Op deze website gebruiken we cookies om content en advertenties te personaliseren, om functies voor social media te bieden en om ons websiteverkeer te analyseren. Ook delen we informatie over uw gebruik van onze site met onze partners voor social media, adverteren en analyse. Deze partners kunnen deze gegevens combineren met andere informatie die u aan ze heeft verstrekt of die ze hebben verzameld op basis van uw gebruik van hun services. Meer informatie.

Akkoord

Vraag & Antwoord

Beveiliging & privacy

Pc is ramp... heel traag. Nog beetje en die gaat achteruit.

pimvandenderen
5 antwoorden
  • Heb het weer zitten. Als ik PC opstart gaat die supertraag.
    Ene keer lukt het, andere keer niet. Soms tot 10 keer heropstarten eer ik eindelijk iets open krijg.
    Vb Explorer start op en slaat dan weer af. Of alles blokkeert plots en reageert PC op niets meer. Is dit frustrerend denken jullie….. ?

    Heb na veel proberen eindelijk log kunnen opslaan.
    Hopelijk kan iemand hier eens naar kijken en kan de oplossing hierin terug gevonden worden.

    Ik heb geen meldingen van virussen….. al betwijfel ik het….

    Voor diegene die moeite willen doen. Alvast merci!!

    A desperate houseman..

    [b:cc1a1e4ee5]Log[/b:cc1a1e4ee5]

    ogfile of HijackThis v1.99.1
    Scan saved at 20:52:19, on 22/08/2007
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\SOUNDMAN.EXE
    C:\Program Files\MSI\Live Update 3\LMonitor.exe
    C:\Program Files\Logitech\Video\LogiTray.exe
    C:\Program Files\Logitech\iTouch\iTouch.exe
    C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
    C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe
    C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\Program Files\Telenet Internet Security Pack\Common\FSM32.EXE
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Skype\Phone\Skype.exe
    C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    C:\Program Files\BitTorrent\bittorrent.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    C:\Program Files\Telenet Internet Security Pack\Anti-Virus\fsgk32st.exe
    C:\WINDOWS\system32\LVComsX.exe
    C:\Program Files\Telenet Internet Security Pack\Anti-Virus\FSGK32.EXE
    C:\Program Files\Telenet Internet Security Pack\Common\FSMA32.EXE
    C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
    C:\Program Files\Telenet Internet Security Pack\Common\FSMB32.EXE
    C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe
    C:\Program Files\Logitech\Video\FxSvr2.exe
    C:\Program Files\Telenet Internet Security Pack\Common\FCH32.EXE
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Telenet Internet Security Pack\Common\FAMEH32.EXE
    C:\Program Files\Telenet Internet Security Pack\Anti-Virus\fsqh.exe
    C:\Program Files\Telenet Internet Security Pack\FSPC\fspc.exe
    C:\Program Files\Telenet Internet Security Pack\FSGUI\fsguidll.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Program Files\Telenet Internet Security Pack\Anti-Virus\fssm32.exe
    C:\Program Files\Telenet Internet Security Pack\FSAUA\program\fsaua.exe
    C:\Program Files\Telenet Internet Security Pack\FWES\Program\fsdfwd.exe
    C:\Program Files\Telenet Internet Security Pack\FSAUA\program\fsus.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Telenet Internet Security Pack\Anti-Virus\fsav32.exe
    C:\Program Files\Telenet Internet Security Pack\FSGUI\fsavgui.exe
    C:\Program Files\Java\jre1.6.0_01\bin\jucheck.exe
    C:\Program Files\Internet Explorer\IEXPLORE.EXE
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
    C:\Documents and Settings\Client\Bureaublad\NIET AANKOMEN!!!!!hijackthis\hijackthis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http:/
    unonce.msn.com/?v=msgrv75
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.telenet.be
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = http://pac.telenet.be:8080
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = ;127.0.0.1
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
    R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
    R3 - URLSearchHook: (no name) - {9CB65206-89C4-402c-BA80-02D8C59F9B1D} - (no file)
    O2 - BHO: HelperObject Class - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\SnagIt 8\SnagItBHO.dll
    O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
    O2 - BHO: Schmap Local - {AC89BF9C-4296-476C-86BC-6CAA3B398AB5} - C:\Program Files\Schmap\SchmapLocal\SchmapLocalIE.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
    O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
    O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
    O3 - Toolbar: SnagIt - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\SnagIt 8\SnagItIEAddin.dll
    O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
    O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
    O4 - HKLM\..\Run: [LiveMonitor] C:\Program Files\MSI\Live Update 3\LMonitor.exe
    O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
    O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
    O4 - HKLM\..\Run: [zBrowser Launcher] C:\Program Files\Logitech\iTouch\iTouch.exe
    O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd2.exe"
    O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [BootSkin Startup Jobs] "C:\Program Files\Stardock\WinCustomize\BootSkin\BootSkin.exe" /StartupJobs
    O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\Telenet Internet Security Pack\Common\FSM32.EXE" /splash
    O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\Telenet Internet Security Pack\FSGUI\TNBUtil.exe" /CHECKALL /WAITFORSW
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
    O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
    O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    O4 - HKCU\..\Run: [BitTorrent] "C:\Program Files\BitTorrent\bittorrent.exe" –force_start_minimized
    O4 - Startup: Stardock ObjectDock.lnk = C:\Program Files\Stardock\ObjectDock\ObjectDock.exe
    O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
    O4 - Global Startup: Snelstart HP Image Zone.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
    O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
    O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
    O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
    O8 - Extra context menu item: Openen in een nieuwe achtergrondtab - res://C:\Program Files\Windows Live Toolbar\Components
    l-be\msntabres.dll.mui/229?10cfae6a91374a4c9e374bce23df11c3
    O8 - Extra context menu item: Openen in een nieuwe voorgrondtab - res://C:\Program Files\Windows Live Toolbar\Components
    l-be\msntabres.dll.mui/230?10cfae6a91374a4c9e374bce23df11c3
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
    O9 - Extra button: Ouderlijk… - {200DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\Telenet Internet Security Pack\FSPC\fspcmsie.dll
    O9 - Extra button: (no name) - {200DB664-75B5-47c0-8B45-A44ACCF73F01} - C:\Program Files\Telenet Internet Security Pack\FSPC\fspcmsie.dll
    O9 - Extra 'Tools' menuitem: Ouderlijk… - {200DB664-75B5-47c0-8B45-A44ACCF73F01} - C:\Program Files\Telenet Internet Security Pack\FSPC\fspcmsie.dll
    O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: Schmap Local - {f53a1294-34c5-4e48-afbd-5f5d5f081d2a} - C:\Program Files\Schmap\SchmapLocal\SchmapLocalIE.dll
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O10 - Unknown file in Winsock LSP: c:\program files\telenet internet security pack\fsps\program\fslsp.dll
    O10 - Unknown file in Winsock LSP: c:\program files\telenet internet security pack\fsps\program\fslsp.dll
    O10 - Unknown file in Winsock LSP: c:\program files\telenet internet security pack\fsps\program\fslsp.dll
    O10 - Unknown file in Winsock LSP: c:\program files\telenet internet security pack\fsps\program\fslsp.dll
    O10 - Unknown file in Winsock LSP: c:\program files\telenet internet security pack\fsps\program\fslsp.dll
    O10 - Unknown file in Winsock LSP: c:\program files\telenet internet security pack\fsps\program\fslsp.dll
    O10 - Unknown file in Winsock LSP: c:\program files\telenet internet security pack\fsps\program\fslsp.dll
    O10 - Unknown file in Winsock LSP: c:\program files\telenet internet security pack\fsps\program\fslsp.dll
    O10 - Unknown file in Winsock LSP: c:\program files\telenet internet security pack\fsps\program\fslsp.dll
    O10 - Unknown file in Winsock LSP: c:\program files\telenet internet security pack\fsps\program\fslsp.dll
    O10 - Unknown file in Winsock LSP: c:\program files\telenet internet security pack\fsps\program\fslsp.dll
    O10 - Unknown file in Winsock LSP: c:\program files\telenet internet security pack\fsps\program\fslsp.dll
    O10 - Unknown file in Winsock LSP: c:\program files\telenet internet security pack\fsps\program\fslsp.dll
    O10 - Unknown file in Winsock LSP: c:\program files\telenet internet security pack\fsps\program\fslsp.dll
    O14 - IERESET.INF: START_PAGE_URL=http://www.telenet.be
    O16 - DPF: {164B406B-0FD6-4E7F-BA7E-64D227D4CA37} (dnlplayer Class) - http://www.digitalwebbooks.com
    eader/dbplugin.cab
    O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
    O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
    O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O18 - Protocol: schmap-help - {2CF664A0-5EA6-47B5-884C-433A60145F78} - C:\Program Files\Schmap\Schmap Player\SchmapDocLib.dll
    O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
    O20 - Winlogon Notify: WRNotifier - WRLogonNTF.dll (file missing)
    O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - F-Secure Corporation - C:\Program Files\Telenet Internet Security Pack\Anti-Virus\fsgk32st.exe
    O23 - Service: F-Secure Automatic Update Agent (FSAUA) - F-Secure Corporation - C:\Program Files\Telenet Internet Security Pack\FSAUA\program\fsaua.exe
    O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\Telenet Internet Security Pack\FWES\Program\fsdfwd.exe
    O23 - Service: FSMA - F-Secure Corporation - C:\Program Files\Telenet Internet Security Pack\Common\FSMA32.EXE
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
    O23 - Service: NMIndexingService - Unknown owner - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe (file missing)
    O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
  • Start Hijackthis, kies voor [i:279ada378c]'Do a system scan only'[/i:279ada378c] en vink onderstaande regels aan:
    [b:279ada378c]
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
    R3 - URLSearchHook: (no name) - {9CB65206-89C4-402c-BA80-02D8C59F9B1D} - (no file)
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O16 - DPF: {164B406B-0FD6-4E7F-BA7E-64D227D4CA37} (dnlplayer Class) - http://www.digitalwebbooks.com
    eader/dbplugin.cab
    O20 - Winlogon Notify: WRNotifier - WRLogonNTF.dll (file missing)
    [/b:279ada378c]

    Sluit nu [u:279ada378c]alle[/u:279ada378c] openstaande vensters, behalve Hijackthis en klik op [b:279ada378c]Fix Checked[/b:279ada378c].

    Download Combofix naar je [b:279ada378c]bureaublad[/b:279ada378c]

    Dubbelklik op [u:279ada378c]combofix.exe[/u:279ada378c]
    Volg de instructies, aanvaard de disclaimer door y of Y te typen.
    Tijdens het runnen van de fix, [b:279ada378c]NIET[/b:279ada378c] in het venster klikken, want dit zal je pc doen vasthangen.

    Wanneer de fix voltooid is en na herstart, zal de log [b:279ada378c]combofix.txt[/b:279ada378c] openen. Bewaar dit logje.

    NOTA: Indien je virusscanner reageert met een melding van een scriptuitvoering, mag je dit negeren.

    Plaats in je volgende antwoord het logje van combofix ([i:279ada378c]combofix.txt[/i:279ada378c]) tesamen met een vers Hijackthis log.


    Succes!

    Pim
  • uitgevoerd zoals gevraagd.
    [b:ed4df69da9]Hier mijn log combofix[/b:ed4df69da9]

    "Client" - 2007-08-22 22:21:54 - ComboFix 07-07-03.9 - Service Pack 2


    ((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))


    C:\WINDOWS\svchost.exe


    ((((((((((((((((((((((((( Files Created from 2007-07-22 to 2007-08-22 )))))))))))))))))))))))))))))))


    2007-08-22 22:03 <DIR> d——– C:\Program Files\XP Repair Pro 2007
    2007-08-15 00:00 221,184 –a—— C:\WINDOWS\system32\wmpns.dll
    2007-08-13 20:10 <DIR> d——– C:\Program Files\Common Files\HP
    2007-08-13 20:06 69,352 –a—— C:\WINDOWS\hpoins05.dat
    2007-08-13 20:06 581,632 -ra—— C:\WINDOWS\system32\hpotscl.dll
    2007-08-13 20:06 229,376 -ra—— C:\WINDOWS\system32\hpovst08.dll
    2007-08-13 20:06 19,696 ——— C:\WINDOWS\hpomdl05.dat
    2007-08-10 11:11 <DIR> d——– C:\Program Files\Microsoft CAPICOM 2.1.0.2
    2007-08-10 11:05 271,224 –a—— C:\WINDOWS\system32\mucltui.dll
    2007-08-10 11:05 208,248 –a—— C:\WINDOWS\system32\muweb.dll
    2007-08-09 22:17 <DIR> d——– C:\WINDOWS\FLV Player
    2007-08-09 10:42 <DIR> d——– C:\DOCUME~1\Client\Contacts
    2007-08-09 10:41 <DIR> d——– C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Live Toolbar
    2007-08-09 10:40 <DIR> d—-c— C:\WINDOWS\system32\DRVSTORE
    2007-08-09 10:40 <DIR> d——– C:\Program Files\Windows Live Toolbar
    2007-08-07 18:18 <DIR> d——– C:\Program Files\TechSmith
    2007-08-07 18:18 <DIR> d——– C:\DOCUME~1\ALLUSE~1\APPLIC~1\TechSmith
    2007-08-07 18:17 <DIR> d——– C:\Program Files\Common Files\Wise Installation Wizard
    2007-08-07 11:29 <DIR> d——– C:\DOCUME~1\ALLUSE~1\APPLIC~1\NETg
    2007-08-07 10:22 <DIR> d——– C:\Program Files\XPRepairPro2006
    2007-08-07 09:48 <DIR> d——– C:\DOCUME~1\Gast\APPLIC~1\RegistrySmart
    2007-08-07 09:26 <DIR> d——– C:\Program Files\Azureus
    2007-08-07 09:21 <DIR> d——– C:\DOCUME~1\Client\APPLIC~1\RegistrySmart
    2007-08-07 09:16 122,880 –a—— C:\WINDOWS\RMconfig.dll
    2007-08-06 20:08 <DIR> d——– C:\WINDOWS\SxsCaPendDel
    2007-08-06 19:59 <DIR> d——– C:\Program Files\Samsung
    2007-08-06 19:59 <DIR> d——– C:\DOCUME~1\ALLUSE~1\APPLIC~1\Yahoo! Companion
    2007-08-06 18:38 <DIR> d——– C:\DOCUME~1\ALLUSE~1\APPLIC~1\Yahoo! Companion(2)
    2007-08-06 18:35 <DIR> d——– C:\Program Files\Anne Jan


    (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

    2007-08-22 20:13:21 ——– d—–w C:\DOCUME~1\Client\APPLIC~1\Skype
    2007-08-15 15:50:11 ——– d—–w C:\Program Files\Telenet Internet Security Pack
    2007-08-14 20:36:02 30,016 —-a-w C:\WINDOWS\system32\drivers\fsndis5.sys
    2007-08-14 20:36:01 51,040 —-a-w C:\WINDOWS\system32\drivers\fsdfw.sys
    2007-08-13 18:09:06 ——– d—–w C:\Program Files\Hewlett-Packard
    2007-08-12 15:37:46 ——– d—–w C:\DOCUME~1\Client\APPLIC~1\Azureus
    2007-08-09 08:40:37 ——– d—–w C:\Program Files\MSN Messenger
    2007-08-07 17:06:46 ——– d—–w C:\Program Files\Common Files\Ahead
    2007-08-07 14:36:33 94,218 —-a-w C:\WINDOWS\system32\perfc013.dat
    2007-08-07 14:36:33 493,654 —-a-w C:\WINDOWS\system32\perfh013.dat
    2007-08-07 09:55:51 ——– d–h–w C:\Program Files\InstallShield Installation Information
    2007-08-07 08:20:37 ——– d—–w C:\DOCUME~1\Client\APPLIC~1\BitTorrent
    2007-08-07 07:28:24 ——– d—–w C:\Program Files\BitTorrent
    2007-08-06 17:59:37 ——– d—–w C:\Program Files\Yahoo!
    2007-07-25 20:20:39 ——– d—–w C:\DOCUME~1\Client\APPLIC~1\Ahead
    2007-07-19 17:47:19 ——– d—–w C:\DOCUME~1\Client\APPLIC~1\iMesh
    2007-07-07 11:59:01 ——– d—–w C:\DOCUME~1\Client\APPLIC~1\WinRAR
    2007-07-07 11:56:16 33,952 —-a-w C:\WINDOWS\system32\drivers\oreans32.sys
    2007-07-07 11:44:55 ——– d—–w C:\Program Files\Google
    2007-07-04 07:35:44 ——– d—–w C:\DOCUME~1\Client\APPLIC~1\SecondLife
    2007-07-04 07:24:41 163,712 —-a-w C:\WINDOWS\system32\drivers\vidstub.sys
    2007-07-04 07:19:56 ——– d—–w C:\Program Files\Common Files\Stardock
    2007-07-04 07:19:55 ——– d—–w C:\Program Files\Stardock
    2007-06-26 06:10:37 1,104,896 —-a-w C:\WINDOWS\system32\msxml3.dll
    2007-06-19 13:33:12 282,112 —-a-w C:\WINDOWS\system32\gdi32.dll
    2007-06-16 22:11:58 51,200 —-a-w C:\WINDOWS
    ircmd.exe
    2007-06-13 13:24:02 1,036,800 —-a-w C:\WINDOWS\explorer.exe
    2007-05-31 20:30:08 2,560 —-a-w C:\WINDOWS\_MSRSTRT.EXE


    ((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))


    *Note* empty entries & legit default entries are not shown

    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{00C6482D-C502-44C8-8409-FCE54AD9C208}]
    2006-06-20 08:10 61440 –a—— C:\Program Files\TechSmith\SnagIt 8\SnagItBHO.dll

    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}]
    2005-12-07 15:06 399424 –a—— C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll

    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
    2006-01-12 20:38 63128 –a—— C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll

    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
    2007-03-14 03:43 501400 –a—— C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll

    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
    2006-08-31 20:33 322368 –a—— C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
    2007-01-19 23:55 2403392 -ra—— c:\program files\google\googletoolbar3.dll

    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{AC89BF9C-4296-476C-86BC-6CAA3B398AB5}]
    2007-04-02 16:46 385024 –a—— C:\Program Files\Schmap\SchmapLocal\SchmapLocalIE.dll

    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
    2007-06-28 21:05 325048 –a—— C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "SoundMan"="SOUNDMAN.EXE" [2004-09-16 14:39 C:\WINDOWS\SOUNDMAN.EXE]
    "LiveMonitor"="C:\Program Files\MSI\Live Update 3\LMonitor.exe" [2005-07-11 10:44]
    "LogitechVideoRepair"="C:\Program Files\Logitech\Video\ISStart.exe" [2004-10-08 12:31]
    "LogitechVideoTray"="C:\Program Files\Logitech\Video\LogiTray.exe" [2004-10-08 12:24]
    "zBrowser Launcher"="C:\Program Files\Logitech\iTouch\iTouch.exe" [2004-03-18 09:33]
    "HP Software Update"="C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" [2004-09-13 16:49]
    "Adobe Photo Downloader"="C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe" [2005-06-06 23:46]
    "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe" [2007-03-14 03:43]
    "BootSkin Startup Jobs"="C:\Program Files\Stardock\WinCustomize\BootSkin\BootSkin.exe" [2004-04-26 16:21]
    "F-Secure Manager"="C:\Program Files\Telenet Internet Security Pack\Common\FSM32.exe" [2007-04-26 19:12]
    "F-Secure TNB"="C:\Program Files\Telenet Internet Security Pack\FSGUI\TNBUtil.exe" [2007-04-26 19:10]
    "NeroFilterCheck"="C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe" [2006-01-12 15:40]

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 14:00]
    "LogitechSoftwareUpdate"="C:\Program Files\Logitech\Video\ManifestEngine.exe" [2004-10-08 12:06]
    "Skype"="C:\Program Files\Skype\Phone\Skype.exe" [2006-10-13 18:20]
    "swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-06-28 21:05]
    "BitTorrent"="C:\Program Files\BitTorrent\bittorrent.exe" [2007-03-02 01:11]
    "XPRepairPro2007"="C:\Program Files\XP Repair Pro 2007\XPRepairPro.exe" [2007-07-04 04:51]


    HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{1B9B83ED-4FC9-C2E9-0701-030502080100}
    C:\WINDOWS\svchost.exe

    Contents of the 'Scheduled Tasks' folder
    2007-08-07 08:21:03 C:\WINDOWS\tasks\RegistrySmart Scheduled Scan.job

    **************************************************************************

    catchme 0.3.914 W2K/XP/Vista - rootkit detector by Gmer, http://www.gmer.net
    Rootkit scan 2007-08-22 22:25:20
    Windows 5.1.2600 Service Pack 2 NTFS

    scanning hidden processes …

    scanning hidden autostart entries …

    scanning hidden files …

    scan completed successfully
    hidden files: 0

    **************************************************************************

    Completion time: 2007-08-22 22:25:50
    C:\ComboFix-quarantined-files.txt … 2007-08-22 22:25
    C:\ComboFix2.txt … 2007-07-03 18:12

    — E O F —

    [b:ed4df69da9]En vers logje hijackthis[/b:ed4df69da9]

    Logfile of HijackThis v1.99.1
    Scan saved at 22:39:07, on 22/08/2007
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\SOUNDMAN.EXE
    C:\Program Files\MSI\Live Update 3\LMonitor.exe
    C:\Program Files\Logitech\Video\LogiTray.exe
    C:\Program Files\Logitech\iTouch\iTouch.exe
    C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
    C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe
    C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
    C:\Program Files\Telenet Internet Security Pack\Common\FSM32.EXE
    C:\WINDOWS\system32\ctfmon.exe
    C:\WINDOWS\system32\LVComsX.exe
    C:\Program Files\Skype\Phone\Skype.exe
    C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    C:\Program Files\BitTorrent\bittorrent.exe
    C:\Program Files\Telenet Internet Security Pack\Anti-Virus\fsgk32st.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    C:\Program Files\Telenet Internet Security Pack\Common\FSMA32.EXE
    C:\Program Files\Telenet Internet Security Pack\Anti-Virus\FSGK32.EXE
    C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
    C:\Program Files\Telenet Internet Security Pack\Common\FSMB32.EXE
    C:\Program Files\Logitech\Video\FxSvr2.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe
    C:\Program Files\Telenet Internet Security Pack\Common\FCH32.EXE
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Telenet Internet Security Pack\Common\FAMEH32.EXE
    C:\Program Files\Telenet Internet Security Pack\Anti-Virus\fsqh.exe
    C:\Program Files\Telenet Internet Security Pack\FSPC\fspc.exe
    C:\Program Files\Telenet Internet Security Pack\FSGUI\fsguidll.exe
    C:\Program Files\Telenet Internet Security Pack\Anti-Virus\fssm32.exe
    C:\Program Files\Telenet Internet Security Pack\FSAUA\program\fsaua.exe
    C:\Program Files\Telenet Internet Security Pack\FWES\Program\fsdfwd.exe
    C:\Program Files\Telenet Internet Security Pack\FSAUA\program\fsus.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Telenet Internet Security Pack\Anti-Virus\fsav32.exe
    C:\Program Files\Java\jre1.6.0_01\bin\jucheck.exe
    E:\Documents and Settings\Client\Mijn documenten\Azureus Downloads\XP.Repair.Pro.2006.v3.1.6.Incl.Keygen.and.Patch\Cura\Keygen.exe
    C:\Program Files\Internet Explorer\IEXPLORE.EXE
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
    C:\WINDOWS\explorer.exe
    C:\Documents and Settings\Client\Bureaublad\NIET AANKOMEN!!!!!hijackthis\hijackthis\HijackThis.exe

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.telenet.be
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = http://pac.telenet.be:8080
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = ;127.0.0.1
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
    R3 - URLSearchHook: (no name) - {9CB65206-89C4-402c-BA80-02D8C59F9B1D} - (no file)
    O2 - BHO: HelperObject Class - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\SnagIt 8\SnagItBHO.dll
    O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
    O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
    O2 - BHO: Schmap Local - {AC89BF9C-4296-476C-86BC-6CAA3B398AB5} - C:\Program Files\Schmap\SchmapLocal\SchmapLocalIE.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
    O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
    O3 - Toolbar: SnagIt - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\SnagIt 8\SnagItIEAddin.dll
    O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
    O4 - HKLM\..\Run: [LiveMonitor] C:\Program Files\MSI\Live Update 3\LMonitor.exe
    O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
    O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
    O4 - HKLM\..\Run: [zBrowser Launcher] C:\Program Files\Logitech\iTouch\iTouch.exe
    O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd2.exe"
    O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
    O4 - HKLM\..\Run: [BootSkin Startup Jobs] "C:\Program Files\Stardock\WinCustomize\BootSkin\BootSkin.exe" /StartupJobs
    O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\Telenet Internet Security Pack\Common\FSM32.EXE" /splash
    O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\Telenet Internet Security Pack\FSGUI\TNBUtil.exe" /CHECKALL /WAITFORSW
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
    O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
    O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    O4 - HKCU\..\Run: [BitTorrent] "C:\Program Files\BitTorrent\bittorrent.exe" –force_start_minimized
    O4 - HKCU\..\Run: [XPRepairPro2007] C:\Program Files\XP Repair Pro 2007\XPRepairPro.exe

    O4 - Startup: Stardock ObjectDock.lnk = C:\Program Files\Stardock\ObjectDock\ObjectDock.exe
    O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
    O4 - Global Startup: Snelstart HP Image Zone.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
    O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
    O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
    O9 - Extra button: Ouderlijk… - {200DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\Telenet Internet Security Pack\FSPC\fspcmsie.dll
    O9 - Extra button: (no name) - {200DB664-75B5-47c0-8B45-A44ACCF73F01} - C:\Program Files\Telenet Internet Security Pack\FSPC\fspcmsie.dll
    O9 - Extra 'Tools' menuitem: Ouderlijk… - {200DB664-75B5-47c0-8B45-A44ACCF73F01} - C:\Program Files\Telenet Internet Security Pack\FSPC\fspcmsie.dll
    O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: Schmap Local - {f53a1294-34c5-4e48-afbd-5f5d5f081d2a} - C:\Program Files\Schmap\SchmapLocal\SchmapLocalIE.dll
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O10 - Unknown file in Winsock LSP: c:\program files\telenet internet security pack\fsps\program\fslsp.dll
    O10 - Unknown file in Winsock LSP: c:\program files\telenet internet security pack\fsps\program\fslsp.dll
    O10 - Unknown file in Winsock LSP: c:\program files\telenet internet security pack\fsps\program\fslsp.dll
    O10 - Unknown file in Winsock LSP: c:\program files\telenet internet security pack\fsps\program\fslsp.dll
    O10 - Unknown file in Winsock LSP: c:\program files\telenet internet security pack\fsps\program\fslsp.dll
    O10 - Unknown file in Winsock LSP: c:\program files\telenet internet security pack\fsps\program\fslsp.dll
    O10 - Unknown file in Winsock LSP: c:\program files\telenet internet security pack\fsps\program\fslsp.dll
    O10 - Unknown file in Winsock LSP: c:\program files\telenet internet security pack\fsps\program\fslsp.dll
    O10 - Unknown file in Winsock LSP: c:\program files\telenet internet security pack\fsps\program\fslsp.dll
    O10 - Unknown file in Winsock LSP: c:\program files\telenet internet security pack\fsps\program\fslsp.dll
    O10 - Unknown file in Winsock LSP: c:\program files\telenet internet security pack\fsps\program\fslsp.dll
    O10 - Unknown file in Winsock LSP: c:\program files\telenet internet security pack\fsps\program\fslsp.dll
    O10 - Unknown file in Winsock LSP: c:\program files\telenet internet security pack\fsps\program\fslsp.dll
    O10 - Unknown file in Winsock LSP: c:\program files\telenet internet security pack\fsps\program\fslsp.dll
    O14 - IERESET.INF: START_PAGE_URL=http://www.telenet.be
    O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
    O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
    O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O18 - Protocol: schmap-help - {2CF664A0-5EA6-47B5-884C-433A60145F78} - C:\Program Files\Schmap\Schmap Player\SchmapDocLib.dll
    O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
    O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - F-Secure Corporation - C:\Program Files\Telenet Internet Security Pack\Anti-Virus\fsgk32st.exe
    O23 - Service: F-Secure Automatic Update Agent (FSAUA) - F-Secure Corporation - C:\Program Files\Telenet Internet Security Pack\FSAUA\program\fsaua.exe
    O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\Telenet Internet Security Pack\FWES\Program\fsdfwd.exe
    O23 - Service: FSMA - F-Secure Corporation - C:\Program Files\Telenet Internet Security Pack\Common\FSMA32.EXE
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
    O23 - Service: NMIndexingService - Unknown owner - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe (file missing)
    O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe


    Merci Jimmy
  • Start Hijackthis, kies voor [i:ba6fcfc16b]'Do a system scan only'[/i:ba6fcfc16b] en vink onderstaande regels aan:
    [b:ba6fcfc16b]
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
    R3 - URLSearchHook: (no name) - {9CB65206-89C4-402c-BA80-02D8C59F9B1D} - (no file)
    [/b:ba6fcfc16b]

    Sluit nu [u:ba6fcfc16b]alle[/u:ba6fcfc16b] openstaande vensters, behalve Hijackthis en klik op [b:ba6fcfc16b]Fix Checked[/b:ba6fcfc16b].

    Open Kladblok, kopiëer en plak het volgende (vetgedrukte tekst) in een leeg venster:
    [b:ba6fcfc16b]
    Registery::
    HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{1B9B83ED-4FC9-C2E9-0701-030502080100}
    [/b:ba6fcfc16b]
    Sla dit op op je Bureaublad als [b:ba6fcfc16b]CFScript.txt[/b:ba6fcfc16b]

    Sleep [b:ba6fcfc16b]CFScript.txt[/b:ba6fcfc16b] in [b:ba6fcfc16b]ComboFix.exe[/b:ba6fcfc16b] zoals getoond in onderstaand voorbeeld :

    [img:ba6fcfc16b]http://img.photobucket.com/albums/v666/sUBs/CFScript.gif[/img:ba6fcfc16b]

    Dit zal [b:ba6fcfc16b]ComboFix[/b:ba6fcfc16b] doen herstarten.
    Start opnieuw op als daarom gevraagd wordt,
    en post de inhoud van de [b:ba6fcfc16b]Combofix.txt[/b:ba6fcfc16b] in je volgende antwoord samen met een nieuw HijackThislogje.

    Succes!

    Pim
  • Pim,

    :P Begin al wat verbetering te zien op PC. Merci! Zoals gevraagd:

    [u:db55bfdebd][b:db55bfdebd]Nieuwe Combolog [/b:db55bfdebd][/u:db55bfdebd]

    "Client" - 2007-08-25 12:16:47 - ComboFix 07-07-03.9 - Service Pack 2
    Command switches used :: C:\Documents and Settings\Client\Bureaublad\CFScript.txt


    ((((((((((((((((((((((((( Files Created from 2007-07-25 to 2007-08-25 )))))))))))))))))))))))))))))))


    2007-08-22 22:03 <DIR> d——– C:\Program Files\XP Repair Pro 2007
    2007-08-15 00:00 221,184 –a—— C:\WINDOWS\system32\wmpns.dll
    2007-08-13 20:10 <DIR> d——– C:\Program Files\Common Files\HP
    2007-08-13 20:06 69,352 –a—— C:\WINDOWS\hpoins05.dat
    2007-08-13 20:06 581,632 -ra—— C:\WINDOWS\system32\hpotscl.dll
    2007-08-13 20:06 229,376 -ra—— C:\WINDOWS\system32\hpovst08.dll
    2007-08-13 20:06 19,696 ——— C:\WINDOWS\hpomdl05.dat
    2007-08-10 11:11 <DIR> d——– C:\Program Files\Microsoft CAPICOM 2.1.0.2
    2007-08-10 11:05 271,224 –a—— C:\WINDOWS\system32\mucltui.dll
    2007-08-10 11:05 207,736 –a—— C:\WINDOWS\system32\muweb.dll
    2007-08-09 22:17 <DIR> d——– C:\WINDOWS\FLV Player
    2007-08-09 10:42 <DIR> d——– C:\DOCUME~1\Client\Contacts
    2007-08-09 10:41 <DIR> d——– C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Live Toolbar
    2007-08-09 10:40 <DIR> d—-c— C:\WINDOWS\system32\DRVSTORE
    2007-08-09 10:40 <DIR> d——– C:\Program Files\Windows Live Toolbar
    2007-08-07 18:18 <DIR> d——– C:\Program Files\TechSmith
    2007-08-07 18:18 <DIR> d——– C:\DOCUME~1\ALLUSE~1\APPLIC~1\TechSmith
    2007-08-07 18:17 <DIR> d——– C:\Program Files\Common Files\Wise Installation Wizard
    2007-08-07 11:29 <DIR> d——– C:\DOCUME~1\ALLUSE~1\APPLIC~1\NETg
    2007-08-07 10:22 <DIR> d——– C:\Program Files\XPRepairPro2006
    2007-08-07 09:48 <DIR> d——– C:\DOCUME~1\Gast\APPLIC~1\RegistrySmart
    2007-08-07 09:26 <DIR> d——– C:\Program Files\Azureus
    2007-08-07 09:21 <DIR> d——– C:\DOCUME~1\Client\APPLIC~1\RegistrySmart
    2007-08-07 09:16 122,880 –a—— C:\WINDOWS\RMconfig.dll
    2007-08-06 20:08 <DIR> d——– C:\WINDOWS\SxsCaPendDel
    2007-08-06 19:59 <DIR> d——– C:\Program Files\Samsung
    2007-08-06 19:59 <DIR> d——– C:\DOCUME~1\ALLUSE~1\APPLIC~1\Yahoo! Companion
    2007-08-06 18:38 <DIR> d——– C:\DOCUME~1\ALLUSE~1\APPLIC~1\Yahoo! Companion(2)
    2007-08-06 18:35 <DIR> d——– C:\Program Files\Anne Jan


    (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

    2007-08-25 10:10:24 ——– d—–w C:\DOCUME~1\Client\APPLIC~1\Skype
    2007-08-15 15:50:11 ——– d—–w C:\Program Files\Telenet Internet Security Pack
    2007-08-14 20:36:02 30,016 —-a-w C:\WINDOWS\system32\drivers\fsndis5.sys
    2007-08-14 20:36:01 51,040 —-a-w C:\WINDOWS\system32\drivers\fsdfw.sys
    2007-08-13 18:09:06 ——– d—–w C:\Program Files\Hewlett-Packard
    2007-08-12 15:37:46 ——– d—–w C:\DOCUME~1\Client\APPLIC~1\Azureus
    2007-08-09 08:40:37 ——– d—–w C:\Program Files\MSN Messenger
    2007-08-07 17:06:46 ——– d—–w C:\Program Files\Common Files\Ahead
    2007-08-07 14:36:33 94,218 —-a-w C:\WINDOWS\system32\perfc013.dat
    2007-08-07 14:36:33 493,654 —-a-w C:\WINDOWS\system32\perfh013.dat
    2007-08-07 09:55:51 ——– d–h–w C:\Program Files\InstallShield Installation Information
    2007-08-07 08:20:37 ——– d—–w C:\DOCUME~1\Client\APPLIC~1\BitTorrent
    2007-08-07 07:28:24 ——– d—–w C:\Program Files\BitTorrent
    2007-08-06 17:59:37 ——– d—–w C:\Program Files\Yahoo!
    2007-07-30 17:19:42 1,712,984 —-a-w C:\WINDOWS\system32\wuaueng.dll
    2007-07-30 17:19:36 549,720 —-a-w C:\WINDOWS\system32\wuapi.dll
    2007-07-30 17:19:32 325,976 —-a-w C:\WINDOWS\system32\wucltui.dll
    2007-07-30 17:19:28 203,096 —-a-w C:\WINDOWS\system32\wuweb.dll
    2007-07-30 17:19:20 92,504 —-a-w C:\WINDOWS\system32\cdm.dll
    2007-07-30 17:19:16 53,080 —-a-w C:\WINDOWS\system32\wuauclt.exe
    2007-07-30 17:19:12 43,352 —-a-w C:\WINDOWS\system32\wups2.dll
    2007-07-30 17:18:40 33,624 —-a-w C:\WINDOWS\system32\wups.dll
    2007-07-25 20:20:39 ——– d—–w C:\DOCUME~1\Client\APPLIC~1\Ahead
    2007-07-19 17:47:19 ——– d—–w C:\DOCUME~1\Client\APPLIC~1\iMesh
    2007-07-07 11:59:01 ——– d—–w C:\DOCUME~1\Client\APPLIC~1\WinRAR
    2007-07-07 11:56:16 33,952 —-a-w C:\WINDOWS\system32\drivers\oreans32.sys
    2007-07-07 11:44:55 ——– d—–w C:\Program Files\Google
    2007-07-04 07:35:44 ——– d—–w C:\DOCUME~1\Client\APPLIC~1\SecondLife
    2007-07-04 07:24:41 163,712 —-a-w C:\WINDOWS\system32\drivers\vidstub.sys
    2007-07-04 07:19:56 ——– d—–w C:\Program Files\Common Files\Stardock
    2007-07-04 07:19:55 ——– d—–w C:\Program Files\Stardock
    2007-06-26 06:10:37 1,104,896 —-a-w C:\WINDOWS\system32\msxml3.dll
    2007-06-19 13:33:12 282,112 —-a-w C:\WINDOWS\system32\gdi32.dll
    2007-06-16 22:11:58 51,200 —-a-w C:\WINDOWS
    ircmd.exe
    2007-06-13 13:24:02 1,036,800 —-a-w C:\WINDOWS\explorer.exe
    2007-05-31 20:30:08 2,560 —-a-w C:\WINDOWS\_MSRSTRT.EXE


    ((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))


    *Note* empty entries & legit default entries are not shown

    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{00C6482D-C502-44C8-8409-FCE54AD9C208}]
    2006-06-20 08:10 61440 –a—— C:\Program Files\TechSmith\SnagIt 8\SnagItBHO.dll

    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}]
    2005-12-07 15:06 399424 –a—— C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll

    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
    2006-01-12 20:38 63128 –a—— C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll

    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
    2007-03-14 03:43 501400 –a—— C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll

    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
    2006-08-31 20:33 322368 –a—— C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
    2007-01-19 23:55 2403392 -ra—— c:\program files\google\googletoolbar3.dll

    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{AC89BF9C-4296-476C-86BC-6CAA3B398AB5}]
    2007-04-02 16:46 385024 –a—— C:\Program Files\Schmap\SchmapLocal\SchmapLocalIE.dll

    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
    2007-06-28 21:05 325048 –a—— C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "SoundMan"="SOUNDMAN.EXE" [2004-09-16 14:39 C:\WINDOWS\SOUNDMAN.EXE]
    "LiveMonitor"="C:\Program Files\MSI\Live Update 3\LMonitor.exe" [2005-07-11 10:44]
    "LogitechVideoRepair"="C:\Program Files\Logitech\Video\ISStart.exe" [2004-10-08 12:31]
    "LogitechVideoTray"="C:\Program Files\Logitech\Video\LogiTray.exe" [2004-10-08 12:24]
    "zBrowser Launcher"="C:\Program Files\Logitech\iTouch\iTouch.exe" [2004-03-18 09:33]
    "HP Software Update"="C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" [2004-09-13 16:49]
    "Adobe Photo Downloader"="C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe" [2005-06-06 23:46]
    "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe" [2007-03-14 03:43]
    "BootSkin Startup Jobs"="C:\Program Files\Stardock\WinCustomize\BootSkin\BootSkin.exe" [2004-04-26 16:21]
    "F-Secure Manager"="C:\Program Files\Telenet Internet Security Pack\Common\FSM32.exe" [2007-04-26 19:12]
    "F-Secure TNB"="C:\Program Files\Telenet Internet Security Pack\FSGUI\TNBUtil.exe" [2007-04-26 19:10]
    "NeroFilterCheck"="C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe" [2006-01-12 15:40]

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 14:00]
    "LogitechSoftwareUpdate"="C:\Program Files\Logitech\Video\ManifestEngine.exe" [2004-10-08 12:06]
    "Skype"="C:\Program Files\Skype\Phone\Skype.exe" [2006-10-13 18:20]
    "swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-06-28 21:05]
    "BitTorrent"="C:\Program Files\BitTorrent\bittorrent.exe" [2007-03-02 01:11]
    "XPRepairPro2007"="C:\Program Files\XP Repair Pro 2007\XPRepairPro.exe" [2007-07-04 04:51]


    HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{1B9B83ED-4FC9-C2E9-0701-030502080100}
    C:\WINDOWS\svchost.exe

    Contents of the 'Scheduled Tasks' folder
    2007-08-07 08:21:03 C:\WINDOWS\tasks\RegistrySmart Scheduled Scan.job

    **************************************************************************

    catchme 0.3.914 W2K/XP/Vista - rootkit detector by Gmer, http://www.gmer.net
    Rootkit scan 2007-08-25 12:19:33
    Windows 5.1.2600 Service Pack 2 NTFS

    scanning hidden processes …

    scanning hidden autostart entries …

    scanning hidden files …

    scan completed successfully
    hidden files: 0

    **************************************************************************

    Completion time: 2007-08-25 12:20:00
    C:\ComboFix-quarantined-files.txt … 2007-08-25 12:19
    C:\ComboFix2.txt … 2007-08-22 22:25
    C:\ComboFix3.txt … 2007-07-03 18:12

    — E O F —

    [u:db55bfdebd][b:db55bfdebd]Nieuwe HicjacThis-Log [/b:db55bfdebd][/u:db55bfdebd]

    Logfile of HijackThis v1.99.1
    Scan saved at 12:22:39, on 25/08/2007
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\SOUNDMAN.EXE
    C:\Program Files\MSI\Live Update 3\LMonitor.exe
    C:\Program Files\Logitech\Video\LogiTray.exe
    C:\Program Files\Logitech\iTouch\iTouch.exe
    C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
    C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe
    C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
    C:\Program Files\Telenet Internet Security Pack\Common\FSM32.EXE
    C:\Program Files\Skype\Phone\Skype.exe
    C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    C:\WINDOWS\system32\LVComsX.exe
    C:\Program Files\BitTorrent\bittorrent.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe
    C:\Program Files\Logitech\Video\FxSvr2.exe
    C:\Program Files\Telenet Internet Security Pack\Anti-Virus\fsgk32st.exe
    C:\Program Files\Telenet Internet Security Pack\Common\FSMA32.EXE
    C:\Program Files\Telenet Internet Security Pack\Anti-Virus\FSGK32.EXE
    C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
    C:\Program Files\Telenet Internet Security Pack\Common\FSMB32.EXE
    C:\Program Files\Telenet Internet Security Pack\Common\FCH32.EXE
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Telenet Internet Security Pack\Common\FAMEH32.EXE
    C:\Program Files\Telenet Internet Security Pack\Anti-Virus\fsqh.exe
    C:\Program Files\Telenet Internet Security Pack\FSPC\fspc.exe
    C:\Program Files\Telenet Internet Security Pack\FSGUI\fsguidll.exe
    C:\Program Files\Telenet Internet Security Pack\FSAUA\program\fsaua.exe
    C:\Program Files\Telenet Internet Security Pack\Anti-Virus\fssm32.exe
    C:\Program Files\Telenet Internet Security Pack\FWES\Program\fsdfwd.exe
    C:\Program Files\Telenet Internet Security Pack\FSAUA\program\fsus.exe
    C:\Program Files\Telenet Internet Security Pack\Anti-Virus\fsav32.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\Program Files\Java\jre1.6.0_01\bin\jucheck.exe
    C:\WINDOWS\explorer.exe
    C:\Documents and Settings\Client\Bureaublad\NIET AANKOMEN!!!!!hijackthis\hijackthis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.be/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.telenet.be
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = http://pac.telenet.be:8080
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = ;127.0.0.1
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
    O2 - BHO: HelperObject Class - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\SnagIt 8\SnagItBHO.dll
    O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
    O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
    O2 - BHO: Schmap Local - {AC89BF9C-4296-476C-86BC-6CAA3B398AB5} - C:\Program Files\Schmap\SchmapLocal\SchmapLocalIE.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
    O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
    O3 - Toolbar: SnagIt - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\SnagIt 8\SnagItIEAddin.dll
    O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
    O4 - HKLM\..\Run: [LiveMonitor] C:\Program Files\MSI\Live Update 3\LMonitor.exe
    O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
    O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
    O4 - HKLM\..\Run: [zBrowser Launcher] C:\Program Files\Logitech\iTouch\iTouch.exe
    O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd2.exe"
    O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
    O4 - HKLM\..\Run: [BootSkin Startup Jobs] "C:\Program Files\Stardock\WinCustomize\BootSkin\BootSkin.exe" /StartupJobs
    O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\Telenet Internet Security Pack\Common\FSM32.EXE" /splash
    O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\Telenet Internet Security Pack\FSGUI\TNBUtil.exe" /CHECKALL /WAITFORSW
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
    O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
    O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    O4 - HKCU\..\Run: [BitTorrent] "C:\Program Files\BitTorrent\bittorrent.exe" –force_start_minimized
    O4 - HKCU\..\Run: [XPRepairPro2007] C:\Program Files\XP Repair Pro 2007\XPRepairPro.exe

    O4 - Startup: Stardock ObjectDock.lnk = C:\Program Files\Stardock\ObjectDock\ObjectDock.exe
    O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
    O4 - Global Startup: Snelstart HP Image Zone.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
    O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
    O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
    O9 - Extra button: Ouderlijk… - {200DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\Telenet Internet Security Pack\FSPC\fspcmsie.dll
    O9 - Extra button: (no name) - {200DB664-75B5-47c0-8B45-A44ACCF73F01} - C:\Program Files\Telenet Internet Security Pack\FSPC\fspcmsie.dll
    O9 - Extra 'Tools' menuitem: Ouderlijk… - {200DB664-75B5-47c0-8B45-A44ACCF73F01} - C:\Program Files\Telenet Internet Security Pack\FSPC\fspcmsie.dll
    O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: Schmap Local - {f53a1294-34c5-4e48-afbd-5f5d5f081d2a} - C:\Program Files\Schmap\SchmapLocal\SchmapLocalIE.dll
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O10 - Unknown file in Winsock LSP: c:\program files\telenet internet security pack\fsps\program\fslsp.dll
    O10 - Unknown file in Winsock LSP: c:\program files\telenet internet security pack\fsps\program\fslsp.dll
    O10 - Unknown file in Winsock LSP: c:\program files\telenet internet security pack\fsps\program\fslsp.dll
    O10 - Unknown file in Winsock LSP: c:\program files\telenet internet security pack\fsps\program\fslsp.dll
    O10 - Unknown file in Winsock LSP: c:\program files\telenet internet security pack\fsps\program\fslsp.dll
    O10 - Unknown file in Winsock LSP: c:\program files\telenet internet security pack\fsps\program\fslsp.dll
    O10 - Unknown file in Winsock LSP: c:\program files\telenet internet security pack\fsps\program\fslsp.dll
    O10 - Unknown file in Winsock LSP: c:\program files\telenet internet security pack\fsps\program\fslsp.dll
    O10 - Unknown file in Winsock LSP: c:\program files\telenet internet security pack\fsps\program\fslsp.dll
    O10 - Unknown file in Winsock LSP: c:\program files\telenet internet security pack\fsps\program\fslsp.dll
    O10 - Unknown file in Winsock LSP: c:\program files\telenet internet security pack\fsps\program\fslsp.dll
    O10 - Unknown file in Winsock LSP: c:\program files\telenet internet security pack\fsps\program\fslsp.dll
    O10 - Unknown file in Winsock LSP: c:\program files\telenet internet security pack\fsps\program\fslsp.dll
    O10 - Unknown file in Winsock LSP: c:\program files\telenet internet security pack\fsps\program\fslsp.dll
    O14 - IERESET.INF: START_PAGE_URL=http://www.telenet.be
    O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
    O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
    O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O18 - Protocol: schmap-help - {2CF664A0-5EA6-47B5-884C-433A60145F78} - C:\Program Files\Schmap\Schmap Player\SchmapDocLib.dll
    O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
    O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - F-Secure Corporation - C:\Program Files\Telenet Internet Security Pack\Anti-Virus\fsgk32st.exe
    O23 - Service: F-Secure Automatic Update Agent (FSAUA) - F-Secure Corporation - C:\Program Files\Telenet Internet Security Pack\FSAUA\program\fsaua.exe
    O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\Telenet Internet Security Pack\FWES\Program\fsdfwd.exe
    O23 - Service: FSMA - F-Secure Corporation - C:\Program Files\Telenet Internet Security Pack\Common\FSMA32.EXE
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
    O23 - Service: NMIndexingService - Unknown owner - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe (file missing)
    O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe


    Nogmaals bedankt
    Jimmy

Beantwoord deze vraag

Dit is een gearchiveerde pagina. Antwoorden is niet meer mogelijk.