Vraag & Antwoord

Beveiliging & privacy

Hijackthis log

9 antwoorden
  • Wij hebben nu al een tijdje een error op onze computer, genaamd run-time error 75. De printer werkt hier door waarschijnlijk ook niet. Hoe komen wij hier vanaf? Dit is de hijackthis log. Dank bij voorbaat Dit is de hijackthis log: Logfile of HijackThis v1.99.1 Scan saved at 12:28:10, on 17-4-2005 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\csrss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\LEXBCES.EXE C:\WINDOWS\system32\LEXPPS.EXE C:\WINDOWS\system32\spoolsv.exe c:\windows\system32\explorer.exe c:\windows\explorer.exe c:\windows\system32\IEXPLORE.EXE C:\Program Files\Java\j2re1.4.2_06\bin\jusched.exe C:\windows\system\hpsysdrv.exe C:\WINDOWS\System32\hphmon05.exe C:\Program Files\Java\j2re1.4.2_06\bin\jucheck.exe C:\HP\KBD\KBD.EXE C:\Program Files\InterVideo\Common\bin\WinCinemaMgr.exe C:\Program Files\Common Files\InterVideo\SchSvr\SchSvr.exe C:\Program Files\Multimedia Card Reader\shwicon2k.exe C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\ALCXMNTR.EXE C:\Program Files\Messenger Plus! 3\MsgPlus.exe C:\Program Files\QuickTime\qttask.exe C:\WINDOWS\ewupdater.exe C:\windows\redirect9a.exe C:\WINDOWS\System32\P2P Networking\P2P Networking2.exe C:\Program Files\Logitech\Video\LogiTray.exe C:\WINDOWS\system32\RUNDLL32.exe C:\Program Files\Common Files\CMEII\CMESys.exe C:\Program Files\Kazaa\kazaa.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\AIM\aim.exe C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Common Files\GMT\GMT.exe C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\WINDOWS\system32\LVComS.exe C:\Program Files\Ulead Systems\Ulead Photo Express 2 SE\CalCheck.exe C:\Program Files\WinZip\WZQKPICK.EXE C:\WINDOWS\system32\ntvdm.exe c:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe c:\Program Files\Norton AntiVirus\navapsvc.exe C:\WINDOWS\System32\nvsvc32.exe C:\WINDOWS\system32\svchost.exe c:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe C:\OPLIMIT\ocrawr32.exe c:\Program Files\Norton AntiVirus\SAVScan.exe C:\WINDOWS\System32\alg.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\MSN Messenger\msnmsgr.exe C:\WINDOWS\System32\HPZipm12.exe c:\windows\rundll32.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\DOCUMENTS AND SETTINGS\EIGENAAR\BUREAUBLAD\HijackThis-2.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.pcxiwhkirwtl.uk/neAoZfUNBZHc/N_7oZrRYBRHO5iIfhwUNMUHeQmW2pdYRtIoc/dSOrdkz3b1nrFu.jsp R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = about:blank R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.nl R1 - HKCU\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://www.easywebsearch.nl R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://www.easywebsearch.nl R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://red.clientapps.yahoo.com/customize/ie/defaults/su/ymsgr6/*http://www.yahoo.com R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen R3 - Default URLSearchHook is missing F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit32.exe, O2 - BHO: DownloadRedirect Class - {00000000-6CB0-410C-8C3D-8FA8D2011D0A} - C:\Program Files\iMesh\iMesh5\iMeshBHO.dll O2 - BHO: (no name) - {002D2A1E-A905-E6B7-3C69-84E6C68A8291} - C:\PROGRA~1\SURFJO~1\Web Intra.exe (file missing) O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx O2 - BHO: iMeshBar BHO - {5345A7A1-805A-4923-B505-86B2FEBA3FE0} - C:\Program Files\iMeshBar\bar\1.bin\IMESHBAR.DLL O2 - BHO: (no name) - {5BEEDFB8-34DB-E2EF-6A50-9F00025F1A5D} - C:\DOCUME~1\Eigenaar\APPLIC~1\SURFJO~1\Web Intra.exe O2 - BHO: Viewpoint Toolbar BHO - {A7327C09-B521-4EDB-8509-7D2660C9EC98} - C:\Program Files\Viewpoint\Viewpoint Toolbar\ViewBarBHO.dll O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - c:\Program Files\Norton AntiVirus\NavShExt.dll O3 - Toolbar: HP View - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\HP\Digital Imaging\bin\hpdtlk02.dll O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - c:\Program Files\Norton AntiVirus\NavShExt.dll O3 - Toolbar: Viewpoint Toolbar - {F8AD5AA5-D966-4667-9DAF-2561D68B2012} - C:\Program Files\Viewpoint\Viewpoint Toolbar\ViewBar.dll O3 - Toolbar: iMeshBar - {5345A7A9-805A-4923-B505-86B2FEBA3FE0} - C:\Program Files\iMeshBar\bar\1.bin\IMESHBAR.DLL O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_06\bin\jusched.exe O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe O4 - HKLM\..\Run: [HPHUPD05] c:\Program Files\HP\{45B6180B-DCAB-4093-8EE8-6164457517F0}\hphupd05.exe O4 - HKLM\..\Run: [HPHmon05] C:\WINDOWS\System32\hphmon05.exe O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE O4 - HKLM\..\Run: [WinCinemaMgr] "C:\Program Files\InterVideo\Common\bin\WinCinemaMgr.exe" O4 - HKLM\..\Run: [Home Theater SchSvr] "C:\Program Files\Common Files\InterVideo\SchSvr\SchSvr.exe" O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE O4 - HKLM\..\Run: [VTTimer] VTTimer.exe O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe O4 - HKLM\..\Run: [ccApp] "c:\Program Files\Common Files\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /keeploaded /nodetect O4 - HKLM\..\Run: [Sunkist2k] C:\Program Files\Multimedia Card Reader\shwicon2k.exe O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\Messenger Plus! 3\MsgPlus.exe" O4 - HKLM\..\Run: [PrinTray] C:\WINDOWS\System32\spool\DRIVERS\W32X86\2\printray.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [easywww] C:\windows\easywww2.exe O4 - HKLM\..\Run: [ewupdater] C:\WINDOWS\ewupdater.exe O4 - HKLM\..\Run: [redirect] C:\windows\redirect9a.exe O4 - HKLM\..\Run: [P2P Networking] C:\WINDOWS\System32\P2P Networking\P2P Networking.exe /AUTOSTART O4 - HKLM\..\Run: [KAZAA] C:\Program Files\Kazaa\kazaa.exe /SYSTRAY O4 - HKLM\..\Run: [P2P Networking2] C:\WINDOWS\System32\P2P Networking\P2P Networking2.exe /AUTOSTART O4 - HKLM\..\Run: [boob deaf download kind] C:\Documents and Settings\All Users\Application Data\Sizefiveboobdeaf\32Meal.exe O4 - HKLM\..\Run: [PE2CKFNT SE] C:\Program Files\Ulead Systems\Ulead Photo Express 2 SE\ChkFont.exe O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe O4 - HKLM\..\Run: [WildTangent CDA] RUNDLL32.exe "C:\Program Files\WildTangent\Apps\CDA\cdaEngine0400.dll",cdaEngineMain O4 - HKLM\..\Run: [CMESys] "C:\Program Files\Common Files\CMEII\CMESys.exe" O4 - HKLM\..\Run: [SpyHunter] C:\Program Files\Enigma Software Group\SpyHunter\SpyHunter.exe O4 - HKLM\..\Run: [MMSystem] c:\windows\rundll32.exe "c:\windows\system32\mmsystem.dll"", RunDll32 O4 - HKLM\..\Run: [Isoformetadent] C:\Documents and Settings\All Users\Application Data\itch barb iso for\Poke Idle.exe O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\Messenger Plus! 3\MsgPlus.exe" /WinStart O4 - HKCU\..\Run: [BackupNotify] c:\Program Files\HP\Digital Imaging\bin\backupnotify.exe O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [Yahoo! Pager] C:\Program Files\Yahoo!\Messenger\ypager.exe -quiet O4 - HKCU\..\Run: [win roam] C:\DOCUME~1\Eigenaar\APPLIC~1\UPHOLD~1\BITS PROC FILE.exe O4 - HKCU\..\Run: [AIM] C:\Program Files\AIM\aim.exe -cnetwait.odl O4 - HKCU\..\Run: [SpySweeper] "C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe" /0 O4 - HKCU\..\Run: [MMSystem] c:\windows\rundll32.exe "c:\windows\system32\mmsystem.dll"", RunDll32 O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized O4 - Startup: OCRAWARE.lnk = C:\OPLIMIT\OCRAWARE.EXE O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: GStartup.lnk = C:\Program Files\Common Files\GMT\GMT.exe O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O4 - Global Startup: Photo Express Calendar Checker SE.lnk = C:\Program Files\Ulead Systems\Ulead Photo Express 2 SE\CalCheck.exe O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE O8 - Extra context menu item: &Viewpoint Search - res://C:\Program Files\Viewpoint\Viewpoint Toolbar\ViewBar.dll/CXTSEARCH.HTML O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll (file missing) O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll (file missing) O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra button: WeatherBug - {AF6CABAB-61F9-4f12-A198-B7D41EF1CB52} - C:\Program Files\AWS\WeatherBug\Weather.exe (file missing) (HKCU) O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab O16 - DPF: {0B682CC1-FB40-4006-A5DD-99EDD3C9095D} (vbiewer control) - http://www.thepaymentcentre.com/build/vbiewer.cab O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab O16 - DPF: {1D6711C8-7154-40BB-8380-3DEA45B69CBF} (Web P2P Installer) - O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab30149.cab O16 - DPF: {3F2705D0-C9D8-4020-A15C-E495A0050EC6} (Easywebinstaller Control) - http://s7.blingblingcontent.com/toolbarcash/activex/easywebinstaller.ocx O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://groups.msn.com/controls/PhotoUC/MsnPUpld.cab O16 - DPF: {88C51E90-8E9C-4C96-8A45-574D88B63FAF} (Matrix Class) - http://acceso.masminutos.com/aplicacion.cab O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab30149.cab O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab32846.cab O16 - DPF: {B9191F79-5613-4C76-AA2A-398534BB8999} - http://us.dl1.yimg.com/download.yahoo.com/dl/installs/suite/yautocomplete.cab O16 - DPF: {C3DFA998-A486-11D4-AA25-00C04F72DAEB} (MSN Photo Upload Tool) - http://sc.groups.msn.com/controls/PhotoUC/MsnPUpld.cab O16 - DPF: {DA758BB1-5F89-4465-975F-8D7179A4BCF3} (WheelofFortune Object) - http://messenger.zone.msn.com/binary/WoF.cab31267.cab O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://chat.msn.com/bin/msnchat45.cab O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab31267.cab O18 - Protocol: bw+0 - {D9F03B84-9F0E-464C-9167-05FA4EF8046C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw+0s - {D9F03B84-9F0E-464C-9167-05FA4EF8046C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw-0 - {D9F03B84-9F0E-464C-9167-05FA4EF8046C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw-0s - {D9F03B84-9F0E-464C-9167-05FA4EF8046C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw00 - {D9F03B84-9F0E-464C-9167-05FA4EF8046C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw00s - {D9F03B84-9F0E-464C-9167-05FA4EF8046C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw10 - {D9F03B84-9F0E-464C-9167-05FA4EF8046C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw10s - {D9F03B84-9F0E-464C-9167-05FA4EF8046C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw20 - {D9F03B84-9F0E-464C-9167-05FA4EF8046C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw20s - {D9F03B84-9F0E-464C-9167-05FA4EF8046C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw30 - {D9F03B84-9F0E-464C-9167-05FA4EF8046C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw30s - {D9F03B84-9F0E-464C-9167-05FA4EF8046C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw40 - {D9F03B84-9F0E-464C-9167-05FA4EF8046C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw40s - {D9F03B84-9F0E-464C-9167-05FA4EF8046C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw50 - {D9F03B84-9F0E-464C-9167-05FA4EF8046C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw50s - {D9F03B84-9F0E-464C-9167-05FA4EF8046C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw60 - {D9F03B84-9F0E-464C-9167-05FA4EF8046C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw60s - {D9F03B84-9F0E-464C-9167-05FA4EF8046C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw70 - {D9F03B84-9F0E-464C-9167-05FA4EF8046C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw70s - {D9F03B84-9F0E-464C-9167-05FA4EF8046C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw80 - {D9F03B84-9F0E-464C-9167-05FA4EF8046C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw80s - {D9F03B84-9F0E-464C-9167-05FA4EF8046C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw90 - {D9F03B84-9F0E-464C-9167-05FA4EF8046C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw90s - {D9F03B84-9F0E-464C-9167-05FA4EF8046C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwa0 - {D9F03B84-9F0E-464C-9167-05FA4EF8046C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwa0s - {D9F03B84-9F0E-464C-9167-05FA4EF8046C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwb0 - {D9F03B84-9F0E-464C-9167-05FA4EF8046C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwb0s - {D9F03B84-9F0E-464C-9167-05FA4EF8046C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwc0 - {D9F03B84-9F0E-464C-9167-05FA4EF8046C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwc0s - {D9F03B84-9F0E-464C-9167-05FA4EF8046C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwd0 - {D9F03B84-9F0E-464C-9167-05FA4EF8046C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwd0s - {D9F03B84-9F0E-464C-9167-05FA4EF8046C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwe0 - {D9F03B84-9F0E-464C-9167-05FA4EF8046C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwe0s - {D9F03B84-9F0E-464C-9167-05FA4EF8046C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwf0 - {D9F03B84-9F0E-464C-9167-05FA4EF8046C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwf0s - {D9F03B84-9F0E-464C-9167-05FA4EF8046C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll O18 - Protocol: bwg0 - {D9F03B84-9F0E-464C-9167-05FA4EF8046C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwg0s - {D9F03B84-9F0E-464C-9167-05FA4EF8046C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwh0 - {D9F03B84-9F0E-464C-9167-05FA4EF8046C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwh0s - {D9F03B84-9F0E-464C-9167-05FA4EF8046C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwi0 - {D9F03B84-9F0E-464C-9167-05FA4EF8046C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwi0s - {D9F03B84-9F0E-464C-9167-05FA4EF8046C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwj0 - {D9F03B84-9F0E-464C-9167-05FA4EF8046C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwj0s - {D9F03B84-9F0E-464C-9167-05FA4EF8046C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwk0 - {D9F03B84-9F0E-464C-9167-05FA4EF8046C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwk0s - {D9F03B84-9F0E-464C-9167-05FA4EF8046C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwl0 - {D9F03B84-9F0E-464C-9167-05FA4EF8046C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwl0s - {D9F03B84-9F0E-464C-9167-05FA4EF8046C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwm0 - {D9F03B84-9F0E-464C-9167-05FA4EF8046C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwm0s - {D9F03B84-9F0E-464C-9167-05FA4EF8046C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwn0 - {D9F03B84-9F0E-464C-9167-05FA4EF8046C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwn0s - {D9F03B84-9F0E-464C-9167-05FA4EF8046C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwo0 - {D9F03B84-9F0E-464C-9167-05FA4EF8046C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwo0s - {D9F03B84-9F0E-464C-9167-05FA4EF8046C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwp0 - {D9F03B84-9F0E-464C-9167-05FA4EF8046C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwp0s - {D9F03B84-9F0E-464C-9167-05FA4EF8046C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwq0 - {D9F03B84-9F0E-464C-9167-05FA4EF8046C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwq0s - {D9F03B84-9F0E-464C-9167-05FA4EF8046C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwr0 - {D9F03B84-9F0E-464C-9167-05FA4EF8046C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwr0s - {D9F03B84-9F0E-464C-9167-05FA4EF8046C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bws0 - {D9F03B84-9F0E-464C-9167-05FA4EF8046C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bws0s - {D9F03B84-9F0E-464C-9167-05FA4EF8046C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwt0 - {D9F03B84-9F0E-464C-9167-05FA4EF8046C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwt0s - {D9F03B84-9F0E-464C-9167-05FA4EF8046C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwu0 - {D9F03B84-9F0E-464C-9167-05FA4EF8046C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwu0s - {D9F03B84-9F0E-464C-9167-05FA4EF8046C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwv0 - {D9F03B84-9F0E-464C-9167-05FA4EF8046C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwv0s - {D9F03B84-9F0E-464C-9167-05FA4EF8046C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bww0 - {D9F03B84-9F0E-464C-9167-05FA4EF8046C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bww0s - {D9F03B84-9F0E-464C-9167-05FA4EF8046C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwx0 - {D9F03B84-9F0E-464C-9167-05FA4EF8046C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwx0s - {D9F03B84-9F0E-464C-9167-05FA4EF8046C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwy0 - {D9F03B84-9F0E-464C-9167-05FA4EF8046C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwy0s - {D9F03B84-9F0E-464C-9167-05FA4EF8046C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwz0 - {D9F03B84-9F0E-464C-9167-05FA4EF8046C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwz0s - {D9F03B84-9F0E-464C-9167-05FA4EF8046C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: offline-8876480 - {D9F03B84-9F0E-464C-9167-05FA4EF8046C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE O23 - Service: Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - c:\Program Files\Norton AntiVirus\navapsvc.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe O23 - Service: SAVScan - Symantec Corporation - c:\Program Files\Norton AntiVirus\SAVScan.exe
  • Gaarne de HijackThis in een aparte map zetten in niet op het bureaublad, omdat het programma back-ups maakt! Verwijder indien aanwezig in Programmainstellingen en toegang iMeshbar Ga eerst met het programma [url=www.ccleaner.com]CCleaner[/url] aan de slag, laat dit draaien in Veilige modus (bij opstarten F8 ) en laat de boel "Opschonen" Post dan een nieuwe log!
  • Bedankt dat gaan we even uitproberen! De printer doet het weer, hij was niet kapot door die error, maar omdat hij dubbel geinstalleerd was.
  • de logitech desktop manager heb je niet nodig en zo te zien heb je messenger plus met sponsors geinstalleerd
  • Ik ga er nog wel even naar kijken want er moet nog meer worden opgeschoond. Sjaak
  • [quote:9780e16657="steggel"]Ik ga er nog wel even naar kijken want er moet nog meer worden opgeschoond. Sjaak[/quote:9780e16657]vermoede het ook wel, maar dit is het minste wat ik al zag
  • iMesh is a peer-to-peer file sharing software. The software maintains a list of targeted sites and search terms. Once a match is found [b:6e1dbd7ca3]it will open a popup windows to display predetermined advertisement.[/b:6e1dbd7ca3] It can cause browser crashes after monitored form submissions. Start -> Configuratiescherm -> Software: iMesh (Verwijderen) C:\Program Files\iMesh\ compleet verwijderen. Start -> Configuratiescherm -> Software: iMesh ads support (Verwijderen) Deinstalleer MessengerPlus3, Gator en P2P Networking op de zelfde manier. MessengerPlus mag je later weer installeren maar dan zonder sponsors. Start Hijackthis op en kies voor 'Do a system scan only' Selecteer alleen de items die hieronder zijn genoemd: [b:6e1dbd7ca3]R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = about:blank R1 - HKCU\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://www.easywebsearch.nl R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://www.easywebsearch.nl R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://red.clientapps.yahoo.com/customize/ie/defaults/su/ymsgr6/*http://www.yahoo.com R3 - Default URLSearchHook is missing O2 - BHO: DownloadRedirect Class - {00000000-6CB0-410C-8C3D-8FA8D2011D0A} - C:\Program Files\iMesh\iMesh5\iMeshBHO.dll O2 - BHO: (no name) - {002D2A1E-A905-E6B7-3C69-84E6C68A8291} - C:\PROGRA~1\SURFJO~1\Web Intra.exe (file missing) O2 - BHO: iMeshBar BHO - {5345A7A1-805A-4923-B505-86B2FEBA3FE0} - C:\Program Files\iMeshBar\bar\1.bin\IMESHBAR.DLL O2 - BHO: (no name) - {5BEEDFB8-34DB-E2EF-6A50-9F00025F1A5D} - C:\DOCUME~1\Eigenaar\APPLIC~1\SURFJO~1\Web Intra.exe O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE O4 - HKLM\..\Run: [easywww] C:\windows\easywww2.exe O4 - HKLM\..\Run: [ewupdater] C:\WINDOWS\ewupdater.exe O4 - HKLM\..\Run: [redirect] C:\windows\redirect9a.exe O4 - HKLM\..\Run: [P2P Networking] C:\WINDOWS\System32\P2P Networking\P2P Networking.exe /AUTOSTART O4 - HKLM\..\Run: [P2P Networking2] C:\WINDOWS\System32\P2P Networking\P2P Networking2.exe /AUTOSTART O4 - HKLM\..\Run: [boob deaf download kind] C:\Documents and Settings\All Users\Application Data\Sizefiveboobdeaf\32Meal.exe O4 - HKLM\..\Run: [WildTangent CDA] RUNDLL32.exe "C:\Program Files\WildTangent\Apps\CDA\cdaEngine0400.dll",cdaEngineMain O4 - HKLM\..\Run: [CMESys] "C:\Program Files\Common Files\CMEII\CMESys.exe" O4 - HKLM\..\Run: [MMSystem] c:\windows\rundll32.exe "c:\windows\system32\mmsystem.dll"", RunDll32 O4 - HKLM\..\Run: [Isoformetadent] C:\Documents and Settings\All Users\Application Data\itch barb iso for\Poke Idle.exe O4 - HKCU\..\Run: [win roam] C:\DOCUME~1\Eigenaar\APPLIC~1\UPHOLD~1\BITS PROC FILE.exe O4 - HKCU\..\Run: [MMSystem] c:\windows\rundll32.exe "c:\windows\system32\mmsystem.dll"", RunDll32 O4 - Global Startup: GStartup.lnk = C:\Program Files\Common Files\GMT\GMT.exe O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe O16 - DPF: {0B682CC1-FB40-4006-A5DD-99EDD3C9095D} (vbiewer control) - http://www.thepaymentcentre.com/build/vbiewer.cab O16 - DPF: {1D6711C8-7154-40BB-8380-3DEA45B69CBF} (Web P2P Installer) - O16 - DPF: {3F2705D0-C9D8-4020-A15C-E495A0050EC6} (Easywebinstaller Control) - http://s7.blingblingcontent.com/toolbarcash/activex/easywebinstaller.ocx [/b:6e1dbd7ca3]Sluit alle vensters behalve Hijackthis Klik op 'Fix checked' om de items te verwijderen Zorg dat de [url=http://users.pandora.be/marcvn/spyware/1117602.htm]besturingssysteembestanden en verborgen bestanden zichtbaar zijn[/url] De volgende directories/bestanden verwijderen:[b:6e1dbd7ca3] C:\Program Files\iMesh\ C:\WINDOWS\System32\P2P Networking\ C:\Program Files\WildTangent\ C:\Program Files\Common Files\CMEII\ C:\Program Files\Common Files\GMT\ C:\Documents and Settings\Eigenaar\Application Data\SURFJO~1\ C:\Documents and Settings\All Users\Application Data\Sizefiveboobdeaf\ C:\Documents and Settings\All Users\Application Data\itch barb iso for\ C:\Documents and Settings\Eigenaar\Application Data\UPHOLD~1\ C:\WINDOWS\ALCXMNTR.EXE C:\windows\easywww2.exe C:\WINDOWS\ewupdater.exe C:\windows\redirect9a.exe C:\windows\system32\mmsystem.dll C:\Windows\schedlgu.txt C:\Windows\setupapi.log C:\Windows\easywww.exe[/b:6e1dbd7ca3] Maak de Temp-map leeg: Start -> Uitvoeren tik in: %TEMP% Selecteer alle bestanden en verwijder deze. Copieer onderstaande code: [code:1:6e1dbd7ca3] dir /a:h C:\Windows\Tasks >jobs.txt start jobs.txt [/code:1:6e1dbd7ca3] Plak dit in notepad. Sla dit op je bureaublad op als [b:6e1dbd7ca3]job.bat[/b:6e1dbd7ca3] Opslaan als type: [b:6e1dbd7ca3]Alle bestanden[/b:6e1dbd7ca3] Dubbelklik op het bestand job.bat en post de inhoud tesamen met een nieuw log van hijackthis. Sjaak
  • ok ik heb het geprobeert! Dit is de inhoud van de job.bat; De volumenaam van station C is HP_PAVILION Het volumenummer is 10D2-52C6 Map van C:\Windows\Tasks 18-04-2005 17:00 234 A1ACBF7491873458.job 18-04-2005 17:00 270 A26FE14391849B5B.job 18-04-2005 17:00 234 A28876019187EA25.job 24-09-2003 07:30 65 desktop.ini 18-04-2005 17:33 6 SA.DAT 5 bestand(en) 809 bytes 0 map(pen) 175.467.970.560 bytes beschikbaar en dit is de inhoud van de hijackthis log: Logfile of HijackThis v1.99.1 Scan saved at 17:58:03, on 18-4-2005 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\csrss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\LEXBCES.EXE C:\WINDOWS\system32\LEXPPS.EXE C:\WINDOWS\system32\spoolsv.exe c:\windows\system32\explorer.exe c:\windows\explorer.exe c:\windows\system32\IEXPLORE.EXE C:\Program Files\Java\j2re1.4.2_06\bin\jusched.exe C:\windows\system\hpsysdrv.exe C:\Program Files\Java\j2re1.4.2_06\bin\jucheck.exe C:\WINDOWS\System32\hphmon05.exe C:\HP\KBD\KBD.EXE C:\Program Files\InterVideo\Common\bin\WinCinemaMgr.exe C:\Program Files\Common Files\InterVideo\SchSvr\SchSvr.exe C:\Program Files\Multimedia Card Reader\shwicon2k.exe C:\WINDOWS\ALCXMNTR.EXE C:\WINDOWS\system32\rundll32.exe C:\Program Files\QuickTime\qttask.exe C:\WINDOWS\ewupdater.exe C:\windows\redirect9a.exe C:\Program Files\Logitech\Video\LogiTray.exe C:\Program Files\Kazaa\kazaa.exe C:\WINDOWS\system32\RUNDLL32.exe C:\WINDOWS\system32\LVComS.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe C:\Program Files\AIM\aim.exe C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\Program Files\Ulead Systems\Ulead Photo Express 2 SE\CalCheck.exe C:\Program Files\WinZip\WZQKPICK.EXE C:\WINDOWS\system32\ntvdm.exe c:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe c:\Program Files\Norton AntiVirus\navapsvc.exe C:\OPLIMIT\ocrawr32.exe C:\WINDOWS\System32\nvsvc32.exe C:\WINDOWS\system32\svchost.exe c:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe c:\Program Files\Norton AntiVirus\SAVScan.exe C:\WINDOWS\System32\alg.exe C:\WINDOWS\system32\wuauclt.exe c:\windows\rundll32.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\WINDOWS\system32\NOTEPAD.EXE C:\Documents and Settings\Eigenaar\Bureaublad\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.pcxiwhkirwtl.uk/neAoZfUNBZHc/N_7oZrRYBRHO5iIfhwUNMUHeQmW2pdYRtIoc/dSOrdkz3b1nrFu.jsp R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.nl R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit32.exe, O2 - BHO: (no name) - {002D2A1E-A905-E6B7-3C69-84E6C68A8291} - (no file) O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx O2 - BHO: Viewpoint Toolbar BHO - {A7327C09-B521-4EDB-8509-7D2660C9EC98} - C:\Program Files\Viewpoint\Viewpoint Toolbar\ViewBarBHO.dll O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - c:\Program Files\Norton AntiVirus\NavShExt.dll O3 - Toolbar: HP View - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\HP\Digital Imaging\bin\hpdtlk02.dll O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - c:\Program Files\Norton AntiVirus\NavShExt.dll O3 - Toolbar: Viewpoint Toolbar - {F8AD5AA5-D966-4667-9DAF-2561D68B2012} - C:\Program Files\Viewpoint\Viewpoint Toolbar\ViewBar.dll O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_06\bin\jusched.exe O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe O4 - HKLM\..\Run: [HPHUPD05] c:\Program Files\HP\{45B6180B-DCAB-4093-8EE8-6164457517F0}\hphupd05.exe O4 - HKLM\..\Run: [HPHmon05] C:\WINDOWS\System32\hphmon05.exe O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE O4 - HKLM\..\Run: [WinCinemaMgr] "C:\Program Files\InterVideo\Common\bin\WinCinemaMgr.exe" O4 - HKLM\..\Run: [Home Theater SchSvr] "C:\Program Files\Common Files\InterVideo\SchSvr\SchSvr.exe" O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE O4 - HKLM\..\Run: [VTTimer] VTTimer.exe O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe O4 - HKLM\..\Run: [ccApp] "c:\Program Files\Common Files\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /keeploaded /nodetect O4 - HKLM\..\Run: [Sunkist2k] C:\Program Files\Multimedia Card Reader\shwicon2k.exe O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE O4 - HKLM\..\Run: [PrinTray] C:\WINDOWS\System32\spool\DRIVERS\W32X86\2\printray.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [ewupdater] C:\WINDOWS\ewupdater.exe O4 - HKLM\..\Run: [redirect] C:\windows\redirect9a.exe O4 - HKLM\..\Run: [KAZAA] C:\Program Files\Kazaa\kazaa.exe /SYSTRAY O4 - HKLM\..\Run: [PE2CKFNT SE] C:\Program Files\Ulead Systems\Ulead Photo Express 2 SE\ChkFont.exe O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe O4 - HKLM\..\Run: [SpyHunter] C:\Program Files\Enigma Software Group\SpyHunter\SpyHunter.exe O4 - HKLM\..\Run: [MMSystem] c:\windows\rundll32.exe "c:\windows\system32\mmsystem.dll"", RunDll32 O4 - HKLM\..\RunOnce: [iMeshBar Uninstall] rundll32 C:\PROGRA~1\UNINST~1.DLL,O -2 O4 - HKLM\..\RunOnce: [MessengerPlusUninstall] C:\WINDOWS\system32\cmd.exe /C "C:\DOCUME~1\Eigenaar\LOCALS~1\Temp\MsgPlusUninst.bat" O4 - HKCU\..\Run: [BackupNotify] c:\Program Files\HP\Digital Imaging\bin\backupnotify.exe O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [AIM] C:\Program Files\AIM\aim.exe -cnetwait.odl O4 - HKCU\..\Run: [SpySweeper] "C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe" /0 O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized O4 - HKCU\..\Run: [MMSystem] c:\windows\rundll32.exe "c:\windows\system32\mmsystem.dll"", RunDll32 O4 - Startup: OCRAWARE.lnk = C:\OPLIMIT\OCRAWARE.EXE O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O4 - Global Startup: Photo Express Calendar Checker SE.lnk = C:\Program Files\Ulead Systems\Ulead Photo Express 2 SE\CalCheck.exe O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE O8 - Extra context menu item: &Viewpoint Search - res://C:\Program Files\Viewpoint\Viewpoint Toolbar\ViewBar.dll/CXTSEARCH.HTML O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\shdocvw.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\shdocvw.dll O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra button: WeatherBug - {AF6CABAB-61F9-4f12-A198-B7D41EF1CB52} - C:\Program Files\AWS\WeatherBug\Weather.exe (file missing) (HKCU) O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab O16 - DPF: {0B682CC1-FB40-4006-A5DD-99EDD3C9095D} (vbiewer control) - http://www.thepaymentcentre.com/build/vbiewer.cab O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab30149.cab O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://groups.msn.com/controls/PhotoUC/MsnPUpld.cab O16 - DPF: {88C51E90-8E9C-4C96-8A45-574D88B63FAF} (Matrix Class) - http://acceso.masminutos.com/aplicacion.cab O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab30149.cab O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab32846.cab O16 - DPF: {B9191F79-5613-4C76-AA2A-398534BB8999} - http://us.dl1.yimg.com/download.yahoo.com/dl/installs/suite/yautocomplete.cab O16 - DPF: {C3DFA998-A486-11D4-AA25-00C04F72DAEB} (MSN Photo Upload Tool) - http://sc.groups.msn.com/controls/PhotoUC/MsnPUpld.cab O16 - DPF: {DA758BB1-5F89-4465-975F-8D7179A4BCF3} (WheelofFortune Object) - http://messenger.zone.msn.com/binary/WoF.cab31267.cab O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://chat.msn.com/bin/msnchat45.cab O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab31267.cab O18 - Protocol: bw+0 - {D9F03B84-9F0E-464C-9167-05FA4EF8046C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw+0s - {D9F03B84-9F0E-464C-9167-05FA4EF8046C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw-0 - {D9F03B84-9F0E-464C-9167-05FA4EF8046C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw-0s - {D9F03B84-9F0E-464C-9167-05FA4EF8046C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw00 - {D9F03B84-9F0E-464C-9167-05FA4EF8046C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw00s - {D9F03B84-9F0E-464C-9167-05FA4EF8046C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw10 - {D9F03B84-9F0E-464C-9167-05FA4EF8046C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw10s - {D9F03B84-9F0E-464C-9167-05FA4EF8046C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw20 - {D9F03B84-9F0E-464C-9167-05FA4EF8046C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw20s - {D9F03B84-9F0E-464C-9167-05FA4EF8046C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw30 - {D9F03B84-9F0E-464C-9167-05FA4EF8046C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw30s - {D9F03B84-9F0E-464C-9167-05FA4EF8046C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw40 - {D9F03B84-9F0E-464C-9167-05FA4EF8046C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw40s - {D9F03B84-9F0E-464C-9167-05FA4EF8046C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw50 - {D9F03B84-9F0E-464C-9167-05FA4EF8046C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw50s - {D9F03B84-9F0E-464C-9167-05FA4EF8046C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw60 - {D9F03B84-9F0E-464C-9167-05FA4EF8046C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw60s - {D9F03B84-9F0E-464C-9167-05FA4EF8046C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw70 - {D9F03B84-9F0E-464C-9167-05FA4EF8046C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw70s - {D9F03B84-9F0E-464C-9167-05FA4EF8046C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw80 - {D9F03B84-9F0E-464C-9167-05FA4EF8046C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw80s - {D9F03B84-9F0E-464C-9167-05FA4EF8046C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw90 - {D9F03B84-9F0E-464C-9167-05FA4EF8046C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw90s - {D9F03B84-9F0E-464C-9167-05FA4EF8046C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwa0 - {D9F03B84-9F0E-464C-9167-05FA4EF8046C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwa0s - {D9F03B84-9F0E-464C-9167-05FA4EF8046C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwb0 - {D9F03B84-9F0E-464C-9167-05FA4EF8046C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwb0s - {D9F03B84-9F0E-464C-9167-05FA4EF8046C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwc0 - {D9F03B84-9F0E-464C-9167-05FA4EF8046C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwc0s - {D9F03B84-9F0E-464C-9167-05FA4EF8046C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwd0 - {D9F03B84-9F0E-464C-9167-05FA4EF8046C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwd0s - {D9F03B84-9F0E-464C-9167-05FA4EF8046C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwe0 - {D9F03B84-9F0E-464C-9167-05FA4EF8046C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwe0s - {D9F03B84-9F0E-464C-9167-05FA4EF8046C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwf0 - {D9F03B84-9F0E-464C-9167-05FA4EF8046C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwf0s - {D9F03B84-9F0E-464C-9167-05FA4EF8046C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll O18 - Protocol: bwg0 - {D9F03B84-9F0E-464C-9167-05FA4EF8046C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwg0s - {D9F03B84-9F0E-464C-9167-05FA4EF8046C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwh0 - {D9F03B84-9F0E-464C-9167-05FA4EF8046C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwh0s - {D9F03B84-9F0E-464C-9167-05FA4EF8046C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwi0 - {D9F03B84-9F0E-464C-9167-05FA4EF8046C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwi0s - {D9F03B84-9F0E-464C-9167-05FA4EF8046C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwj0 - {D9F03B84-9F0E-464C-9167-05FA4EF8046C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwj0s - {D9F03B84-9F0E-464C-9167-05FA4EF8046C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwk0 - {D9F03B84-9F0E-464C-9167-05FA4EF8046C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwk0s - {D9F03B84-9F0E-464C-9167-05FA4EF8046C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwl0 - {D9F03B84-9F0E-464C-9167-05FA4EF8046C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwl0s - {D9F03B84-9F0E-464C-9167-05FA4EF8046C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwm0 - {D9F03B84-9F0E-464C-9167-05FA4EF8046C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwm0s - {D9F03B84-9F0E-464C-9167-05FA4EF8046C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwn0 - {D9F03B84-9F0E-464C-9167-05FA4EF8046C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwn0s - {D9F03B84-9F0E-464C-9167-05FA4EF8046C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwo0 - {D9F03B84-9F0E-464C-9167-05FA4EF8046C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwo0s - {D9F03B84-9F0E-464C-9167-05FA4EF8046C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwp0 - {D9F03B84-9F0E-464C-9167-05FA4EF8046C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwp0s - {D9F03B84-9F0E-464C-9167-05FA4EF8046C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwq0 - {D9F03B84-9F0E-464C-9167-05FA4EF8046C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwq0s - {D9F03B84-9F0E-464C-9167-05FA4EF8046C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwr0 - {D9F03B84-9F0E-464C-9167-05FA4EF8046C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwr0s - {D9F03B84-9F0E-464C-9167-05FA4EF8046C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bws0 - {D9F03B84-9F0E-464C-9167-05FA4EF8046C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bws0s - {D9F03B84-9F0E-464C-9167-05FA4EF8046C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwt0 - {D9F03B84-9F0E-464C-9167-05FA4EF8046C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwt0s - {D9F03B84-9F0E-464C-9167-05FA4EF8046C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwu0 - {D9F03B84-9F0E-464C-9167-05FA4EF8046C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwu0s - {D9F03B84-9F0E-464C-9167-05FA4EF8046C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwv0 - {D9F03B84-9F0E-464C-9167-05FA4EF8046C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwv0s - {D9F03B84-9F0E-464C-9167-05FA4EF8046C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bww0 - {D9F03B84-9F0E-464C-9167-05FA4EF8046C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bww0s - {D9F03B84-9F0E-464C-9167-05FA4EF8046C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwx0 - {D9F03B84-9F0E-464C-9167-05FA4EF8046C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwx0s - {D9F03B84-9F0E-464C-9167-05FA4EF8046C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwy0 - {D9F03B84-9F0E-464C-9167-05FA4EF8046C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwy0s - {D9F03B84-9F0E-464C-9167-05FA4EF8046C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwz0 - {D9F03B84-9F0E-464C-9167-05FA4EF8046C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwz0s - {D9F03B84-9F0E-464C-9167-05FA4EF8046C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: offline-8876480 - {D9F03B84-9F0E-464C-9167-05FA4EF8046C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE O23 - Service: Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - c:\Program Files\Norton AntiVirus\navapsvc.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe O23 - Service: SAVScan - Symantec Corporation - c:\Program Files\Norton AntiVirus\SAVScan.exe
  • Je hebt waarschijnlijk na het verwijderen van iMesh de PC nog niet herstart. Ik zie namelijk een een regel staan voor het verwijderen van de software, maar dat zal wel goed komen. Ik zie dat Kazaa bij de actieve processen aanwezig is. Kijk vanavond nog eens op deze site: http://www.spywareinfo.com/articles/p2p/ Mijn advies is om Kazaa te deinstalleren. Copieer onderstaande code: [code:1:7ee0a73ebc] cd \Windows\Tasks del /a:h A1ACBF7491873458.job del /a:h A26FE14391849B5B.job del /a:h A28876019187EA25.job[/code:1:7ee0a73ebc] Plak de code in Notepad Sla dit op je bureaublad op als [b:7ee0a73ebc]remjobs.bat[/b:7ee0a73ebc] Opslaan als type: [b:7ee0a73ebc]Alle bestanden[/b:7ee0a73ebc] Dubbel klik op het bestand remjobs.bat Onderstaande fix moet je in VEILIGE MODE uitvoeren. Kijk [url=http://users.pandora.be/marcvn/spyware/1378056.htm]hier[/url] als je niet weet hoe dat moet. Start Hijackthis op en kies voor 'Do a system scan only' Selecteer alleen de items die hieronder zijn genoemd: [b:7ee0a73ebc]R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.pcxiwhkirwtl.uk/neAoZfUNBZHc/N_7oZrRYBRHO5iIfhwUNMUHeQmW2pdYRtIoc/dSOrdkz3b1nrFu.jsp O2 - BHO: (no name) - {002D2A1E-A905-E6B7-3C69-84E6C68A8291} - (no file) O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE O4 - HKLM\..\Run: [ewupdater] C:\WINDOWS\ewupdater.exe O4 - HKLM\..\Run: [redirect] C:\windows\redirect9a.exe O4 - HKLM\..\Run: [MMSystem] c:\windows\rundll32.exe "c:\windows\system32\mmsystem.dll"", RunDll32 O4 - HKCU\..\Run: [MMSystem] c:\windows\rundll32.exe "c:\windows\system32\mmsystem.dll"", RunDll32 O16 - DPF: {0B682CC1-FB40-4006-A5DD-99EDD3C9095D} (vbiewer control) - http://www.thepaymentcentre.com/build/vbiewer.cab [/b:7ee0a73ebc]Klik op 'Fix checked' om de items te verwijderen Zorg dat de [url=http://users.pandora.be/marcvn/spyware/1117602.htm]besturingssysteembestanden en verborgen bestanden zichtbaar zijn[/url] De volgende directories/bestanden verwijderen: C:\WINDOWS\ALCXMNTR.EXE C:\WINDOWS\ewupdater.exe C:\windows\redirect9a.exe c:\windows\system32\mmsystem.dll Herstart de PC in normale mode en voer het programma job.bat nog een keer uit. Post de inhoud tesamen met een nieuw log van hijackthis. Sjaak

Beantwoord deze vraag

Weet jij het antwoord op deze vraag? Registreer of meld je aan met je account

Dit is een gearchiveerde pagina. Antwoorden is niet meer mogelijk.