone (HKLM)
O16 - DPF: RaptisoftGameLoader - Games at Miniclip.com - Play Free Games
O16 - DPF: {193C772A-87BE-4B19-A7BB-445B226FE9A1} (ewidoOnlineScan Control) - http://downloads.ewido.net/ewidoOnlineScan.cab
O16 - DPF: {77E32299-629F-43C6-AB77-6A1E6D7663F6} - http://www.nick.com/common/groove/gx/GrooveAX27.cab
O16 - DPF: {7DFDB8FD-B498-4958-B930-38021B94351D} (imlUCID Class) - http://imlive.com/chatsource/ImlCID.cab
O16 - DPF: {C111A91F-D4EC-4D22-8D27-C3BCB0389F43} (AudioHandlerEmbedded) - http://cam-cityhall1.delft.nl/activex/AMC.cab
O16 - DPF: {F54C1137-5E34-4B95-95A5-BA56D4D8D743} (Secure Delivery) - http://www.gamespot.com/KDX22/download/kdx.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{527531EF-2E09-4FC2-AF58-61B1CF324EC0}: NameServer = 85.255.116.155,85.255.112.26
O17 - HKLM\System\CCS\Services\Tcpip\..\{881DE64E-1B4C-4E16-B9FB-EE17F05DE7F1}: NameServer = 85.255.116.155,85.255.112.26
O17 - HKLM\System\CCS\Services\Tcpip\..\{B862C927-DC0D-4DE7-BB88-D65F4E950CAA}: NameServer = 85.255.116.155,85.255.112.26
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 85.255.116.155 85.255.112.26
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 85.255.116.155 85.255.112.26
O18 - Filter: tœ†5òÏTÆR - {E6A92098-CE89-4101-920E-8A043B066D43} - (no file)
O23 - Service: Adobe Active File Monitor V5 (AdobeActiveFileMonitor5.0) - Unknown owner - H:\photoshop\PhotoshopElementsFileAgent.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: AVG6 Service (AvgServ) - Unknown owner - C:\PROGRA~1\Grisoft\AVG6\avgserv.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Prevx Agent (PrevxAgent) - Unknown owner - C:\Program Files\PREVX\Prevx Home\PXAgent.exe (file missing)
O23 - Service: SF FrontLine Drivers Auto Removal (v1) (sfrem01) - Protection Technology (StarForce) - C:\WINDOWS\system32\sfrem01.exe
O23 - Service: SecuROM User Access Service (V7) (UserAccess7) - Unknown owner - C:\WINDOWS\System32\UAService7.exe
O24 - Desktop Component 0: Security - C:\WINDOWS\desktop.html
--
End of file - 13187 bytes
alvast bedankt
-
windows update lukt niet
ik heb windows xp servicepack 1 met ie 6 . ik wil overschakelen op ie 7 maar dat gaat niet omdat je dan windows servicepack 2 moet hebben .
en daar begint het probleem .als ik naar start alle programmas windows update ga opent niet de website van windowsupdate maar wel msn. com.
ik heb al vanalles geprobeerd . kan iemand me helpen?
-
ik heb heb een nieuwe laptop met vista erop waar ik voorlopig alleen op surf en nog geen programma op gedownlaod heb. maar elke dag verdwijnt er 1 tot 3 gig van de harde schijf? ik heb er naar gekeken met het programma hdgraph (dat ontleed de harde schijf en zegt hoeveel schijfruimte elk programma heeft gebruikt)
het programma geeft aan dat er 28 gig unknown services zijn. weet iemand waar dit aan zou kunnen liggen? of zou dit te verklaren zijn doordat systeemherstel elke dag een herstelpunt aanmaakt?
heeft iemand een antwoord hierop voor mij?
-
elke keer als ik msn messenger of mediaplayer naar een nieuwere versie update
krijg ik de melding c/windows/system32/sensapi.dll is geen geldige windows kopie en dan krijg ik het programma niet meer open
blijkbaar heeft het iets met windows te maken want ik heb gemerkt dat het probleem zich voortdoet bij elk programma waar windows bij betrokken is (ie explorer microsoft antyspyware) ik heb een legale windows xp op de pc staan (is getest bij www.microsoft.com/genuine ) dus daar zit het probleem niet
zou het kunnen dat er iets mis is met het dll bestand?
dank bij voorbaat
-
W4915787H4900A1106-HWHXFLFALogfile of HijackThis v1.98.2
Scan saved at 17:53:10, on 15/11/2007
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
H:\photoshop\PhotoshopElementsFileAgent.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\wdfmgr.exe
C:\WINDOWS\System32\UAService7.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\RunDll32.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Winamp\winampa.exe
C:\WINDOWS\kdx\KHost.exe
C:\Program Files\HP\HP Software Update\HPWuSchd.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\System32\wuauclt.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\ICQLite\ICQLite.exe
C:\Program Files\Picasa2\PicasaMediaDetector.exe
H:\photoshop\apdproxy.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\Messenger\MSMSGS.EXE
C:\WINDOWS\System32\RUNDLL32.EXE
C:\Program Files\Copernic Desktop Search\CopernicDesktopSearch.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\phonostar\ps_agent.exe
C:\Program Files\phonostar\ps_timer.exe
C:\Program Files\MediaKey v2.00\Versato.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Documents and Settings\All Users\Menu Start\Programma's\Opstarten\THDetect.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\Program Files\Pixoria\Konfabulator\Konfabulator.exe
C:\Program Files\Rainlendar\Rainlendar.exe
C:\Program Files\Zero PopUp Killer XP\zpk_xp.exe
C:\Program Files\OpenOffice.org1.0.1\program\soffice.exe
C:\Program Files\Pixoria\Konfabulator\Konfabulator.exe
C:\Program Files\Pixoria\Konfabulator\Konfabulator.exe
C:\Program Files\Pixoria\Konfabulator\Konfabulator.exe
C:\Program Files\MediaKey v2.00\MePlayer.exe
C:\Program Files\MediaKey v2.00\OSD.EXE
C:\Program Files\Java\jre1.5.0_06\bin\jucheck.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\exe\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.be
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://searchbar.findthewebsiteyouneed.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
R3 - URLSearchHook: (no name) - {4718115F-DCB1-894D-C809-D998BE16F7BF} - C:\WINDOWS\System32\xamjrqd.dll (file missing)
R3 - URLSearchHook: (no name) - _{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {089FD14D-132B-48FC-8861-0048AE113215} - C:\Program Files\SiteAdvisor\4144\SiteAdv.dll
O2 - BHO: My Global Search Bar BHO - {37B85A21-692B-4205-9CAD-2626E4993404} - C:\Program Files\MyGlobalSearch\bar\1.bin\MGSBAR.DLL
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: McAfee SiteAdvisor - {0BF43445-2F28-4351-9252-17FE6E806AA0} - C:\Program Files\SiteAdvisor\4144\SiteAdv.dll
O3 - Toolbar: My Global Search Bar - {37B85A29-692B-4205-9CAD-2626E4993404} - C:\Program Files\MyGlobalSearch\bar\1.bin\MGSBAR.DLL
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [PMXInit] C:\WINDOWS\System32\pmxinit.exe
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\System32\NeroCheck.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iehelper] C:\Program Files\syslaunch.exe
O4 - HKLM\..\Run: [systray] C:\WINDOWS\System32\a.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [] C:\WINDOWS\System32\
O4 - HKLM\..\Run: [iyus] C:\WINDOWS\System32\iyus\ajobjoap.exe
O4 - HKLM\..\Run: [AVG_CC] C:\PROGRA~1\Grisoft\AVG6\avgcc32.exe /STARTUP
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [kdx] C:\WINDOWS\kdx\KHost.exe
O4 - HKLM\..\Run: [savePokeOwnsMeal] C:\Documents and Settings\All Users\Application Data\Software Readme Save Poke\Lies Test.exe
O4 - HKLM\..\Run: [syschk] syschk.exe /fastcheck
O4 - HKLM\..\Run: [zSPGuard] c:\program files\pjw\spguard\spguard.exe /s
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd.exe"
O4 - HKLM\..\Run: [nethm.exe] C:\WINDOWS\system32\nethm.exe
O4 - HKLM\..\Run: [winbw.exe] C:\WINDOWS\system32\winbw.exe
O4 - HKLM\..\Run: [PrevxHome] C:\Program Files\PREVX\Prevx Home\SAGUI.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [ipjx32.exe] C:\WINDOWS\system32\ipjx32.exe
O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [hgqhp.exe] C:\WINDOWS\System32\hgqhp.exe
O4 - HKLM\..\Run: [iCQ Lite] "C:\Program Files\ICQLite\ICQLite.exe" -minimize
O4 - HKLM\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe
O4 - HKLM\..\Run: [sp] rundll32 C:\DOCUME~1\Denis\LOCALS~1\Temp\se.dll,DllInstall
O4 - HKLM\..\Run: [CMESys] "C:\Program Files\Common Files\CMEII\CMESys.exe"
O4 - HKLM\..\Run: [Adobe Photo Downloader] "H:\photoshop\apdproxy.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\MSMSGS.EXE" /background
O4 - HKCU\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NVMCTRAY.DLL,NvTaskbarInit
O4 - HKCU\..\Run: [WeatherAloud] C:\Program Files\WeatherAloud\WeatherAloud.exe -auto
O4 - HKCU\..\Run: [syschk] syschk.exe /fastcheck
O4 - HKCU\..\Run: [mpegbarb] C:\DOCUME~1\Denis\APPLIC~1\LOCKSB~1\pingoozeproxy.exe
O4 - HKCU\..\Run: [Mrtc] C:\WINDOWS\System32\j?vaw.exe
O4 - HKCU\..\Run: [Copernic Desktop Search] "C:\Program Files\Copernic Desktop Search\CopernicDesktopSearch.exe" /tray
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Tnlu] "C:\PROGRA~1\COMMON~1\WNSXS~1\msconfig.exe" -vt ndrv
O4 - HKCU\..\Run: [unSpyPC] "C:\Program Files\UnSpyPC\UnSpyPC.exe"
O4 - HKCU\..\Run: [EA Core] "C:\Program Files\Electronic Arts\EA Link\Core.exe" -silent
O4 - HKCU\..\Run: [Windows update loader] C:\Windows\xpupdate.exe
O4 - HKCU\..\Run: [PhonostarAgent] C:\Program Files\phonostar\ps_agent.exe
O4 - HKCU\..\Run: [PhonostarTimer] C:\Program Files\phonostar\ps_timer.exe
O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - Startup: Download Plus.lnk = C:\Documents and Settings\Denis\Application Data\DownloadPlus.exe
O4 - Startup: Konfabulator.lnk = C:\Program Files\Pixoria\Konfabulator\Konfabulator.exe
O4 - Startup: OpenOffice.org 1.0.1.lnk = C:\Program Files\OpenOffice.org1.0.1\program\quickstart.exe
O4 - Startup: Rainlendar.lnk = C:\Program Files\Rainlendar\Rainlendar.exe
O4 - Startup: Zero PoPup Killer XP.lnk = C:\Program Files\Zero PopUp Killer XP\zpk_xp.exe
O4 - Global Startup: Genius Multimedia Keyboard Driver.lnk = C:\Program Files\MediaKey v2.00\Versato.exe
O4 - Global Startup: GStartup.lnk = C:\Program Files\Common Files\GMT\GMT.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: THDetect.exe
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\npjpi150_06.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\npjpi150_06.dll
O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra button: Scan and protect your PC - {BF69DF00-4734-477F-8257-27CD04F88779} - C:\Program Files\UnSpyPC\UnSpyPC.exe (file missing) (HKCU)
O9 - Extra 'Tools' menuitem: Scan and protect your PC - {BF69DF00-4734-477F-8257-27CD04F88779} - C:\Program Files\UnSpyPC\UnSpyPC.exe (file missing) (HKCU)
O15 - Trusted Zone: *.05p.com
O15 - Trusted Zone: *.awmdabest.com
O15 - Trusted Zone: *.frame.crazywinnings.com
O15 - Trusted Zone: *.scoobidoo.com
O15 - Trusted Zone: *.slotchbar.com
O15 - Trusted Zone: *.static.topconverting.com
O15 - Trusted Zone: *.ysbweb.com
O16 - DPF: RaptisoftGameLoader - http://www.miniclip.com/hamsterball/raptisoftgameloader.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {193C772A-87BE-4B19-A7BB-445B226FE9A1} (ewidoOnlineScan Control) - http://downloads.ewido.net/ewidoOnlineScan.cab
O16 - DPF: {21F49842-BFA9-11D2-A89C-00104B62BDDA} (ChartFX Internet Control) - http://www.euroland.com/download/CfxIEAx.cab
O16 - DPF: {77E32299-629F-43C6-AB77-6A1E6D7663F6} - http://www.nick.com/common/groove/gx/GrooveAX27.cab
O16 - DPF: {C111A91F-D4EC-4D22-8D27-C3BCB0389F43} (AudioHandlerEmbedded) - http://cam-cityhall1.delft.nl/activex/AMC.cab
O16 - DPF: {F54C1137-5E34-4B95-95A5-BA56D4D8D743} (Secure Delivery) - http://www.gamespot.com/KDX22/download/kdx.cab
O16 - DPF: {FA6E0C2F-B2C0-11D7-A5D3-005022E14DE2} (Installer Class) - http://www.datik.be:8080/agent_be//AgentInstaller.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{527531EF-2E09-4FC2-AF58-61B1CF324EC0}: NameServer = 85.255.116.155,85.255.112.26
O17 - HKLM\System\CCS\Services\Tcpip\..\{881DE64E-1B4C-4E16-B9FB-EE17F05DE7F1}: NameServer = 85.255.116.155,85.255.112.26
O17 - HKLM\System\CCS\Services\Tcpip\..\{B862C927-DC0D-4DE7-BB88-D65F4E950CAA}: NameServer = 85.255.116.155,85.255.112.26
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 85.255.116.155 85.255.112.26
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 85.255.116.155 85.255.112.26
O18 - Protocol: copernicdesktopsearch - {D9656C75-5090-45C3-B27E-436FBC7ACFA7} - C:\PROGRA~1\COPERN~1\COPERN~2.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O18 - Protocol: siteadvisor - {3A5DC592-7723-4EAA-9EE6-AF4222BCF879} - C:\Program Files\SiteAdvisor\4144\SiteAdv.dll
O18 - Filter: tœ†5òÏTÆR - {E6A92098-CE89-4101-920E-8A043B066D43} - (no file)
-
maar ik heb alleen xp en bij alle andere software heb ik geen probleem.
wat is hyjack this voor een programma?
-
ik speel sinds kort fifa manager 08 .
bij het afsluiten van het spel krijg ik altijd een blauw scherm met de mededeling windows wordt afgesloten wegens een ernstige fout.
de mededeling is dat hij een geheugendump maakt
bij foutmelding staat er dan win32k.sys
kan iemand me hierbij helpen??
windows update
in Archief Windows Algemeen
Geplaatst:
oke hier zijn ze
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:17:45, on 11/12/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16762)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
H:\photoshop\PhotoshopElementsFileAgent.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\UAService7.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\RunDll32.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\kdx\KHost.exe
C:\Program Files\HP\HP Software Update\HPWuSchd.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\Picasa2\PicasaMediaDetector.exe
C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe
C:\Program Files\Winamp\winampa.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\phonostar\ps_agent.exe
C:\Program Files\phonostar\ps_timer.exe
C:\Program Files\LNM Client\Client.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\MediaKey v2.00\Versato.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Documents and Settings\All Users\Menu Start\Programma's\Opstarten\THDetect.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\Program Files\MediaKey v2.00\MePlayer.exe
C:\Program Files\Rainlendar\Rainlendar.exe
C:\Program Files\MediaKey v2.00\OSD.EXE
C:\Program Files\Java\jre1.5.0_06\bin\jucheck.exe
C:\Program Files\Messenger\msmsgs.exe
C:\unzipped\HiJackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = De Morgen Home
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Live Search
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Live Search
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
O3 - Toolbar: McAfee SiteAdvisor - {0BF43445-2F28-4351-9252-17FE6E806AA0} - C:\Program Files\SiteAdvisor\4144\SiteAdv.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [PMXInit] C:\WINDOWS\system32\pmxinit.exe
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\System32\NeroCheck.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [AVG_CC] C:\PROGRA~1\Grisoft\AVG6\avgcc32.exe /STARTUP
O4 - HKLM\..\Run: [kdx] C:\WINDOWS\kdx\KHost.exe
O4 - HKLM\..\Run: [zSPGuard] c:\program files\pjw\spguard\spguard.exe /s
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd.exe"
O4 - HKLM\..\Run: [PrevxHome] C:\Program Files\PREVX\Prevx Home\SAGUI.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [iCQ Lite] "C:\Program Files\ICQLite\ICQLite.exe" -minimize
O4 - HKLM\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe
O4 - HKLM\..\Run: [sSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [OpwareSE4] "C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe"
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NVMCTRAY.DLL,NvTaskbarInit
O4 - HKCU\..\Run: [WeatherAloud] C:\Program Files\WeatherAloud\WeatherAloud.exe -auto
O4 - HKCU\..\Run: [EA Core] "C:\Program Files\Electronic Arts\EA Link\Core.exe" -silent
O4 - HKCU\..\Run: [PhonostarAgent] C:\Program Files\phonostar\ps_agent.exe
O4 - HKCU\..\Run: [PhonostarTimer] C:\Program Files\phonostar\ps_timer.exe
O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [uniblue RegistryBooster 2] C:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe /S
O4 - HKCU\..\Run: [LNM Client] "C:\Program Files\LNM Client\Client.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Lokale service')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Netwerkservice')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - S-1-5-18 Startup: OpenOffice.org 1.0.1.lnk = C:\Program Files\OpenOffice.org1.0.1\program\quickstart.exe (User 'SYSTEM')
O4 - .DEFAULT Startup: OpenOffice.org 1.0.1.lnk = C:\Program Files\OpenOffice.org1.0.1\program\quickstart.exe (User 'Default user')
O4 - .DEFAULT User Startup: OpenOffice.org 1.0.1.lnk = C:\Program Files\OpenOffice.org1.0.1\program\quickstart.exe (User 'Default user')
O4 - Startup: Rainlendar.lnk = C:\Program Files\Rainlendar\Rainlendar.exe
O4 - Global Startup: Genius Multimedia Keyboard Driver.lnk = C:\Program Files\MediaKey v2.00\Versato.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: THDetect.exe
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Easy-WebPrint Afdrukken - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_Print.html
O8 - Extra context menu item: Easy-WebPrint Afdrukvoorbeeld - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_Preview.html
O8 - Extra context menu item: Easy-WebPrint Toevoegen aan afdruklijst - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint Versneld afdrukken - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_HSPrint.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\npjpi150_06.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\npjpi150_06.dll
O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: RaptisoftGameLoader - Games at Miniclip.com - Play Free Games
O16 - DPF: {193C772A-87BE-4B19-A7BB-445B226FE9A1} (ewidoOnlineScan Control) - http://downloads.ewido.net/ewidoOnlineScan.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1228915296271
O16 - DPF: {77E32299-629F-43C6-AB77-6A1E6D7663F6} - http://www.nick.com/common/groove/gx/GrooveAX27.cab
O16 - DPF: {7DFDB8FD-B498-4958-B930-38021B94351D} (imlUCID Class) - http://imlive.com/chatsource/ImlCID.cab
O16 - DPF: {C111A91F-D4EC-4D22-8D27-C3BCB0389F43} (AudioHandlerEmbedded) - http://cam-cityhall1.delft.nl/activex/AMC.cab
O16 - DPF: {F54C1137-5E34-4B95-95A5-BA56D4D8D743} (Secure Delivery) - http://www.gamespot.com/KDX22/download/kdx.cab
O23 - Service: Adobe Active File Monitor V5 (AdobeActiveFileMonitor5.0) - Unknown owner - H:\photoshop\PhotoshopElementsFileAgent.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: AVG6 Service (AvgServ) - Unknown owner - C:\PROGRA~1\Grisoft\AVG6\avgserv.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Prevx Agent (PrevxAgent) - Unknown owner - C:\Program Files\PREVX\Prevx Home\PXAgent.exe (file missing)
O23 - Service: SF FrontLine Drivers Auto Removal (v1) (sfrem01) - Protection Technology (StarForce) - C:\WINDOWS\system32\sfrem01.exe
O23 - Service: SecuROM User Access Service (V7) (UserAccess7) - Unknown owner - C:\WINDOWS\System32\UAService7.exe
--
End of file - 10651 bytes
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:17:45, on 11/12/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16762)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
H:\photoshop\PhotoshopElementsFileAgent.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\UAService7.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\RunDll32.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\kdx\KHost.exe
C:\Program Files\HP\HP Software Update\HPWuSchd.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\Picasa2\PicasaMediaDetector.exe
C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe
C:\Program Files\Winamp\winampa.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\phonostar\ps_agent.exe
C:\Program Files\phonostar\ps_timer.exe
C:\Program Files\LNM Client\Client.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\MediaKey v2.00\Versato.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Documents and Settings\All Users\Menu Start\Programma's\Opstarten\THDetect.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\Program Files\MediaKey v2.00\MePlayer.exe
C:\Program Files\Rainlendar\Rainlendar.exe
C:\Program Files\MediaKey v2.00\OSD.EXE
C:\Program Files\Java\jre1.5.0_06\bin\jucheck.exe
C:\Program Files\Messenger\msmsgs.exe
C:\unzipped\HiJackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = De Morgen Home
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Live Search
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Live Search
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
O3 - Toolbar: McAfee SiteAdvisor - {0BF43445-2F28-4351-9252-17FE6E806AA0} - C:\Program Files\SiteAdvisor\4144\SiteAdv.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [PMXInit] C:\WINDOWS\system32\pmxinit.exe
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\System32\NeroCheck.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [AVG_CC] C:\PROGRA~1\Grisoft\AVG6\avgcc32.exe /STARTUP
O4 - HKLM\..\Run: [kdx] C:\WINDOWS\kdx\KHost.exe
O4 - HKLM\..\Run: [zSPGuard] c:\program files\pjw\spguard\spguard.exe /s
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd.exe"
O4 - HKLM\..\Run: [PrevxHome] C:\Program Files\PREVX\Prevx Home\SAGUI.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [iCQ Lite] "C:\Program Files\ICQLite\ICQLite.exe" -minimize
O4 - HKLM\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe
O4 - HKLM\..\Run: [sSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [OpwareSE4] "C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe"
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NVMCTRAY.DLL,NvTaskbarInit
O4 - HKCU\..\Run: [WeatherAloud] C:\Program Files\WeatherAloud\WeatherAloud.exe -auto
O4 - HKCU\..\Run: [EA Core] "C:\Program Files\Electronic Arts\EA Link\Core.exe" -silent
O4 - HKCU\..\Run: [PhonostarAgent] C:\Program Files\phonostar\ps_agent.exe
O4 - HKCU\..\Run: [PhonostarTimer] C:\Program Files\phonostar\ps_timer.exe
O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [uniblue RegistryBooster 2] C:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe /S
O4 - HKCU\..\Run: [LNM Client] "C:\Program Files\LNM Client\Client.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Lokale service')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Netwerkservice')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - S-1-5-18 Startup: OpenOffice.org 1.0.1.lnk = C:\Program Files\OpenOffice.org1.0.1\program\quickstart.exe (User 'SYSTEM')
O4 - .DEFAULT Startup: OpenOffice.org 1.0.1.lnk = C:\Program Files\OpenOffice.org1.0.1\program\quickstart.exe (User 'Default user')
O4 - .DEFAULT User Startup: OpenOffice.org 1.0.1.lnk = C:\Program Files\OpenOffice.org1.0.1\program\quickstart.exe (User 'Default user')
O4 - Startup: Rainlendar.lnk = C:\Program Files\Rainlendar\Rainlendar.exe
O4 - Global Startup: Genius Multimedia Keyboard Driver.lnk = C:\Program Files\MediaKey v2.00\Versato.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: THDetect.exe
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Easy-WebPrint Afdrukken - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_Print.html
O8 - Extra context menu item: Easy-WebPrint Afdrukvoorbeeld - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_Preview.html
O8 - Extra context menu item: Easy-WebPrint Toevoegen aan afdruklijst - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint Versneld afdrukken - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_HSPrint.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\npjpi150_06.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\npjpi150_06.dll
O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: RaptisoftGameLoader - Games at Miniclip.com - Play Free Games
O16 - DPF: {193C772A-87BE-4B19-A7BB-445B226FE9A1} (ewidoOnlineScan Control) - http://downloads.ewido.net/ewidoOnlineScan.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1228915296271
O16 - DPF: {77E32299-629F-43C6-AB77-6A1E6D7663F6} - http://www.nick.com/common/groove/gx/GrooveAX27.cab
O16 - DPF: {7DFDB8FD-B498-4958-B930-38021B94351D} (imlUCID Class) - http://imlive.com/chatsource/ImlCID.cab
O16 - DPF: {C111A91F-D4EC-4D22-8D27-C3BCB0389F43} (AudioHandlerEmbedded) - http://cam-cityhall1.delft.nl/activex/AMC.cab
O16 - DPF: {F54C1137-5E34-4B95-95A5-BA56D4D8D743} (Secure Delivery) - http://www.gamespot.com/KDX22/download/kdx.cab
O23 - Service: Adobe Active File Monitor V5 (AdobeActiveFileMonitor5.0) - Unknown owner - H:\photoshop\PhotoshopElementsFileAgent.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: AVG6 Service (AvgServ) - Unknown owner - C:\PROGRA~1\Grisoft\AVG6\avgserv.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Prevx Agent (PrevxAgent) - Unknown owner - C:\Program Files\PREVX\Prevx Home\PXAgent.exe (file missing)
O23 - Service: SF FrontLine Drivers Auto Removal (v1) (sfrem01) - Protection Technology (StarForce) - C:\WINDOWS\system32\sfrem01.exe
O23 - Service: SecuROM User Access Service (V7) (UserAccess7) - Unknown owner - C:\WINDOWS\System32\UAService7.exe
--
End of file - 10651 bytes
Malwarebytes' Anti-Malware 1.31
Database versie: 1456
Windows 5.1.2600 Service Pack 1
10/12/2008 14:14:47
mbam-log-2008-12-10 (14-14-47).txt
Scan type: Snelle Scan
Objecten gescand: 123199
Verstreken tijd: 28 minute(s), 1 second(s)
Geheugenprocessen geïnfecteerd: 0
Geheugenmodulen geïnfecteerd: 0
Registersleutels geïnfecteerd: 8
Registerwaarden geïnfecteerd: 0
Registerdata bestanden geïnfecteerd: 11
Mappen geïnfecteerd: 2
Bestanden geïnfecteerd: 19
Geheugenprocessen geïnfecteerd:
(Geen kwaadaardige items gevonden)
Geheugenmodulen geïnfecteerd:
(Geen kwaadaardige items gevonden)
Registersleutels geïnfecteerd:
HKEY_CLASSES_ROOT\Interface\{450b9e4d-4014-4de3-b34e-014a81468293} (Trojan.Downloader) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{aa4939c3-deca-4a48-a454-97cd587c0ef5} (Adware.NetOptimizer) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{eee4a2e5-9f56-432f-a6ed-f6f625b551e0} (Adware.NetOptimizer) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{3f143c3a-1457-6cca-03a7-7aa23b61e40f} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{c7f00a9a-f1bc-436e-82c7-e8cae6fd67f7} (Trojan.Downloader) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\CLSID\{3f143c3a-1457-6cca-03a7-7aa23b61e40f} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{37b85a2b-692b-4205-9cad-2626e4993404} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Error Safe Free (Rogue.Errorsafe) -> Quarantined and deleted successfully.
Registerwaarden geïnfecteerd:
(Geen kwaadaardige items gevonden)
Registerdata bestanden geïnfecteerd:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\ForceActiveDesktopOn (Hijack.Desktop) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{527531ef-2e09-4fc2-af58-61b1cf324ec0}\DhcpNameServer (Trojan.DNSChanger) -> Data: 85.255.116.155,85.255.112.26 -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{b862c927-dc0d-4de7-bb88-d65f4e950caa}\DhcpNameServer (Trojan.DNSChanger) -> Data: 85.255.116.155,85.255.112.26 -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip\Parameters\Interfaces\{527531ef-2e09-4fc2-af58-61b1cf324ec0}\DhcpNameServer (Trojan.DNSChanger) -> Data: 85.255.116.155,85.255.112.26 -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip\Parameters\Interfaces\{b862c927-dc0d-4de7-bb88-d65f4e950caa}\DhcpNameServer (Trojan.DNSChanger) -> Data: 85.255.116.155,85.255.112.26 -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\Tcpip\Parameters\NameServer (Trojan.DNSChanger) -> Data: 85.255.116.155 85.255.112.26 -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\Tcpip\Parameters\Interfaces\{527531ef-2e09-4fc2-af58-61b1cf324ec0}\DhcpNameServer (Trojan.DNSChanger) -> Data: 85.255.116.155,85.255.112.26 -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\Tcpip\Parameters\Interfaces\{527531ef-2e09-4fc2-af58-61b1cf324ec0}\NameServer (Trojan.DNSChanger) -> Data: 85.255.116.155,85.255.112.26 -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\Tcpip\Parameters\Interfaces\{881de64e-1b4c-4e16-b9fb-ee17f05de7f1}\NameServer (Trojan.DNSChanger) -> Data: 85.255.116.155,85.255.112.26 -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\Tcpip\Parameters\Interfaces\{b862c927-dc0d-4de7-bb88-d65f4e950caa}\DhcpNameServer (Trojan.DNSChanger) -> Data: 85.255.116.155,85.255.112.26 -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\Tcpip\Parameters\Interfaces\{b862c927-dc0d-4de7-bb88-d65f4e950caa}\NameServer (Trojan.DNSChanger) -> Data: 85.255.116.155,85.255.112.26 -> Quarantined and deleted successfully.
Mappen geïnfecteerd:
C:\WINDOWS\System32\?ssembly (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Program Files\AXPDefender (Rogue.AdvancedXPDefender) -> Quarantined and deleted successfully.
Bestanden geïnfecteerd:
C:\WINDOWS\system32\qommk.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\kmmoq.ini2 (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\Installer\MSI2FA.tmp (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\WINDOWS\Installer\MSI2FB.tmp (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\AXPDefender\AXPDefender.exe.local (Rogue.AdvancedXPDefender) -> Quarantined and deleted successfully.
C:\Program Files\AXPDefender\database.dat (Rogue.AdvancedXPDefender) -> Quarantined and deleted successfully.
C:\Program Files\AXPDefender\license.txt (Rogue.AdvancedXPDefender) -> Quarantined and deleted successfully.
C:\WINDOWS\herjek.config (Malware.Trace) -> Quarantined and deleted successfully.
C:\WinAVI_Video_Converter.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\d3d.dll (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\WLCtrl32.dl_ (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\lich.dat (Stolen.Data) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\LJJEIRAQ.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ctfmonb.bmp (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\setup.exe (Rogue.Installer) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\winsub.xml (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\svcp.csv (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\kernel32.exe (Malware.Trace) -> Quarantined and deleted successfully.
C:\Documents and Settings\Denis\~tmp0374.exe (Trojan.Agent) -> Quarantined and deleted successfully.
alvast bedankt